Commit 77ff0a55 authored by Ulan Degenbaev's avatar Ulan Degenbaev Committed by Commit Bot

Refactor construction of [Shared]ArrayBuffers.

The backing store is now propagated to the constructors directly,
instead of being attached after the construction. This ensures that
the backing store is allocated before the array buffer so that we can
trigger GCs on backing store allocation (if allocation fails).

The only exception is builtin where we have to allocate the array buffer
before the backing store to comply with the spec.

Bug: v8:9380
Tbr: verwaest@chromium.org
Change-Id: Ib37db65853f3673dd769368cc3e8b6538ad07ff2
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1853444
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: 's avatarJakob Kummerow <jkummerow@chromium.org>
Cr-Commit-Position: refs/heads/master@{#64240}
parent 775e97d8
...@@ -3738,7 +3738,7 @@ std::shared_ptr<v8::BackingStore> v8::ArrayBuffer::GetBackingStore() { ...@@ -3738,7 +3738,7 @@ std::shared_ptr<v8::BackingStore> v8::ArrayBuffer::GetBackingStore() {
std::shared_ptr<i::BackingStore> backing_store = self->GetBackingStore(); std::shared_ptr<i::BackingStore> backing_store = self->GetBackingStore();
if (!backing_store) { if (!backing_store) {
backing_store = backing_store =
i::BackingStore::NewEmptyBackingStore(i::SharedFlag::kNotShared); i::BackingStore::EmptyBackingStore(i::SharedFlag::kNotShared);
} }
i::GlobalBackingStoreRegistry::Register(backing_store); i::GlobalBackingStoreRegistry::Register(backing_store);
std::shared_ptr<i::BackingStoreBase> bs_base = backing_store; std::shared_ptr<i::BackingStoreBase> bs_base = backing_store;
...@@ -3749,8 +3749,7 @@ std::shared_ptr<v8::BackingStore> v8::SharedArrayBuffer::GetBackingStore() { ...@@ -3749,8 +3749,7 @@ std::shared_ptr<v8::BackingStore> v8::SharedArrayBuffer::GetBackingStore() {
i::Handle<i::JSArrayBuffer> self = Utils::OpenHandle(this); i::Handle<i::JSArrayBuffer> self = Utils::OpenHandle(this);
std::shared_ptr<i::BackingStore> backing_store = self->GetBackingStore(); std::shared_ptr<i::BackingStore> backing_store = self->GetBackingStore();
if (!backing_store) { if (!backing_store) {
backing_store = backing_store = i::BackingStore::EmptyBackingStore(i::SharedFlag::kShared);
i::BackingStore::NewEmptyBackingStore(i::SharedFlag::kShared);
} }
i::GlobalBackingStoreRegistry::Register(backing_store); i::GlobalBackingStoreRegistry::Register(backing_store);
std::shared_ptr<i::BackingStoreBase> bs_base = backing_store; std::shared_ptr<i::BackingStoreBase> bs_base = backing_store;
...@@ -7427,8 +7426,8 @@ Local<ArrayBuffer> v8::ArrayBuffer::New(Isolate* isolate, void* data, ...@@ -7427,8 +7426,8 @@ Local<ArrayBuffer> v8::ArrayBuffer::New(Isolate* isolate, void* data,
std::shared_ptr<i::BackingStore> backing_store = LookupOrCreateBackingStore( std::shared_ptr<i::BackingStore> backing_store = LookupOrCreateBackingStore(
i_isolate, data, byte_length, i::SharedFlag::kNotShared, mode); i_isolate, data, byte_length, i::SharedFlag::kNotShared, mode);
