• Clemens Backes's avatar
    [wasm] Fix memory growth near the maximum · d6e2554d
    Clemens Backes authored
    If we grow memory (out-of-place, so only without trap handling and only
    if the maximum is >1GB) and the previous size is close to the maximum,
    then the minimum growth we calculate can be bigger than the allowed
    maximum. In this situation, the {std::clamp} has undefined behaviour,
    since the provided lower limit is bigger then the upper limit.
    
    Thus apply {std::min} and {std::max} in an order such that {max_pages}
    has precedence over {min_growth}.
    
    R=thibaudm@chromium.org
    
    Bug: chromium:1348335
    Change-Id: I4f9e9ce10a0685892248eaf0e06ffd2e84b9a069
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3793396
    Commit-Queue: Clemens Backes <clemensb@chromium.org>
    Reviewed-by: 's avatarThibaud Michaud <thibaudm@chromium.org>
    Cr-Commit-Position: refs/heads/main@{#82081}
    d6e2554d
grow-memory.js 15.2 KB