[wasm] Allow full u32 range for table maximum in WebAssembly.Table constructor.

src/wasm/wasm-js.cc

 // Copyright 2015 the V8 project authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "src/api-natives.h"
 #include "src/api.h"
 #include "src/assert-scope.h"
 #include "src/ast/ast.h"
 #include "src/execution.h"
 #include "src/factory.h"
@@ skipping 454 matching lines @@
   // We'll check for that in WebAssemblyInstantiateImpl.
   Local<Value> data = args[1];
   ASSIGN(Function, instantiate_impl,
          Function::New(context, instantiator, data));
   ASSIGN(Promise, result, module_promise->Then(context, instantiate_impl));
   args.GetReturnValue().Set(result);
 }
 
 bool GetIntegerProperty(v8::Isolate* isolate, ErrorThrower* thrower,
                         Local<Context> context, Local<v8::Object> object,
-                        Local<String> property, int* result,
+                        Local<String> property, int64_t* result,
                         int64_t lower_bound, uint64_t upper_bound) {
   v8::MaybeLocal<v8::Value> maybe = object->Get(context, property);
   v8::Local<v8::Value> value;
   if (maybe.ToLocal(&value)) {
     int64_t number;
     if (!value->IntegerValue(context).To(&number)) return false;
     if (number < lower_bound) {
       thrower->RangeError("Property value %" PRId64
                           " is below the lower bound %" PRIx64,
                           number, lower_bound);
@@ skipping 32 matching lines @@
     v8::Local<v8::String> string;
     if (!value->ToString(context).ToLocal(&string)) return;
     bool equal;
     if (!string->Equals(context, v8_str(isolate, "anyfunc")).To(&equal)) return;
     if (!equal) {
       thrower.TypeError("Descriptor property 'element' must be 'anyfunc'");
       return;
     }
   }
   // The descriptor's 'initial'.
-  int initial = 0;
+  int64_t initial = 0;
   if (!GetIntegerProperty(isolate, &thrower, context, descriptor,
                           v8_str(isolate, "initial"), &initial, 0,
                           i::FLAG_wasm_max_table_size)) {
     return;
   }
   // The descriptor's 'maximum'.
-  int maximum = -1;
+  int64_t maximum = -1;
   Local<String> maximum_key = v8_str(isolate, "maximum");
   Maybe<bool> has_maximum = descriptor->Has(context, maximum_key);
 
   if (!has_maximum.IsNothing() && has_maximum.FromJust()) {
     if (!GetIntegerProperty(isolate, &thrower, context, descriptor, maximum_key,
                             &maximum, initial,
                             i::wasm::kSpecMaxWasmTableSize)) {
       return;
     }
   }
 
   i::Handle<i::FixedArray> fixed_array;
-  i::Handle<i::JSObject> table_obj =
-      i::WasmTableObject::New(i_isolate, initial, maximum, &fixed_array);
+  i::Handle<i::JSObject> table_obj = i::WasmTableObject::New(
+      i_isolate, static_cast<uint32_t>(initial), maximum, &fixed_array);
   v8::ReturnValue<v8::Value> return_value = args.GetReturnValue();
   return_value.Set(Utils::ToLocal(table_obj));
 }
 
 void WebAssemblyMemory(const v8::FunctionCallbackInfo<v8::Value>& args) {
   v8::Isolate* isolate = args.GetIsolate();
   i::Isolate* i_isolate = reinterpret_cast<i::Isolate*>(isolate);
   HandleScope scope(isolate);
   ScheduledErrorThrower thrower(i_isolate, "WebAssembly.Memory()");
   if (args.Length() < 1 || !args[0]->IsObject()) {
     thrower.TypeError("Argument 0 must be a memory descriptor");
     return;
   }
   Local<Context> context = isolate->GetCurrentContext();
   Local<v8::Object> descriptor = args[0]->ToObject(context).ToLocalChecked();
   // The descriptor's 'initial'.
-  int initial = 0;
+  int64_t initial = 0;
   if (!GetIntegerProperty(isolate, &thrower, context, descriptor,
                           v8_str(isolate, "initial"), &initial, 0,
                           i::FLAG_wasm_max_mem_pages)) {
     return;
   }
   // The descriptor's 'maximum'.
-  int maximum = -1;
+  int64_t maximum = -1;
   Local<String> maximum_key = v8_str(isolate, "maximum");
   Maybe<bool> has_maximum = descriptor->Has(context, maximum_key);
 
   if (!has_maximum.IsNothing() && has_maximum.FromJust()) {
     if (!GetIntegerProperty(isolate, &thrower, context, descriptor, maximum_key,
                             &maximum, initial,
                             i::wasm::kSpecMaxWasmMemoryPages)) {
       return;
     }
   }
   size_t size = static_cast<size_t>(i::wasm::WasmModule::kPageSize) *
                 static_cast<size_t>(initial);
   i::Handle<i::JSArrayBuffer> buffer =
       i::wasm::NewArrayBuffer(i_isolate, size, i::FLAG_wasm_guard_pages);
   if (buffer.is_null()) {
     thrower.RangeError("could not allocate memory");
     return;
   }
-  i::Handle<i::JSObject> memory_obj =
-      i::WasmMemoryObject::New(i_isolate, buffer, maximum);
+  i::Handle<i::JSObject> memory_obj = i::WasmMemoryObject::New(
+      i_isolate, buffer, static_cast<int32_t>(maximum));
   args.GetReturnValue().Set(Utils::ToLocal(memory_obj));
 }
 
 #define NAME_OF_WasmMemoryObject "WebAssembly.Memory"
 #define NAME_OF_WasmModuleObject "WebAssembly.Module"
 #define NAME_OF_WasmInstanceObject "WebAssembly.Instance"
 #define NAME_OF_WasmTableObject "WebAssembly.Table"
 
 #define EXTRACT_THIS(var, WasmType)                                  \
   i::Handle<i::WasmType> var;                                        \
@@ skipping 27 matching lines @@
   EXTRACT_THIS(receiver, WasmTableObject);
 
   i::Handle<i::FixedArray> old_array(receiver->functions(), i_isolate);
   int old_size = old_array->length();
   int64_t new_size64 = 0;
   if (args.Length() > 0 && !args[0]->IntegerValue(context).To(&new_size64)) {
     return;
   }
   new_size64 += old_size;
 
-  int64_t max_size64 = receiver->maximum_length();
-  if (max_size64 < 0 ||
-      max_size64 > static_cast<int64_t>(i::FLAG_wasm_max_table_size)) {
+  int64_t max_size64 = receiver->maximum_length()->Number();
+  if (max_size64 < 0 || max_size64 > i::FLAG_wasm_max_table_size) {
     max_size64 = i::FLAG_wasm_max_table_size;
   }
 
   if (new_size64 < old_size || new_size64 > max_size64) {
     thrower.RangeError(new_size64 < old_size ? "trying to shrink table"
                                              : "maximum table size exceeded");
     return;
   }
 
   int new_size = static_cast<int>(new_size64);
@@ skipping 298 matching lines @@
       isolate->native_context()->wasm_link_error_function());
   JSObject::AddProperty(webassembly, isolate->factory()->LinkError_string(),
                         link_error, attributes);
   Handle<JSFunction> runtime_error(
       isolate->native_context()->wasm_runtime_error_function());
   JSObject::AddProperty(webassembly, isolate->factory()->RuntimeError_string(),
                         runtime_error, attributes);
 }
 }  // namespace internal
 }  // namespace v8