i::Handle<i::JSArrayBuffer> obj = i_isolate->factory()->NewJSArrayBuffer(); i::Handle<i::JSArrayBuffer> obj =
obj->Attach(std::move(backing_store)); i_isolate->factory()->NewJSArrayBuffer(std::move(backing_store));
if (mode == ArrayBufferCreationMode::kExternalized) { if (mode == ArrayBufferCreationMode::kExternalized) {
obj->set_is_external(true); obj->set_is_external(true);
} }
...@@ -7448,8 +7447,8 @@ Local<ArrayBuffer> v8::ArrayBuffer::New( ...@@ -7448,8 +7447,8 @@ Local<ArrayBuffer> v8::ArrayBuffer::New(
Utils::ApiCheck( Utils::ApiCheck(
!i_backing_store->is_shared(), "v8_ArrayBuffer_New", !i_backing_store->is_shared(), "v8_ArrayBuffer_New",
"Cannot construct ArrayBuffer with a BackingStore of SharedArrayBuffer"); "Cannot construct ArrayBuffer with a BackingStore of SharedArrayBuffer");
i::Handle<i::JSArrayBuffer> obj = i_isolate->factory()->NewJSArrayBuffer(); i::Handle<i::JSArrayBuffer> obj =
obj->Attach(std::move(i_backing_store)); i_isolate->factory()->NewJSArrayBuffer(std::move(i_backing_store));
return Utils::ToLocal(obj); return Utils::ToLocal(obj);
} }
...@@ -7595,9 +7594,8 @@ i::Handle<i::JSArrayBuffer> SetupSharedArrayBuffer( ...@@ -7595,9 +7594,8 @@ i::Handle<i::JSArrayBuffer> SetupSharedArrayBuffer(
i_isolate, data, byte_length, i::SharedFlag::kShared, mode); i_isolate, data, byte_length, i::SharedFlag::kShared, mode);
i::Handle<i::JSArrayBuffer> obj = i::Handle<i::JSArrayBuffer> obj =
i_isolate->factory()->NewJSSharedArrayBuffer(); i_isolate->factory()->NewJSSharedArrayBuffer(std::move(backing_store));
obj->Attach(backing_store);
if (mode == ArrayBufferCreationMode::kExternalized) { if (mode == ArrayBufferCreationMode::kExternalized) {
obj->set_is_external(true); obj->set_is_external(true);
} }
...@@ -7717,8 +7715,7 @@ Local<SharedArrayBuffer> v8::SharedArrayBuffer::New(Isolate* isolate, ...@@ -7717,8 +7715,7 @@ Local<SharedArrayBuffer> v8::SharedArrayBuffer::New(Isolate* isolate,
} }
i::Handle<i::JSArrayBuffer> obj = i::Handle<i::JSArrayBuffer> obj =
i_isolate->factory()->NewJSSharedArrayBuffer(); i_isolate->factory()->NewJSSharedArrayBuffer(std::move(backing_store));
obj->Attach(std::move(backing_store));
return Utils::ToLocalShared(obj); return Utils::ToLocalShared(obj);
} }
...@@ -7744,8 +7741,7 @@ Local<SharedArrayBuffer> v8::SharedArrayBuffer::New( ...@@ -7744,8 +7741,7 @@ Local<SharedArrayBuffer> v8::SharedArrayBuffer::New(
i_backing_store->is_shared(), "v8_SharedArrayBuffer_New", i_backing_store->is_shared(), "v8_SharedArrayBuffer_New",
"Cannot construct SharedArrayBuffer with BackingStore of ArrayBuffer"); "Cannot construct SharedArrayBuffer with BackingStore of ArrayBuffer");
i::Handle<i::JSArrayBuffer> obj = i::Handle<i::JSArrayBuffer> obj =
i_isolate->factory()->NewJSSharedArrayBuffer(); i_isolate->factory()->NewJSSharedArrayBuffer(std::move(i_backing_store));
obj->Attach(std::move(i_backing_store));
return Utils::ToLocalShared(obj); return Utils::ToLocalShared(obj);
} }
......
