Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(47)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: src/runtime/runtime-futex.cc

Issue 2659083004: [SAB] Fix crash in Atomics.wake w/ infinite count. (Closed)
Patch Set: fix Created 3 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « src/js/harmony-atomics.js ('k') | test/mjsunit/harmony/futex.js » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 the V8 project authors. All rights reserved. 1 // Copyright 2015 the V8 project authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "src/runtime/runtime-utils.h" 5 #include "src/runtime/runtime-utils.h"
6 6
7 #include "src/arguments.h" 7 #include "src/arguments.h"
8 #include "src/base/platform/time.h" 8 #include "src/base/platform/time.h"
9 #include "src/conversions-inl.h" 9 #include "src/conversions-inl.h"
10 #include "src/futex-emulation.h" 10 #include "src/futex-emulation.h"
(...skipping 27 matching lines...) Expand all
38 size_t addr = (index << 2) + NumberToSize(sta->byte_offset()); 38 size_t addr = (index << 2) + NumberToSize(sta->byte_offset());
39 39
40 return FutexEmulation::Wait(isolate, array_buffer, addr, value, timeout); 40 return FutexEmulation::Wait(isolate, array_buffer, addr, value, timeout);
41 } 41 }
42 42
43 RUNTIME_FUNCTION(Runtime_AtomicsWake) { 43 RUNTIME_FUNCTION(Runtime_AtomicsWake) {
44 HandleScope scope(isolate); 44 HandleScope scope(isolate);
45 DCHECK_EQ(3, args.length()); 45 DCHECK_EQ(3, args.length());
46 CONVERT_ARG_HANDLE_CHECKED(JSTypedArray, sta, 0); 46 CONVERT_ARG_HANDLE_CHECKED(JSTypedArray, sta, 0);
47 CONVERT_SIZE_ARG_CHECKED(index, 1); 47 CONVERT_SIZE_ARG_CHECKED(index, 1);
48 CONVERT_INT32_ARG_CHECKED(count, 2); 48 CONVERT_UINT32_ARG_CHECKED(count, 2);
49 CHECK(sta->GetBuffer()->is_shared()); 49 CHECK(sta->GetBuffer()->is_shared());
50 CHECK_LT(index, NumberToSize(sta->length())); 50 CHECK_LT(index, NumberToSize(sta->length()));
51 CHECK_EQ(sta->type(), kExternalInt32Array); 51 CHECK_EQ(sta->type(), kExternalInt32Array);
52 52
53 Handle<JSArrayBuffer> array_buffer = sta->GetBuffer(); 53 Handle<JSArrayBuffer> array_buffer = sta->GetBuffer();
54 size_t addr = (index << 2) + NumberToSize(sta->byte_offset()); 54 size_t addr = (index << 2) + NumberToSize(sta->byte_offset());
55 55
56 return FutexEmulation::Wake(isolate, array_buffer, addr, count); 56 return FutexEmulation::Wake(isolate, array_buffer, addr, count);
57 } 57 }
58 58
(...skipping 15 matching lines...) Expand all
74 RUNTIME_FUNCTION(Runtime_SetAllowAtomicsWait) { 74 RUNTIME_FUNCTION(Runtime_SetAllowAtomicsWait) {
75 HandleScope scope(isolate); 75 HandleScope scope(isolate);
76 DCHECK_EQ(1, args.length()); 76 DCHECK_EQ(1, args.length());
77 CONVERT_BOOLEAN_ARG_CHECKED(set, 0); 77 CONVERT_BOOLEAN_ARG_CHECKED(set, 0);
78 78
79 isolate->set_allow_atomics_wait(set); 79 isolate->set_allow_atomics_wait(set);
80 return isolate->heap()->undefined_value(); 80 return isolate->heap()->undefined_value();
81 } 81 }
82 } // namespace internal 82 } // namespace internal
83 } // namespace v8 83 } // namespace v8
OLDNEW
« no previous file with comments | « src/js/harmony-atomics.js ('k') | test/mjsunit/harmony/futex.js » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698