grow-memory.js 13.7 KB
Newer Older
1 2 3 4
// Copyright 2016 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

5
// Flags: --expose-wasm --stress-compaction
6 7 8 9

load("test/mjsunit/wasm/wasm-module-builder.js");


10
function genMemoryGrowBuilder() {
11 12
  var builder = new WasmModuleBuilder();
  builder.addFunction("grow_memory", kSig_i_i)
13
      .addBody([kExprLocalGet, 0, kExprMemoryGrow, kMemoryZero])
14 15
      .exportFunc();
  builder.addFunction("load", kSig_i_i)
16
      .addBody([kExprLocalGet, 0, kExprI32LoadMem, 0, 0])
17 18
      .exportFunc();
  builder.addFunction("store", kSig_i_ii)
19 20
      .addBody([kExprLocalGet, 0, kExprLocalGet, 1, kExprI32StoreMem, 0, 0,
                kExprLocalGet, 1])
21
      .exportFunc();
22
  builder.addFunction("load16", kSig_i_i)
23
      .addBody([kExprLocalGet, 0, kExprI32LoadMem16U, 0, 0])
24 25
      .exportFunc();
  builder.addFunction("store16", kSig_i_ii)
26 27
      .addBody([kExprLocalGet, 0, kExprLocalGet, 1, kExprI32StoreMem16, 0, 0,
                kExprLocalGet, 1])
28 29
      .exportFunc();
  builder.addFunction("load8", kSig_i_i)
30
      .addBody([kExprLocalGet, 0, kExprI32LoadMem8U, 0, 0])
31 32
      .exportFunc();
  builder.addFunction("store8", kSig_i_ii)
33 34
      .addBody([kExprLocalGet, 0, kExprLocalGet, 1, kExprI32StoreMem8, 0, 0,
                kExprLocalGet, 1])
35
      .exportFunc();
36 37 38
  return builder;
}

39
// V8 internal memory size limit.
40
var kV8MaxPages = 65536;
41 42


43 44
function testMemoryGrowReadWriteBase(size, load_fn, store_fn) {
  // size is the number of bytes for load and stores.
45
  var builder = genMemoryGrowBuilder();
46
  builder.addMemory(1, undefined, false);
47 48
  var module = builder.instantiate();
  var offset;
49 50 51 52
  var load = module.exports[load_fn];
  var store = module.exports[store_fn];
  function peek() { return load(offset); }
  function poke(value) { return store(offset, value); }
53 54
  function growMem(pages) { return module.exports.grow_memory(pages); }

55 56
  // Instead of checking every n-th offset, check the first 5.
  for(offset = 0; offset <= (4*size); offset+=size) {
57
    poke(20);
58
    assertEquals(20, peek());
59
  }
60
  for (offset = kPageSize - (size - 1); offset < kPageSize + size; offset++) {
61 62 63 64
    assertTraps(kTrapMemOutOfBounds, poke);
    assertTraps(kTrapMemOutOfBounds, peek);
  }

65
  assertEquals(1, growMem(3));
66

67 68 69 70 71 72 73 74 75 76 77 78 79
  for (let n = 1; n <= 3; n++) {
    for (offset = n * kPageSize - 5 * size; offset <= n * kPageSize + 4 * size;
         offset += size) {
      // Check the 5 offsets to the before and after the n-th page.
      //    page n-1              page n          page n+1
      //    +---- ... ------------+---------- ... +------ ...
      //    | | | ... | | | | | | | | | | | | ... | | | | ...
      //      <+>       ^                 ^
      //       |        first offset      last offset
      //       +-> size bytes
      poke(20);
      assertEquals(20, peek());
    }
80
  }
81

82 83
  // Check the last 5 valid offsets of the last page.
  for (offset = 4*kPageSize-size-(4*size); offset <= 4*kPageSize -size; offset+=size) {
84 85 86 87
    poke(20);
    assertEquals(20, peek());
  }

88
  for (offset = 4*kPageSize - (size-1); offset < 4*kPageSize + size; offset++) {
89 90 91 92 93 94
    assertTraps(kTrapMemOutOfBounds, poke);
    assertTraps(kTrapMemOutOfBounds, peek);
  }

  assertEquals(4, growMem(15));

95
  for (offset = 4*kPageSize - (size-1); offset <= 4*kPageSize + size; offset+=size) {
96 97 98
    poke(20);
    assertEquals(20, peek());
  }
99
  for (offset = 19*kPageSize - 10; offset <= 19*kPageSize - size; offset+=size) {
100 101 102
    poke(20);
    assertEquals(20, peek());
  }
103
  for (offset = 19*kPageSize - (size-1); offset < 19*kPageSize + 5; offset++) {
104 105 106 107 108
    assertTraps(kTrapMemOutOfBounds, poke);
    assertTraps(kTrapMemOutOfBounds, peek);
  }
}

