deps: add heap profile sample labels to V8 profiler

Add V8 API for attaching embedder-defined labels to sampling heap
profiler samples. Labels propagate through async context via CPED
and are resolved at profile-read time.

Signed-off-by: Rudolf Meijering <[email protected]>

Author: rudolf

deps/v8/include/v8-profiler.h

@@ -11,6 +11,11 @@
 #include <unordered_set>
 #include <vector>
 
+#ifdef V8_HEAP_PROFILER_SAMPLE_LABELS
+#include <string>
+#include <utility>
+#endif  // V8_HEAP_PROFILER_SAMPLE_LABELS
+
 #include "cppgc/common.h"          // NOLINT(build/include_directory)
 #include "v8-local-handle.h"       // NOLINT(build/include_directory)
 #include "v8-message.h"            // NOLINT(build/include_directory)
@@ -791,26 +796,42 @@ class V8_EXPORT AllocationProfile {
    * Represent a single sample recorded for an allocation.
    */
   struct Sample {
-    /**
-     * id of the node in the profile tree.
-     */
+#ifdef V8_HEAP_PROFILER_SAMPLE_LABELS
+    Sample(uint32_t node_id, size_t size, unsigned int count,
+           uint64_t sample_id,
+           std::vector<std::pair<std::string, std::string>> labels = {})
+        : node_id(node_id),
+          size(size),
+          count(count),
+          sample_id(sample_id),
+          labels(std::move(labels)) {}
+#else
+    Sample(uint32_t node_id, size_t size, unsigned int count,
+           uint64_t sample_id)
+        : node_id(node_id), size(size), count(count), sample_id(sample_id) {}
+#endif  // V8_HEAP_PROFILER_SAMPLE_LABELS
+
+    /** id of the node in the profile tree. */
     uint32_t node_id;
-
-    /**
-     * Size of the sampled allocation object.
-     */
+    /** Size of the sampled allocation object. */
     size_t size;
-
-    /**
-     * The number of objects of such size that were sampled.
-     */
+    /** The number of objects of such size that were sampled. */
     unsigned int count;
-
     /**
      * Unique time-ordered id of the allocation sample. Can be used to track
      * what samples were added or removed between two snapshots.
      */
     uint64_t sample_id;
+#ifdef V8_HEAP_PROFILER_SAMPLE_LABELS
+    /**
+     * Embedder-provided labels resolved by the HeapProfileSampleLabelsCallback
+     * during GetAllocationProfile(). The ALS value is captured at allocation
+     * time; labels are parsed from it when the profile is read. Each pair is
+     * (key, value). Empty if no callback is registered or the callback
+     * returned no labels for this sample.
+     */
+    std::vector<std::pair<std::string, std::string>> labels;
+#endif  // V8_HEAP_PROFILER_SAMPLE_LABELS
   };
 
   /**
@@ -1001,6 +1022,31 @@ class V8_EXPORT HeapProfiler {
       v8::Isolate* isolate, const v8::Local<v8::Value>& v8_value,
       uint16_t class_id, void* data);
 
+#ifdef V8_HEAP_PROFILER_SAMPLE_LABELS
+  /**
+   * Callback invoked during GetAllocationProfile() to resolve labels from
+   * the ALS value captured at allocation time.
+   *
+   * |data| is the opaque pointer passed to SetHeapProfileSampleLabelsCallback.
+   * |context| is the ALS value (e.g. a flat [key, val, ...] array) that was
+   * extracted from the ContinuationPreservedEmbedderData (CPED) Map at
+   * allocation time using the ALS key set via SetHeapProfileSampleLabelsKey.
+   * The extraction uses OrderedHashMap::FindEntry (zero-allocation, GC-safe).
+   * The callback parses this value directly to produce labels — no Map lookup
+   * is needed at callback time.
+   *
+   * Only invoked for samples that had an ALS value at allocation time (i.e.
+   * the ALS key was found in the CPED Map).
+   *
+   * Write labels to |out_labels| and return true, or return false if no
+   * labels apply. The caller provides a stack-local vector; returning false
+   * avoids any heap allocation on the hot path.
+   */
+  using HeapProfileSampleLabelsCallback = bool (*)(
+      void* data, v8::Local<v8::Value> context,
+      std::vector<std::pair<std::string, std::string>>* out_labels);
+#endif  // V8_HEAP_PROFILER_SAMPLE_LABELS
+
   /** Returns the number of snapshots taken. */
   int GetSnapshotCount();
 
@@ -1261,6 +1307,31 @@ class V8_EXPORT HeapProfiler {
 
   void SetGetDetachednessCallback(GetDetachednessCallback callback, void* data);
 
