Fix memory.grow out-of-memory case.

If reallocating the memory fails, `memory.grow` should not throw but return -1
and keep the current buffer. Previously, in the case of ByteArrayWasmMemory,
the buffer would be set to null which could then cause a NullPointerException.

Author: woess

wasm/mx.wasm/truffle.tck.permissions/unsafe_excludes.json

@@ -281,7 +281,7 @@
                 "name" : "allocate",
                 "justification" : "Allow using sun.misc.Unsafe methods behind the --wasm.UseUnsafeMemory flag."
             }, {
-                "name" : "grow",
+                "name" : "reallocate",
                 "justification" : "Allow using sun.misc.Unsafe methods behind the --wasm.UseUnsafeMemory flag."
             }, {
                 "name" : "load_i32",

wasm/src/org.graalvm.wasm/src/org/graalvm/wasm/memory/ByteArrayWasmMemory.java

@@ -50,14 +50,14 @@
 import java.io.OutputStream;
 import java.util.Arrays;
 
-import com.oracle.truffle.api.library.ExportLibrary;
-import com.oracle.truffle.api.library.ExportMessage;
 import org.graalvm.wasm.api.Vector128;
 import org.graalvm.wasm.exception.Failure;
 import org.graalvm.wasm.exception.WasmException;
 
 import com.oracle.truffle.api.CompilerDirectives;
 import com.oracle.truffle.api.CompilerDirectives.TruffleBoundary;
+import com.oracle.truffle.api.library.ExportLibrary;
+import com.oracle.truffle.api.library.ExportMessage;
 import com.oracle.truffle.api.memory.ByteArraySupport;
 import com.oracle.truffle.api.nodes.Node;
 
@@ -70,7 +70,7 @@ final class ByteArrayWasmMemory extends WasmMemory {
     @TruffleBoundary
     private ByteArrayWasmMemory(long declaredMinSize, long declaredMaxSize, long initialSize, long maxAllowedSize, boolean indexType64) {
         super(declaredMinSize, declaredMaxSize, initialSize, maxAllowedSize, indexType64, false);
-        this.dynamicBuffer = allocateStatic(initialSize * MEMORY_PAGE_SIZE);
+        this.dynamicBuffer = allocateBuffer(initialSize * MEMORY_PAGE_SIZE);
     }
 
     @TruffleBoundary
@@ -100,14 +100,23 @@ public synchronized long grow(long extraPageSize) {
             invokeGrowCallback();
             return previousSize;
         } else if (compareUnsigned(extraPageSize, maxAllowedSize()) <= 0 && compareUnsigned(previousSize + extraPageSize, maxAllowedSize()) <= 0) {
-            // Condition above and limit on maxAllowedSize (see
-            // ByteArrayWasmMemory#MAX_ALLOWED_SIZE) ensure computation of targetByteSize does not
-            // overflow.
-            final long targetByteSize = multiplyExact(addExact(previousSize, extraPageSize), MEMORY_PAGE_SIZE);
+            /*
+             * Condition above and limit on maxAllowedSize (see
+             * ByteArrayWasmMemory#MAX_ALLOWED_SIZE) ensure computation of targetByteSize does not
+             * overflow.
+             */
+            final long targetPageSize = addExact(previousSize, extraPageSize);
+            final long targetByteSize = multiplyExact(targetPageSize, MEMORY_PAGE_SIZE);
             final byte[] currentBuffer = buffer();
-            allocate(targetByteSize);
-            System.arraycopy(currentBuffer, 0, buffer(), 0, currentBuffer.length);
-            currentMinSize = previousSize + extraPageSize;
+            final byte[] newBuffer;
+            try {
+                newBuffer = allocateBuffer(targetByteSize);
+            } catch (WasmException oome) {
+                return -1;
+            }
+            System.arraycopy(currentBuffer, 0, newBuffer, 0, currentBuffer.length);
+            dynamicBuffer = newBuffer;
+            currentMinSize = targetPageSize;
             invokeGrowCallback();
             return previousSize;
         } else {
@@ -118,7 +127,7 @@ public synchronized long grow(long extraPageSize) {
     @ExportMessage
     @TruffleBoundary
     public void reset() {
-        allocate(declaredMinSize * MEMORY_PAGE_SIZE);
+        dynamicBuffer = allocateBuffer(declaredMinSize * MEMORY_PAGE_SIZE);
         currentMinSize = declaredMinSize;
     }
 
@@ -1090,17 +1099,9 @@ public void copyToBuffer(Node node, byte[] dst, long srcOffset, int dstOffset, i
     }
 
     @TruffleBoundary
-    private void allocate(long byteSize) {
-        dynamicBuffer = null;
-        dynamicBuffer = allocateStatic(byteSize);
-    }
-
-    @TruffleBoundary
-    private static byte[] allocateStatic(long byteSize) {
-        assert byteSize <= Integer.MAX_VALUE : byteSize;
-        final int effectiveByteSize = (int) byteSize;
+    private static byte[] allocateBuffer(long byteSize) {
         try {
-            return new byte[effectiveByteSize];
+            return new byte[Math.toIntExact(byteSize)];
         } catch (OutOfMemoryError error) {
             throw WasmException.create(Failure.MEMORY_ALLOCATION_FAILED);
         }

wasm/src/org.graalvm.wasm/src/org/graalvm/wasm/memory/NativeWasmMemory.java

@@ -113,6 +113,17 @@ private static long allocate(long newBufferSize) {
         }
     }
 
