64-bit LLInt needs to have a concurrency-aware barrier
authorfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 30 Sep 2016 17:02:46 +0000 (17:02 +0000)
committerfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 30 Sep 2016 17:02:46 +0000 (17:02 +0000)
https://bugs.webkit.org/show_bug.cgi?id=162790

Reviewed by Mark Lam.

In a concurrent GC the barrier definitely has to be after the store, not before it.

* llint/LowLevelInterpreter64.asm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206642 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/llint/LowLevelInterpreter64.asm

index 7aee414..bd8b8eb 100644 (file)
@@ -1,3 +1,14 @@
+2016-09-30  Filip Pizlo  <fpizlo@apple.com>
+
+        64-bit LLInt needs to have a concurrency-aware barrier
+        https://bugs.webkit.org/show_bug.cgi?id=162790
+
+        Reviewed by Mark Lam.
+
+        In a concurrent GC the barrier definitely has to be after the store, not before it.
+
+        * llint/LowLevelInterpreter64.asm:
+
 2016-09-29  Filip Pizlo  <fpizlo@apple.com>
 
         Air should have a way of expressing additional instruction flags
index e345652..7fedef2 100644 (file)
@@ -1287,7 +1287,6 @@ _llint_op_get_array_length:
 
 _llint_op_put_by_id:
     traceExecution()
-    writeBarrierOnOperands(1, 3)
     loadisFromInstruction(1, t3)
     loadConstantOrVariableCell(t3, t0, .opPutByIdSlow)
     loadisFromInstruction(4, t2)
@@ -1417,6 +1416,7 @@ _llint_op_put_by_id:
     loadConstantOrVariable(t1, t2)
     loadisFromInstruction(5, t1)
     storePropertyAtVariableOffset(t1, t0, t2)
+    writeBarrierOnOperands(1, 3)
     dispatch(9)
 
 .opPutByIdSlow:
@@ -1580,7 +1580,6 @@ end
 
 macro putByVal(slowPath)
     traceExecution()
-    writeBarrierOnOperands(1, 3)
     loadisFromInstruction(1, t0)
     loadConstantOrVariableCell(t0, t1, .opPutByValSlow)
     loadpFromInstruction(4, t3)
@@ -1597,6 +1596,7 @@ macro putByVal(slowPath)
             loadConstantOrVariable(operand, scratch)
             bpb scratch, tagTypeNumber, .opPutByValSlow
             storep scratch, address
+            writeBarrierOnOperands(1, 3)
         end)
 
 .opPutByValNotInt32:
@@ -1613,6 +1613,7 @@ macro putByVal(slowPath)
             bdnequn ft0, ft0, .opPutByValSlow
         .ready:
             stored ft0, address
+            writeBarrierOnOperands(1, 3)
         end)
 
 .opPutByValNotDouble:
@@ -1621,6 +1622,7 @@ macro putByVal(slowPath)
         macro (operand, scratch, address)
             loadConstantOrVariable(operand, scratch)
             storep scratch, address
+            writeBarrierOnOperands(1, 3)
         end)
 
 .opPutByValNotContiguous:
@@ -1631,6 +1633,7 @@ macro putByVal(slowPath)
     loadisFromInstruction(3, t2)
     loadConstantOrVariable(t2, t1)
     storeq t1, ArrayStorage::m_vector[t0, t3, 8]
+    writeBarrierOnOperands(1, 3)
     dispatch(5)
 
 .opPutByValArrayStorageEmpty:
@@ -2252,16 +2255,16 @@ _llint_op_put_to_scope:
 
 #pLocalClosureVar:
     bineq t0, LocalClosureVar, .pGlobalProperty
-    writeBarrierOnOperands(1, 3)
     loadVariable(1, t0)
     putLocalClosureVar()
+    writeBarrierOnOperands(1, 3)
     dispatch(7)
 
 .pGlobalProperty:
     bineq t0, GlobalProperty, .pGlobalVar
-    writeBarrierOnOperands(1, 3)
     loadWithStructureCheck(1, .pDynamic)
     putProperty()
+    writeBarrierOnOperands(1, 3)
     dispatch(7)
 
 .pGlobalVar:
@@ -2279,16 +2282,16 @@ _llint_op_put_to_scope:
 
 .pClosureVar:
     bineq t0, ClosureVar, .pGlobalPropertyWithVarInjectionChecks
-    writeBarrierOnOperands(1, 3)
     loadVariable(1, t0)
     putClosureVar()
+    writeBarrierOnOperands(1, 3)
     dispatch(7)
 
 .pGlobalPropertyWithVarInjectionChecks:
     bineq t0, GlobalPropertyWithVarInjectionChecks, .pGlobalVarWithVarInjectionChecks
-    writeBarrierOnOperands(1, 3)
     loadWithStructureCheck(1, .pDynamic)
     putProperty()
+    writeBarrierOnOperands(1, 3)
     dispatch(7)
 
 .pGlobalVarWithVarInjectionChecks:
@@ -2308,10 +2311,10 @@ _llint_op_put_to_scope:
 
 .pClosureVarWithVarInjectionChecks:
     bineq t0, ClosureVarWithVarInjectionChecks, .pModuleVar
-    writeBarrierOnOperands(1, 3)
     varInjectionCheck(.pDynamic)
     loadVariable(1, t0)
     putClosureVar()
+    writeBarrierOnOperands(1, 3)
     dispatch(7)
 
 .pModuleVar:
@@ -2337,12 +2340,12 @@ _llint_op_get_from_arguments:
 
 _llint_op_put_to_arguments:
     traceExecution()
-    writeBarrierOnOperands(1, 3)
     loadVariable(1, t0)
     loadi 16[PB, PC, 8], t1
     loadisFromInstruction(3, t3)
     loadConstantOrVariable(t3, t2)
     storeq t2, DirectArguments_storage[t0, t1, 8]
+    writeBarrierOnOperands(1, 3)
     dispatch(4)