Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 4c063193fca3705d586896fdc2eb11b9d4fc24b9
https://github.com/WebKit/WebKit/commit/4c063193fca3705d586896fdc2eb11b9d4fc24b9
Author: Asumu Takikawa <as...@igalia.com>
Date: 2023-12-12 (Tue, 12 Dec 2023)
Changed paths:
A JSTests/wasm/gc/bug266167.js
M Source/JavaScriptCore/wasm/WasmLLIntGenerator.cpp
Log Message:
-----------
[Wasm-GC] Fix returned reference in br_on_null in LLInt/B3
https://bugs.webkit.org/show_bug.cgi?id=266167
Reviewed by Justin Michaud.
Fix the LLInt implementation of br_on_null to avoid ovewriting the virtual
register of the reference that should stay on the stack on a non-branch.
* JSTests/wasm/gc/bug266167.js: Added.
(instantiate.module.type.struct.field.i32.func.export.string_appeared_here.block.struct.new.0.i32.const.42.br_on_null.0.struct.0.0.drop.exports.f):
* Source/JavaScriptCore/wasm/WasmLLIntGenerator.cpp:
(JSC::Wasm::LLIntGenerator::addBranchNull):
Canonical link: https://commits.webkit.org/271964@main
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
