[runtime] Add ScopeInfo::HasContextAllocatedFunctionName helper

- Check that we only store internalized strings for context-allocated function names - Fix call to FunctionContextSlotIndex from V8HeapExplorer that could end up passing in a non-internalized string Bug: chromium:1255105 Change-Id: Ie8bd5577bd0086241d47991fbe285f5d64ae3d4a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3245113Reviewed-by: Kim-Anh Tran <kimanh@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#77540}

[runtime] Add ScopeInfo::HasContextAllocatedFunctionName helper
- Check that we only store internalized strings for context-allocated function names - Fix call to FunctionContextSlotIndex from V8HeapExplorer that could end up passing in a non-internalized string Bug: chromium:1255105 Change-Id: Ie8bd5577bd0086241d47991fbe285f5d64ae3d4a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3245113Reviewed-by: Kim-Anh Tran <kimanh@chromium.org> Commit-Queue: Camillo Bruni <cbruni@chromium.org> Cr-Commit-Position: refs/heads/main@{#77540}
2b96af3b · Camillo Bruni · V8 LUCI CQ · 9af08ccb · 2b96af3b · 2b96af3b
Commit 2b96af3b authored Oct 26, 2021 by Camillo Bruni Committed by V8 LUCI CQ Oct 26, 2021
Hide whitespace changes
Inline Side-by-side

Showing with 31 additions and 25 deletions

scope-info.cc src/objects/scope-info.cc +28 -24

scope-info.h src/objects/scope-info.h +2 -0

heap-snapshot-generator.cc src/profiler/heap-snapshot-generator.cc +1 -1

No files found.
--- a/src/objects/scope-info.cc
+++ b/src/objects/scope-info.cc
@@ -644,26 +644,22 @@ bool ScopeInfo::is_declaration_scope() const {
 }

 int ScopeInfo::ContextLength() const {
-  if (!IsEmpty()) {
-    int context_locals = ContextLocalCount();
-    bool function_name_context_slot = FunctionVariableBits::decode(Flags()) ==
-                                      VariableAllocationInfo::CONTEXT;
-    bool force_context = ForceContextAllocationBit::decode(Flags());
-    bool has_context =
-        context_locals > 0 || force_context || function_name_context_slot ||
-        scope_type() == WITH_SCOPE || scope_type() == CLASS_SCOPE ||
-        (scope_type() == BLOCK_SCOPE && SloppyEvalCanExtendVars() &&
-         is_declaration_scope()) ||
-        (scope_type() == FUNCTION_SCOPE && SloppyEvalCanExtendVars()) ||
-        (scope_type() == FUNCTION_SCOPE && IsAsmModule()) ||
-        scope_type() == MODULE_SCOPE;
-
-    if (has_context) {
-      return ContextHeaderLength() + context_locals +
-             (function_name_context_slot ? 1 : 0);
-    }
-  }
-  return 0;
+  if (IsEmpty()) return 0;
+  int context_locals = ContextLocalCount();
+  bool function_name_context_slot = HasContextAllocatedFunctionName();
+  bool force_context = ForceContextAllocationBit::decode(Flags());
+  bool has_context =
+      context_locals > 0 || force_context || function_name_context_slot ||
+      scope_type() == WITH_SCOPE || scope_type() == CLASS_SCOPE ||
+      (scope_type() == BLOCK_SCOPE && SloppyEvalCanExtendVars() &&
+       is_declaration_scope()) ||
+      (scope_type() == FUNCTION_SCOPE && SloppyEvalCanExtendVars()) ||
+      (scope_type() == FUNCTION_SCOPE && IsAsmModule()) ||
+      scope_type() == MODULE_SCOPE;
+
+  if (!has_context) return 0;
+  return ContextHeaderLength() + context_locals +
+         (function_name_context_slot ? 1 : 0);
 }

 bool ScopeInfo::HasContextExtensionSlot() const {
@@ -701,6 +697,11 @@ bool ScopeInfo::HasFunctionName() const {
  return VariableAllocationInfo::NONE != FunctionVariableBits::decode(Flags());
 }

+bool ScopeInfo::HasContextAllocatedFunctionName() const {
+  return VariableAllocationInfo::CONTEXT ==
+         FunctionVariableBits::decode(Flags());
+}
+
 bool ScopeInfo::HasInferredFunctionName() const {
  return HasInferredFunctionNameBit::decode(Flags());
 }
@@ -723,6 +724,8 @@ bool ScopeInfo::HasSharedFunctionName() const {
 void ScopeInfo::SetFunctionName(Object name) {
  DCHECK(HasFunctionName());
  DCHECK(name.IsString() || name == SharedFunctionInfo::kNoSharedNameSentinel);
+  DCHECK_IMPLIES(HasContextAllocatedFunctionName(),
+                 name.IsInternalizedString());
  set_function_variable_info_name(name);
 }

@@ -942,10 +945,11 @@ int ScopeInfo::ParametersStartIndex() const {

 int ScopeInfo::FunctionContextSlotIndex(String name) const {
  DCHECK(name.IsInternalizedString());
-  if (FunctionVariableBits::decode(Flags()) ==
-          VariableAllocationInfo::CONTEXT &&
-      FunctionName() == name) {
-    return function_variable_info_context_or_stack_slot_index();
+  if (HasContextAllocatedFunctionName()) {
+    DCHECK_IMPLIES(HasFunctionName(), FunctionName().IsInternalizedString());
+    if (FunctionName() == name) {
+      return function_variable_info_context_or_stack_slot_index();
+    }
  }
  return -1;
 }

--- a/src/objects/scope-info.h
+++ b/src/objects/scope-info.h
@@ -101,6 +101,8 @@ class ScopeInfo : public TorqueGeneratedScopeInfo<ScopeInfo, HeapObject> {
  // Is this scope the scope of a named function expression?
  V8_EXPORT_PRIVATE bool HasFunctionName() const;

+  bool HasContextAllocatedFunctionName() const;
+
  // See SharedFunctionInfo::HasSharedName.
  V8_EXPORT_PRIVATE bool HasSharedFunctionName() const;


--- a/src/profiler/heap-snapshot-generator.cc
+++ b/src/profiler/heap-snapshot-generator.cc
@@ -1038,7 +1038,7 @@ void V8HeapExplorer::ExtractContextReferences(HeapEntry* entry,
      SetContextReference(entry, local_name, context.get(idx),
                          Context::OffsetOfElementAt(idx));
    }
-    if (scope_info.HasFunctionName()) {
+    if (scope_info.HasContextAllocatedFunctionName()) {
      String name = String::cast(scope_info.FunctionName());
      int idx = scope_info.FunctionContextSlotIndex(name);
      if (idx >= 0) {