Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 39def582d5c1bde29f8af34c20071a25faa5a6bb
https://github.com/WebKit/WebKit/commit/39def582d5c1bde29f8af34c20071a25faa5a6bb
Author: Anand Srinivasan <[email protected]>
Date: 2026-04-13 (Mon, 13 Apr 2026)
Changed paths:
A JSTests/wasm/stress/ipint-multimem-oob.js
M Source/JavaScriptCore/llint/InPlaceInterpreter64.asm
Log Message:
-----------
IPInt nonzero memory bounds check should check the last accessed byte
https://bugs.webkit.org/show_bug.cgi?id=311764
rdar://174338638
Reviewed by Yijia Huang.
IPInt bounds checking checks that the last byte of the access is within
bounds in the default case of memory 0, but for other memories only
checks the first byte of the access. This patch updates it to check that
the last byte is within bounds.
Test: JSTests/wasm/stress/ipint-multimem-oob.js
* JSTests/wasm/stress/ipint-multimem-oob.js: Added.
(leb128):
(buildModule):
(catch):
* Source/JavaScriptCore/llint/InPlaceInterpreter64.asm:
Canonical link: https://commits.webkit.org/311123@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
