299933 – Call out the assumption in VM and VMEntryRecord that fields are loadable as a pair

RESOLVED FIXED299933

Call out the assumption in VM and VMEntryRecord that fields are loadable as a pair

https://bugs.webkit.org/show_bug.cgi?id=299933

Summary Call out the assumption in VM and VMEntryRecord that fields are loadable as a...

Vassili Bykov

Reported 2025-09-30 22:08:54 PDT

VM::topCallFrame and VM::topEntryFrame are loaded as a pair by assembly code, so we assume they are consecutive and appear in that order. There is a similar pair of fields in VMEntryRecord. Let's put a comment in to warn about this assumption and prevent surprises (ask me how I know).

Attachments
Add attachment proposed patch, testcase, etc.

Radar WebKit Bug Importer

Comment 1 2025-09-30 22:09:01 PDT

<rdar://problem/161707462>

Vassili Bykov

Comment 2 2025-09-30 22:22:13 PDT

Pull request: https://github.com/WebKit/WebKit/pull/51610

EWS

Comment 3 2025-10-02 14:12:14 PDT

Committed 300898@main (8268f5fdf8eb): <https://commits.webkit.org/300898@main> Reviewed commits have been landed. Closing PR #51610 and removing active labels.

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Enhancement

Classification Unclassified

Version WebKit Nightly Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component JavaScriptCore

Assignee

Vassili Bykov

Reported

2025-09-30 22:08 PDT

Modified

2025-10-02 14:12 PDT History

CC List

1 user Show

URL

Keywords InRadar

Depends on

Blocks