974190b484
Just like many other operations implemented in elements.cc, copyWithin
also needs to use relaxed atomics if operating on a shared array buffer
to avoid races with other threads.
Since the ranges can overlap, this CL also adds a {Relaxed_Memmove}
function that either copies forwards (like {Relaxed_Memcpy}) or
backwards depending on the ordering of source and destination.
R=leszeks@chromium.org
Bug: chromium:1221035
Change-Id: I76b7e43810ac9b85f4ff9abbc5a0406618771c25
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3032084
Reviewed-by: Leszek Swirski <leszeks@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#75752}
13 lines
444 B
JavaScript
13 lines
444 B
JavaScript
// Copyright 2021 the V8 project authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style license that can be
|
|
// found in the LICENSE file.
|
|
|
|
let sab = new SharedArrayBuffer(40);
|
|
let i32arr = new Int32Array(sab);
|
|
let worker = new Worker(
|
|
'onmessage = function(memory) { while (memory[1] == 0) {} };',
|
|
{type: 'string'});
|
|
worker.postMessage(i32arr);
|
|
i32arr.copyWithin(Array(0x8000).fill("a"), 0);
|
|
i32arr[1] = 1;
|