+#ifdef V8_HEAP_PROFILER_SAMPLE_LABELS
+  /**
+   * Registers a callback invoked during GetAllocationProfile() to resolve
+   * embedder-defined labels from the ALS value extracted at allocation time.
+   * The labels are stored on AllocationProfile::Sample::labels.
+   *
+   * Pass nullptr to clear the callback.
+   */
+  void SetHeapProfileSampleLabelsCallback(
+      HeapProfileSampleLabelsCallback callback, void* data = nullptr);
+
+  /**
+   * Sets the AsyncLocalStorage (ALS) key used to extract the label value
+   * from the ContinuationPreservedEmbedderData (CPED) Map at allocation
+   * time.  When a heap sample is taken, SampleObject uses this key with
+   * OrderedHashMap::FindEntry to look up the corresponding ALS value and
+   * store it on the sample.  The stored value is later passed to the
+   * HeapProfileSampleLabelsCallback as the |context| parameter.
+   *
+   * Must be called before starting the sampling profiler.
+   * Pass an empty handle to clear.
+   */
+  void SetHeapProfileSampleLabelsKey(Local<Value> key);
+#endif  // V8_HEAP_PROFILER_SAMPLE_LABELS
+
   /**
    * Returns whether the heap profiler is currently taking a snapshot.
    */

deps/v8/src/api/api.cc

@@ -11829,6 +11829,19 @@ void HeapProfiler::SetGetDetachednessCallback(GetDetachednessCallback callback,
                                                                        data);
 }
 
+#ifdef V8_HEAP_PROFILER_SAMPLE_LABELS
+void HeapProfiler::SetHeapProfileSampleLabelsCallback(
+    HeapProfileSampleLabelsCallback callback, void* data) {
+  reinterpret_cast<i::HeapProfiler*>(this)
+      ->SetHeapProfileSampleLabelsCallback(callback, data);
+}
+
+void HeapProfiler::SetHeapProfileSampleLabelsKey(Local<Value> key) {
+  reinterpret_cast<i::HeapProfiler*>(this)
+      ->SetHeapProfileSampleLabelsKey(key);
+}
+#endif  // V8_HEAP_PROFILER_SAMPLE_LABELS
+
 bool HeapProfiler::IsTakingSnapshot() {
   return reinterpret_cast<i::HeapProfiler*>(this)->IsTakingSnapshot();
 }

deps/v8/src/profiler/heap-profiler.h

@@ -79,6 +79,34 @@ class HeapProfiler : public HeapObjectAllocationTracker {
   bool is_sampling_allocations() { return !!sampling_heap_profiler_; }
   AllocationProfile* GetAllocationProfile();
 
+#ifdef V8_HEAP_PROFILER_SAMPLE_LABELS
+  void SetHeapProfileSampleLabelsCallback(
+      v8::HeapProfiler::HeapProfileSampleLabelsCallback callback,
+      void* data) {
+    sample_labels_callback_ = callback;
+    sample_labels_data_ = data;
+  }
+
+  void SetHeapProfileSampleLabelsKey(v8::Local<v8::Value> key) {
+    if (key.IsEmpty()) {
+      sample_labels_als_key_.Reset();
+    } else {
+      sample_labels_als_key_.Reset(
+          reinterpret_cast<v8::Isolate*>(isolate()), key);
+    }
+  }
+
+  v8::HeapProfiler::HeapProfileSampleLabelsCallback
+  sample_labels_callback() const {
+    return sample_labels_callback_;
+  }
+  void* sample_labels_data() const { return sample_labels_data_; }
+
+  const v8::Global<v8::Value>& sample_labels_als_key() const {
+    return sample_labels_als_key_;
+  }
+#endif  // V8_HEAP_PROFILER_SAMPLE_LABELS
+
   void StartHeapObjectsTracking(bool track_allocations);
   void StopHeapObjectsTracking();
   AllocationTracker* allocation_tracker() const {
@@ -176,6 +204,18 @@ class HeapProfiler : public HeapObjectAllocationTracker {
   std::pair<v8::HeapProfiler::GetDetachednessCallback, void*>
       get_detachedness_callback_;
   std::unique_ptr<HeapProfilerNativeMoveListener> native_move_listener_;
+#ifdef V8_HEAP_PROFILER_SAMPLE_LABELS
+  // All three fields are written only from the main thread via
+  // SetHeapProfileSampleLabelsCallback() / SetHeapProfileSampleLabelsKey()
+  // and read during GetAllocationProfile() or SampleObject() (also main
+  // thread).  No cross-thread access, so no synchronization is required.
+  v8::HeapProfiler::HeapProfileSampleLabelsCallback sample_labels_callback_ =
+      nullptr;
+  void* sample_labels_data_ = nullptr;
+  // The ALS key used at allocation time to extract the label value from
+  // the CPED Map via OrderedHashMap::FindEntry.
+  v8::Global<v8::Value> sample_labels_als_key_;
+#endif  // V8_HEAP_PROFILER_SAMPLE_LABELS
 };
 
