[Webkit-unassigned] [Bug 68763] New: DFG JIT should not eagerly initialize integer tags in the register file
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sat Sep 24 13:39:43 PDT 2011
https://bugs.webkit.org/show_bug.cgi?id=68763
Summary: DFG JIT should not eagerly initialize integer tags in
the register file
Product: WebKit
Version: 528+ (Nightly build)
Platform: All
OS/Version: All
Status: NEW
Severity: Normal
Priority: P2
Component: JavaScriptCore
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: fpizlo at apple.com
Eagerly initializing integer tags has three outcomes:
1) We incur the cost of doing so even though neither the DFG nor the GC ever use integer tags for variables that are predicted integer.
2) It complicates the implementation of live range splitting. Eager initialization of integer tags assumes that the variable will be an integer for the entire span of the function, but work is underway to enable a variable to have different predictions in different intervals (https://bugs.webkit.org/show_bug.cgi?id=68593).
3) It introduces an annoying bug: if we OSR entry does not initialize integer tags, so if we do OSR entry and then OSR exit, the old JIT may see integers that have not had their tags initialized.
The solution is to have the DFG initialize integer tags only on OSR exit, as that is the only point at which they need to be initialized.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list