...@@ -31,35 +31,37 @@ namespace { ...@@ -31,35 +31,37 @@ namespace {
Object ConstructBuffer(Isolate* isolate, Handle<JSFunction> target, Object ConstructBuffer(Isolate* isolate, Handle<JSFunction> target,
Handle<JSReceiver> new_target, Handle<Object> length, Handle<JSReceiver> new_target, Handle<Object> length,
InitializedFlag initialized) { InitializedFlag initialized) {
SharedFlag shared = (*target != target->native_context().array_buffer_fun())
? SharedFlag::kShared
: SharedFlag::kNotShared;
Handle<JSObject> result; Handle<JSObject> result;
ASSIGN_RETURN_FAILURE_ON_EXCEPTION( ASSIGN_RETURN_FAILURE_ON_EXCEPTION(
isolate, result, isolate, result,
JSObject::New(target, new_target, Handle<AllocationSite>::null())); JSObject::New(target, new_target, Handle<AllocationSite>::null()));
auto array_buffer = Handle<JSArrayBuffer>::cast(result); auto array_buffer = Handle<JSArrayBuffer>::cast(result);
SharedFlag shared = (*target != target->native_context().array_buffer_fun()) // Ensure that all fields are initialized because BackingStore::Allocate is
? SharedFlag::kShared // allowed to GC. Note that we cannot move the allocation of the ArrayBuffer
: SharedFlag::kNotShared; // after BackingStore::Allocate because of the spec.
array_buffer->Setup(shared, nullptr);
size_t byte_length; size_t byte_length;
if (!TryNumberToSize(*length, &byte_length) || if (!TryNumberToSize(*length, &byte_length) ||
byte_length > JSArrayBuffer::kMaxByteLength) { byte_length > JSArrayBuffer::kMaxByteLength) {
// ToNumber failed. // ToNumber failed.
array_buffer->SetupEmpty(shared);
THROW_NEW_ERROR_RETURN_FAILURE( THROW_NEW_ERROR_RETURN_FAILURE(
isolate, NewRangeError(MessageTemplate::kInvalidArrayBufferLength)); isolate, NewRangeError(MessageTemplate::kInvalidArrayBufferLength));
} }
auto backing_store = auto backing_store =
BackingStore::Allocate(isolate, byte_length, shared, initialized); BackingStore::Allocate(isolate, byte_length, shared, initialized);
if (backing_store) { if (!backing_store) {
array_buffer->Attach(std::move(backing_store)); // Allocation of backing store failed.
return *array_buffer; THROW_NEW_ERROR_RETURN_FAILURE(
isolate, NewRangeError(MessageTemplate::kArrayBufferAllocationFailed));
} }
// Allocation of backing store failed. array_buffer->Attach(std::move(backing_store));
array_buffer->SetupEmpty(shared); return *array_buffer;
THROW_NEW_ERROR_RETURN_FAILURE(
isolate, NewRangeError(MessageTemplate::kArrayBufferAllocationFailed));
} }
} // namespace } // namespace
......
...@@ -3088,41 +3088,42 @@ Handle<SyntheticModule> Factory::NewSyntheticModule( ...@@ -3088,41 +3088,42 @@ Handle<SyntheticModule> Factory::NewSyntheticModule(
return module; return module;
} }
Handle<JSArrayBuffer> Factory::NewJSArrayBuffer(AllocationType allocation) { Handle<JSArrayBuffer> Factory::NewJSArrayBuffer(
std::shared_ptr<BackingStore> backing_store, AllocationType allocation) {
Handle<Map> map(isolate()->native_context()->array_buffer_fun().initial_map(), Handle<Map> map(isolate()->native_context()->array_buffer_fun().initial_map(),
isolate()); isolate());
auto result = auto result =
Handle<JSArrayBuffer>::cast(NewJSObjectFromMap(map, allocation)); Handle<JSArrayBuffer>::cast(NewJSObjectFromMap(map, allocation));
result->SetupEmpty(SharedFlag::kNotShared); result->Setup(SharedFlag::kNotShared, std::move(backing_store));
return result; return result;
} }
MaybeHandle<JSArrayBuffer> Factory::NewJSArrayBufferAndBackingStore( MaybeHandle<JSArrayBuffer> Factory::NewJSArrayBufferAndBackingStore(
size_t byte_length, InitializedFlag initialized, size_t byte_length, InitializedFlag initialized,
AllocationType allocation) { AllocationType allocation) {
// TODO(titzer): Don't bother allocating a 0-length backing store. std::unique_ptr<BackingStore> backing_store = nullptr;
// This is currently required because the embedder API for
// TypedArray::HasBuffer() checks if the backing store is nullptr. if (byte_length > 0) {
