Bug 268942

Summary: REGRESSION(273782@main): Missing exception check in commonCallDirectEval()
Product: WebKit Reporter: Alexey Shvayka <ashvayka>
Component: JavaScriptCoreAssignee: Alexey Shvayka <ashvayka>
Status: RESOLVED FIXED    
Severity: Normal CC: webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: All   
OS: All   
See Also: https://bugs.webkit.org/show_bug.cgi?id=268027

Description Alexey Shvayka 2024-02-07 13:25:15 PST 
stress/regress-187074.js.default:     This scope can throw a JS exception: eval @ ./interpreter/Interpreter.cpp:114
stress/regress-187074.js.default:         (ExceptionScope::m_recursionDepth was 4)
stress/regress-187074.js.default:     But the exception was unchecked as of this scope: setUpCall @ ./llint/LLIntSlowPaths.cpp:1957
stress/regress-187074.js.default:         (ExceptionScope::m_recursionDepth was 4)
stress/regress-187074.js.default: 
stress/regress-187074.js.default: Unchecked exception detected at:
stress/regress-187074.js.default:     1   0x10e5b5e48 JSC::VM::verifyExceptionCheckNeedIsSatisfied(unsigned int, JSC::ExceptionEventLocation&)
stress/regress-187074.js.default:     2   0x10e59d918 JSC::ThrowScope::ThrowScope(JSC::VM&, JSC::ExceptionEventLocation)
stress/regress-187074.js.default:     3   0x10e5962d0 JSC::ThrowScope::ThrowScope(JSC::VM&, JSC::ExceptionEventLocation)
stress/regress-187074.js.default:     4   0x10df47dd8 JSC::LLInt::setUpCall(JSC::CallFrame*, JSC::CodeSpecializationKind, JSC::JSValue)
stress/regress-187074.js.default:     5   0x10df39720 JSC::LLInt::commonCallDirectEval(JSC::CallFrame*, JSC::BaseInstruction<JSC::JSOpcodeTraits> const*, JSC::MacroAssemblerCodeRef<(WTF::PtrTag)1427>)
stress/regress-187074.js.default:     6   0x10df394a4 llint_slow_path_call_direct_eval
stress/regress-187074.js.default:     7   0x10ed105c4 llint_function_for_construct_arity_checkTagGateAfter
Comment 1 Radar WebKit Bug Importer 2024-02-07 13:25:44 PST 
<rdar://problem/122493988>
Comment 2 Alexey Shvayka 2024-02-07 13:57:33 PST 
Pull request: https://github.com/WebKit/WebKit/pull/24032
Comment 3 EWS 2024-02-07 19:09:03 PST 
Committed 274264@main (0bf37696c4bd): <https://commits.webkit.org/274264@main>

Reviewed commits have been landed. Closing PR #24032 and removing active labels.