109 110 111
(function testMemoryGrowReadWrite32() {
  testMemoryGrowReadWriteBase(4, "load", "store");
})();
112

113 114 115
(function testMemoryGrowReadWrite16() {
  testMemoryGrowReadWriteBase(2, "load16", "store16");
})();
116

117 118 119
(function testMemoryGrowReadWrite8() {
  testMemoryGrowReadWriteBase(1, "load8", "store8");
})();
120

121 122
function testMemoryGrowZeroInitialSize() {
  var builder = genMemoryGrowBuilder();
123
  builder.addMemory(0, undefined, false);
124 125 126 127 128 129 130 131 132
  var module = builder.instantiate();
  var offset;
  function peek() { return module.exports.load(offset); }
  function poke(value) { return module.exports.store(offset, value); }
  function growMem(pages) { return module.exports.grow_memory(pages); }

  assertTraps(kTrapMemOutOfBounds, peek);
  assertTraps(kTrapMemOutOfBounds, poke);

133
  assertEquals(0, growMem(1));
134

135 136 137 138 139 140 141 142
  // Check first 5 offsets.
  for(offset = 0; offset <= 5; offset++) {
    poke(20);
    assertEquals(20, peek());
  }

  // Check last 5 offsets.
  for(offset = kPageSize - 5*4; offset <= kPageSize - 4; offset++) {
143
    poke(20);
144
    assertEquals(20, peek());
145 146
  }

147
  for(offset = kPageSize - 3; offset <= kPageSize + 5; offset++) {
148 149
    assertTraps(kTrapMemOutOfBounds, peek);
  }
150 151 152 153 154 155 156 157

  offset = 3*kPageSize;
  for (var i = 1; i < 4; i++) {
    assertTraps(kTrapMemOutOfBounds, poke);
    assertEquals(i, growMem(1));
  }
  poke(20);
  assertEquals(20, peek());
158 159
}

160
testMemoryGrowZeroInitialSize();
161

162
function testMemoryGrowZeroInitialSizeBase(size, load_fn, store_fn) {
163
  var builder = genMemoryGrowBuilder();
164
  builder.addMemory(0, undefined, false);
165 166
  var module = builder.instantiate();
  var offset;
167 168 169 170
  var load = module.exports[load_fn];
  var store = module.exports[store_fn];
  function peek() { return load(offset); }
  function poke(value) { return store(offset, value); }
171 172 173 174 175 176 177
  function growMem(pages) { return module.exports.grow_memory(pages); }

  assertTraps(kTrapMemOutOfBounds, peek);
  assertTraps(kTrapMemOutOfBounds, poke);

  assertEquals(0, growMem(1));

178 179
  // Instead of checking every offset, check the first 5.
  for(offset = 0; offset <= 4; offset++) {
180 181 182 183
    poke(20);
    assertEquals(20, peek());
  }

184 185
  // Check the last 5 valid ones.
  for(offset = kPageSize - (size * 4); offset <= kPageSize - size; offset++) {
186 187 188 189
    poke(20);
    assertEquals(20, peek());
  }

190
  for(offset = kPageSize - (size - 1); offset <= kPageSize + 5; offset++) {
191 192 193 194
    assertTraps(kTrapMemOutOfBounds, peek);
  }
}

195 196 197
(function testMemoryGrowZeroInitialSize32() {
  testMemoryGrowZeroInitialSizeBase(4, "load", "store");
})();
198

199 200 201
(function testMemoryGrowZeroInitialSize16() {
  testMemoryGrowZeroInitialSizeBase(2, "load16", "store16");
})();
202

203 204 205
(function testMemoryGrowZeroInitialSize8() {
  testMemoryGrowZeroInitialSizeBase(1, "load8", "store8");
})();
206

207 208
function testMemoryGrowTrapMaxPagesZeroInitialMemory() {
  var builder = genMemoryGrowBuilder();
209
  builder.addMemory(0, undefined, false);
210
  var module = builder.instantiate();
211
  function growMem(pages) { return module.exports.grow_memory(pages); }
212
  assertEquals(-1, growMem(kV8MaxPages + 1));
213 214
}

