Clean up x64 jump code
Categories
(Core :: JavaScript Engine: JIT, task)
Tracking
()
Tracking | Status | |
---|---|---|
firefox81 | --- | fixed |
People
(Reporter: jandem, Assigned: jandem)
Details
Attachments
(6 files)
47 bytes,
text/x-phabricator-request
|
Details | Review | |
47 bytes,
text/x-phabricator-request
|
Details | Review | |
47 bytes,
text/x-phabricator-request
|
Details | Review | |
47 bytes,
text/x-phabricator-request
|
Details | Review | |
47 bytes,
text/x-phabricator-request
|
Details | Review | |
47 bytes,
text/x-phabricator-request
|
Details | Review |
-
The jump relocation table on x64 contains some fields we never use (see
RelocationIterator::tableStart_
,RelocationIterator::extOffset_
). -
Because all JIT code is allocated in a single buffer, we don't need an extended jump table entry for jumps to other JIT code addresses. These jumps are pretty common. With Fission on the horizon I don't think we'll need more than 2 GB JIT code per process anytime soon.
Assignee | ||
Comment 1•4 years ago
|
||
I have a prototype patch for this, I just need to split it up.
Assignee | ||
Comment 2•4 years ago
|
||
The jump instruction itself is sufficient to get the address from the extended jump
table. This has been 'dead' code on x64 since the code landed in 2011. ARM64 copied it.
Updated•4 years ago
|
Assignee | ||
Comment 3•4 years ago
|
||
All pending jumps then have a known (non-null) target, so replace an if-statement
with an assertion.
Other platforms don't define addPatchableJump.
Depends on D86368
Assignee | ||
Comment 4•4 years ago
|
||
Depends on D86370
Assignee | ||
Comment 5•4 years ago
|
||
Depends on D86372
Assignee | ||
Comment 6•4 years ago
|
||
This lets us make x64-specific changes in the next patch.
Depends on D86373
Assignee | ||
Comment 7•4 years ago
|
||
A lot of entries in the extended jump table were never used because they were for
jumps/calls to other addresses in the executable memory (JitCodes or trampolines).
This patch takes advantage of the contiguous 2 GB executable code buffer: we know
any address in this buffer can always be jumped to without needing an extended jump
table. This also lets us simplify the jump relocation code more.
With Fission coming soon, max 2 GB JIT code per process will hopefully be sufficient.
Depends on D86374
Assignee | ||
Updated•4 years ago
|
Comment 9•4 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/40177251aedf
https://hg.mozilla.org/mozilla-central/rev/b05b003aadab
https://hg.mozilla.org/mozilla-central/rev/f7c04ba4c7a6
https://hg.mozilla.org/mozilla-central/rev/e25fbc36560f
https://hg.mozilla.org/mozilla-central/rev/e60ebc67c523
https://hg.mozilla.org/mozilla-central/rev/10c27253a2a3
Description
•