From 0bda014c967f34fa498e9a82f011333633e4b3fd Mon Sep 17 00:00:00 2001 From: CountBleck Date: Sun, 17 Aug 2025 12:19:55 -0700 Subject: [PATCH] LibWeb: Don't create a copy SharedArrayBuffer for shared Wasm memories For whatever reason, the implementation of "create a fixed length memory buffer" was borked for shared Wasm memories, in that a new SharedArrayBuffer was created, with the contents of the Wasm memory copied into it. This is incorrect, since the SharedArrayBuffer should be a view into the Wasm memory's span, not a copy of it. This helps pass a WPT subtest in wasm/jsapi/memory/grow.any.html. --- Libraries/LibWeb/WebAssembly/Memory.cpp | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/Libraries/LibWeb/WebAssembly/Memory.cpp b/Libraries/LibWeb/WebAssembly/Memory.cpp index 772c1fb4d85..ac9ad8e0cdd 100644 --- a/Libraries/LibWeb/WebAssembly/Memory.cpp +++ b/Libraries/LibWeb/WebAssembly/Memory.cpp @@ -135,13 +135,12 @@ WebIDL::ExceptionOr> Memory::create_a_fixed_length_memo // 3. If share is shared, if (shared == Shared::Yes) { // 1. Let block be a Shared Data Block which is identified with the underlying memory of memaddr. - auto bytes = memory->data(); - // 2. Let buffer be a new SharedArrayBuffer with the internal slots [[ArrayBufferData]] and [[ArrayBufferByteLength]]. - array_buffer = TRY(JS::allocate_shared_array_buffer(vm, realm.intrinsics().shared_array_buffer_constructor(), bytes.size())); - bytes.span().copy_to(array_buffer->buffer().span()); - // 3. FIXME: Set buffer.[[ArrayBufferData]] to block. - // 4. FIXME: Set buffer.[[ArrayBufferByteLength]] to the length of block. + // 3. Set buffer.[[ArrayBufferData]] to block. + array_buffer = JS::ArrayBuffer::create(realm, &memory->data(), JS::DataBlock::Shared::Yes); + + // 4. Set buffer.[[ArrayBufferByteLength]] to the length of block. + VERIFY(array_buffer->byte_length() == memory->size()); // 5. Perform ! SetIntegrityLevel(buffer, "frozen"). MUST(array_buffer->set_integrity_level(JS::Object::IntegrityLevel::Frozen));