Pre-allocate CodeGeneratorShared::safepointIndices_.
Categories
(Core :: JavaScript Engine: JIT, enhancement, P1)
Tracking
()
| Tracking | Status | |
|---|---|---|
| firefox133 | --- | fixed |
People
(Reporter: nbp, Assigned: nbp)
References
(Blocks 1 open bug)
Details
(Whiteboard: [sp3])
Attachments
(1 file)
Bug 1922073 highlights that mozilla::Vector<js::jit::CodegenSafepointIndex, …>::growStorageBy is visible in profiles.
This element type is only used in the CodeGenerator, as the name suggest, and we should not only pre-allocate the buffer with a known number of of instruction which are requiring safepoints, but we should also move it to use the LifoAlloc buffer of the JIT compilation.
|
Assignee | |
Comment 1•4 months ago
|
||
This patch addresses the allocation of the safepoint indices by moving its
allocation to the LifoAlloc buffer, and reserving space for as many entries as
the number of instructions which requested a safepoint when lowering.
However, this the number of request safepoint does not match exactly the number
of safepoint indices. It can be an over estimation as some instructions might,
such as CheckOverRecursion would be skipped in the CodeGenerator and potentially
never encode their safepoint and indices. Or, this could be an under estimation
if instructions are encoding the safepoint multiple times.
Encoding the safepoint multiple times is a dirty secret of our CodeGenerator
which has potential security implications, and maintaining a counter which is
likely to be forgotten is a good way to advertise about it. Thus, this change
also includes a comment explaining this corner case above a mild assertion.
|
||
Comment 3•4 months ago
|
||
| bugherder | ||
|
||
Updated•4 months ago
|
|
||
Updated•4 months ago
|
Description
•