+    @TruffleBoundary
+    private long reallocate(long newBufferSize) {
+        try {
+            final long address = unsafe.reallocateMemory(startAddress, newBufferSize);
+            unsafe.setMemory(address + bufferSize, newBufferSize - bufferSize, (byte) 0);
+            return address;
+        } catch (OutOfMemoryError error) {
+            throw WasmException.create(Failure.MEMORY_ALLOCATION_FAILED);
+        }
+    }
+
     private static Deallocator registerDeallocator(NativeWasmMemory memory, MemoryContext memoryContext, long address) {
         var deallocator = new Deallocator(address);
         memoryContext.registerCleaner(memory, deallocator);
@@ -139,29 +150,27 @@ public synchronized long grow(long extraPageSize) {
         } else if (Long.compareUnsigned(extraPageSize, maxAllowedSize()) <= 0 && Long.compareUnsigned(previousSize + extraPageSize, maxAllowedSize()) <= 0) {
             // Condition above and limit on maxAllowedSize (see NativeWasmMemory#MAX_ALLOWED_SIZE)
             // ensure computation of targetByteSize does not overflow.
-            final long targetByteSize = Math.multiplyExact(Math.addExact(previousSize, extraPageSize), MEMORY_PAGE_SIZE);
+            final long targetPageSize = Math.addExact(previousSize, extraPageSize);
+            final long targetByteSize = Math.multiplyExact(targetPageSize, MEMORY_PAGE_SIZE);
             if (Long.compareUnsigned(targetByteSize, bufferSize) > 0) {
                 try {
                     long newBufferSize = newBufferSize(targetByteSize);
-                    startAddress = updateDeallocatorAddress(unsafe.reallocateMemory(startAddress, newBufferSize));
-                    unsafe.setMemory(startAddress + bufferSize, newBufferSize - bufferSize, (byte) 0);
+                    startAddress = updateDeallocatorAddress(reallocate(newBufferSize));
                     bufferSize = newBufferSize;
-                } catch (OutOfMemoryError error) {
+                } catch (WasmException error) {
                     // Over-allocating failed, so try to allocate at least the amount of memory that
                     // was requested.
                     try {
                         long newBufferSize = targetByteSize;
-                        startAddress = updateDeallocatorAddress(unsafe.reallocateMemory(startAddress, newBufferSize));
-                        unsafe.setMemory(startAddress + bufferSize, newBufferSize - bufferSize, (byte) 0);
+                        startAddress = updateDeallocatorAddress(reallocate(newBufferSize));
                         bufferSize = newBufferSize;
-                    } catch (OutOfMemoryError errorAgain) {
-                        throw WasmException.create(Failure.MEMORY_ALLOCATION_FAILED);
+                    } catch (WasmException errorAgain) {
+                        return -1;
                     }
                 }
             }
-            final long updatedSize = previousSize + extraPageSize;
-            currentMinSize = updatedSize;
-            SIZE_FIELD.setVolatile(this, updatedSize);
+            currentMinSize = targetPageSize;
+            SIZE_FIELD.setVolatile(this, targetPageSize);
             invokeGrowCallback();
             return previousSize;
         } else {

wasm/src/org.graalvm.wasm/src/org/graalvm/wasm/memory/UnsafeWasmMemory.java

@@ -54,14 +54,14 @@
 import java.nio.Buffer;
 import java.nio.ByteBuffer;
 
-import com.oracle.truffle.api.library.ExportLibrary;
-import com.oracle.truffle.api.library.ExportMessage;
 import org.graalvm.wasm.api.Vector128;
 import org.graalvm.wasm.exception.Failure;
 import org.graalvm.wasm.exception.WasmException;
 
 import com.oracle.truffle.api.CompilerDirectives;
 import com.oracle.truffle.api.CompilerDirectives.TruffleBoundary;
+import com.oracle.truffle.api.library.ExportLibrary;
+import com.oracle.truffle.api.library.ExportMessage;
 import com.oracle.truffle.api.nodes.Node;
 
 import sun.misc.Unsafe;
@@ -99,9 +99,8 @@ private UnsafeWasmMemory(long declaredMinSize, long declaredMaxSize, long initia
 
     @TruffleBoundary
     private static ByteBuffer allocateBuffer(final long byteSize) {
-        assert (int) byteSize == byteSize : byteSize;
         try {
-            return ByteBuffer.allocateDirect((int) byteSize);
+            return ByteBuffer.allocateDirect(Math.toIntExact(byteSize));
         } catch (OutOfMemoryError error) {
             throw WasmException.create(Failure.MEMORY_ALLOCATION_FAILED);
         }
@@ -149,7 +148,12 @@ public synchronized long grow(long extraPageSize) {
             final long targetByteSize = multiplyExact(addExact(previousSize, extraPageSize), MEMORY_PAGE_SIZE);
             if (compareUnsigned(targetByteSize, buffer.capacity()) > 0) {
                 final long sourceByteSize = byteSize();
-                ByteBuffer updatedBuffer = allocateBuffer(newBufferSize(targetByteSize));
+                ByteBuffer updatedBuffer;
+                try {
+                    updatedBuffer = allocateBuffer(newBufferSize(targetByteSize));
+                } catch (WasmException oome) {
+                    return -1;
+                }
                 final long updatedStartAddress = getBufferAddress(updatedBuffer);
                 unsafe.copyMemory(startAddress, updatedStartAddress, sourceByteSize);
                 buffer = updatedBuffer;