Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: d42627301896800ea50894c5c851c7f2eef1fb81
https://github.com/WebKit/WebKit/commit/d42627301896800ea50894c5c851c7f2eef1fb81
Author: Yusuke Suzuki <ysuz...@apple.com>
Date: 2023-02-17 (Fri, 17 Feb 2023)
Changed paths:
M Source/JavaScriptCore/wasm/WasmBBQJIT.cpp
Log Message:
-----------
[JSC] new Wasm BBQ should check pointer after zero-extend
https://bugs.webkit.org/show_bug.cgi?id=252510
rdar://105618299
Reviewed by Justin Michaud.
Wasm address is 32bit value and there is no guarantee that upper bits are
cleared.
We need to first zero-extend it to use it as a 64bit pointer. The rest of wasm
tiers
are doing it, but new wasm baseline JIT has a bug. This patch fixes it.
* Source/JavaScriptCore/wasm/WasmBBQJIT.cpp:
(JSC::Wasm::BBQJIT::emitCheckAndPreparePointer):
Canonical link: https://commits.webkit.org/260484@main
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
