Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 714bf5b1e05ac3494a1384f93a83246abe857518
https://github.com/WebKit/WebKit/commit/714bf5b1e05ac3494a1384f93a83246abe857518
Author: Kai Tamkun <[email protected]>
Date: 2026-04-29 (Wed, 29 Apr 2026)
Changed paths:
A JSTests/wasm/stress/call-indirect-exceptions.js
M Source/JavaScriptCore/llint/InPlaceInterpreter64.asm
Log Message:
-----------
[JSC] Delay PC advancement until after operationCallMayThrow in IPInt
https://bugs.webkit.org/show_bug.cgi?id=305148
rdar://166602356
Reviewed by Yusuke Suzuki.
Currently, some IPInt instructions will advance the PC before invoking
operationCallMayThrow. Because that invocation will save the call site index,
this means that the call site index of the next instruction will be saved
instead of the call site index of the instruction currently being executed.
If the call does throw, it will then choose a handler based on the index of
the next instruction. Therefore, it's necessary to move the PC advancement
instructions past the invocation of operationCallMayThrow.
Test: JSTests/wasm/stress/call-indirect-exceptions.js
* JSTests/wasm/stress/call-indirect-exceptions.js: Added.
(async test): Tests that exceptions are properly handled.
* Source/JavaScriptCore/llint/InPlaceInterpreter64.asm: Delay PC advancement
Originally-landed-as: 305413.149@safari-7624-branch (63358b77f417).
rdar://174957939
Canonical link: https://commits.webkit.org/312338@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
