297899 – [JSC][ARM] Fix stack pointer adjustment in JSToWasm

RESOLVED FIXED297899

[JSC][ARM] Fix stack pointer adjustment in JSToWasm

https://bugs.webkit.org/show_bug.cgi?id=297899

Summary [JSC][ARM] Fix stack pointer adjustment in JSToWasm

Mikhail R. Gadelha

Reported 2025-08-26 06:02:46 PDT

In JSToWasm, we push 8 bytes to the stack before calling operationJSToWasmEntryWrapperBuildFrame, but when restoring sp, we would pop 16 bytes, leading to corrupted arguments in the jitted function. This PR fixes the issue by pop 8 bytes.

Attachments
Add attachment proposed patch, testcase, etc.

Mikhail R. Gadelha

Comment 1 2025-08-26 06:05:45 PDT

Pull request: https://github.com/WebKit/WebKit/pull/49880

EWS

Comment 2 2025-08-26 07:27:58 PDT

Committed 299158@main (0ad56d6165be): <https://commits.webkit.org/299158@main> Reviewed commits have been landed. Closing PR #49880 and removing active labels.

Radar WebKit Bug Importer

Comment 3 2025-08-26 07:28:17 PDT

<rdar://problem/159192774>

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component JavaScriptCore

Assignee

Mikhail R. Gadelha

Reported

2025-08-26 06:02 PDT

Modified

2025-08-26 07:28 PDT History

CC List

1 user Show

URL

Keywords InRadar

Depends on

Blocks