Skip to site navigation (Press enter)

[webkit-changes] [206642] trunk/Source/JavaScriptCore

fpizlo Fri, 30 Sep 2016 10:02:34 -0700

Title: [206642] trunk/Source/_javascript_Core

Revision: 206642
Author: [email protected]
Date: 2016-09-30 10:02:46 -0700 (Fri, 30 Sep 2016)

Log Message

64-bit LLInt needs to have a concurrency-aware barrier
https://bugs.webkit.org/show_bug.cgi?id=162790


Reviewed by Mark Lam.

In a concurrent GC the barrier definitely has to be after the store, not before it.

* llint/LowLevelInterpreter64.asm:

Modified Paths

trunk/Source/_javascript_Core/ChangeLog
trunk/Source/_javascript_Core/llint/LowLevelInterpreter64.asm

Diff

Modified: trunk/Source/_javascript_Core/ChangeLog (206641 => 206642)


--- trunk/Source/_javascript_Core/ChangeLog	2016-09-30 17:00:22 UTC (rev 206641)
+++ trunk/Source/_javascript_Core/ChangeLog	2016-09-30 17:02:46 UTC (rev 206642)
@@ -1,3 +1,14 @@
+2016-09-30  Filip Pizlo  <[email protected]>
+
+        64-bit LLInt needs to have a concurrency-aware barrier
+        https://bugs.webkit.org/show_bug.cgi?id=162790
+
+        Reviewed by Mark Lam.
+
+        In a concurrent GC the barrier definitely has to be after the store, not before it.
+
+        * llint/LowLevelInterpreter64.asm:
+
 2016-09-29  Filip Pizlo  <[email protected]>
 
         Air should have a way of expressing additional instruction flags

Modified: trunk/Source/_javascript_Core/llint/LowLevelInterpreter64.asm (206641 => 206642)


--- trunk/Source/_javascript_Core/llint/LowLevelInterpreter64.asm	2016-09-30 17:00:22 UTC (rev 206641)
+++ trunk/Source/_javascript_Core/llint/LowLevelInterpreter64.asm	2016-09-30 17:02:46 UTC (rev 206642)
@@ -1287,7 +1287,6 @@
 
 _llint_op_put_by_id:
     traceExecution()
-    writeBarrierOnOperands(1, 3)
     loadisFromInstruction(1, t3)
     loadConstantOrVariableCell(t3, t0, .opPutByIdSlow)
     loadisFromInstruction(4, t2)
@@ -1417,6 +1416,7 @@
     loadConstantOrVariable(t1, t2)
     loadisFromInstruction(5, t1)
     storePropertyAtVariableOffset(t1, t0, t2)
+    writeBarrierOnOperands(1, 3)
     dispatch(9)
 
 .opPutByIdSlow:
@@ -1580,7 +1580,6 @@
 
 macro putByVal(slowPath)
     traceExecution()
-    writeBarrierOnOperands(1, 3)
     loadisFromInstruction(1, t0)
     loadConstantOrVariableCell(t0, t1, .opPutByValSlow)
     loadpFromInstruction(4, t3)
@@ -1597,6 +1596,7 @@
             loadConstantOrVariable(operand, scratch)
             bpb scratch, tagTypeNumber, .opPutByValSlow
             storep scratch, address
+            writeBarrierOnOperands(1, 3)
         end)
 
 .opPutByValNotInt32:
@@ -1613,6 +1613,7 @@
             bdnequn ft0, ft0, .opPutByValSlow
         .ready:
             stored ft0, address
+            writeBarrierOnOperands(1, 3)
         end)
 
 .opPutByValNotDouble:
@@ -1621,6 +1622,7 @@
         macro (operand, scratch, address)
             loadConstantOrVariable(operand, scratch)
             storep scratch, address
+            writeBarrierOnOperands(1, 3)
         end)
 
 .opPutByValNotContiguous:
@@ -1631,6 +1633,7 @@
     loadisFromInstruction(3, t2)
     loadConstantOrVariable(t2, t1)
     storeq t1, ArrayStorage::m_vector[t0, t3, 8]
+    writeBarrierOnOperands(1, 3)
     dispatch(5)
 
 .opPutByValArrayStorageEmpty:
@@ -2252,16 +2255,16 @@
 
 #pLocalClosureVar:
     bineq t0, LocalClosureVar, .pGlobalProperty
-    writeBarrierOnOperands(1, 3)
     loadVariable(1, t0)
     putLocalClosureVar()
+    writeBarrierOnOperands(1, 3)
     dispatch(7)
 
 .pGlobalProperty:
     bineq t0, GlobalProperty, .pGlobalVar
-    writeBarrierOnOperands(1, 3)
     loadWithStructureCheck(1, .pDynamic)
     putProperty()
+    writeBarrierOnOperands(1, 3)
     dispatch(7)
 
 .pGlobalVar:
@@ -2279,16 +2282,16 @@
 
 .pClosureVar:
     bineq t0, ClosureVar, .pGlobalPropertyWithVarInjectionChecks
-    writeBarrierOnOperands(1, 3)
     loadVariable(1, t0)
     putClosureVar()
+    writeBarrierOnOperands(1, 3)
     dispatch(7)
 
 .pGlobalPropertyWithVarInjectionChecks:
     bineq t0, GlobalPropertyWithVarInjectionChecks, .pGlobalVarWithVarInjectionChecks
-    writeBarrierOnOperands(1, 3)
     loadWithStructureCheck(1, .pDynamic)
     putProperty()
+    writeBarrierOnOperands(1, 3)
     dispatch(7)
 
 .pGlobalVarWithVarInjectionChecks:
@@ -2308,10 +2311,10 @@
 
 .pClosureVarWithVarInjectionChecks:
     bineq t0, ClosureVarWithVarInjectionChecks, .pModuleVar
-    writeBarrierOnOperands(1, 3)
     varInjectionCheck(.pDynamic)
     loadVariable(1, t0)
     putClosureVar()
+    writeBarrierOnOperands(1, 3)
     dispatch(7)
 
 .pModuleVar:
@@ -2337,12 +2340,12 @@
 
 _llint_op_put_to_arguments:
     traceExecution()
-    writeBarrierOnOperands(1, 3)
     loadVariable(1, t0)
     loadi 16[PB, PC, 8], t1
     loadisFromInstruction(3, t3)
     loadConstantOrVariable(t3, t2)
     storeq t2, DirectArguments_storage[t0, t1, 8]
+    writeBarrierOnOperands(1, 3)
     dispatch(4)

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes