Bug 299933

Summary:	Call out the assumption in VM and VMEntryRecord that fields are loadable as a pair
Product:	WebKit	Reporter:	Vassili Bykov <v_bykov>
Component:	JavaScriptCore	Assignee:	Vassili Bykov <v_bykov>
Status:	RESOLVED FIXED
Severity:	Enhancement	CC:	webkit-bug-importer
Priority:	P2	Keywords:	InRadar
Version:	WebKit Nightly Build
Hardware:	Unspecified
OS:	Unspecified

Vassili Bykov

Reported 2025-09-30 22:08:54 PDT

VM::topCallFrame and VM::topEntryFrame are loaded as a pair by assembly code, so we assume they are consecutive and appear in that order. There is a similar pair of fields in VMEntryRecord. Let's put a comment in to warn about this assumption and prevent surprises (ask me how I know).

Attachments
Add attachment proposed patch, testcase, etc.

Radar WebKit Bug Importer

Comment 1 2025-09-30 22:09:01 PDT

<rdar://problem/161707462>

Vassili Bykov

Comment 2 2025-09-30 22:22:13 PDT

Pull request: https://github.com/WebKit/WebKit/pull/51610

EWS

Comment 3 2025-10-02 14:12:14 PDT

Committed 300898@main (8268f5fdf8eb): <https://commits.webkit.org/300898@main> Reviewed commits have been landed. Closing PR #51610 and removing active labels.

Note You need to log in before you can comment on or make changes to this bug.