JSC::Wasm::setWasmTableElement() falls through ASSERT_NOT_REACHED(). The functions should return `false` after both ASSERT_NOT_REACHED() statements rather than falling through and returning `true`. static bool setWasmTableElement(Instance* instance, unsigned tableIndex, uint32_t index, EncodedJSValue encValue) { ASSERT(tableIndex < instance->module().moduleInformation().tableCount()); if (index >= instance->table(tableIndex)->length()) return false; JSValue value = JSValue::decode(encValue); if (instance->table(tableIndex)->type() == Wasm::TableElementType::Externref) instance->table(tableIndex)->set(index, value); else if (instance->table(tableIndex)->type() == Wasm::TableElementType::Funcref) { WebAssemblyFunction* wasmFunction; WebAssemblyWrapperFunction* wasmWrapperFunction; if (isWebAssemblyHostFunction(instance->owner<JSObject>()->vm(), value, wasmFunction, wasmWrapperFunction)) { ASSERT(!!wasmFunction || !!wasmWrapperFunction); if (wasmFunction) instance->table(tableIndex)->asFuncrefTable()->setFunction(index, jsCast<JSObject*>(value), wasmFunction->importableFunction(), &wasmFunction->instance()->instance()); else instance->table(tableIndex)->asFuncrefTable()->setFunction(index, jsCast<JSObject*>(value), wasmWrapperFunction->importableFunction(), &wasmWrapperFunction->instance()->instance()); } else if (value.isNull()) instance->table(tableIndex)->clear(index); else ASSERT_NOT_REACHED(); } else ASSERT_NOT_REACHED(); return true; } See Source/JavaScriptCore/wasm/WasmOperations.cpp.