[wasm] Check that all initial reservations succeed

After allocating a new code space, we do some initial allocations in the
new space (e.g. for the jump table). These allocations are not allowed
to fail.
If this in indeed what's happening in the linked bug, this CHECK will
give fuzzers a chance to find us a reproducer.

Drive-by: Introduce {WasmCodeAllocator::kUnrestrictedRegion} to remove
magic constants.

R=ahaas@chromium.org

Bug: v8:1111266
Change-Id: Ia76721653226bd4aa346b89ffab0c80f67892794
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2333250
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Andreas Haas <ahaas@chromium.org>
Cr-Commit-Position: refs/heads/master@{#69204}

src/base/address-region.h

@@ -25,9 +25,9 @@ class AddressRegion {
 
   using Address = uintptr_t;
 
-  AddressRegion() = default;
+  constexpr AddressRegion() = default;
 
-  AddressRegion(Address address, size_t size)
+  constexpr AddressRegion(Address address, size_t size)
       : address_(address), size_(size) {}
 
   Address begin() const { return address_; }

src/wasm/wasm-code-manager.cc

@@ -605,9 +605,8 @@ size_t ReservationSize(size_t code_size_estimate, int num_declared_functions,
 
 Vector<byte> WasmCodeAllocator::AllocateForCode(NativeModule* native_module,
                                                 size_t size) {
-  return AllocateForCodeInRegion(
-      native_module, size, {kNullAddress, std::numeric_limits<size_t>::max()},
-      WasmCodeAllocator::OptionalLock{});
+  return AllocateForCodeInRegion(native_module, size, kUnrestrictedRegion,
+                                 WasmCodeAllocator::OptionalLock{});
 }
 
 Vector<byte> WasmCodeAllocator::AllocateForCodeInRegion(
@@ -624,11 +623,11 @@ Vector<byte> WasmCodeAllocator::AllocateForCodeInRegion(
   size = RoundUp<kCodeAlignment>(size);
   base::AddressRegion code_space =
       free_code_space_.AllocateInRegion(size, region);
-  if (code_space.is_empty()) {
-    if (region.size() < std::numeric_limits<size_t>::max()) {
-      V8::FatalProcessOutOfMemory(nullptr, "wasm code reservation in region");
-      UNREACHABLE();
-    }
+  if (V8_UNLIKELY(code_space.is_empty())) {
+    // Only allocations without a specific region are allowed to fail. Otherwise
+    // the region must have been allocated big enough to hold all initial
+    // allocations (jump tables etc).
+    CHECK_EQ(kUnrestrictedRegion, region);
 
     Address hint = owned_code_space_.empty() ? kNullAddress
                                              : owned_code_space_.back().end();
@@ -774,6 +773,9 @@ size_t WasmCodeAllocator::GetNumCodeSpaces() const {
   return owned_code_space_.size();
 }
 
+// static
+constexpr base::AddressRegion WasmCodeAllocator::kUnrestrictedRegion;
+
 NativeModule::NativeModule(WasmEngine* engine, const WasmFeatures& enabled,
                            VirtualMemory code_space,
                            std::shared_ptr<const WasmModule> module,

src/wasm/wasm-code-manager.h

@@ -422,6 +422,11 @@ class WasmCodeAllocator {
   size_t GetNumCodeSpaces() const;
 
  private:
+  // Sentinel value to be used for {AllocateForCodeInRegion} for specifying no
+  // restriction on the region to allocate in.
+  static constexpr base::AddressRegion kUnrestrictedRegion{
+      kNullAddress, std::numeric_limits<size_t>::max()};
+
   // The engine-wide wasm code manager.
   WasmCodeManager* const code_manager_;