Limit linear memories when fuzzing with pooling (#4918)

This commit limits the maximum number of linear memories when the pooling allocator is used to ensure that the virtual memory mapping for the pooling allocator itself can succeed. Currently there are a number of crashes in the differential fuzzer where the pooling allocator can't allocate its mapping because the maximum specified number of linear memories times the number of instances exceeds the address space presumably.
PKU-ASAL · Sep 16, 2022 · b8fa068 · b8fa068
1 parent f558095
commit b8fa068
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/crates/fuzzing/src/generators/config.rs b/crates/fuzzing/src/generators/config.rs
@@ -349,6 +349,11 @@ impl<'a> Arbitrary<'a> for Config {
                 }
             };
 
+            // Don't allow too many linear memories per instance since massive
+            // virtual mappings can fail to get allocated.
+            cfg.min_memories = cfg.min_memories.min(10);
+            cfg.max_memories = cfg.max_memories.min(10);
+
             // Force this pooling allocator to always be able to accommodate the
             // module that may be generated.
             limits.memories = cfg.max_memories as u32;