Bug 294119

Summary:	[JSC] Prevent SEGV triggered by exceptions from `Wasm::Global::get`
Product:	WebKit	Reporter:	Sosuke Suzuki <aosukeke>
Component:	JavaScriptCore	Assignee:	Sosuke Suzuki <aosukeke>
Status:	RESOLVED FIXED
Severity:	Normal	CC:	webkit-bug-importer
Priority:	P2	Keywords:	InRadar
Version:	WebKit Nightly Build
Hardware:	Unspecified
OS:	Unspecified

Sosuke Suzuki

Reported 2025-06-06 06:49:58 PDT

Running the test case attached to 293340 on current JSC ends in a segmentation fault. That crash is itself a bug, so this patch adds proper handling for the exception raised by global get and ensures JSC no longer SEGVs. NOTE: This patch does not fix the functional bug reported in 293340; it only removes the SEGV.

Attachments
Add attachment proposed patch, testcase, etc.

Sosuke Suzuki

Comment 1 2025-06-06 06:50:59 PDT

Pull request: https://github.com/WebKit/WebKit/pull/46421

EWS

Comment 2 2025-06-06 16:21:52 PDT

Committed 295943@main (bb7181ea246c): <https://commits.webkit.org/295943@main> Reviewed commits have been landed. Closing PR #46421 and removing active labels.

Radar WebKit Bug Importer

Comment 3 2025-06-06 16:23:18 PDT

<rdar://problem/152744007>

Note You need to log in before you can comment on or make changes to this bug.