 }  // namespace internal

deps/v8/src/profiler/sampling-heap-profiler.cc

@@ -15,6 +15,9 @@
 #include "src/execution/isolate.h"
 #include "src/heap/heap-layout-inl.h"
 #include "src/heap/heap.h"
+#include "src/objects/js-collection-inl.h"
+#include "src/objects/ordered-hash-table.h"
+#include "src/profiler/heap-profiler.h"
 #include "src/profiler/strings-storage.h"
 
 namespace v8 {
@@ -96,6 +99,47 @@ void SamplingHeapProfiler::SampleObject(Address soon_object, size_t size) {
   node->allocations_[size]++;
   auto sample =
       std::make_unique<Sample>(size, node, loc, this, next_sample_id());
+
+#ifdef V8_HEAP_PROFILER_SAMPLE_LABELS
+  // Extract the ALS value from the CPED Map at allocation time.
+  // The CPED (ContinuationPreservedEmbedderData) is a JSMap containing
+  // ALL ALS stores.  We look up only our ALS key via
+  // OrderedHashMap::FindEntry (zero-allocation, GC-safe) and store just
+  // the resulting value (the flat label array).  This avoids retaining
+  // the entire CPED for the lifetime of each sample.
+  // Global::Reset is safe inside DisallowGC (uses malloc, not V8 heap).
+  {
+    HeapProfiler* hp = isolate_->heap()->heap_profiler();
+    if (hp->sample_labels_callback()) {
+      const v8::Global<v8::Value>& als_key_global =
+          hp->sample_labels_als_key();
+      if (!als_key_global.IsEmpty()) {
+        v8::Isolate* v8_isolate = reinterpret_cast<v8::Isolate*>(isolate_);
+        v8::Local<v8::Value> context =
+            v8_isolate->GetContinuationPreservedEmbedderData();
+        if (!context.IsEmpty() && !context->IsUndefined()) {
+          Tagged<Object> cped_obj = *Utils::OpenDirectHandle(*context);
+          if (IsJSMap(cped_obj)) {
+            Tagged<JSMap> js_map = Cast<JSMap>(cped_obj);
+            Tagged<OrderedHashMap> table =
+                Cast<OrderedHashMap>(js_map->table());
+            v8::Local<v8::Value> als_key_local =
+                als_key_global.Get(v8_isolate);
+            Tagged<Object> key_obj = *Utils::OpenDirectHandle(*als_key_local);
+            InternalIndex entry = table->FindEntry(isolate_, key_obj);
+            if (entry.is_found()) {
+              Tagged<Object> value = table->ValueAt(entry);
+              v8::Local<v8::Value> value_local =
+                  Utils::ToLocal(direct_handle(value, isolate_));
+              sample->label_value.Reset(v8_isolate, value_local);
+            }
+          }
+        }
+      }
+    }
+  }
+#endif  // V8_HEAP_PROFILER_SAMPLE_LABELS
+
   sample->global.SetWeak(sample.get(), OnWeakCallback,
                          WeakCallbackType::kParameter);
   samples_.emplace(sample.get(), std::move(sample));
@@ -299,22 +343,103 @@ v8::AllocationProfile* SamplingHeapProfiler::GetAllocationProfile() {
       scripts[script->id()] = handle(script, isolate_);
     }
   }
+
+#ifdef V8_HEAP_PROFILER_SAMPLE_LABELS
+  // Pre-resolve labels while GC is still allowed.
+  // The labels callback may allocate on the V8 heap. These MUST NOT run
+  // during BuildSamples() iteration — GC would fire weak callbacks that
+  // erase from samples_, causing iterator invalidation / UAF.
+  //
+  // Two-phase approach:
+  //   Phase 1: snapshot sample IDs and ALS values (Global::Get + Global
+  //            ctor use malloc, not V8 heap — no GC risk during iteration).
+  //   Phase 2: invoke the callback for each snapshot entry. GC may fire
+  //            here but we iterate our snapshot vector, not samples_.
+  ResolvedLabelsMap resolved_labels;
+  {
+    HeapProfiler* hp = heap_->heap_profiler();
+    auto callback = hp->sample_labels_callback();
+    void* callback_data = hp->sample_labels_data();
+    if (callback) {
+      v8::Isolate* v8_isolate = reinterpret_cast<v8::Isolate*>(isolate_);
+
+      // Phase 1: snapshot ALS values keyed by sample_id.
+      // Global ctor (GlobalizeReference) and Global::Get use global handle
+      // storage (malloc), not the V8 heap — safe under DisallowGarbageCollection.
+      // Locals from Get() are immediately consumed by Global ctor, so a single
+      // HandleScope outside the loop suffices (no per-iteration scope churn).
+      struct LabelValueSnapshot {
+        uint64_t sample_id;
+        v8::Global<v8::Value> label_value;
+      };
+      std::vector<LabelValueSnapshot> snapshot;
+      snapshot.reserve(samples_.size());
+      {
+        HandleScope handle_scope(isolate_);
+        DisallowGarbageCollection no_gc;
+        for (const auto& [ptr, sample] : samples_) {
+          if (!sample->label_value.IsEmpty()) {
+            snapshot.push_back(
+                {sample->sample_id,
+                 v8::Global<v8::Value>(
+                     v8_isolate, sample->label_value.Get(v8_isolate))});
+          }
+        }
+      }
+
+      // Phase 2: resolve labels via callback (GC allowed).
+      // The callback receives the ALS value (flat label array) directly —
+      // the CPED Map lookup was already done at allocation time.
+      for (auto& entry : snapshot) {
+        HandleScope scope(isolate_);
+        v8::Local<v8::Value> value_local = entry.label_value.Get(v8_isolate);
+        std::vector<std::pair<std::string, std::string>> labels;
+        if (callback(callback_data, value_local, &labels) && !labels.empty()) {
+          resolved_labels[entry.sample_id] = std::move(labels);
+        }
+      }
+    }
+  }
+#endif
+
   auto profile = new v8::internal::AllocationProfile();
   TranslateAllocationNode(profile, &profile_root_, scripts);
+
+#ifdef V8_HEAP_PROFILER_SAMPLE_LABELS
+  profile->samples_ = BuildSamples(std::move(resolved_labels));
+#else
   profile->samples_ = BuildSamples();
+#endif
 