215
testMemoryGrowTrapMaxPagesZeroInitialMemory();
216

217 218
function testMemoryGrowTrapMaxPages() {
  var builder = genMemoryGrowBuilder();
219 220
  builder.addMemory(1, 1, false);
  var module = builder.instantiate();
221
  function growMem(pages) { return module.exports.grow_memory(pages); }
222
  assertEquals(-1, growMem(kV8MaxPages));
223 224
}

225
testMemoryGrowTrapMaxPages();
226

227 228
function testMemoryGrowTrapsWithNonSmiInput() {
  var builder = genMemoryGrowBuilder();
229
  builder.addMemory(0, undefined, false);
230 231 232 233 234 235 236
  var module = builder.instantiate();
  function growMem(pages) { return module.exports.grow_memory(pages); }
  // The parameter of grow_memory is unsigned. Therefore -1 stands for
  // UINT32_MIN, which cannot be represented as SMI.
  assertEquals(-1, growMem(-1));
};

237
testMemoryGrowTrapsWithNonSmiInput();
238

239 240
function testMemoryGrowCurrentMemory() {
  var builder = genMemoryGrowBuilder();
241
  builder.addMemory(1, undefined, false);
242
  builder.addFunction("memory_size", kSig_i_v)
243
      .addBody([kExprMemorySize, kMemoryZero])
244 245 246 247
      .exportFunc();
  var module = builder.instantiate();
  function growMem(pages) { return module.exports.grow_memory(pages); }
  function MemSize() { return module.exports.memory_size(); }
248
  assertEquals(1, MemSize());
249
  assertEquals(1, growMem(1));
250
  assertEquals(2, MemSize());
251 252
}

253
testMemoryGrowCurrentMemory();
254

255
function testMemoryGrowPreservesDataMemOpBase(size, load_fn, store_fn) {
256
  var builder = genMemoryGrowBuilder();
257
  builder.addMemory(1, undefined, false);
258
  var module = builder.instantiate();
259 260 261 262 263
  var offset;
  var load = module.exports[load_fn];
  var store = module.exports[store_fn];
  function peek() { return load(offset); }
  function poke(value) { return store(offset, value); }
264
  function growMem(pages) { return module.exports.grow_memory(pages); }
265 266
  // Maximum unsigned integer of size bits.
  const max = Math.pow(2, (size * 8)) - 1;
267

268 269 270 271
  // Check the first 5 offsets.
  for(offset = 0; offset <= (4*size); offset+=size) {
    poke(offset % max);
    assertEquals(offset % max, peek());
272 273
  }

274 275 276 277
  // Check the last 5 valid offsets.
  for(offset = kPageSize - 5*size; offset <= (kPageSize - size); offset+=size) {
    poke(offset % max);
    assertEquals(offset % max, peek());
278 279 280 281
  }

  assertEquals(1, growMem(3));

282 283 284
  // Check the first 5 offsets are preserved by growMem.
  for(offset = 0; offset <= (4*size); offset+=size) {
    assertEquals(offset % max, peek());
285 286
  }

287 288 289
  // Check the last 5 valid offsets are preserved by growMem.
  for(offset = kPageSize - 5*size; offset <= (kPageSize - size); offset+=size) {
    assertEquals(offset % max, peek());
290
  }
291
}
292

293 294 295
(function testMemoryGrowPreservesDataMemOp32() {
  testMemoryGrowPreservesDataMemOpBase(4, "load", "store");
})();
296

297 298 299
(function testMemoryGrowPreservesDataMemOp16() {
  testMemoryGrowPreservesDataMemOpBase(2, "load16", "store16");
})();
300

301 302 303
(function testMemoryGrowPreservesDataMemOp8() {
  testMemoryGrowPreservesDataMemOpBase(1, "load8", "store8");
})();
304

305 306
function testMemoryGrowOutOfBoundsOffset() {
  var builder = genMemoryGrowBuilder();
307
  builder.addMemory(1, undefined, false);
308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324
  var module = builder.instantiate();
  var offset, val;
  function peek() { return module.exports.load(offset); }
  function poke(value) { return module.exports.store(offset, value); }
  function growMem(pages) { return module.exports.grow_memory(pages); }

  offset = 3*kPageSize + 4;
  assertTraps(kTrapMemOutOfBounds, poke);

  assertEquals(1, growMem(1));
  assertTraps(kTrapMemOutOfBounds, poke);

  assertEquals(2, growMem(1));
  assertTraps(kTrapMemOutOfBounds, poke);

  assertEquals(3, growMem(1));

