[Webkit-unassigned] [Bug 65901] The JSC JIT currently has no facility to profile and report the types of values
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Aug 17 16:40:09 PDT 2011
https://bugs.webkit.org/show_bug.cgi?id=65901
--- Comment #7 from Filip Pizlo <fpizlo at apple.com> 2011-08-17 16:40:09 PST ---
> > Source/JavaScriptCore/bytecode/CodeBlock.h:207
> > +#if ENABLE(VALUE_PROFILER)
>
> The file CodeBlock is a bit too big already, and this struct is non-trivial, I think we really need to add a new ValueProfile.h header.
OK, moved to a separate file.
>
> > Source/JavaScriptCore/bytecode/CodeBlock.h:682
> > + SegmentedVector<ValueProfile, sizeof(ValueProfile) * 8> m_valueProfiles;
>
> This code is a little weird - I think the second argument to the template should be a count of ValueProfiles, not a size, so isn't this growing n^2 in the size of ValueProfile? - don't you just want 8 here?
Ooops, I misunderstood the meaning of that template argument. Fixed.
>
> > Source/JavaScriptCore/jit/JIT.cpp:377
> > + unsigned numberOfValueProfiles = m_codeBlock->numberOfValueProfiles();
>
> Is this just asserting that no slow cases add any new (FirstProfilingSite) value profiling code? - I think an comment here would be good.
Added a comment. It's asserting that the slow case generation code uses existing ValueProfile instances rather than adding new ones, so that regardless of which path (fast or slow) generated the value it will go to the same ValueProfile, which is tied to that bytecode offset.
>
> > Source/JavaScriptCore/jit/JIT.h:313
> > +#endif
>
> Are value / scratch ever passed? - I didn't see any case of this.
> If not, it may make the code simpler to remove these arguments.
> Also, this function may trample regT2/regT3 - I think it's worth commenting this on the method, to try to make this more apparent.
Yeah, this was overly general. Changed it to always use regT0 and regT3, with a comment saying how.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list