AuroraMiddleware/v8
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity
56fe020eec
v8/tools/debug_helper
History
Wenyu Zhao 5e0b94c4dc Allowing map word to be used for other state in GC header. 
This CL adds features to pack/unpack map words.

Currently V8 cannot store extra metadata in object headers -- because V8
objects do not have a proper header, but only a map pointer at the start
of the object. To store per-object metadata like marking data, a side
table is required as the per-object metadata storage.

This CL enables V8 to use higher unused bits in a 64-bit map word as
per-object metadata storage. Map pointer stores come with an extra step
to encode the metadata into the pointer (we call it "map packing").
Map pointer loads will also remove the metadata bits as well (we call it
"map packing").

Since the map word is no longer a valid pointer after packing, we also
change the tag of the packed map word to make it looks like a Smi. This
helps various GC and barrier code to correctly skip them instead of
blindly dereferencing this invalid pointer.

A ninja flag `v8_enable_map_packing` is provided to turn this
map-packing feature on and off. It is disabled by default.

* Only works on x64 platform, with `v8_enable_pointer_compression`
  set to `false`

Bug: v8:11624
Change-Id: Ia2bdf79553945e5fc0b0874c87803d2cc733e073
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2247561
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Toon Verwaest <verwaest@chromium.org>
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73915}
2021-04-12 17:34:13 +00:00
..
BUILD.gn [build] Create v8_internal_headers target 2021-03-01 16:30:22 +00:00
compiler-types.cc [v8windbg] Show bitset name of compiler type 2020-06-23 19:36:36 +00:00
debug-helper-internal.cc Reland^2 "[ptr-cage] Rename IsolateRoot to PtrComprCageBase" 2021-04-06 01:55:28 +00:00
debug-helper-internal.h [v8windbg] Display js function only for js frame 2020-09-21 07:50:14 +00:00
debug-helper.h [v8windbg] Display js function only for js frame 2020-09-21 07:50:14 +00:00
debug-macro-shims.h [torque] Begin porting ScopeInfo to Torque 2021-01-20 11:56:21 +00:00
DEPS Reland "Add postmortem debugging helper library" 2019-07-31 14:30:19 +00:00
gen-heap-constants.py [tools] Fix v8windbg behavior on Map's bit_field2 2020-03-09 17:36:27 +00:00
get-object-properties.cc Allowing map word to be used for other state in GC header. 2021-04-12 17:34:13 +00:00
heap-constants.cc [tools] Fix v8windbg behavior on Map's bit_field2 2020-03-09 17:36:27 +00:00
heap-constants.h [tools] Fix v8windbg behavior on Map's bit_field2 2020-03-09 17:36:27 +00:00
list-object-classes.cc Reland "[torque] refactor: use -tq only in filenames derived from .tq files" 2020-09-25 15:04:18 +00:00
OWNERS Add myself as an owner for debug-helper and v8windbg 2020-09-21 15:19:27 +00:00
README.md Reland "Add postmortem debugging helper library" 2019-07-31 14:30:19 +00:00

README.md

V8 debug helper

This library is for debugging V8 itself, not debugging JavaScript running within V8. It is designed to be called from a debugger extension running within a native debugger such as WinDbg or LLDB. It can be used on live processes or crash dumps, and cannot assume that all memory is available in a dump.