[inspector][wasm] Introduce a [[WebAssemblyMemory]] internal property.

This adds a [[WebAssemblyMemory]] internal property to ArrayBuffer and SharedArrayBuffer instances that are owned by WebAssembly.Memory objects. This allows the devtools-frontend to find the WebAssembly.Memory for any given ArrayBuffer, making it possible to properly support WebAssembly.memory.grow() eventually, but also showing a reasonable tab title. Before: https://imgur.com/hod9jPR.png After: https://imgur.com/v195VoC.png Bug: chromium:1171621, chromium:1171619, chromium:1166577 Change-Id: Ife22cabdfcf54ab30c234ea4ca86bfbb711ab2f1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2653155 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Kim-Anh Tran <kimanh@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#72403}

[inspector][wasm] Introduce a [[WebAssemblyMemory]] internal property.
This adds a [[WebAssemblyMemory]] internal property to ArrayBuffer and SharedArrayBuffer instances that are owned by WebAssembly.Memory objects. This allows the devtools-frontend to find the WebAssembly.Memory for any given ArrayBuffer, making it possible to properly support WebAssembly.memory.grow() eventually, but also showing a reasonable tab title. Before: https://imgur.com/hod9jPR.png After: https://imgur.com/v195VoC.png Bug: chromium:1171621, chromium:1171619, chromium:1166577 Change-Id: Ife22cabdfcf54ab30c234ea4ca86bfbb711ab2f1 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2653155 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Kim-Anh Tran <kimanh@chromium.org> Reviewed-by: Clemens Backes <clemensb@chromium.org> Cr-Commit-Position: refs/heads/master@{#72403}
11f0fa83 · Benedikt Meurer · Commit Bot · 9d3cd57f · 11f0fa83 · 11f0fa83
Commit 11f0fa83 authored Jan 28, 2021 by Benedikt Meurer Committed by Commit Bot Jan 28, 2021
7 changed files
--- a/src/init/heap-symbols.h
+++ b/src/init/heap-symbols.h
@@ -335,6 +335,7 @@
  V(_, zero_string, "0")

 #define PRIVATE_SYMBOL_LIST_GENERATOR(V, _)    \
+  V(_, array_buffer_wasm_memory_symbol)        \
  V(_, call_site_frame_array_symbol)           \
  V(_, call_site_frame_index_symbol)           \
  V(_, console_context_id_symbol)              \

--- a/src/runtime/runtime-debug.cc
+++ b/src/runtime/runtime-debug.cc
@@ -326,7 +326,7 @@ MaybeHandle<JSArray> Runtime::GetInternalProperties(Isolate* isolate,
        kExternalInt32Array,
    };
    Handle<FixedArray> result =
-        factory->NewFixedArray((2 + arraysize(kTypes)) * 2);
+        factory->NewFixedArray((3 + arraysize(kTypes)) * 2);
    int index = 0;
    for (auto type : kTypes) {
      switch (type) {
@@ -350,20 +350,33 @@ MaybeHandle<JSArray> Runtime::GetInternalProperties(Isolate* isolate,
    }
    Handle<String> byte_length_str =
        factory->NewStringFromAsciiChecked("[[ArrayBufferByteLength]]");
-    result->set(index++, *byte_length_str);
    Handle<Object> byte_length_obj = factory->NewNumberFromSize(byte_length);
+    result->set(index++, *byte_length_str);
    result->set(index++, *byte_length_obj);
+
    Handle<String> buffer_data_str =
        factory->NewStringFromAsciiChecked("[[ArrayBufferData]]");
-    result->set(index++, *buffer_data_str);
    // Use the backing store pointer as a unique ID
    EmbeddedVector<char, 32> buffer_data_vec;
    int len =
        SNPrintF(buffer_data_vec, V8PRIxPTR_FMT,
                 reinterpret_cast<Address>(js_array_buffer->backing_store()));
-    Handle<String> buffer_id =
+    Handle<String> buffer_data_obj =
        factory->InternalizeUtf8String(buffer_data_vec.SubVector(0, len));
-    result->set(index++, *buffer_id);
+    result->set(index++, *buffer_data_str);
+    result->set(index++, *buffer_data_obj);
+
+    Handle<Symbol> memory_symbol = factory->array_buffer_wasm_memory_symbol();
+    Handle<Object> memory_object =
+        JSObject::GetDataProperty(js_array_buffer, memory_symbol);
+    if (!memory_object->IsUndefined(isolate)) {
+      Handle<String> buffer_memory_str =
+          factory->NewStringFromAsciiChecked("[[WebAssemblyMemory]]");
+      Handle<WasmMemoryObject> buffer_memory_obj =
+          Handle<WasmMemoryObject>::cast(memory_object);
+      result->set(index++, *buffer_memory_str);
+      result->set(index++, *buffer_memory_obj);
+    }

