From 467fdf814cba8e6f488fb7a12b57ef3d906a643c Mon Sep 17 00:00:00 2001 From: Vivian Wang Date: Tue, 3 Feb 2026 16:46:02 +0800 Subject: [PATCH] [PATCH] deps: V8: backport 6a0a25abaed3 Original commit message: [riscv] Fix sp handling in MacroAssembler::LeaveFrame Keep sp <= fp to ensure that data right above fp doesn't get clobbered by an inopportune signal and its handler. Such clobbering can happen in e.g. Node.js when JIT-compiled code is interrupted by a SIGCHLD handler. Bug: None Change-Id: Ief0836032ada7942e89f081f7605f61632c4d414 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/7540554 Reviewed-by: Ji Qiu Commit-Queue: Yahan Lu (LuYahan) Reviewed-by: Rezvan Mahdavi Hezaveh Cr-Commit-Position: refs/heads/main@{#105069} Refs: https://github.com/v8/v8/commit/6a0a25abaed397f83eb0d92e4b33a5e18204f8bc Co-authored-by: kxxt PR-URL: https://github.com/nodejs/node/pull/61687 Reviewed-By: Marco Ippolito Reviewed-By: Richard Lau Gbp-Pq: Topic sec Gbp-Pq: Name 44-v8-riscv-fix-sp-handling-in-macroassembler-leave-frame.patch --- deps/v8/src/codegen/riscv/macro-assembler-riscv.cc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/deps/v8/src/codegen/riscv/macro-assembler-riscv.cc b/deps/v8/src/codegen/riscv/macro-assembler-riscv.cc index b39661c77..7f09d0529 100644 --- a/deps/v8/src/codegen/riscv/macro-assembler-riscv.cc +++ b/deps/v8/src/codegen/riscv/macro-assembler-riscv.cc @@ -5530,9 +5530,10 @@ void MacroAssembler::EnterFrame(StackFrame::Type type) { void MacroAssembler::LeaveFrame(StackFrame::Type type) { ASM_CODE_COMMENT(this); - addi(sp, fp, 2 * kSystemPointerSize); + Move(sp, fp); LoadWord(ra, MemOperand(fp, 1 * kSystemPointerSize)); LoadWord(fp, MemOperand(fp, 0 * kSystemPointerSize)); + AddWord(sp, sp, 2 * kSystemPointerSize); } void MacroAssembler::EnterExitFrame(int stack_space, -- 2.30.2