Title: [224217] trunk/Source/_javascript_Core
- Revision
- 224217
- Author
- sbar...@apple.com
- Date
- 2017-10-30 18:15:08 -0700 (Mon, 30 Oct 2017)
Log Message
We need a storeStoreFence before storing to the instruction stream's live variable catch data
https://bugs.webkit.org/show_bug.cgi?id=178649
Reviewed by Keith Miller.
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffsetSlow):
Modified Paths
Diff
Modified: trunk/Source/_javascript_Core/ChangeLog (224216 => 224217)
--- trunk/Source/_javascript_Core/ChangeLog 2017-10-31 00:49:41 UTC (rev 224216)
+++ trunk/Source/_javascript_Core/ChangeLog 2017-10-31 01:15:08 UTC (rev 224217)
@@ -1,3 +1,13 @@
+2017-10-30 Saam Barati <sbar...@apple.com>
+
+ We need a storeStoreFence before storing to the instruction stream's live variable catch data
+ https://bugs.webkit.org/show_bug.cgi?id=178649
+
+ Reviewed by Keith Miller.
+
+ * bytecode/CodeBlock.cpp:
+ (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffsetSlow):
+
2017-10-30 Michael Catanzaro <mcatanz...@igalia.com>
[WPE] Fix build warnings
Modified: trunk/Source/_javascript_Core/bytecode/CodeBlock.cpp (224216 => 224217)
--- trunk/Source/_javascript_Core/bytecode/CodeBlock.cpp 2017-10-31 00:49:41 UTC (rev 224216)
+++ trunk/Source/_javascript_Core/bytecode/CodeBlock.cpp 2017-10-31 01:15:08 UTC (rev 224217)
@@ -1742,6 +1742,12 @@
RELEASE_ASSERT(profiles->m_size == liveOperands.size());
for (unsigned i = 0; i < profiles->m_size; ++i)
profiles->m_buffer.get()[i].m_operand = liveOperands[i].offset();
+
+ // The compiler thread will read this pointer value and then proceed to dereference it
+ // if it is not null. We need to make sure all above stores happen before this store so
+ // the compiler thread reads fully initialized data.
+ WTF::storeStoreFence();
+
m_instructions[bytecodeOffset + 3].u.pointer = profiles.get();
{
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
