test cl [v8/v8 : main]

0 views

Skip to first unread message

rt-node-js-v8 (Gerrit)

unread,

Mar 16, 2026, 2:16:52 PM (12 hours ago) Mar 16

to Milad Farazmand, v8-re...@googlegroups.com

Attention needed from Milad Farazmand

rt-node-js-v8 added 1 comment

Message

Two bugs in the InvokeFunction call. (1) The first argument is changed from `r4` to `r0`, but `MacroAssembler::InvokeFunction` has `DCHECK_EQ(function, r4)` and unconditionally uses `r4` internally to load the context and invoke the function code — passing `r0` will hit the assertion in debug builds and is semantically wrong. (2) The second argument is changed from `r5` (which holds `kDontAdaptArgumentsSentinel` set on the previous line) to `ip`, which has not been assigned in this function and contains an arbitrary value, so the expected parameter count will be garbage.

1 comment

File src/builtins/ppc/builtins-ppc.cc

Line 5062, Patchset 2 (Latest): __ InvokeFunction(r0, ip, r3, InvokeType::kJump);

rt-node-js-v8 . resolved

Bug: `r0` violates the `DCHECK_EQ(function, r4)` contract in `MacroAssembler::InvokeFunction` (see macro-assembler-ppc.cc:1601). The function register must be `r4` — the implementation unconditionally uses `r4` to load the context and invoke the function code, ignoring whatever register is passed here. Additionally, `ip` has not been set in this function; the previous line loads `kDontAdaptArgumentsSentinel` into `r5`, so `r5` should be the expected_parameter_count argument. This should remain `InvokeFunction(r4, r5, r3, InvokeType::kJump)`.

Open in Gerrit

Related details

Attention is currently required from:

Milad Farazmand

Submit Requirements:

Code-Owners
Code-Review
Review-Enforcement

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

satisfied_requirement

unsatisfied_requirement

open

diffy

Reply all

Reply to author

Forward

0 new messages