>
> I've been exploring ic.cc as suggested by Jakob, and I found that in this
> source code:
> MaybeHandle<Object> LoadIC::Load(Handle<Object> object, Handle<Name> name)
> {}
> The name variable carries the name of the property. For example, for the
> code below,
> <script>
> console.log('test");
> window.name="new name";
> </script>
> I will get "console" and "window" if I print the name variable. By any
> chance do you know how to get log of console.log and name of window.name?
>
You should see another call to one of those functions. There are two loads
in a row: first "window.console", then "console.log", so name is first
"console" (and object is the global object) and then "log" (and object is
the console object).
If --no-lazy-feedback-allocation is not enough to see that second load,
then you may have to hack more of the source. Grep for "LoadIC", try to
understand how it works when it's in "uninitialized" state, and see if
there's anything you need to disable to make it take the "miss" branch (to
call the runtime) in that case. I seem to recall that we moved the
"uninitialized" -> "premonomorphic" transition to generated code at some
point, but I think the code has changed quite a bit more since I last
looked at it.
What if capturing a few targeted functions and properties only? I have a
> list of them (~30 built-in JS APIs or properties), including window.name,
> document.cookie, localStorage.setItem(), etc.
> Will this make life easier? If yes, should I still follow the same
> direction as you suggested?
Well, you can see if you just want to find all their implementations and
directly hook into there. The three examples you mentioned are all in Blink
somewhere (start looking in
https://source.chromium.org/chromium/chromium/src/+/master:third_party/blink/renderer/platform/bindings/).
I'm not sure which is easier.
Frankly, I like Seth's idea better to do it all in JS. You could bundle a
Chrome extension with your instrumented Chrome build that injects the
respective code into every page.
--
--
v8-dev mailing list
v8-dev@googlegroups.com
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups
"v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to v8-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/v8-dev/CAKSzg3QtkcpOR-qTR%2BcF9hoKxSSd8ZUrGxf6z62P4LPZfwUE6Q%40mail.gmail.com.
