poky/meta/recipes-sato/webkit/webkitgtk/CVE-2022-32888.patch

CVE: CVE-2022-32888
Upstream-Status: Backport [https://github.com/WebKit/WebKit/commit/a3dd7dc]

[1]: https://support.apple.com/en-us/HT213446
[2]: https://bugs.webkit.org/show_bug.cgi?id=242047

Signed-off-by: Kai Kang <kai.kang@windriver.com>

From a3dd7dc5f60b87a7cfd14c372e40ebd339076763 Mon Sep 17 00:00:00 2001
From: Yusuke Suzuki <ysuzuki@apple.com>
Date: Mon, 27 Jun 2022 21:34:55 -0700
Subject: [PATCH] [JSC] Drop wasm stale assertion
 https://bugs.webkit.org/show_bug.cgi?id=242047 rdar://95866655

Reviewed by Mark Lam.

This patch drops stale assertion in addDelegateToUnreachable.

* Source/JavaScriptCore/wasm/WasmLLIntGenerator.cpp:
(JSC::Wasm::LLIntGenerator::addDelegateToUnreachable):

Canonical link: https://commits.webkit.org/251902@main
---
 Source/JavaScriptCore/wasm/WasmLLIntGenerator.cpp | 1 -
 1 file changed, 1 deletion(-)

diff --git a/Source/JavaScriptCore/wasm/WasmLLIntGenerator.cpp b/Source/JavaScriptCore/wasm/WasmLLIntGenerator.cpp
index 39fb39b3331f..d0d2b9725991 100644
--- a/Source/JavaScriptCore/wasm/WasmLLIntGenerator.cpp
+++ b/Source/JavaScriptCore/wasm/WasmLLIntGenerator.cpp
@@ -1182,7 +1182,6 @@ auto LLIntGenerator::addDelegateToUnreachable(ControlType& target, ControlType&
 
     ControlTry& tryData = std::get<ControlTry>(data);
     m_codeBlock->addExceptionHandler({ HandlerType::Delegate, tryData.m_try->location(), delegateLabel->location(), 0, m_tryDepth, targetDepth });
-    checkConsistency();
     return { };
 }
 
-- 
2.34.1