401190baf0
When memory.grow was executed concurrently on multiple threads a data race could happen such that two memory.grow operations result in the same return value. With this CL the return value of memory.grow is unique, given that memory.grow actually grows the memory. As a concrete example, assume a shared WebAssembly memory initially has a size of 100. Assume two threads call memory.grow concurrently with a parameter `10`. Then with the existing code, memory would grow correctly to a size of 120, but the data race may cause both memory.grow operations to return 100. With the change in this CL one memory.grow operation would return 100, the other would return 110. R=gdeepti@chromium.org CC=rreverser@google.com Bug: chromium:1067621 Change-Id: Ib22b5135714a56799e0818ccb39e5dce327e5f8e Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2144113 Reviewed-by: Ben Smith <binji@chromium.org> Reviewed-by: Deepti Gandluri <gdeepti@chromium.org> Commit-Queue: Andreas Haas <ahaas@chromium.org> Cr-Commit-Position: refs/heads/master@{#67135} |
||
|---|---|---|
| .. | ||
| backing-store-unittest.cc | ||
| object-unittest.cc | ||
| osr-optimized-code-cache-unittest.cc | ||
| value-serializer-unittest.cc | ||
| weakarraylist-unittest.cc | ||