WebKit Bugzilla
Attachment 346598 Details for
Bug 188145
: Hardcoded LFENCE instruction
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
bug-188145-20180805075454.patch (text/plain), 3.62 KB, created by
karogyoker2+webkit
on 2018-08-04 22:54:56 PDT
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
karogyoker2+webkit
Created:
2018-08-04 22:54:56 PDT
Size:
3.62 KB
patch
obsolete
>Index: Source/JavaScriptCore/ChangeLog >=================================================================== >--- Source/JavaScriptCore/ChangeLog (revision 234578) >+++ Source/JavaScriptCore/ChangeLog (working copy) >@@ -1,3 +1,17 @@ >+2018-08-04 Karo Gyoker <karogyoker2+webkit@gmail.com> >+ >+ Hardcoded LFENCE instruction >+ https://bugs.webkit.org/show_bug.cgi?id=188145 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Remove lfence instruction because it is crashing systems without SSE2 and >+ this is not the way how WebKit mitigates Spectre. >+ >+ * runtime/JSLock.cpp: >+ (JSC::JSLock::didAcquireLock): >+ (JSC::JSLock::willReleaseLock): >+ > 2018-08-03 Saam Barati <sbarati@apple.com> > > Give the `jsc` shell the JIT entitlement >Index: Source/JavaScriptCore/runtime/JSLock.cpp >=================================================================== >--- Source/JavaScriptCore/runtime/JSLock.cpp (revision 234578) >+++ Source/JavaScriptCore/runtime/JSLock.cpp (working copy) >@@ -122,9 +122,7 @@ void JSLock::lock(intptr_t lockCount) > } > > void JSLock::didAcquireLock() >-{ >- WTF::speculationFence(); >- >+{ > // FIXME: What should happen to the per-thread identifier table if we don't have a VM? > if (!m_vm) > return; >@@ -192,9 +190,7 @@ void JSLock::unlock(intptr_t unlockCount > } > > void JSLock::willReleaseLock() >-{ >- WTF::speculationFence(); >- >+{ > RefPtr<VM> vm = m_vm; > if (vm) { > vm->drainMicrotasks(); >Index: Source/WTF/ChangeLog >=================================================================== >--- Source/WTF/ChangeLog (revision 234578) >+++ Source/WTF/ChangeLog (working copy) >@@ -1,3 +1,18 @@ >+2018-08-04 Karo Gyoker <karogyoker2+webkit@gmail.com> >+ >+ Hardcoded LFENCE instruction >+ https://bugs.webkit.org/show_bug.cgi?id=188145 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Remove lfence instruction because it is crashing systems without SSE2 and >+ this is not the way how WebKit mitigates Spectre. >+ >+ * wtf/Atomics.h: >+ (WTF::crossModifyingCodeFence): >+ (WTF::speculationFence): Deleted. >+ (WTF::x86_lfence): Deleted. >+ > 2018-08-03 Ben Richards <benton_richards@apple.com> > > We should cache the compiled sandbox profile in a data vault >Index: Source/WTF/wtf/Atomics.h >=================================================================== >--- Source/WTF/wtf/Atomics.h (revision 234578) >+++ Source/WTF/wtf/Atomics.h (working copy) >@@ -276,17 +276,9 @@ inline void storeStoreFence() { arm_dmb_ > inline void memoryBarrierAfterLock() { arm_dmb(); } > inline void memoryBarrierBeforeUnlock() { arm_dmb(); } > inline void crossModifyingCodeFence() { arm_isb(); } >-inline void speculationFence() { arm_isb(); } > > #elif CPU(X86) || CPU(X86_64) > >-inline void x86_lfence() >-{ >-#if !OS(WINDOWS) >- asm volatile("lfence" ::: "memory"); >-#endif >-} >- > inline void x86_ortop() > { > #if OS(WINDOWS) >@@ -322,7 +314,6 @@ inline void storeStoreFence() { compiler > inline void memoryBarrierAfterLock() { compilerFence(); } > inline void memoryBarrierBeforeUnlock() { compilerFence(); } > inline void crossModifyingCodeFence() { x86_cpuid(); } >-inline void speculationFence() { x86_lfence(); } > > #else > >@@ -333,7 +324,6 @@ inline void storeStoreFence() { std::ato > inline void memoryBarrierAfterLock() { std::atomic_thread_fence(std::memory_order_seq_cst); } > inline void memoryBarrierBeforeUnlock() { std::atomic_thread_fence(std::memory_order_seq_cst); } > inline void crossModifyingCodeFence() { std::atomic_thread_fence(std::memory_order_seq_cst); } // Probably not strong enough. >-inline void speculationFence() { } // Probably not strong enough. > > #endif >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=346598">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 188145
:
346020
|
346021
|
346034
|
346059
|
346112
|
346589
|
346591
| 346598