I have built a recent version using the instructions at https://trac.webkit.org/wiki/BuildingGtk The hashtag of my build is: commit 3f7415a21a3fd7220b07b74654bee687fafa7134 JSC crashes on the following testcase. $ ~/jsc/WebKit/WebKitBuild/Release/bin/jsc abc.js Error compiling builtin: Unexpected identifier 'caller' Fatal error compiling builtin function 'foo': Unexpected identifier 'caller'1 0x7fd61460e377 /home/absozero/jsc/WebKit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18(WTFCrash+0x17) [0x7fd61460e377] 2 0x7fd613c5bc0e /home/absozero/jsc/WebKit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18(_ZN3JSC18BuiltinExecutables16createExecutableERNS_2VMERKNS_10SourceCodeERKNS_10IdentifierENS_15ConstructorKindENS_16ConstructAbilityE+0x4be) [0x7fd613c5bc0e] 3 0x423840 /home/absozero/jsc/WebKit/WebKitBuild/Release/bin/jsc() [0x423840] 4 0x7fd5ce1ff028 [0x7fd5ce1ff028] Segmentation fault (core dumped) $ cat abc.js function tryGetByIdText(propertyName) { return ` template ${ propertyName } template `; } { let get = createBuiltin( tryGetByIdText('caller')); }
Thank you for filing this issue. This createBuiltin function is introduced to test internal functionality in JSC: testing builtin (with some privilege) functions in JSC. We do not expose it to user-space. For example, WebKit does not expose it in web pages. Only jsc shell has this because of testing purpose. This crash is intended behavior to prevent us from writing unresolved reference in builtin JS.