// That check should be changed. backing_store = BackingStore::Allocate(isolate(), byte_length,
SharedFlag::kNotShared, initialized);
std::unique_ptr<BackingStore> backing_store = BackingStore::Allocate( if (!backing_store) return MaybeHandle<JSArrayBuffer>();
isolate(), byte_length, SharedFlag::kNotShared, initialized); }
if (!backing_store) return MaybeHandle<JSArrayBuffer>();
Handle<Map> map(isolate()->native_context()->array_buffer_fun().initial_map(), Handle<Map> map(isolate()->native_context()->array_buffer_fun().initial_map(),
isolate()); isolate());
auto array_buffer = auto array_buffer =
Handle<JSArrayBuffer>::cast(NewJSObjectFromMap(map, allocation)); Handle<JSArrayBuffer>::cast(NewJSObjectFromMap(map, allocation));
array_buffer->Attach(std::move(backing_store)); array_buffer->Setup(SharedFlag::kNotShared, std::move(backing_store));
return array_buffer; return array_buffer;
} }
Handle<JSArrayBuffer> Factory::NewJSSharedArrayBuffer() { Handle<JSArrayBuffer> Factory::NewJSSharedArrayBuffer(
std::shared_ptr<BackingStore> backing_store) {
Handle<Map> map( Handle<Map> map(
isolate()->native_context()->shared_array_buffer_fun().initial_map(), isolate()->native_context()->shared_array_buffer_fun().initial_map(),
isolate()); isolate());
auto result = Handle<JSArrayBuffer>::cast( auto result = Handle<JSArrayBuffer>::cast(
NewJSObjectFromMap(map, AllocationType::kYoung)); NewJSObjectFromMap(map, AllocationType::kYoung));
result->SetupEmpty(SharedFlag::kShared); result->Setup(SharedFlag::kShared, std::move(backing_store));
return result; return result;
} }
......
...@@ -665,13 +665,15 @@ class V8_EXPORT_PRIVATE Factory { ...@@ -665,13 +665,15 @@ class V8_EXPORT_PRIVATE Factory {
v8::Module::SyntheticModuleEvaluationSteps evaluation_steps); v8::Module::SyntheticModuleEvaluationSteps evaluation_steps);
Handle<JSArrayBuffer> NewJSArrayBuffer( Handle<JSArrayBuffer> NewJSArrayBuffer(
std::shared_ptr<BackingStore> backing_store,
AllocationType allocation = AllocationType::kYoung); AllocationType allocation = AllocationType::kYoung);
MaybeHandle<JSArrayBuffer> NewJSArrayBufferAndBackingStore( MaybeHandle<JSArrayBuffer> NewJSArrayBufferAndBackingStore(
size_t byte_length, InitializedFlag initialized, size_t byte_length, InitializedFlag initialized,
AllocationType allocation = AllocationType::kYoung); AllocationType allocation = AllocationType::kYoung);
Handle<JSArrayBuffer> NewJSSharedArrayBuffer(); Handle<JSArrayBuffer> NewJSSharedArrayBuffer(
std::shared_ptr<BackingStore> backing_store);
static void TypeAndSizeForElementsKind(ElementsKind kind, static void TypeAndSizeForElementsKind(ElementsKind kind,
ExternalArrayType* array_type, ExternalArrayType* array_type,
......
...@@ -455,7 +455,7 @@ std::unique_ptr<BackingStore> BackingStore::WrapAllocation( ...@@ -455,7 +455,7 @@ std::unique_ptr<BackingStore> BackingStore::WrapAllocation(
return std::unique_ptr<BackingStore>(result); return std::unique_ptr<BackingStore>(result);
} }
std::unique_ptr<BackingStore> BackingStore::NewEmptyBackingStore( std::unique_ptr<BackingStore> BackingStore::EmptyBackingStore(
SharedFlag shared) { SharedFlag shared) {
auto result = new BackingStore(nullptr, // start auto result = new BackingStore(nullptr, // start
0, // length 0, // length
...@@ -630,8 +630,7 @@ void GlobalBackingStoreRegistry::UpdateSharedWasmMemoryObjects( ...@@ -630,8 +630,7 @@ void GlobalBackingStoreRegistry::UpdateSharedWasmMemoryObjects(
if (old_buffer->byte_length() != backing_store->byte_length()) { if (old_buffer->byte_length() != backing_store->byte_length()) {
Handle<JSArrayBuffer> new_buffer = Handle<JSArrayBuffer> new_buffer =
isolate->factory()->NewJSSharedArrayBuffer(); isolate->factory()->NewJSSharedArrayBuffer(std::move(backing_store));
new_buffer->Attach(backing_store);
memory_object->update_instances(isolate, new_buffer); memory_object->update_instances(isolate, new_buffer);
} }
} }
......
