[wasm] Support max memory size in WasmModuleBuilder.

This adds support to specify the maximum memory size when building a WebAssembly module. Default is not maximum, one can be explicitly set. It is mainly used by the WebAssembly fuzzers to prevent OOMs. R=ahaas@chromium.org BUG=chromium:759973 Change-Id: Ibf5fa63a7e36e5f3b65ced528c73a65355d5632f Reviewed-on: https://chromium-review.googlesource.com/640386Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#47676}

[wasm] Support max memory size in WasmModuleBuilder.
This adds support to specify the maximum memory size when building a WebAssembly module. Default is not maximum, one can be explicitly set. It is mainly used by the WebAssembly fuzzers to prevent OOMs. R=ahaas@chromium.org BUG=chromium:759973 Change-Id: Ibf5fa63a7e36e5f3b65ced528c73a65355d5632f Reviewed-on: https://chromium-review.googlesource.com/640386Reviewed-by: Andreas Haas <ahaas@chromium.org> Commit-Queue: Michael Starzinger <mstarzinger@chromium.org> Cr-Commit-Position: refs/heads/master@{#47676}
94b52112 · Michael Starzinger · Commit Bot · 1fb17815 · 94b52112 · 94b52112
Commit 94b52112 authored Aug 29, 2017 by Michael Starzinger Committed by Commit Bot Aug 29, 2017
5 changed files
--- a/src/wasm/wasm-module-builder.cc
+++ b/src/wasm/wasm-module-builder.cc
@@ -224,7 +224,9 @@ WasmModuleBuilder::WasmModuleBuilder(Zone* zone)
      globals_(zone),
      signature_map_(zone),
      start_function_index_(-1),
-      min_memory_size_(16) {}
+      min_memory_size_(16),
+      max_memory_size_(0),
+      has_max_memory_size_(false) {}
 WasmFunctionBuilder* WasmModuleBuilder::AddFunction(FunctionSig* sig) {
  functions_.push_back(new (zone_) WasmFunctionBuilder(this));
@@ -318,6 +320,11 @@ void WasmModuleBuilder::SetMinMemorySize(uint32_t value) {
  min_memory_size_ = value;
 }
+void WasmModuleBuilder::SetMaxMemorySize(uint32_t value) {
+  has_max_memory_size_ = true;
+  max_memory_size_ = value;
+}
 void WasmModuleBuilder::WriteTo(ZoneBuffer& buffer) const {
  // == Emit magic =============================================================
  buffer.write_u32(kWasmMagic);
@@ -388,9 +395,13 @@ void WasmModuleBuilder::WriteTo(ZoneBuffer& buffer) const {
  // == emit memory declaration ================================================
  {
    size_t start = EmitSection(kMemorySectionCode, buffer);
-    buffer.write_u8(1);                   // memory count
+    buffer.write_u8(1);  // memory count
-    buffer.write_u8(kNoMaximumFlag);      // no max provided
+    buffer.write_u8(has_max_memory_size_ ? kResizableMaximumFlag
-    buffer.write_u32v(min_memory_size_);  // min memory size
+                                         : kNoMaximumFlag);
+    buffer.write_u32v(min_memory_size_);
+    if (has_max_memory_size_) {
+      buffer.write_u32v(max_memory_size_);
+    }
    FixupSection(buffer, start);
  }

--- a/src/wasm/wasm-module-builder.h
+++ b/src/wasm/wasm-module-builder.h
@@ -235,6 +235,7 @@ class V8_EXPORT_PRIVATE WasmModuleBuilder : public ZoneObject {
  void MarkStartFunction(WasmFunctionBuilder* builder);
  void AddExport(Vector<const char> name, WasmFunctionBuilder* builder);
  void SetMinMemorySize(uint32_t value);
+  void SetMaxMemorySize(uint32_t value);
  // Writing methods.
  void WriteTo(ZoneBuffer& buffer) const;
@@ -292,6 +293,8 @@ class V8_EXPORT_PRIVATE WasmModuleBuilder : public ZoneObject {
  SignatureMap signature_map_;
  int start_function_index_;
  uint32_t min_memory_size_;
+  uint32_t max_memory_size_;
+  bool has_max_memory_size_;
 };
 inline FunctionSig* WasmFunctionBuilder::signature() {

--- a/test/fuzzer/wasm-call.cc
+++ b/test/fuzzer/wasm-call.cc
@@ -125,6 +125,7 @@ class WasmCallFuzzer : public WasmExecutionFuzzer {
      }
    }
+    builder.SetMaxMemorySize(32);
    builder.WriteTo(buffer);
    if (!ok) {

--- a/test/fuzzer/wasm-code.cc
+++ b/test/fuzzer/wasm-code.cc
@@ -42,6 +42,7 @@ class WasmCodeFuzzer : public WasmExecutionFuzzer {
    f->EmitCode(&end_opcode, 1);
    builder.AddExport(CStrVector("main"), f);
+    builder.SetMaxMemorySize(32);
    builder.WriteTo(buffer);
    num_args = 3;
    interpreter_args.reset(

--- a/test/fuzzer/wasm-compile.cc
+++ b/test/fuzzer/wasm-compile.cc
@@ -329,6 +329,7 @@ class WasmCompileFuzzer : public WasmExecutionFuzzer {
    f->EmitCode(&end_opcode, 1);
    builder.AddExport(v8::internal::CStrVector("main"), f);
+    builder.SetMaxMemorySize(32);
    builder.WriteTo(buffer);
    num_args = 3;