v8 - disassembled javascript jit code calling unknown function -


i disassembled javascript function in v8.

function a() {   = 1;   b = 2;   c = + b; }

and got disassembled code. @ x86 machine(64bits)

instructions (size = 228) 0x35ca73465740     0  488b4c2408     rex.w movq rcx,[rsp+0x8] 0x35ca73465745     5  493b4da8       rex.w cmpq rcx,[r13-0x58] 0x35ca73465749     9  750d           jnz 24  (0x35ca73465758) 0x35ca7346574b    11  488b4e27       rex.w movq rcx,[rsi+0x27] 0x35ca7346574f    15  488b492f       rex.w movq rcx,[rcx+0x2f] 0x35ca73465753    19  48894c2408     rex.w movq [rsp+0x8],rcx 0x35ca73465758    24  e88358fdff     call makequadragenariancodeyoungagainoddmarking  (0x35ca7343afe0) 0x35ca7346575d    29  90             nop 0x35ca7346575e    30  493ba5b0070000 rex.w cmpq rsp,[r13+0x7b0] 0x35ca73465765    37  7305           jnc 44  (0x35ca7346576c) 0x35ca73465767    39  e83456fdff     call stackcheck  (0x35ca7343ada0)    ;; debug: statement 19                                                          ;; code: builtin 0x35ca7346576c    44  4c89e0         rex.w movq rax,r12 0x35ca7346576f    47  48b9111d111f770a0000 rex.w movq rcx,0xa771f111d11    ;; object: 0xa771f111d11 <string[1]: a> 0x35ca73465779    57  488b5627       rex.w movq rdx,[rsi+0x27] 0x35ca7346577d    61  e83e0ffdff     call 0x35ca734366c0     ;; debug: statement 26                                                          ;; debug: position 27                                                          ;; code: store_ic, premonomorphic 0x35ca73465782    66  4b8d0424       rex.w leaq rax,[r12+r12*1] 0x35ca73465786    70  48b9311d111f770a0000 rex.w movq rcx,0xa771f111d31    ;; object: 0xa771f111d31 <string[1]: b> 0x35ca73465790    80  488b5627       rex.w movq rdx,[rsi+0x27] 0x35ca73465794    84  e8270ffdff     call 0x35ca734366c0     ;; debug: statement 33                                                          ;; debug: position 34                                                          ;; code: store_ic, premonomorphic 0x35ca73465799    89  48b9111d111f770a0000 rex.w movq rcx,0xa771f111d11    ;; object: 0xa771f111d11 <string[1]: a> 0x35ca734657a3    99  488b5627       rex.w movq rdx,[rsi+0x27] 0x35ca734657a7   103  e8940ffdff     call 0x35ca73436740     ;; debug: statement 40                                                          ;; debug: position 42                                                          ;; code: contextual, load_ic, premonomorphic 0x35ca734657ac   108  50             push rax 0x35ca734657ad   109  48b9311d111f770a0000 rex.w movq rcx,0xa771f111d31    ;; object: 0xa771f111d31 <string[1]: b> 0x35ca734657b7   119  488b5627       rex.w movq rdx,[rsi+0x27] 0x35ca734657bb   123  e8800ffdff     call 0x35ca73436740     ;; debug: position 44                                                          ;; code: contextual, load_ic, premonomorphic 0x35ca734657c0   128  5a             pop rdx 0x35ca734657c1   129  e89aeefaff     call 0x35ca73414660     ;; debug: position 43                                                          ;; code: binary_op_ic, monomorphic, normal (id = 31) 0x35ca734657c6   134  90             nop 0x35ca734657c7   135  48b9511d111f770a0000 rex.w movq rcx,0xa771f111d51    ;; object: 0xa771f111d51 <string[1]: c> 0x35ca734657d1   145  488b5627       rex.w movq rdx,[rsi+0x27] 0x35ca734657d5   149  e8e60efdff     call 0x35ca734366c0     ;; debug: position 41                                                          ;; code: store_ic, premonomorphic 0x35ca734657da   154  498b45a8       rex.w movq rax,[r13-0x58] 0x35ca734657de   158  48bb214b4060ff110000 rex.w movq rbx,0x11ff60404b21    ;; object: 0x11ff60404b21 cell 6097 0x35ca734657e8   168  83430bd1       addl [rbx+0xb],0xd1 0x35ca734657ec   172  791f           jns 205  (0x35ca7346580d) 0x35ca734657ee   174  50             push rax 0x35ca734657ef   175  e86c54fdff     call interruptcheck  (0x35ca7343ac60)    ;; code: builtin 0x35ca734657f4   180  58             pop rax 0x35ca734657f5   181  48bb214b4060ff110000 rex.w movq rbx,0x11ff60404b21    ;; object: 0x11ff60404b21 cell 6097 0x35ca734657ff   191  49ba0000000000180000 rex.w movq r10,0x180000000000 0x35ca73465809   201  4c895307       rex.w movq [rbx+0x7],r10 0x35ca7346580d   205  488be5         rex.w movq rsp,rbp      ;; debug: statement 47                                                          ;; js return                                                          ;; code_age_sequence

there's no function call explicitly inside "function a". there 2 functions(makequadragenariancodeyoungagainoddmarking, stackcheck) , unknown "call" instructions("call 0x35ca734366c0") in disassembled assembly code. they? why needed? , defined?

the generated jit-code is't standalone. runs in context of vm (v8 runtime).

stackcheck:

loops need interruptable, , v8 placing stack check @ beginning of each loop iteration. if runtime wants interrupt loop, resets stack limit of process, , waits process's next stack check.

(andy wingo's blog)

stack checks inserted @ function beginning. got idea.

makequadragenariancodeyoungagainoddmarking has garbage collection. v8 has generational gc, young , old generations of objects. , jit code heap object.

why needed? , defined?

they defined in v8 sources. if want understand more, encourage serf web v8 internals. there quite few articles.


Comments

Post a Comment

Popular posts from this blog

javascript - AngularJS custom datepicker directive -

i make custom datepicker directive custom template. but have no idea how start building it... how include date data directive? i appreciate guide or give me advice work on more precisely. it might you! follow below steps html code sample: <label>birth date</label> <input type="text" ng-model="birthdate" date-options="dateoptions" custom-datepicker/> <hr/> <pre>birthdate = {{birthdate}}</pre> <script type="text/ng-template" id="custom-datepicker.html"> <div class="enhanced-datepicker"> <div class="proxied-field-wrap"> <input type="text" ui-date-format="yy-mm-dd" ng-model="ngmodel" ui-date="dateoptions"/> </div> <label> <button class="btn" type="button"><i class="icon-calendar"></i>
Read more

javascript - jQuery date picker - Disable dates after the selection from the first date picker -

<!doctype html> <html lang="en"> <head> <meta charset="utf-8"> <title>jquery ui datepicker - default functionality</title> <link rel="stylesheet" href="//code.jquery.com/ui/1.11.4/themes/smoothness/jquery-ui.css"> <script src="//code.jquery.com/jquery-1.10.2.js"></script> <script src="//code.jquery.com/ui/1.11.4/jquery-ui.js"></script> <link rel="stylesheet" href="/resources/demos/style.css"> <script> $(function () { $("#datepicker1").datepicker(); }); </script> <script> $(function () { $("#datepicker2").datepicker(); }); </script> </head> <body> <p>date 1: <input type="text" id="datepicker1"></p> <p>date 2: <input type="t
Read more