Re: [v8-users] How does V8 compiles and executes JavaScript events?
Hi Jakob, Thank you for answering my questions! I would like to modify V8's internals to support such functionality. But before I start I would like to learn a little more about how chromium interact with V8 to process JavaScript event. By reading the source code, I believe that the WebKit rendering engine will call *v8::Function::Call* in api.cc, and after that the V8 engine will execute the Javascript code. Am I correct? If this is how things going to work, could you please point out where in this process, V8 compiles the code, or "read" the compiled code correspond to the JavaScript? Thank you! On Wednesday, August 30, 2017 at 8:39:00 PM UTC-4, Jakob Kummerow wrote: > > Object addresses are not exposed either. You would have to build such > instrumentation into V8's internals. > > On Tue, Aug 29, 2017 at 12:32 PM, Hanyun Tao <taoha...@gmail.com > > wrote: > >> Thank you Jakob! >> >> I can understand why it is hidden from external access. But would it be >> possible for the user to get access to the instruction addresses of the >> compiled code? >> >> We are studying the cache performance of JavaScript execution and we want >> to know if it is possible to prefetch the instructions in the next event >> handlers into the cache before it is executed based on the information >> collected in the v8 engine. >> >> Best regards, >> >> On Tuesday, August 29, 2017 at 12:29:33 PM UTC-4, Jakob Kummerow wrote: >>> >>> No, compiled code is an internal implementation detail and as such is >>> hidden from JavaScript and other external access. If there ever is a way >>> for users to get to compiled code, then it's a (probably severe security) >>> bug and we would like to hear about it! :-) >>> >>> On Mon, Aug 28, 2017 at 9:03 PM, Hanyun Tao <taoha...@gmail.com> wrote: >>> >>>> Hi Jakob, >>>> >>>> Thanks again! >>>> >>>> According to what you have said, v8 compiles the event handlers are >>>> installed(compiled?) before it is executed. If it is true, then I believe >>>> v8 will store the compiled code somewhere in the system. >>>> Would it be possible for the user to get access to the compiled code? >>>> >>>> Best regards, >>>> >>>> On Monday, August 28, 2017 at 1:29:29 PM UTC-4, Jakob Kummerow wrote: >>>>> >>>>> The main API entry point for compilation is >>>>> v8::ScriptCompiler::Compile(). >>>>> >>>>> I don't think event handling itself triggers compilation; but I'm not >>>>> an expert on that part of the system. AFAIK event handlers are installed >>>>> during page load (or more precisely: DOM element creation); they may >>>>> still >>>>> be compiled on-demand on first use but that's not controlled via the V8 >>>>> API. >>>>> >>>>> On Mon, Aug 28, 2017 at 9:06 AM, Hanyun Tao <taoha...@gmail.com> >>>>> wrote: >>>>> >>>>>> Hi Jakob, >>>>>> >>>>>> Thank you for replying! >>>>>> >>>>>> To be more specific, I'm looking for the point (function) that >>>>>> initiate the compilation process. >>>>>> >>>>>> In my understanding, when handling an "event", the renderer process >>>>>> in the browser will figure out the JavaScript related to the event, and >>>>>> ask >>>>>> the V8 engine to execute it by calling some api function. >>>>>> >>>>>> Inside those api function, there should be a point where V8 initiate >>>>>> the compilation process, and that is what I'm looking for. >>>>>> >>>>>> Best regards, >>>>>> >>>>>> >>>>>> >>>>>> On Sunday, August 27, 2017 at 7:58:37 PM UTC-4, Jakob Kummerow wrote: >>>>>>> >>>>>>> Hi Hanyun, >>>>>>> >>>>>>> V8 is fairly complicated, and pretty much all it does is to compile >>>>>>> and execute JavaScript. Do you have a more specific question? >>>>>>> >>>>>>> If you just want a starting point for reading code: maybe >>>>>>> "CompileTopLevel" in src/compiler.cc would be a reasonable choice. >>>>>>> >>>>>>> On Sun, Aug 27,
Re: [v8-users] v8::Local equality check "=="
Thanks for your answer!
