Bug 304100

Summary:	IPInt should push PL as a frame-relative value
Product:	WebKit	Reporter:	Vassili Bykov <v_bykov>
Component:	JavaScriptCore	Assignee:	Vassili Bykov <v_bykov>
Status:	RESOLVED FIXED
Severity:	Normal	CC:	webkit-bug-importer
Priority:	P2	Keywords:	InRadar
Version:	WebKit Nightly Build
Hardware:	Unspecified
OS:	Unspecified

Vassili Bykov

Reported 2025-12-12 22:47:07 PST

As part of function call sequence before loading argument registers, IPInt pushes onto the stack the value of the PL register. (PL is mapped to x6 on arm64, so it overlaps with argument registers). PL is a pointer to the locals on the stack. To make stack frames easily relocatable for JSPI, we need to push and pop PL as an offset from the frame pointer.

Attachments
Add attachment proposed patch, testcase, etc.

Radar WebKit Bug Importer

Comment 1 2025-12-12 22:47:14 PST

<rdar://problem/166433411>

Vassili Bykov

Comment 2 2025-12-12 23:16:16 PST

Pull request: https://github.com/WebKit/WebKit/pull/55349

EWS

Comment 3 2025-12-15 08:51:31 PST

Committed 304460@main (e9cd29d47bef): <https://commits.webkit.org/304460@main> Reviewed commits have been landed. Closing PR #55349 and removing active labels.

Note You need to log in before you can comment on or make changes to this bug.