[webkit-changes] [WebKit/WebKit] 447672: [JSC] exception can be thrown during exit
Yusuke Suzuki
noreply at github.com
Fri Jun 28 21:26:13 PDT 2024
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 447672fe5051418f5be8f8bf6f08f80596d0d76a
https://github.com/WebKit/WebKit/commit/447672fe5051418f5be8f8bf6f08f80596d0d76a
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2024-06-28 (Fri, 28 Jun 2024)
Changed paths:
A JSTests/stress/exception-can-be-already-thrown-during-exit.js
M Source/JavaScriptCore/dfg/DFGOperations.cpp
M Source/JavaScriptCore/ftl/FTLOperations.cpp
M Source/JavaScriptCore/runtime/ClonedArguments.cpp
M Source/JavaScriptCore/runtime/ClonedArguments.h
Log Message:
-----------
[JSC] exception can be thrown during exit
https://bugs.webkit.org/show_bug.cgi?id=276027
rdar://130677122
Reviewed by Yijia Huang.
279057 at main was wrong since exception can be already thrown during OSR exit (and it can be the reason why OSR exit is occuring).
We should not throw any errors from that. This patch fixes RELEASE_ASSERT condition.
* JSTests/stress/exception-can-be-already-thrown-during-exit.js: Added.
(C.prototype.set valueOf):
(C):
* Source/JavaScriptCore/dfg/DFGOperations.cpp:
(JSC::DFG::JSC_DEFINE_JIT_OPERATION):
* Source/JavaScriptCore/ftl/FTLOperations.cpp:
(JSC::FTL::JSC_DEFINE_NOEXCEPT_JIT_OPERATION):
* Source/JavaScriptCore/runtime/ClonedArguments.cpp:
(JSC::ClonedArguments::createEmpty):
(JSC::ClonedArguments::createWithInlineFrame):
(JSC::ClonedArguments::createByCopyingFrom):
* Source/JavaScriptCore/runtime/ClonedArguments.h:
Canonical link: https://commits.webkit.org/280493@main
To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications
More information about the webkit-changes
mailing list