...@@ -64,7 +64,7 @@ class V8_EXPORT_PRIVATE BackingStore : public BackingStoreBase { ...@@ -64,7 +64,7 @@ class V8_EXPORT_PRIVATE BackingStore : public BackingStoreBase {
bool free_on_destruct); bool free_on_destruct);
// Create an empty backing store. // Create an empty backing store.
static std::unique_ptr<BackingStore> NewEmptyBackingStore(SharedFlag shared); static std::unique_ptr<BackingStore> EmptyBackingStore(SharedFlag shared);
// Accessors. // Accessors.
void* buffer_start() const { return buffer_start_; } void* buffer_start() const { return buffer_start_; }
......
...@@ -34,16 +34,31 @@ bool CanonicalNumericIndexString(Isolate* isolate, Handle<Object> s, ...@@ -34,16 +34,31 @@ bool CanonicalNumericIndexString(Isolate* isolate, Handle<Object> s,
} }
} // anonymous namespace } // anonymous namespace
void JSArrayBuffer::SetupEmpty(SharedFlag shared) { void JSArrayBuffer::Setup(SharedFlag shared,
std::shared_ptr<BackingStore> backing_store) {
clear_padding(); clear_padding();
set_bit_field(0); set_bit_field(0);
set_is_shared(shared == SharedFlag::kShared); set_is_shared(shared == SharedFlag::kShared);
set_is_detachable(shared != SharedFlag::kShared); set_is_detachable(shared != SharedFlag::kShared);
set_backing_store(nullptr);
set_byte_length(0);
for (int i = 0; i < v8::ArrayBuffer::kEmbedderFieldCount; i++) { for (int i = 0; i < v8::ArrayBuffer::kEmbedderFieldCount; i++) {
SetEmbedderField(i, Smi::kZero); SetEmbedderField(i, Smi::kZero);
} }
if (!backing_store) {
set_backing_store(nullptr);
set_byte_length(0);
} else {
Attach(std::move(backing_store));
}
}
void JSArrayBuffer::Attach(std::shared_ptr<BackingStore> backing_store) {
DCHECK_NOT_NULL(backing_store);
DCHECK_EQ(is_shared(), backing_store->is_shared());
set_backing_store(backing_store->buffer_start());
set_byte_length(backing_store->byte_length());
if (backing_store->is_wasm_memory()) set_is_detachable(false);
if (!backing_store->free_on_destruct()) set_is_external(true);
GetIsolate()->heap()->RegisterBackingStore(*this, std::move(backing_store));
} }
void JSArrayBuffer::Detach(bool force_for_wasm_memory) { void JSArrayBuffer::Detach(bool force_for_wasm_memory) {
...@@ -73,19 +88,6 @@ void JSArrayBuffer::Detach(bool force_for_wasm_memory) { ...@@ -73,19 +88,6 @@ void JSArrayBuffer::Detach(bool force_for_wasm_memory) {
set_was_detached(true); set_was_detached(true);
} }
void JSArrayBuffer::Attach(std::shared_ptr<BackingStore> backing_store) {
SetupEmpty(backing_store->is_shared() ? SharedFlag::kShared
: SharedFlag::kNotShared);
if (backing_store->is_wasm_memory()) set_is_detachable(false);
set_backing_store(backing_store->buffer_start());
set_byte_length(backing_store->byte_length());
if (!backing_store->free_on_destruct()) set_is_external(true);
GetIsolate()->heap()->RegisterBackingStore(*this, std::move(backing_store));
}
std::shared_ptr<BackingStore> JSArrayBuffer::GetBackingStore() { std::shared_ptr<BackingStore> JSArrayBuffer::GetBackingStore() {
return GetIsolate()->heap()->LookupBackingStore(*this); return GetIsolate()->heap()->LookupBackingStore(*this);
} }
...@@ -121,7 +123,7 @@ Handle<JSArrayBuffer> JSTypedArray::GetBuffer() { ...@@ -121,7 +123,7 @@ Handle<JSArrayBuffer> JSTypedArray::GetBuffer() {
} }
// Attach the backing store to the array buffer. // Attach the backing store to the array buffer.
