heap_find walks all the page of the heap and finds the references to a given
address.
NOTRY=true
Change-Id: I3271ab96d0224acf2361fe5bc4c8b0a608caf091
Reviewed-on: https://chromium-review.googlesource.com/500190
Commit-Queue: Camillo Bruni <cbruni@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#45202}
TypeFeedbackVectors are strongly rooted by a closure. However, in modern
JavaScript closures are created and abandoned more freely. An important
closure may not be present in the root-set at time of garbage collection,
even though we've cached optimized code and use it regularly. For
example, consider leaf functions in an event dispatching system. They may
well be "hot," but tragically non-present when we collect the heap.
Until now, we've relied on a weak root to cache the feedback vector in
this case. Since there is no way to signal intent or relative importance,
this weak root is as susceptible to clearing as any other weak root at
garbage collection time.
Meanwhile, the feedback vector has become more important. All of our
ICs store their data there. Literal and regex boilerplates are stored there.
If we lose the vector, then we not only lose optimized code built from
it, we also lose the very feedback which allowed us to create that optimized
code. Therefore it's vital to express that dependency through the root
set.
This CL does this by creating a strong link to a feedback
vector at the instantiation site of the function closure.
This instantiation site is in the code and feedback vector
of the outer closure.
BUG=v8:5456
Review-Url: https://codereview.chromium.org/2674593003
Cr-Commit-Position: refs/heads/master@{#42953}
This should fix the following errors that sometimes appear when using V8 gdb macros:
Cannot evaluate function -- may be inlined
or
No symbol "xxx" in namespace "v8::internal".
Review-Url: https://codereview.chromium.org/2186293002
Cr-Commit-Position: refs/heads/master@{#38145}
Use it like this:
Program received signal SIGTRAP, Trace/breakpoint trap.
[Switching to Thread 0x7f50d02c4700 (LWP 8152)]
base::debug::(anonymous namespace)::DebugBreak ()
at ../../base/debug/debugger_posix.cc:230
230 }
(gdb) bt
at ../../base/debug/debugger_posix.cc:230
...
args_object=0x7f50d02bfe00, isolate=0x2f001c9e2020)
at ../../v8/src/builtins/builtins-api.cc:123
...
(gdb) jss
(gdb) bt
isolate=0x2f001c9e2020, is_construct=false, target=..., receiver=...,
argc=1, args=0x7f50d02c0518, new_target=...)
at ../../v8/src/execution.cc:111
isolate=0x2f001c9e2020, callable=..., receiver=..., argc=1,
argv=0x7f50d02c0518) at ../../v8/src/execution.cc:168
...
R=yangguo@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/2186013002
Cr-Commit-Position: refs/heads/master@{#38121}