[wasm] Fix user properties for exported wasm functions and add extensive tests.

src/wasm/wasm-js.cc

Index: src/wasm/wasm-js.cc
diff --git a/src/wasm/wasm-js.cc b/src/wasm/wasm-js.cc
index 234d2423f926f6112006c3be5027787aad4c2eae..ec3bab2f077a94ab65b4e2d8940e2a38d9f68af0 100644
--- a/src/wasm/wasm-js.cc
+++ b/src/wasm/wasm-js.cc
@@ -868,24 +868,61 @@ void WasmJs::Install(Isolate* isolate) {
   if (context->get(Context::WASM_FUNCTION_MAP_INDEX)->IsMap()) return;
 
   // Install Maps.
-  Handle<Map> prev_map = Handle<Map>(context->sloppy_function_map(), isolate);
-
-  InstanceType instance_type = prev_map->instance_type();
-  int embedder_fields = JSObject::GetEmbedderFieldCount(*prev_map);
-  CHECK_EQ(0, embedder_fields);
-  int pre_allocated =
-      prev_map->GetInObjectProperties() - prev_map->unused_property_fields();
-  int instance_size = 0;
-  int in_object_properties = WasmExportedFunction::kFieldCount;
-  JSFunction::CalculateInstanceSizeHelper(instance_type, embedder_fields,
-                                          in_object_properties, &instance_size,
-                                          &in_object_properties);
-
-  int unused_property_fields = in_object_properties - pre_allocated;
-  Handle<Map> map = Map::CopyInitialMap(
-      prev_map, instance_size, in_object_properties, unused_property_fields);
-
-  context->set_wasm_function_map(*map);
+  {
+    Handle<Map> prev_map = Handle<Map>(context->sloppy_function_map(), isolate);
+
+    InstanceType instance_type = prev_map->instance_type();
+    int embedder_fields = JSObject::GetEmbedderFieldCount(*prev_map);
+    CHECK_EQ(0, embedder_fields);
+    int pre_allocated =
+        prev_map->GetInObjectProperties() - prev_map->unused_property_fields();
+    int instance_size = 0;
+    int in_object_properties = WasmExportedFunction::kFieldCount;
+    JSFunction::CalculateInstanceSizeHelper(
+        instance_type, embedder_fields, in_object_properties, &instance_size,
+        &in_object_properties);
+
+    // Double-check our math.
+    CHECK_EQ(WasmExportedFunction::kSize, instance_size);
+
+    int unused_property_fields = in_object_properties - pre_allocated;
+    Handle<Map> map = Map::CopyInitialMap(
+        prev_map, instance_size, in_object_properties, unused_property_fields);
+    map->set_unused_property_fields(unused_property_fields -
+                                    WasmExportedFunction::kFieldCount);
+
+    // We have to install descriptors into the map, because the {instance}
+    // and {func_index} fields of the exported functions are allocated as
+    // in-object properties, which must be reflected in the map.
+    Map::EnsureDescriptorSlack(map, WasmExportedFunction::kFieldCount);
+
+    PropertyAttributes rw_attribs =
+        static_cast<PropertyAttributes>(DONT_ENUM | DONT_DELETE);
+
+    {
+      // Add instance.
+      Handle<Symbol> symbol = isolate->factory()->NewPrivateSymbol();
+      Descriptor d =
+          Descriptor::DataField(symbol, WasmExportedFunction::kInstanceIndex,
+                                rw_attribs, Representation::Tagged());
+      map->AppendDescriptor(&d);
+    }
+
+    {
+      // Add function_index.
+      Handle<Symbol> symbol = isolate->factory()->NewPrivateSymbol();
+      Descriptor d = Descriptor::DataField(
+          symbol, WasmExportedFunction::kFunctionIndexIndex, rw_attribs,
+          Representation::Tagged());
+      map->AppendDescriptor(&d);
+    }
+
+    context->set_wasm_function_map(*map);
+// Double-check we created a proper map.
+#if DEBUG
+    map->HeapObjectVerify();
+#endif
+  }
 
   Factory* factory = isolate->factory();