array_buffer->Attach(std::move(backing_store)); array_buffer->Setup(SharedFlag::kNotShared, std::move(backing_store));
// Clear the elements of the typed array. // Clear the elements of the typed array.
self->set_elements(ReadOnlyRoots(isolate).empty_byte_array()); self->set_elements(ReadOnlyRoots(isolate).empty_byte_array());
......
...@@ -73,17 +73,15 @@ class JSArrayBuffer : public JSObject { ...@@ -73,17 +73,15 @@ class JSArrayBuffer : public JSObject {
DECL_CAST(JSArrayBuffer) DECL_CAST(JSArrayBuffer)
// Immediately after creating an array buffer, the internal untagged fields // Initializes the fields of the ArrayBuffer. The provided backing_store can
// are garbage. They need to be initialized with either {SetupEmpty()} or // be nullptr. If it is not nullptr, then the function registers it with
// have a backing store attached via {Attach()}. // src/heap/array-buffer-tracker.h.
V8_EXPORT_PRIVATE void Setup(SharedFlag shared,
// Setup an array buffer with no backing store. std::shared_ptr<BackingStore> backing_store);
V8_EXPORT_PRIVATE void SetupEmpty(SharedFlag shared);
// Attaches the backing store to an already constructed empty ArrayBuffer.
// Attach a backing store to this array buffer. // This is intended to be used only in ArrayBufferConstructor builtin.
// (note: this registers it with src/heap/array-buffer-tracker.h)
V8_EXPORT_PRIVATE void Attach(std::shared_ptr<BackingStore> backing_store); V8_EXPORT_PRIVATE void Attach(std::shared_ptr<BackingStore> backing_store);
// Detach the backing store from this array buffer if it is detachable. // Detach the backing store from this array buffer if it is detachable.
// This sets the internal pointer and length to 0 and unregisters the backing // This sets the internal pointer and length to 0 and unregisters the backing
// store from the array buffer tracker. If the array buffer is not detachable, // store from the array buffer tracker. If the array buffer is not detachable,
......
...@@ -311,11 +311,10 @@ HeapObject Deserializer::PostProcessNewObject(HeapObject obj, ...@@ -311,11 +311,10 @@ HeapObject Deserializer::PostProcessNewObject(HeapObject obj,
// Serializer writes backing store ref in |backing_store| field. // Serializer writes backing store ref in |backing_store| field.
size_t store_index = reinterpret_cast<size_t>(buffer.backing_store()); size_t store_index = reinterpret_cast<size_t>(buffer.backing_store());
auto backing_store = backing_stores_[store_index]; auto backing_store = backing_stores_[store_index];
if (backing_store) { SharedFlag shared = backing_store && backing_store->is_shared()
buffer.Attach(backing_store); ? SharedFlag::kShared
} else { : SharedFlag::kNotShared;
buffer.SetupEmpty(SharedFlag::kNotShared); buffer.Setup(shared, backing_store);
}
} }
} else if (obj.IsBytecodeArray()) { } else if (obj.IsBytecodeArray()) {
// TODO(mythria): Remove these once we store the default values for these // TODO(mythria): Remove these once we store the default values for these
......
