Inlining of a function that ends in op_unreachable crashes
authorrmorisset@apple.com <rmorisset@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 3 Jan 2018 17:35:35 +0000 (17:35 +0000)
committerrmorisset@apple.com <rmorisset@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 3 Jan 2018 17:35:35 +0000 (17:35 +0000)
commit1fcbb7314c6006dc67a6d5c3424df9c299c22830
treead4e1886e24e00a47e3c4225d6ec75848948da6e
parenta32f03e41f5b53a94f837131045252c64e28ae40
Inlining of a function that ends in op_unreachable crashes
https://bugs.webkit.org/show_bug.cgi?id=181027

Reviewed by Filip Pizlo.

JSTests:

* stress/inlining-unreachable.js: Added.
(bar):
(baz):
(i.catch):

Source/JavaScriptCore:

* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::allocateTargetableBlock):
(JSC::DFG::ByteCodeParser::inlineCall):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226362 268f45cc-cd09-0410-ab3c-d52691b4dbfc
JSTests/ChangeLog
JSTests/stress/inlining-unreachable.js [new file with mode: 0644]
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp