Chromium Code Reviews Chromium Code Reviews
Issue 2410763002:
[wasm] GrowMemory should use maximum size declared in WebAssembly.Memory (Closed)
| Index: src/wasm/wasm-module.cc |
| diff --git a/src/wasm/wasm-module.cc b/src/wasm/wasm-module.cc |
| index c0432179dcceba28fb9f341cf4792fd57a2eeb42..8afa6dbacb632b2592d266890d955d44db798589 100644 |
| --- a/src/wasm/wasm-module.cc |
| +++ b/src/wasm/wasm-module.cc |
| @@ -1426,6 +1426,15 @@ class WasmInstanceBuilder { |
| } |
| DCHECK(wasm::IsWasmObject(*instance)); |
| + // TODO(gdeepti): This should be a weak list of instance objects |
| + // for instances that share memory. |
| + Handle<Object> memory_object(instance->GetInternalField(kWasmMemObject), |
| + isolate_); |
| + static const int kWasmMemoryInstanceIndex = 2; |
|
bradnelson
2016/10/17 22:13:25
Shouldn't this live in wasm-module.h ?
gdeepti
2016/10/18 02:34:17
Refactored this and GetMaxInstanceMemorySize so th
|
| + if (!memory_object->IsUndefined(isolate_)) { |
| + JSObject::cast(*memory_object) |
| + ->SetInternalField(kWasmMemoryInstanceIndex, *instance); |
| + } |
| //-------------------------------------------------------------------------- |
| // Run the start function if one was specified. |
| @@ -2205,10 +2214,26 @@ int32_t wasm::GetInstanceMemorySize(Isolate* isolate, |
| } |
| } |
| +uint32_t GetMaxInstanceMemorySize(Isolate* isolate, Handle<JSObject> instance) { |
| + static const int kWasmMemoryMaximumIndex = 1; |
| + uint32_t max_pages = WasmModule::kMaxMemPages; |
| + Handle<Object> memory_object(instance->GetInternalField(kWasmMemObject), |
| + isolate); |
| + if (memory_object->IsUndefined(isolate)) return max_pages; |
| + Object* max_mem = |
| + JSObject::cast(*memory_object)->GetInternalField(kWasmMemoryMaximumIndex); |
| + if (max_mem->IsUndefined(isolate)) return max_pages; |
| + max_pages = Smi::cast(max_mem)->value(); |
| + DCHECK(max_pages <= WasmModule::kMaxMemPages); |
| + return max_pages; |
| +} |
| + |
| int32_t wasm::GrowInstanceMemory(Isolate* isolate, Handle<JSObject> instance, |
| uint32_t pages) { |
| - if (!IsWasmObject(*instance)) return false; |
| + if (!IsWasmObject(*instance)) return -1; |
| if (pages == 0) return GetInstanceMemorySize(isolate, instance); |
|
bradnelson
2016/10/17 22:23:26
Move max_pages = ... to above and reuse max_pages
gdeepti
2016/10/18 02:34:17
GetInstanceMemorySize, GetMaxInstanceMemorySize ar
|
| + uint32_t max_pages = GetMaxInstanceMemorySize(isolate, instance); |
| + if (WasmModule::kMaxMemPages < max_pages) return -1; |
| Address old_mem_start = nullptr; |
| uint32_t old_size = 0, new_size = 0; |
| @@ -2216,13 +2241,12 @@ int32_t wasm::GrowInstanceMemory(Isolate* isolate, Handle<JSObject> instance, |
| MaybeHandle<JSArrayBuffer> maybe_mem_buffer = |
| GetInstanceMemory(isolate, instance); |
| Handle<JSArrayBuffer> old_buffer; |
| - if (!maybe_mem_buffer.ToHandle(&old_buffer)) { |
| + if (!maybe_mem_buffer.ToHandle(&old_buffer) || |
| + old_buffer->backing_store() == nullptr) { |
| // If module object does not have linear memory associated with it, |
| // Allocate new array buffer of given size. |
| - // TODO(gdeepti): Fix bounds check to take into account size of memtype. |
| new_size = pages * WasmModule::kPageSize; |
| - // The code generated in the wasm compiler guarantees this precondition. |
| - DCHECK(pages <= WasmModule::kMaxMemPages); |
| + if (max_pages < pages) return -1; |
| } else { |
| old_mem_start = static_cast<Address>(old_buffer->backing_store()); |
| old_size = old_buffer->byte_length()->Number(); |
| @@ -2235,8 +2259,7 @@ int32_t wasm::GrowInstanceMemory(Isolate* isolate, Handle<JSObject> instance, |
| new_size = old_size + pages * WasmModule::kPageSize; |
| } |
| - if (new_size <= old_size || |
| - WasmModule::kMaxMemPages * WasmModule::kPageSize <= new_size) { |
| + if (new_size <= old_size || max_pages * WasmModule::kPageSize < new_size) { |
| return -1; |
| } |
| Handle<JSArrayBuffer> buffer = NewArrayBuffer(isolate, new_size); |
