Bug 241727
| Summary: | REGRESSION (251613@main): Missing exception check in JSFunction::put() | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Karl Rackler <rackler> |
| Component: | JavaScriptCore | Assignee: | Alexey Shvayka <ashvayka> |
| Status: | RESOLVED FIXED | ||
| Severity: | Normal | CC: | ashvayka, saam, webkit-bot-watchers-bugzilla, webkit-bug-importer |
| Priority: | P2 | Keywords: | InRadar |
| Version: | WebKit Nightly Build | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
Karl Rackler
Description:
Multiple JSC and jsc-cloop tests are consistent failures.
The first failure build failures are https://build.webkit.org/#/builders/378/builds/1242, https://build.webkit.org/#/builders/378/builds/1242, and https://build.webkit.org/#/builders/433/builds/3848.
251613@main modified JSFunction.cpp so that possibly introduced the consistent failures.
jscore-test and webkit-jsc-cloop-test stdio:
tress/put-to-proto-chain-overrides-put.js.default: ERROR: Unchecked JS exception:
stress/put-to-proto-chain-overrides-put.js.default: This scope can throw a JS exception: reifyLazyBoundNameIfNeeded @ runtime/JSFunction.cpp:675
stress/put-to-proto-chain-overrides-put.js.default: (ExceptionScope::m_recursionDepth was 8)
stress/put-to-proto-chain-overrides-put.js.default: But the exception was unchecked as of this scope: putInlineSlow @ runtime/JSObject.cpp:766
stress/put-to-proto-chain-overrides-put.js.default: (ExceptionScope::m_recursionDepth was 8)
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Radar WebKit Bug Importer
<rdar://problem/95411104>
Alexey Shvayka
Pull request: https://github.com/WebKit/WebKit/pull/1614
EWS
Committed r295659 (251664@main): <https://commits.webkit.org/251664@main>
Reviewed commits have been landed. Closing PR #1614 and removing active labels.