    return factory->NewJSArrayWithElements(result, PACKED_ELEMENTS, index);
  } else if (object->IsWasmInstanceObject()) {

--- a/src/wasm/wasm-objects.cc
+++ b/src/wasm/wasm-objects.cc
@@ -839,6 +839,11 @@ Handle<WasmMemoryObject> WasmMemoryObject::New(
    backing_store->AttachSharedWasmMemoryObject(isolate, memory_object);
  }

+  // For debugging purposes we memorize a link from the JSArrayBuffer
+  // to it's owning WasmMemoryObject instance.
+  Handle<Symbol> symbol = isolate->factory()->array_buffer_wasm_memory_symbol();
+  JSObject::SetProperty(isolate, buffer, symbol, memory_object).Check();
+
  return memory_object;
 }

@@ -966,6 +971,11 @@ int32_t WasmMemoryObject::Grow(Isolate* isolate,
    Handle<JSArrayBuffer> new_buffer =
        isolate->factory()->NewJSArrayBuffer(std::move(backing_store));
    memory_object->update_instances(isolate, new_buffer);
+    // For debugging purposes we memorize a link from the JSArrayBuffer
+    // to it's owning WasmMemoryObject instance.
+    Handle<Symbol> symbol =
+        isolate->factory()->array_buffer_wasm_memory_symbol();
+    JSObject::SetProperty(isolate, new_buffer, symbol, memory_object).Check();
    DCHECK_EQ(result.value(), old_pages);
    return static_cast<int32_t>(result.value());  // success
  }
@@ -987,6 +997,10 @@ int32_t WasmMemoryObject::Grow(Isolate* isolate,
  Handle<JSArrayBuffer> new_buffer =
      isolate->factory()->NewJSArrayBuffer(std::move(new_backing_store));
  memory_object->update_instances(isolate, new_buffer);
+  // For debugging purposes we memorize a link from the JSArrayBuffer
+  // to it's owning WasmMemoryObject instance.
+  Handle<Symbol> symbol = isolate->factory()->array_buffer_wasm_memory_symbol();
+  JSObject::SetProperty(isolate, new_buffer, symbol, memory_object).Check();
  return static_cast<int32_t>(old_pages);  // success
 }


--- a/test/inspector/inspector.status
+++ b/test/inspector/inspector.status
@@ -66,6 +66,7 @@
  'debugger/asm-js-breakpoint-during-exec': [SKIP],
  'debugger/wasm-*': [SKIP],
  'cpu-profiler/console-profile-wasm': [SKIP],
+  'runtime/get-properties': [SKIP],
 }],  # 'lite_mode or variant == jitless'

 ##############################################################################

--- a/test/inspector/runtime/get-properties-expected.txt
+++ b/test/inspector/runtime/get-properties-expected.txt
@@ -105,6 +105,16 @@ Running test: testArrayBuffer
 [[ArrayBufferByteLength]]
 [[ArrayBufferData]]

+Running test: testArrayBufferFromWebAssemblyMemory
+[[Int8Array]]
+[[Uint8Array]]
+[[Int16Array]]
+[[Int32Array]]
+[[ArrayBufferByteLength]]
+[[ArrayBufferData]]
+[[WebAssemblyMemory]]
+  __proto__ own object undefined
+
 Running test: testDetachedArrayBuffer
 [[IsDetached]] true


--- a/test/inspector/runtime/get-properties.js
+++ b/test/inspector/runtime/get-properties.js
@@ -57,6 +57,25 @@ InspectorTest.runAsyncTestSuite([
    }
  },

