A v8::Function maps to a v8::internal::JSFunction, which has a code() property. That's either the existing compiled code, or a stub that will trigger (re-)compilation based on the script() in the JSFunction's shared_function_info(). It will be retrieved and called by the JSEntryStub.
You might want to put your instrumentation into Invoke(...) in execution.cc. On Thu, Aug 31, 2017 at 11:56 AM, Hanyun Tao <taohany...@gmail.com> wrote: > Hi Jakob, > > Thank you for answering my questions! > > I would like to modify V8's internals to support such functionality. But > before I start I would like to learn a little more about how chromium > interact with V8 to process JavaScript event. > > By reading the source code, I believe that the WebKit rendering engine > will call *v8::Function::Call* in api.cc, and after that the V8 engine > will execute the Javascript code. Am I correct? > > If this is how things going to work, could you please point out where in > this process, V8 compiles the code, or "read" the compiled code correspond > to the JavaScript? > > Thank you! > > On Wednesday, August 30, 2017 at 8:39:00 PM UTC-4, Jakob Kummerow wrote: >> >> Object addresses are not exposed either. You would have to build such >> instrumentation into V8's internals. >> >> On Tue, Aug 29, 2017 at 12:32 PM, Hanyun Tao <taoha...@gmail.com> wrote: >> >>> Thank you Jakob! >>> >>> I can understand why it is hidden from external access. But would it be >>> possible for the user to get access to the instruction addresses of the >>> compiled code? >>> >>> We are studying the cache performance of JavaScript execution and we >>> want to know if it is possible to prefetch the instructions in the next >>> event handlers into the cache before it is executed based on the >>> information collected in the v8 engine. >>> >>> Best regards, >>> >>> On Tuesday, August 29, 2017 at 12:29:33 PM UTC-4, Jakob Kummerow wrote: >>>> >>>> No, compiled code is an internal implementation detail and as such is >>>> hidden from JavaScript and other external access. If there ever is a way >>>> for users to get to compiled code, then it's a (probably severe security) >>>> bug and we would like to hear about it! :-) >>>> >>>> On Mon, Aug 28, 2017 at 9:03 PM, Hanyun Tao <taoha...@gmail.com> wrote: >>>> >>>>> Hi Jakob, >>>>> >>>>> Thanks again! >>>>> >>>>> According to what you have said, v8 compiles the event handlers are >>>>> installed(compiled?) before it is executed. If it is true, then I believe >>>>> v8 will store the compiled code somewhere in the system. >>>>> Would it be possible for the user to get access to the compiled code? >>>>> >>>>> Best regards, >>>>> >>>>> On Monday, August 28, 2017 at 1:29:29 PM UTC-4, Jakob Kummerow wrote: >>>>>> >>>>>> The main API entry point for compilation is >>>>>> v8::ScriptCompiler::Compile(). >>>>>> >>>>>> I don't think event handling itself triggers compilation; but I'm not >>>>>> an expert on that part of the system. AFAIK event handlers are installed >>>>>> during page load (or more precisely: DOM element creation); they may >>>>>> still >>>>>> be compiled on-demand on first use but that's not controlled via the V8 >>>>>> API. >>>>>> >>>>>> On Mon, Aug 28, 2017 at 9:06 AM, Hanyun Tao <taoha...@gmail.com> >>>>>> wrote: >>>>>> >>>>>>> Hi Jakob, >>>>>>> >>>>>>> Thank you for replying! >>>>>>> >>>>>>> To be more specific, I'm looking for the point (function) that >>>>>>> initiate the compilation process. >>>>>>> >>>>>>> In my understanding, when handling an "event", the renderer process >>>>>>> in the browser will figure out the JavaScript related to the event, and >>>>>>> ask >>>>>>> the V8 engine to execute it by calling some api function. >>>>>>> >>>>>>> Inside those api function, there should be a point where V8 initiate >>>>>>> the compilation process, and that is what I'm looking for. >>>>>>> >>>>>>> Best regards, >>>>>>> >>>>>>> >>>>>>> >>>>>>> On Sunday, August 27, 2017 at 7:58:37 PM UTC-4, Jakob Kummerow wrote: >>>>>>>> >>>>>>>> Hi Hanyun, >>>>>>>> >>>>>>>> V8 is fairly complicated, and pretty much all it does is to compile >>>>>>>> and execute JavaScript. Do you have a more specific question? >>>>>>>> >>>>>>>> If you just want a starting point for reading code: maybe >>>>>>>> "CompileTopLevel" in src/compiler.cc would be a reasonable choice. >>>>>>>> >>>>>>>> On Sun, Aug 27, 2017 at 1:06 PM, Hanyun Tao <taoha...