Closed
Bug 618690
Opened 14 years ago
Closed 13 years ago
JM: TypeInference: Hoist array bounds checks
Categories
(Core :: JavaScript Engine, defect)
Tracking
()
RESOLVED
FIXED
People
(Reporter: bhackett1024, Assigned: bhackett1024)
References
Details
Attachments
(1 file, 1 obsolete file)
201.39 KB,
patch
|
Details | Diff | Splinter Review |
For loops like:
for (i = 0; i < n; i++)
arr[i]
We can hoist the initialized-length check to the loop's preamble code provided we can determine that arr is not modified in the loop, that i and n are integers and that the length of arr cannot shrink.
This should generalize but not too broadly, as array-accessing loops tend to be written in similar ways and doing a full symbolic range analysis is complicated and takes time. It should, however, handle loop forms like that in v8-crypto's am3, which looks like:
while(--n >= 0)
arr[i++];
Updated•14 years ago
|
Assignee | ||
Comment 1•14 years ago
|
||
Determines when bounds checks can be hoisted for a few access patterns: x[n], x[i] where i is loop invariant, and x[i] where i is <= something as determined from a linear relationship in the loop condition. Also factors loop register stuff out of FrameState and into a new LoopState file (paving the way to make FrameState a per-frame thing).
Assignee: general → bhackett1024
Assignee | ||
Comment 2•14 years ago
|
||
Patch landed on JM. This is mostly about adding the machinery so we can hoist array bounds checks, will circle back and improve robustness once LICM and property accesses are improved and we have a good corpus of the bounds checks we want to be able to hoist.
http://hg.mozilla.org/projects/jaegermonkey/rev/7928f2dc3d4d
function foo(x, n) {
for (var i = 0; i < n; i++)
x[i] = i;
var q = 0;
for (var i = 0; i < 100000; i++) {
for (var j = 0; j < n; j++)
q = x[j];
}
return q;
}
foo([], 1000);
js -m -n (old): 145
js -m -n (new): 110
js -m: 577
js -j: 374
d8: 150
Attachment #524086 -
Attachment is obsolete: true
Comment 3•13 years ago
|
||
We merged Type Inference.
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•