   return profile;
 }
 
+#ifdef V8_HEAP_PROFILER_SAMPLE_LABELS
+const std::vector<v8::AllocationProfile::Sample>
+SamplingHeapProfiler::BuildSamples(ResolvedLabelsMap resolved_labels) const {
+#else
 const std::vector<v8::AllocationProfile::Sample>
 SamplingHeapProfiler::BuildSamples() const {
+#endif
   std::vector<v8::AllocationProfile::Sample> samples;
   samples.reserve(samples_.size());
+
   for (const auto& it : samples_) {
     const Sample* sample = it.second.get();
-    samples.emplace_back(v8::AllocationProfile::Sample{
-        sample->owner->id_, sample->size, ScaleSample(sample->size, 1).count,
-        sample->sample_id});
+#ifdef V8_HEAP_PROFILER_SAMPLE_LABELS
+    std::vector<std::pair<std::string, std::string>> labels;
+    auto label_it = resolved_labels.find(sample->sample_id);
+    if (label_it != resolved_labels.end()) {
+      labels = std::move(label_it->second);
+    }
+    samples.emplace_back(sample->owner->id_, sample->size,
+                         ScaleSample(sample->size, 1).count,
+                         sample->sample_id, std::move(labels));
+#else
+    samples.emplace_back(sample->owner->id_, sample->size,
+                         ScaleSample(sample->size, 1).count,
+                         sample->sample_id);
+#endif
   }
   return samples;
 }

deps/v8/src/profiler/sampling-heap-profiler.h

@@ -114,6 +114,14 @@ class SamplingHeapProfiler {
     Global<Value> global;
     SamplingHeapProfiler* const profiler;
     const uint64_t sample_id;
+#ifdef V8_HEAP_PROFILER_SAMPLE_LABELS
+    // ALS value extracted from the CPED Map at allocation time via
+    // OrderedHashMap::FindEntry.  Storing only the ALS value (the flat
+    // label array) instead of the full CPED avoids retaining all ALS
+    // stores for the lifetime of the sample.  Labels are resolved from
+    // this at read time (in GetAllocationProfile) via the callback.
+    Global<Value> label_value;
+#endif  // V8_HEAP_PROFILER_SAMPLE_LABELS
   };
 
   SamplingHeapProfiler(Heap* heap, StringsStorage* names, uint64_t rate,
@@ -160,7 +168,14 @@ class SamplingHeapProfiler {
 
   void SampleObject(Address soon_object, size_t size);
 
+#ifdef V8_HEAP_PROFILER_SAMPLE_LABELS
+  using ResolvedLabelsMap = std::unordered_map<
+      uint64_t, std::vector<std::pair<std::string, std::string>>>;
+  const std::vector<v8::AllocationProfile::Sample> BuildSamples(
+      ResolvedLabelsMap resolved_labels) const;
+#else
   const std::vector<v8::AllocationProfile::Sample> BuildSamples() const;
+#endif
 
   AllocationNode* FindOrAddChildNode(AllocationNode* parent, const char* name,
                                      int script_id, int start_position);