+  async function testArrayBufferFromWebAssemblyMemory() {
+    let objectId = await evaluateToObjectId('new WebAssembly.Memory({initial: 1}).buffer');
+    let props = await Protocol.Runtime.getProperties({ objectId, ownProperties: true });
+    for (let prop of props.result.result) {
+      if (prop.name === '__proto__')
+        continue;
+      InspectorTest.log(prop.name);
+      await logGetPropertiesResult(prop.value.objectId);
+    }
+    for (let prop of props.result.internalProperties) {
+      InspectorTest.log(prop.name);
+      // Skip printing the values of the virtual typed arrays.
+      if (/\[\[.*Array\]\]/.test(prop.name))
+        continue;
+      if (prop.value.objectId)
+        await logGetPropertiesResult(prop.value.objectId);
+    }
+  },
+
  async function testDetachedArrayBuffer() {
    await Protocol.Runtime.evaluate({ expression: 'var a = new ArrayBuffer(16)' });
    await Protocol.Runtime.evaluate({ expression: 'var b = new Uint32Array(a)' });

--- a/tools/v8heapconst.py
+++ b/tools/v8heapconst.py
@@ -319,68 +319,68 @@ KNOWN_MAPS = {
  ("read_only_space", 0x03151): (67, "BasicBlockCountersMarkerMap"),
  ("read_only_space", 0x03195): (87, "ArrayBoilerplateDescriptionMap"),
  ("read_only_space", 0x03269): (99, "InterceptorInfoMap"),
-  ("read_only_space", 0x053ad): (72, "PromiseFulfillReactionJobTaskMap"),
-  ("read_only_space", 0x053d5): (73, "PromiseRejectReactionJobTaskMap"),
-  ("read_only_space", 0x053fd): (74, "CallableTaskMap"),
-  ("read_only_space", 0x05425): (75, "CallbackTaskMap"),
-  ("read_only_space", 0x0544d): (76, "PromiseResolveThenableJobTaskMap"),
-  ("read_only_space", 0x05475): (79, "FunctionTemplateInfoMap"),
-  ("read_only_space", 0x0549d): (80, "ObjectTemplateInfoMap"),
-  ("read_only_space", 0x054c5): (81, "AccessCheckInfoMap"),
-  ("read_only_space", 0x054ed): (82, "AccessorInfoMap"),
-  ("read_only_space", 0x05515): (83, "AccessorPairMap"),
-  ("read_only_space", 0x0553d): (84, "AliasedArgumentsEntryMap"),
-  ("read_only_space", 0x05565): (85, "AllocationMementoMap"),
-  ("read_only_space", 0x0558d): (88, "AsmWasmDataMap"),
-  ("read_only_space", 0x055b5): (89, "AsyncGeneratorRequestMap"),
-  ("read_only_space", 0x055dd): (90, "BreakPointMap"),
-  ("read_only_space", 0x05605): (91, "BreakPointInfoMap"),
-  ("read_only_space", 0x0562d): (92, "CachedTemplateObjectMap"),
-  ("read_only_space", 0x05655): (94, "ClassPositionsMap"),
-  ("read_only_space", 0x0567d): (95, "DebugInfoMap"),
-  ("read_only_space", 0x056a5): (98, "FunctionTemplateRareDataMap"),
-  ("read_only_space", 0x056cd): (100, "InterpreterDataMap"),
-  ("read_only_space", 0x056f5): (101, "ModuleRequestMap"),
-  ("read_only_space", 0x0571d): (102, "PromiseCapabilityMap"),
-  ("read_only_space", 0x05745): (103, "PromiseReactionMap"),
-  ("read_only_space", 0x0576d): (104, "PropertyDescriptorObjectMap"),
-  ("read_only_space", 0x05795): (105, "PrototypeInfoMap"),
-  ("read_only_space", 0x057bd): (106, "ScriptMap"),
-  ("read_only_space", 0x057e5): (107, "SourceTextModuleInfoEntryMap"),
-  ("read_only_space", 0x0580d): (108, "StackFrameInfoMap"),
