[webkit-changes] [WebKit/WebKit] 5ea7df: [JSC][armv7] Verify MacroAssemblerARMv7::branch32 ...

Max Rottenkolber Mon, 03 Mar 2025 04:58:56 -0800

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 5ea7dfca425272434583b08dfa92a93428d2d09d
      
https://github.com/WebKit/WebKit/commit/5ea7dfca425272434583b08dfa92a93428d2d09d
  Author: Max Rottenkolber <maximil...@igalia.com>
  Date:   2025-03-03 (Mon, 03 Mar 2025)


  Changed paths:
    M Source/JavaScriptCore/assembler/MacroAssemblerARMv7.h
    M Source/JavaScriptCore/bytecode/InlineCacheCompiler.cpp
    M Source/JavaScriptCore/wasm/WasmBBQJIT.cpp

  Log Message:
  -----------
  [JSC][armv7] Verify MacroAssemblerARMv7::branch32 usage in debug builds
https://bugs.webkit.org/show_bug.cgi?id=288083

Reviewed by Yusuke Suzuki and Justin Michaud.

On armv7 certain uses of branchPtr cause it to clobber its own arguments, 
leading to bogus assembly.

Catch this pitfall at least in debug builds and fix instances of this bug.

* Source/JavaScriptCore/assembler/MacroAssemblerARMv7.h:
(JSC::MacroAssemblerARMv7::branch32):
* Source/JavaScriptCore/bytecode/InlineCacheCompiler.cpp:
(JSC::InlineCacheCompiler::compile):
* Source/JavaScriptCore/wasm/WasmBBQJIT.cpp:
(JSC::Wasm::BBQJITImpl::BBQJIT::addLoopOSREntrypoint):

Canonical link: https://commits.webkit.org/291489@main



To unsubscribe from these emails, change your notification settings at 
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

[webkit-changes] [WebKit/WebKit] 5ea7df: [JSC][armv7] Verify MacroAssemblerARMv7::branch32 ...

Reply via email to