Bug 1482365: Sync stack before branching in wasm baseline compiler's emitSetGlobal; r=lth

--HG--
extra : rebase_source : 7f879dcbda2f9d290f9767d85a4c331c42f9eb64

js/src/jit-test/tests/wasm/gc/anyref-global-postbarrier.js

@@ -9,6 +9,19 @@ function Baguette(calories) {
     this.calories = calories;
 }
 
+// Ensure the baseline compiler sync's before the postbarrier.
+(function() {
+    wasmEvalText(`(module
+        (global (mut anyref) (ref.null anyref))
+        (func (export "f")
+            get_global 0
+            ref.null anyref
+            set_global 0
+            set_global 0
+        )
+    )`).exports.f();
+})();
+
 let exportsPlain = wasmEvalText(`(module
     (global i32 (i32.const 42))
     (global $g (mut anyref) (ref.null anyref))

js/src/wasm/WasmBaselineCompile.cpp

@@ -5668,6 +5668,10 @@ class BaseCompiler final : public BaseCompilerInterface
     void emitPostBarrier(const Maybe<RegPtr>& object, RegPtr otherScratch, RegPtr valueAddr, RegPtr setValue) {
         Label skipBarrier;
 
+        // One of the branches (in case we need the C++ call) will cause a sync,
+        // so ensure the stack is sync'd before, so that the join is sync'd too.
+        sync();
+
         // If the pointer being stored is null, no barrier.
         masm.branchTestPtr(Assembler::Zero, setValue, setValue, &skipBarrier);