-  ("read_only_space", 0x05835): (109, "StackTraceFrameMap"),
-  ("read_only_space", 0x0585d): (110, "TemplateObjectDescriptionMap"),
-  ("read_only_space", 0x05885): (111, "Tuple2Map"),
-  ("read_only_space", 0x058ad): (112, "WasmExceptionTagMap"),
-  ("read_only_space", 0x058d5): (113, "WasmExportedFunctionDataMap"),
-  ("read_only_space", 0x058fd): (114, "WasmIndirectFunctionTableMap"),
-  ("read_only_space", 0x05925): (115, "WasmJSFunctionDataMap"),
-  ("read_only_space", 0x0594d): (134, "SloppyArgumentsElementsMap"),
-  ("read_only_space", 0x05975): (151, "DescriptorArrayMap"),
-  ("read_only_space", 0x0599d): (156, "UncompiledDataWithoutPreparseDataMap"),
-  ("read_only_space", 0x059c5): (155, "UncompiledDataWithPreparseDataMap"),
-  ("read_only_space", 0x059ed): (171, "OnHeapBasicBlockProfilerDataMap"),
-  ("read_only_space", 0x05a15): (180, "WasmCapiFunctionDataMap"),
-  ("read_only_space", 0x05a3d): (168, "InternalClassMap"),
-  ("read_only_space", 0x05a65): (177, "SmiPairMap"),
-  ("read_only_space", 0x05a8d): (176, "SmiBoxMap"),
-  ("read_only_space", 0x05ab5): (145, "ExportedSubClassBaseMap"),
-  ("read_only_space", 0x05add): (146, "ExportedSubClassMap"),
-  ("read_only_space", 0x05b05): (68, "AbstractInternalClassSubclass1Map"),
-  ("read_only_space", 0x05b2d): (69, "AbstractInternalClassSubclass2Map"),
-  ("read_only_space", 0x05b55): (132, "InternalClassWithSmiElementsMap"),
-  ("read_only_space", 0x05b7d): (169, "InternalClassWithStructElementsMap"),
-  ("read_only_space", 0x05ba5): (147, "ExportedSubClass2Map"),
-  ("read_only_space", 0x05bcd): (178, "SortStateMap"),
-  ("read_only_space", 0x05bf5): (86, "AllocationSiteWithWeakNextMap"),
-  ("read_only_space", 0x05c1d): (86, "AllocationSiteWithoutWeakNextMap"),
-  ("read_only_space", 0x05c45): (77, "LoadHandler1Map"),
-  ("read_only_space", 0x05c6d): (77, "LoadHandler2Map"),
-  ("read_only_space", 0x05c95): (77, "LoadHandler3Map"),
-  ("read_only_space", 0x05cbd): (78, "StoreHandler0Map"),
-  ("read_only_space", 0x05ce5): (78, "StoreHandler1Map"),
-  ("read_only_space", 0x05d0d): (78, "StoreHandler2Map"),
-  ("read_only_space", 0x05d35): (78, "StoreHandler3Map"),
+  ("read_only_space", 0x053bd): (72, "PromiseFulfillReactionJobTaskMap"),
+  ("read_only_space", 0x053e5): (73, "PromiseRejectReactionJobTaskMap"),
+  ("read_only_space", 0x0540d): (74, "CallableTaskMap"),
+  ("read_only_space", 0x05435): (75, "CallbackTaskMap"),
+  ("read_only_space", 0x0545d): (76, "PromiseResolveThenableJobTaskMap"),
+  ("read_only_space", 0x05485): (79, "FunctionTemplateInfoMap"),
+  ("read_only_space", 0x054ad): (80, "ObjectTemplateInfoMap"),
+  ("read_only_space", 0x054d5): (81, "AccessCheckInfoMap"),
+  ("read_only_space", 0x054fd): (82, "AccessorInfoMap"),
+  ("read_only_space", 0x05525): (83, "AccessorPairMap"),
+  ("read_only_space", 0x0554d): (84, "AliasedArgumentsEntryMap"),
+  ("read_only_space", 0x05575): (85, "AllocationMementoMap"),
+  ("read_only_space", 0x0559d): (88, "AsmWasmDataMap"),
+  ("read_only_space", 0x055c5): (89, "AsyncGeneratorRequestMap"),
+  ("read_only_space", 0x055ed): (90, "BreakPointMap"),