...@@ -1252,8 +1252,7 @@ Handle<WasmMemoryObject> WasmMemoryObject::New( ...@@ -1252,8 +1252,7 @@ Handle<WasmMemoryObject> WasmMemoryObject::New(
// If no buffer was provided, create a zero-length one. // If no buffer was provided, create a zero-length one.
auto backing_store = auto backing_store =
BackingStore::AllocateWasmMemory(isolate, 0, 0, SharedFlag::kNotShared); BackingStore::AllocateWasmMemory(isolate, 0, 0, SharedFlag::kNotShared);
buffer = isolate->factory()->NewJSArrayBuffer(); buffer = isolate->factory()->NewJSArrayBuffer(std::move(backing_store));
buffer->Attach(std::move(backing_store));
} }
Handle<JSFunction> memory_ctor( Handle<JSFunction> memory_ctor(
...@@ -1295,10 +1294,8 @@ MaybeHandle<WasmMemoryObject> WasmMemoryObject::New(Isolate* isolate, ...@@ -1295,10 +1294,8 @@ MaybeHandle<WasmMemoryObject> WasmMemoryObject::New(Isolate* isolate,
Handle<JSArrayBuffer> buffer = Handle<JSArrayBuffer> buffer =
(shared == SharedFlag::kShared) (shared == SharedFlag::kShared)
? isolate->factory()->NewJSSharedArrayBuffer() ? isolate->factory()->NewJSSharedArrayBuffer(std::move(backing_store))
: isolate->factory()->NewJSArrayBuffer(); : isolate->factory()->NewJSArrayBuffer(std::move(backing_store));
buffer->Attach(std::move(backing_store));
return New(isolate, buffer, maximum); return New(isolate, buffer, maximum);
} }
...@@ -1389,8 +1386,8 @@ int32_t WasmMemoryObject::Grow(Isolate* isolate, ...@@ -1389,8 +1386,8 @@ int32_t WasmMemoryObject::Grow(Isolate* isolate,
if (backing_store->GrowWasmMemoryInPlace(isolate, pages, maximum_pages)) { if (backing_store->GrowWasmMemoryInPlace(isolate, pages, maximum_pages)) {
// Detach old and create a new one with the grown backing store. // Detach old and create a new one with the grown backing store.
old_buffer->Detach(true); old_buffer->Detach(true);
Handle<JSArrayBuffer> new_buffer = isolate->factory()->NewJSArrayBuffer(); Handle<JSArrayBuffer> new_buffer =
new_buffer->Attach(backing_store); isolate->factory()->NewJSArrayBuffer(std::move(backing_store));
memory_object->update_instances(isolate, new_buffer); memory_object->update_instances(isolate, new_buffer);
return static_cast<int32_t>(old_pages); // success return static_cast<int32_t>(old_pages); // success
} }
...@@ -1401,8 +1398,8 @@ int32_t WasmMemoryObject::Grow(Isolate* isolate, ...@@ -1401,8 +1398,8 @@ int32_t WasmMemoryObject::Grow(Isolate* isolate,
// Detach old and create a new one with the new backing store. // Detach old and create a new one with the new backing store.
old_buffer->Detach(true); old_buffer->Detach(true);
Handle<JSArrayBuffer> new_buffer = isolate->factory()->NewJSArrayBuffer(); Handle<JSArrayBuffer> new_buffer =
new_buffer->Attach(std::move(new_backing_store)); isolate->factory()->NewJSArrayBuffer(std::move(new_backing_store));
memory_object->update_instances(isolate, new_buffer); memory_object->update_instances(isolate, new_buffer);
return static_cast<int32_t>(old_pages); // success return static_cast<int32_t>(old_pages); // success
} }
......
...@@ -2018,8 +2018,8 @@ class ValueSerializerTestWithSharedArrayBufferClone ...@@ -2018,8 +2018,8 @@ class ValueSerializerTestWithSharedArrayBufferClone
i_isolate, pages, pages, i::SharedFlag::kShared); i_isolate, pages, pages, i::SharedFlag::kShared);
memcpy(backing_store->buffer_start(), data, byte_length); memcpy(backing_store->buffer_start(), data, byte_length);
i::Handle<i::JSArrayBuffer> buffer = i::Handle<i::JSArrayBuffer> buffer =
i_isolate->factory()->NewJSSharedArrayBuffer(); i_isolate->factory()->NewJSSharedArrayBuffer(
buffer->Attach(std::move(backing_store)); std::move(backing_store));
return Utils::ToLocalShared(buffer); return Utils::ToLocalShared(buffer);
} else { } else {
return SharedArrayBuffer::New(isolate(), data, byte_length); return SharedArrayBuffer::New(isolate(), data, byte_length);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment