Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: ea12b5282cdabc572524a96ebb79720da5ebb65a
https://github.com/WebKit/WebKit/commit/ea12b5282cdabc572524a96ebb79720da5ebb65a
Author: Dan Hecht <[email protected]>
Date: 2025-10-06 (Mon, 06 Oct 2025)
Changed paths:
M Source/JavaScriptCore/llint/InPlaceInterpreter64.asm
Log Message:
-----------
[JSC] WASM IPInt SIMD: fix register usage in argumINT/mINT stack_vector
https://bugs.webkit.org/show_bug.cgi?id=300242
rdar://162037890
Reviewed by Yusuke Suzuki.
argumINT stack_vector is assuming that once the register argument
bytecodes are processed, there's no need to preserve the argument
registers themselves, since the values have been copied into
the wasm stack.
However, in the edge case when --useWasmIPInt=false and --useWasmIPIntSIMD=true,
the OSR prologue check will synchronously on-ramp to BBQ, and the
OSR prologue check happens after argumINT has run. So, let's not
clobber argument registers in argumINT. Also changing mINT to not
clobber the result results for consistency, and also because clobbering
these registers required a guarantee of bytecode ordering, which is
brittle.
Testing: Run simd-instructions-calls.js with --useWasmIPInt=false and
--useWasmIPIntSIMD=true,
which had discovered this issue
* Source/JavaScriptCore/llint/InPlaceInterpreter64.asm:
Canonical link: https://commits.webkit.org/301079@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
