Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: e6eb222f8fedb5bb82a458c47560f303832a4e43
https://github.com/WebKit/WebKit/commit/e6eb222f8fedb5bb82a458c47560f303832a4e43
Author: Mark Lam <[email protected]>
Date: 2026-01-16 (Fri, 16 Jan 2026)
Changed paths:
M Source/JavaScriptCore/runtime/VMTraps.cpp
Log Message:
-----------
Temporarily revert assertion in VMTraps::deferTerminationSlow() to a Debug
ASSERT.
https://bugs.webkit.org/show_bug.cgi?id=305677
rdar://167947484
Reviewed by Marcus Plutowski.
There are places in the code that are still not handling TerminationExceptions
correctly,
and are re-entering the VM after termination. As a result, they are crashing
over this
RELEASE_ASSERT which was hardened from a Debug ASSERT in 298039@main. If the
client
re-enters the VM while the TerminationException is still in effect, without this
RELEASE_ASSERT, we'll eventually exit again at the next exception check. So,
the issue
should be benign. This patch will temporarily revert the RELEASE_ASSERT back
to a Debug
ASSERT to alleviate the crashes.
We still want to fix all the places that did the illegal re-entry to make the
code more
sane and easy to reason about, but that can be done later. We can re-enable the
RELEASE_ASSERT after that.
No new test because this is just reverting to previous behavior.
* Source/JavaScriptCore/runtime/VMTraps.cpp:
(JSC::VMTraps::deferTerminationSlow):
Canonical link: https://commits.webkit.org/305748@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