I'm confused about your example, why would the first comparison 'f1==f2'
return false if they refer to the same function?
I checked the v8 document and found two member functions from v8 Function
class, which are* int ScriptID() *and *int GetIdentityHash().*
Could I use them to distinguish two v8::Local? If two
v8::Local refer to the same function, would this two function
return the same value?
Best regards!
On Wednesday, March 22, 2017 at 9:09:22 AM UTC-4, Jakob Kummerow wrote:
>
> The == operator on v8::Local compares if two Locals are referring to the
> same JavaScript object (which can, of course, be a function) by object
> identity (aka reference). (Structural equality is the opposite!)
>
> Note that two functions can contain the same code, but have different
> object identity:
>
> function GetFun() {
> return function() { /* do something funny */ }
> }
> var f1 = GetFun();
> var f2 = GetFun();
> f1 === f2; // false!
> f1.property = "yay";
> f2.property === undefined; // true!
>
> If you had v8::Locals for f1 and f2, then local1 == local2 would be false.
>
> On Tue, Mar 21, 2017 at 7:15 PM, Hanyun Tao <taoha...@gmail.com
> > wrote:
>
>> Hi all,
>>
>> I'm new to v8 and I want to know more about the equality check (==)
>> between two v8::Local.
>>
>> Currently I'm using instrumenting chromium browser. In chromium,
>> registered event listeners are stored inside a map like data structure, and
>> I can use the getListenerObject() method to get the v8::Local
>> correspond to each event listener, which could be a function reference, or
>> reference to an object with handleEvent property.
>>
>> My goal is to tell if two different event listener will invoke the same
>> javascript or not. Someone told me that I can do this by comparing two
>> v8::Local by value. I followed the suggestion and implements a
>> function that returns unique integer ID for unique v8::Local
>> value. However when I test it on real webpage, I found that almost every
>> event listeners are mapped to the same ID.
>>
>> I'm not confident with this result so I want to ask a question here. What
>> does the equality check (==) between two v8::Local check? Does
>> it implies that the two object are structurally equal (contains the same
>> function/object reference), or it means something else?
>>
>> Best regards,
>>
>>
>> --
>> --
>> v8-users mailing list
>> v8-u...@googlegroups.com
>> http://groups.google.com/group/v8-users
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "v8-users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to v8-users+u...@googlegroups.com .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>
--
--
v8-users mailing list
v8-users@googlegroups.com
http://groups.google.com/group/v8-users
---
You received this message because you are subscribed to the Google Groups
"v8-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to v8-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[v8-users] v8::Local equality check "=="
Hi all, I'm new to v8 and I want to know more about the equality check (==) between two v8::Local. Currently I'm using instrumenting chromium browser. In chromium, registered event listeners are stored inside a map like data structure, and I can use the getListenerObject() method to get the v8::Local correspond to each event listener, which could be a function reference, or reference to an object with handleEvent property. My goal is to tell if two different event listener will invoke the same javascript or not. Someone told me that I can do this by comparing two v8::Local by value. I followed the suggestion and implements a function that returns unique integer ID for unique v8::Local value. However when I test it on real webpage, I found that almost every event listeners are mapped to the same ID. I'm not confident with this result so I want to ask a question here. What does the equality check (==) between two v8::Local check? Does it implies that the two object are structurally equal (contains the same function/object reference), or it means something else? Best regards, -- -- v8-users mailing list v8-users@googlegroups.com http://groups.google.com/group/v8-users --- You received this message because you are subscribed to the Google Groups "v8-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to v8-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[v8-users] How to extract function address from a v8::Local object
Dear all, I'm doing research on web java-script event execution with chromium, and I'm trying to log the function address of javascript listener function. Currently I have found the v8::Local object that holds the listener function: v8::Local handlerFunction = getListenerFunction(scriptState); The question I have is, how could I print out the function address of the listener function, or other "ID" that can be used to identify the java-script function? Best regards, -- -- v8-users mailing list v8-users@googlegroups.com http://groups.google.com/group/v8-users --- You received this message because you are subscribed to the Google Groups "v8-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to v8-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
