Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 98e442e1a20e5cc987964efa446a24508d2db976
https://github.com/WebKit/WebKit/commit/98e442e1a20e5cc987964efa446a24508d2db976
Author: Dan Hecht <dan.he...@apple.com>
Date: 2025-08-08 (Fri, 08 Aug 2025)
Changed paths:
A JSTests/wasm/stress/lower-stack-args-huge-frame.js
M Source/JavaScriptCore/b3/air/AirLowerStackArgs.cpp
Log Message:
-----------
[JSC] Fix lowerStackArgs handling of moves between spill slots and large
frames
https://bugs.webkit.org/show_bug.cgi?id=295317
rdar://154809096
Reviewed by Yusuke Suzuki, Keith Miller, and Mark Lam.
On ARM64, when a stack slot's offset from %fp/%sp cannot be
encoded directly in an instruction, lowerStackArgs uses %lr
to materialize the address. Most instructions on ARM have only
one memory operand, however the Air instruction:
Move (spillA), (spillB), scratchReg
has two stack operands and it's possible for neither to be
directly addressable. Since there is only one register available
to materialize, fix lowering of these stack slots by transforming
this instruction to:
Move (spillA), scratchReg
Move scratchReg, (spillB)
Then the spill slot addresses can be materialized using the single
register. Note that this is the same transformation that will eventually
be done by the MacroAssembler anyway and stack slot coalescing and
allocation has already occurred at this point.
Originally-landed-as: 289651.594@safari-7621-branch (254f4eefafe1).
rdar://157788802
Canonical link: https://commits.webkit.org/298446@main
Commit: 4637324afb310494fa33a672e479289c9461c688
https://github.com/WebKit/WebKit/commit/4637324afb310494fa33a672e479289c9461c688
Author: Jer Noble <jer.no...@apple.com>
Date: 2025-08-08 (Fri, 08 Aug 2025)
Changed paths:
M Source/WebCore/platform/audio/HRTFDatabaseLoader.cpp
Log Message:
-----------
CRASH: HRTFDatabaseLoader::createAndLoadAsynchronouslyIfNecessary() crashes
in HRTFDatabaseLoader::ref()
https://bugs.webkit.org/show_bug.cgi?id=295382
rdar://153904348
Reviewed by Andy Estes and Chris Dumez.
Don't store raw pointers as a cache; that's what ThreadSafeWeakPtr is for.
* Source/WebCore/platform/audio/HRTFDatabaseLoader.cpp:
(WebCore::loaderMap):
(WebCore::HRTFDatabaseLoader::createAndLoadAsynchronouslyIfNecessary):
(): Deleted.
Originally-landed-as: 289651.596@safari-7621-branch (0de4de353f69).
rdar://157788821
Canonical link: https://commits.webkit.org/298447@main
Commit: 781ab9dc83d42bcb4ff5bd69296476c3339def13
https://github.com/WebKit/WebKit/commit/781ab9dc83d42bcb4ff5bd69296476c3339def13
Author: David Kilzer <ddkil...@apple.com>
Date: 2025-08-08 (Fri, 08 Aug 2025)
Changed paths:
M Source/WebKit/UIProcess/Cocoa/SystemPreviewControllerCocoa.mm
Log Message:
-----------
Store WebKit::SystemPreviewController as WeakPtr<> in Objective-C instance
variables
<https://bugs.webkit.org/show_bug.cgi?id=295568>
<rdar://155061059>
Reviewed by Chris Dumez.
* Source/WebKit/UIProcess/Cocoa/SystemPreviewControllerCocoa.mm:
- Deploy WeakPtr<WebKit::SystemPreviewController> instance variable to
Objective-C classes, and use local RefPtr variables when accessing it.
Originally-landed-as: 289651.598@safari-7621-branch (aaa2155fec4f).
rdar://157788350
Canonical link: https://commits.webkit.org/298448@main
Commit: 0e53111ba87fbf442878b5af9931b40b3fff0b83
https://github.com/WebKit/WebKit/commit/0e53111ba87fbf442878b5af9931b40b3fff0b83
Author: David Kilzer <ddkil...@apple.com>
Date: 2025-08-08 (Fri, 08 Aug 2025)
Changed paths:
M Source/WebKit/UIProcess/Cocoa/SystemPreviewControllerCocoa.mm
Log Message:
-----------
Follow-up: Store WebKit::SystemPreviewController as WeakPtr<> in Objective-C
instance variables
<https://bugs.webkit.org/show_bug.cgi?id=295568>
<rdar://155061059>
Unreviewed typo fix.
* Source/WebKit/UIProcess/Cocoa/SystemPreviewControllerCocoa.mm:
- Fix missing "!" in early return check.
Originally-landed-as: 289651.599@safari-7621-branch (3fb8d5612db9).
rdar://157788225
Canonical link: https://commits.webkit.org/298449@main
Commit: 38437b0094ee90f728bdf09f288b3c30e8223508
https://github.com/WebKit/WebKit/commit/38437b0094ee90f728bdf09f288b3c30e8223508
Author: David Kilzer <ddkil...@apple.com>
Date: 2025-08-08 (Fri, 08 Aug 2025)
Changed paths:
M
Source/ThirdParty/libwebrtc/Source/third_party/libvpx/source/libvpx/vp9/encoder/vp9_encodeframe.c
M
Source/ThirdParty/libwebrtc/Source/third_party/libvpx/source/libvpx/vp9/encoder/vp9_encoder.c
Log Message:
-----------
Incorrect memory allocation in vp9_create_compressor and
source_var_based_partition_search_method functions
<https://bugs.webkit.org/show_bug.cgi?id=295735>
<rdar://154433059>
Reviewed by Darin Adler.
*
Source/ThirdParty/libwebrtc/Source/third_party/libvpx/source/libvpx/vp9/encoder/vp9_encodeframe.c:
(source_var_based_partition_search_method):
*
Source/ThirdParty/libwebrtc/Source/third_party/libvpx/source/libvpx/vp9/encoder/vp9_encoder.c:
(vp9_create_compressor):
- Change sizeof() operator to use `struct Diff` instead of `Diff*`.
Originally-landed-as: 289651.604@safari-7621-branch (876b8705fe85).
rdar://157787764
Canonical link: https://commits.webkit.org/298450@main
Compare: https://github.com/WebKit/WebKit/compare/db6e4c26e758...38437b0094ee
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