325 326 327 328 329 330
  for (offset = 3*kPageSize; offset <= 3*kPageSize + 4; offset++) {
    poke(0xaced);
    assertEquals(0xaced, peek());
  }

  for (offset = 4*kPageSize-8; offset <= 4*kPageSize - 4; offset++) {
331 332 333 334 335 336 337 338 339
    poke(0xaced);
    assertEquals(0xaced, peek());
  }

  for (offset = 4*kPageSize - 3; offset <= 4*kPageSize + 4; offset++) {
    assertTraps(kTrapMemOutOfBounds, poke);
  }
}

340
testMemoryGrowOutOfBoundsOffset();
341

342
function testMemoryGrowOutOfBoundsOffset2() {
343 344 345 346 347 348
  var builder = new WasmModuleBuilder();
  builder.addMemory(16, 128, false);
  builder.addFunction("main", kSig_v_v)
      .addBody([
          kExprI32Const, 20,
          kExprI32Const, 29,
349
          kExprMemoryGrow, kMemoryZero,
350 351 352 353 354 355 356
          kExprI32StoreMem, 0, 0xFF, 0xFF, 0xFF, 0x3a
          ])
      .exportAs("main");
  var module = builder.instantiate();
  assertTraps(kTrapMemOutOfBounds, module.exports.main);
}

357
testMemoryGrowOutOfBoundsOffset2();
358

359 360
function testMemoryGrowDeclaredMaxTraps() {
  var builder = genMemoryGrowBuilder();
361 362 363 364 365 366 367 368
  builder.addMemory(1, 16, false);
  var module = builder.instantiate();
  function growMem(pages) { return module.exports.grow_memory(pages); }
  assertEquals(1, growMem(5));
  assertEquals(6, growMem(5));
  assertEquals(-1, growMem(6));
}

369
testMemoryGrowDeclaredMaxTraps();
370

371 372 373
(function testMemoryGrowInternalMaxTraps() {
  // This test checks that grow_memory does not grow past the internally
  // defined maximum memory size.
374
  var builder = genMemoryGrowBuilder();
375 376 377 378 379
  builder.addMemory(1, kSpecMaxPages, false);
  var module = builder.instantiate();
  function growMem(pages) { return module.exports.grow_memory(pages); }
  assertEquals(1, growMem(20));
  assertEquals(-1, growMem(kV8MaxPages - 20));
380
})();
381

382
(function testMemoryGrow4Gb() {
383
  var builder = genMemoryGrowBuilder();
384
  builder.addMemory(1, undefined, false);
385 386 387 388 389 390
  var module = builder.instantiate();
  var offset, val;
  function peek() { return module.exports.load(offset); }
  function poke(value) { return module.exports.store(offset, value); }
  function growMem(pages) { return module.exports.grow_memory(pages); }

391 392 393 394 395 396 397 398
  // Check first 5 offsets.
  for (offset = 0; offset <= 4 * 4; offset += 4) {
    poke(100000 - offset);
    assertEquals(100000 - offset, peek());
  }

  // Check last 5 offsets.
  for (offset = (kPageSize - 5 * 4); offset <= (kPageSize - 4); offset += 4) {
399 400 401 402 403
    poke(100000 - offset);
    assertEquals(100000 - offset, peek());
  }

  let result = growMem(kV8MaxPages - 1);
404
  if (result == 1) {
405 406 407 408 409 410 411
    // Check first 5 offsets.
    for (offset = 0; offset <= 4 * 4; offset += 4) {
      assertEquals(100000 - offset, peek());
    }

    // Check last 5 offsets.
    for (offset = (kPageSize - 5 * 4); offset <= (kPageSize - 4); offset += 4) {
412 413 414
      assertEquals(100000 - offset, peek());
    }

415 416 417
    // Bounds check for large mem size.
    let kMemSize = (kV8MaxPages * kPageSize);
    let kLastValidOffset = kMemSize - 4;  // Accommodate a 4-byte read/write.
418 419 420 421 422 423 424
    // Check first 5 offsets of last page.
    for (offset = kMemSize - kPageSize; offset <= kMemSize - kPageSize + 4 * 4;
         offset += 4) {
      poke(0xaced);
      assertEquals(0xaced, peek());
    }
    for (offset = kLastValidOffset - 5 * 4; offset <= kLastValidOffset;
425
         offset += 4) {
426 427 428 429
      poke(0xaced);
      assertEquals(0xaced, peek());
    }

430
    for (offset = kLastValidOffset + 1; offset < kMemSize; offset++) {
431 432 433 434 435 436 437
      assertTraps(kTrapMemOutOfBounds, poke);
    }
  } else {
    // Allocating big chunks of memory can fail on gc_stress, especially on 32
    // bit platforms. When grow_memory fails, expected result is -1.
    assertEquals(-1, result);
  }
438
})();