In a normal call sequence where we have functions A, B, and C, and A calls B, which in turn calls C, the following sequence of events occur: 1. On entry to B from A, B preserves A's callee save registers. 2. On entry to C from B, C preserves B's callee save registers. 3. On exit from C to B, C restores B's callee save registers. 4. On exit from B to A, B restores A's callee save registers. However, when we have a tail call sequence like this instead: A calls B, and B tail calls C, the following events should occur: 1. On entry to B from A, B preserves A's callee save registers. 2. Before B tails call to C, B restores A's callee save registers. 3. On entry to C from B, C preserves A's callee save registers (which was restored in (2)). 4. On exit from C to A, C restores A's callee save registers. In our current implementation, we have a bug where step (2) is missing for one of the callee save registers i.e. the wasmInstance register. This only affects useFastTLS mode. For NoTLS mode, the wasmInstance register is used as a global register (similar to how TLS is used), and is not meant to be preserved / restored like a callee save register.
<rdar://problem/103795203>
Pull request: https://github.com/WebKit/WebKit/pull/8114
Committed 258378@main (cee499e5516c): <https://commits.webkit.org/258378@main> Reviewed commits have been landed. Closing PR #8114 and removing active labels.