+  ("read_only_space", 0x05615): (91, "BreakPointInfoMap"),
+  ("read_only_space", 0x0563d): (92, "CachedTemplateObjectMap"),
+  ("read_only_space", 0x05665): (94, "ClassPositionsMap"),
+  ("read_only_space", 0x0568d): (95, "DebugInfoMap"),
+  ("read_only_space", 0x056b5): (98, "FunctionTemplateRareDataMap"),
+  ("read_only_space", 0x056dd): (100, "InterpreterDataMap"),
+  ("read_only_space", 0x05705): (101, "ModuleRequestMap"),
+  ("read_only_space", 0x0572d): (102, "PromiseCapabilityMap"),
+  ("read_only_space", 0x05755): (103, "PromiseReactionMap"),
+  ("read_only_space", 0x0577d): (104, "PropertyDescriptorObjectMap"),
+  ("read_only_space", 0x057a5): (105, "PrototypeInfoMap"),
+  ("read_only_space", 0x057cd): (106, "ScriptMap"),
+  ("read_only_space", 0x057f5): (107, "SourceTextModuleInfoEntryMap"),
+  ("read_only_space", 0x0581d): (108, "StackFrameInfoMap"),
+  ("read_only_space", 0x05845): (109, "StackTraceFrameMap"),
+  ("read_only_space", 0x0586d): (110, "TemplateObjectDescriptionMap"),
+  ("read_only_space", 0x05895): (111, "Tuple2Map"),
+  ("read_only_space", 0x058bd): (112, "WasmExceptionTagMap"),
+  ("read_only_space", 0x058e5): (113, "WasmExportedFunctionDataMap"),
+  ("read_only_space", 0x0590d): (114, "WasmIndirectFunctionTableMap"),
+  ("read_only_space", 0x05935): (115, "WasmJSFunctionDataMap"),
+  ("read_only_space", 0x0595d): (134, "SloppyArgumentsElementsMap"),
+  ("read_only_space", 0x05985): (151, "DescriptorArrayMap"),
+  ("read_only_space", 0x059ad): (156, "UncompiledDataWithoutPreparseDataMap"),
+  ("read_only_space", 0x059d5): (155, "UncompiledDataWithPreparseDataMap"),
+  ("read_only_space", 0x059fd): (171, "OnHeapBasicBlockProfilerDataMap"),
+  ("read_only_space", 0x05a25): (180, "WasmCapiFunctionDataMap"),
+  ("read_only_space", 0x05a4d): (168, "InternalClassMap"),
+  ("read_only_space", 0x05a75): (177, "SmiPairMap"),
+  ("read_only_space", 0x05a9d): (176, "SmiBoxMap"),
+  ("read_only_space", 0x05ac5): (145, "ExportedSubClassBaseMap"),
+  ("read_only_space", 0x05aed): (146, "ExportedSubClassMap"),
+  ("read_only_space", 0x05b15): (68, "AbstractInternalClassSubclass1Map"),
+  ("read_only_space", 0x05b3d): (69, "AbstractInternalClassSubclass2Map"),
+  ("read_only_space", 0x05b65): (132, "InternalClassWithSmiElementsMap"),
+  ("read_only_space", 0x05b8d): (169, "InternalClassWithStructElementsMap"),
+  ("read_only_space", 0x05bb5): (147, "ExportedSubClass2Map"),
+  ("read_only_space", 0x05bdd): (178, "SortStateMap"),
+  ("read_only_space", 0x05c05): (86, "AllocationSiteWithWeakNextMap"),
+  ("read_only_space", 0x05c2d): (86, "AllocationSiteWithoutWeakNextMap"),
+  ("read_only_space", 0x05c55): (77, "LoadHandler1Map"),
+  ("read_only_space", 0x05c7d): (77, "LoadHandler2Map"),
+  ("read_only_space", 0x05ca5): (77, "LoadHandler3Map"),
+  ("read_only_space", 0x05ccd): (78, "StoreHandler0Map"),
+  ("read_only_space", 0x05cf5): (78, "StoreHandler1Map"),
+  ("read_only_space", 0x05d1d): (78, "StoreHandler2Map"),
+  ("read_only_space", 0x05d45): (78, "StoreHandler3Map"),
  ("map_space", 0x02119): (1057, "ExternalMap"),
  ("map_space", 0x02141): (1098, "JSMessageObjectMap"),
 }