Branch: refs/heads/main Home: https://github.com/WebKit/WebKit Commit: 0df23a961475d940636c2989ac7fd6b858157390 https://github.com/WebKit/WebKit/commit/0df23a961475d940636c2989ac7fd6b858157390 Author: Joseph Griego <jgri...@igalia.com> Date: 2023-01-06 (Fri, 06 Jan 2023)
Changed paths: M Source/JavaScriptCore/llint/WebAssembly.asm Log Message: ----------- [JSC][32-bit] Wasm callee pointer should not be incorrectly untagged https://bugs.webkit.org/show_bug.cgi?id=250219 Reviewed by Justin Michaud. After https://github.com/WebKit/WebKit/pull/8138, the untag code in the LLInt wasm prologue was changed to use `~WasmTag` as a mask; which on 32-bit ends up having most bits unset, effectively zeroing out the callee pointer, breaking a big chunk of the test suite on armv7. The old version of this untag code used `~3` as the mask which happened to work for all platforms. Fix this by emitting the untag instruction only for the 64-bit JSValue representation, since for JSVALUE32_64 platforms, the callee pointer is untagged anyways. * Source/JavaScriptCore/llint/WebAssembly.asm: Canonical link: https://commits.webkit.org/258584@main _______________________________________________ webkit-changes mailing list webkit-changes@lists.webkit.org https://lists.webkit.org/mailman/listinfo/webkit-changes