@gmail.com> >>>>>>>> wrote: >>>>>>>> >>>>>>>>> Hi all, >>>>>>>>> >>>>>>>>> I'm trying to understand how V8 engine compiles and execute >>>>>>>>> JavaScript events. I used GDB to track the function call path when >>>>>>>>> handling >>>>>>>>> an event and it look like this. >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> #0 v8::internal::Logger::TimerEvent (this=<optimized out>, >>>>>>>>> se=<optimized out>, name=<optimized out>) at ../../v8/src/log.cc:866 >>>>>>>>> >>>>>>>>> >>>>>>>>> #1 0x00007f0cfcb23b39 in TimerEventScope (this=<optimized out>, >>>>>>>>> isolate=<optimized out>) at ../../v8/src/log.h:354 >>>>>>>>> >>>>>>>>> >>>>>>>>> #2 v8::Function::Call (this=<optimized out>, context=..., >>>>>>>>> recv=..., argc=<optimized out>, argv=<optimized out>) at >>>>>>>>> ../../v8/src/api.cc:5094 >>>>>>>>> >>>>>>>>> >>>>>>>>> #3 0x00007f0cf18daa0b in blink::V8ScriptRunner::callFunction >>>>>>>>> (function=..., context=0x201b099829d0, receiver=..., argc=1, >>>>>>>>> args=0x7fffe9e1cea0, >>>>>>>>> isolate=0x2def318c6020) at ../../third_party/WebKit/Source/ >>>>>>>>> bindings/core/v8/V8ScriptRunner.cpp:658 >>>>>>>>> >>>>>>>>> >>>>>>>>> #4 0x00007f0cf18a1c26 in >>>>>>>>> blink::V8EventListener::callListenerFunction >>>>>>>>> (this=0xe9381bfbea0, scriptState=0x37fa7244c710, jsEvent=..., event= >>>>>>>>> 0x36f97e2ba60) at ../../third_party/WebKit/Source/bindings/ >>>>>>>>> core/v8/V8EventListener.cpp:112 >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> #5 0x00007f0cf1887b16 in >>>>>>>>> blink::V8AbstractEventListener::invokeEventHandler >>>>>>>>> (this=0xe9381bfbea0, scriptState=0x37fa7244c710, >>>>>>>>> event=0x36f97e2ba60, jsEvent=...) at ../../third_party/WebKit/ >>>>>>>>> Source/bindings/core/v8/V8AbstractEventListener.cpp:142 >>>>>>>>> >>>>>>>>> >>>>>>>>> #6 0x00007f0cf188787f in blink::V8AbstractEventListener::handleEvent >>>>>>>>> (this=0xe9381bfbea0, scriptState=0x37fa7244c710, event=0x36f97e2ba60) >>>>>>>>> at ../../third_party/WebKit/Source/bindings/core/v8/ >>>>>>>>> V8AbstractEventListener.cpp:101 >>>>>>>>> >>>>>>>>> >>>>>>>>> #7 0x00007f0cf1887689 in blink::V8AbstractEventListener::handleEvent >>>>>>>>> (this=0xe9381bfbea0, executionContext=0x201b099829d0, >>>>>>>>> event=0x36f97e2ba60) >>>>>>>>> at ../../third_party/WebKit/Source/bindings/core/v8/ >>>>>>>>> V8AbstractEventListener.cpp:89 >>>>>>>>> >>>>>>>>> >>>>>>>>> #8 0x00007f0cf211c596 in blink::EventTarget::fireEventListeners >>>>>>>>> (this=0x201b09982858, event=0x36f97e2ba60, d=0xe9381be9500, entry=...) >>>>>>>>> at ../../third_party/WebKit/Source/core/events/EventTarget.cpp >>>>>>>>> :700 >>>>>>>>> >>>>>>>>> >>>>>>>>> #9 0x00007f0cf211b7cb in blink::EventTarget::fireEventListeners >>>>>>>>> (this=0x201b09982858, event=0x36f97e2ba60) >>>>>>>>> at ../../third_party/WebKit/Source/core/events/EventTarget.cpp >>>>>>>>> :56 >>>>>>>>> >>>>>>>>> >>>>>>>>> I tried to read the source code to find out where does V8 compiles >>>>>>>>> the JavaScript, but unfortunately, I could not find it. >>>>>>>>> >>>>>>>>> It would be really helpful if someone can explain the process to >>>>>>>>> me, or let me know which files(functions) I should read. >>>>>>>>> >>>>>>>>> Best regards, >>>>>>>>> >>>>>>>>> -- >>>>>>>>> -- >>>>>>>>> v8-users mailing list >>>>>>>>> v8-u...@googlegroups.com >>>>>>>>> http://groups.google.com/group/v8-users >>>>>>>>> --- >>>>>>>>> You received this message because you are subscribed to the Google >>>>>>>>> Groups "v8-users" group. >>>>>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>>>>> send an email to v8-users+u...@googlegroups.com. >>>>>>>>> For more options, visit https://groups.google.com/d/optout. >>>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>> -- >>>>>>> v8-users mailing list >>>>>>> v8-u...@googlegroups.com >>>>>>> http://groups.google.com/group/v8-users >>>>>>> --- >>>>>>> You received this message because you are subscribed to the Google >>>>>>> Groups "v8-users" group. >>>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>>> send an email to v8-users+u...@googlegroups.com. >>>>>>> For more options, visit https://groups.google.com/d/optout. >>>>>>> >>>>>> >>>>>> -- >>>>> -- >>>>> v8-users mailing list >>>>> v8-u...@googlegroups.com >>>>> http://groups.google.com/group/v8-users >>>>> --- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "v8-users" group. >>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>> an email to v8-users+u...@googlegroups.com. >>>>> For more options, visit https://groups.google.com/d/optout. >>>>> >>>> >>>> -- >>> -- >>> v8-users mailing list >>> v8-u...@googlegroups.com >>> http://groups.google.com/group/v8-users >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "v8-users" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to v8-users+u...@googlegroups.com. >>> For more options, visit https://groups.google.com/d/optout. >>> >> >> -- > -- > v8-users mailing list > v8-users@googlegroups.com > http://groups.google.com/group/v8-users > --- > You received this message because you are subscribed to the Google Groups > "v8-users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to v8-users+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > -- -- v8-users mailing list v8-users@googlegroups.com http://groups.google.com/group/v8-users --- You received this message because you are subscribed to the Google Groups "v8-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to v8-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
