On Thu, Mar 19, 2009 at 09:43:36AM -0700, Maciej Stachowiak wrote: > > On Mar 18, 2009, at 1:47 PM, Mike Hommey wrote: > >> On Wed, Mar 18, 2009 at 01:07:51PM -0700, Gavin Barraclough wrote: >>> On Mar 18, 2009, at 11:06 AM, Mike Hommey wrote: >>> >>>> An earlier call to JSC::JITStubs::cti_op_call_NotJSFunction works >>>> and a >>>> lot >>>> of other stub functions are called before the crash, so it means >>>> most >>>> of >>>> the JIT works, but it is failing in a subtle way. >>> >>> I'd suggest trying to produce a reduction of the test case your >>> looking >>> at – JIT crashers can usually be reduced down to a very small test >>> case. >>> You may then want to step though the JIT code to see where the bogus >>> value is coming from. Adding calls to breakpoint() from >>> JIT::privateCompile and JIT::privateCompileMainPass can help with >>> this, >>> inserting breakpoints into the JIT code that the debugger will then >>> hit. >> >> Apparently, any javascript containing page is enough to trigger the >> crash. The default homepage, google.com does trigger it, and the much >> simpler alert() testcase i found with a quick search crashes too. >> http://liblearn.osu.edu/tutor/jscript.html >> >> I'll give a try to breakpoints when I'll have the occasion. > > It may be easier to debug using the command-line jsc tool and simple > script that's not in a Web page.
Except alert() isn't defined under jsc. Are there any other non-js (native) functions available in jsc, since it seems to be the problem ? Mike _______________________________________________ webkit-dev mailing list [email protected] http://lists.webkit.org/mailman/listinfo.cgi/webkit-dev
