mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-12-01 08:42:13 +00:00
Backed out 9 changesets (bug 1697935, bug 1697904) for assertion failure at StaticPrefList_layers.h and hardware acceleration related failures CLOSED TREE
Backed out changeset f37bc1afe77c (bug 1697904) Backed out changeset 4aaab7a45b92 (bug 1697904) Backed out changeset 87c31ed94b30 (bug 1697904) Backed out changeset d9a650b603f5 (bug 1697904) Backed out changeset c8680ade8ec5 (bug 1697904) Backed out changeset 2b0048582dcf (bug 1697904) Backed out changeset 09df3a61027d (bug 1697904) Backed out changeset 17d4fbbd7a1e (bug 1697904) Backed out changeset ddb46dad7605 (bug 1697935)
This commit is contained in:
Bogdan Tara
parent
eec5839457
commit
5a7cb2592d
@ -766,7 +766,7 @@ class MOZ_RAII CacheIRCompiler {
|
||||
// (1) mitigations are enabled and (2) the object is used by other
|
||||
// instructions (if the object is *not* used by other instructions,
|
||||
// zeroing its register is pointless).
|
||||
return JitOptions.spectreObjectMitigations &&
|
||||
return JitOptions.spectreObjectMitigationsMisc &&
|
||||
!allocator.isDeadAfterInstruction(objId);
|
||||
}
|
||||
|
||||
|
||||
@ -251,13 +251,15 @@ DefaultJitOptions::DefaultJitOptions() {
|
||||
|
||||
#if defined(JS_CODEGEN_MIPS32) || defined(JS_CODEGEN_MIPS64)
|
||||
SET_DEFAULT(spectreIndexMasking, false);
|
||||
SET_DEFAULT(spectreObjectMitigations, false);
|
||||
SET_DEFAULT(spectreObjectMitigationsBarriers, false);
|
||||
SET_DEFAULT(spectreObjectMitigationsMisc, false);
|
||||
SET_DEFAULT(spectreStringMitigations, false);
|
||||
SET_DEFAULT(spectreValueMasking, false);
|
||||
SET_DEFAULT(spectreJitToCxxCalls, false);
|
||||
#else
|
||||
SET_DEFAULT(spectreIndexMasking, true);
|
||||
SET_DEFAULT(spectreObjectMitigations, true);
|
||||
SET_DEFAULT(spectreObjectMitigationsBarriers, true);
|
||||
SET_DEFAULT(spectreObjectMitigationsMisc, true);
|
||||
SET_DEFAULT(spectreStringMitigations, true);
|
||||
SET_DEFAULT(spectreValueMasking, true);
|
||||
SET_DEFAULT(spectreJitToCxxCalls, true);
|
||||
|
||||
@ -113,7 +113,8 @@ struct DefaultJitOptions {
|
||||
// measure the effectiveness of each mitigation with various proof of
|
||||
// concept.
|
||||
bool spectreIndexMasking;
|
||||
bool spectreObjectMitigations;
|
||||
bool spectreObjectMitigationsBarriers;
|
||||
bool spectreObjectMitigationsMisc;
|
||||
bool spectreStringMitigations;
|
||||
bool spectreValueMasking;
|
||||
bool spectreJitToCxxCalls;
|
||||
|
||||
@ -3961,7 +3961,7 @@ void LIRGenerator::visitGuardNoDenseElements(MGuardNoDenseElements* ins) {
|
||||
void LIRGenerator::visitGuardShape(MGuardShape* ins) {
|
||||
MOZ_ASSERT(ins->object()->type() == MIRType::Object);
|
||||
|
||||
if (JitOptions.spectreObjectMitigations) {
|
||||
if (JitOptions.spectreObjectMitigationsMisc) {
|
||||
auto* lir =
|
||||
new (alloc()) LGuardShape(useRegisterAtStart(ins->object()), temp());
|
||||
assignSnapshot(lir, ins->bailoutKind());
|
||||
|
||||
@ -542,7 +542,7 @@ void MacroAssembler::branchTestObjClass(Condition cond, Register obj,
|
||||
branchPtr(cond, Address(scratch, BaseShape::offsetOfClasp()), ImmPtr(clasp),
|
||||
label);
|
||||
|
||||
if (JitOptions.spectreObjectMitigations) {
|
||||
if (JitOptions.spectreObjectMitigationsMisc) {
|
||||
spectreZeroRegister(cond, scratch, spectreRegToZero);
|
||||
}
|
||||
}
|
||||
@ -568,7 +568,7 @@ void MacroAssembler::branchTestObjClass(Condition cond, Register obj,
|
||||
loadPtr(Address(scratch, BaseShape::offsetOfClasp()), scratch);
|
||||
branchPtr(cond, clasp, scratch, label);
|
||||
|
||||
if (JitOptions.spectreObjectMitigations) {
|
||||
if (JitOptions.spectreObjectMitigationsMisc) {
|
||||
spectreZeroRegister(cond, scratch, spectreRegToZero);
|
||||
}
|
||||
}
|
||||
@ -595,7 +595,7 @@ void MacroAssembler::branchTestObjClass(Condition cond, Register obj,
|
||||
loadPtr(Address(scratch, BaseShape::offsetOfClasp()), scratch);
|
||||
branchPtr(cond, clasp, scratch, label);
|
||||
|
||||
if (JitOptions.spectreObjectMitigations) {
|
||||
if (JitOptions.spectreObjectMitigationsMisc) {
|
||||
spectreZeroRegister(cond, scratch, spectreRegToZero);
|
||||
}
|
||||
}
|
||||
@ -607,14 +607,14 @@ void MacroAssembler::branchTestObjShape(Condition cond, Register obj,
|
||||
MOZ_ASSERT(obj != scratch);
|
||||
MOZ_ASSERT(spectreRegToZero != scratch);
|
||||
|
||||
if (JitOptions.spectreObjectMitigations) {
|
||||
if (JitOptions.spectreObjectMitigationsMisc) {
|
||||
move32(Imm32(0), scratch);
|
||||
}
|
||||
|
||||
branchPtr(cond, Address(obj, JSObject::offsetOfShape()), ImmGCPtr(shape),
|
||||
label);
|
||||
|
||||
if (JitOptions.spectreObjectMitigations) {
|
||||
if (JitOptions.spectreObjectMitigationsMisc) {
|
||||
spectreMovePtr(cond, scratch, spectreRegToZero);
|
||||
}
|
||||
}
|
||||
@ -635,13 +635,13 @@ void MacroAssembler::branchTestObjShape(Condition cond, Register obj,
|
||||
MOZ_ASSERT(obj != shape);
|
||||
MOZ_ASSERT(spectreRegToZero != scratch);
|
||||
|
||||
if (JitOptions.spectreObjectMitigations) {
|
||||
if (JitOptions.spectreObjectMitigationsMisc) {
|
||||
move32(Imm32(0), scratch);
|
||||
}
|
||||
|
||||
branchPtr(cond, Address(obj, JSObject::offsetOfShape()), shape, label);
|
||||
|
||||
if (JitOptions.spectreObjectMitigations) {
|
||||
if (JitOptions.spectreObjectMitigationsMisc) {
|
||||
spectreMovePtr(cond, scratch, spectreRegToZero);
|
||||
}
|
||||
}
|
||||
|
||||
@ -5293,8 +5293,11 @@ JS_PUBLIC_API void JS_SetGlobalJitCompilerOption(JSContext* cx,
|
||||
case JSJITCOMPILER_SPECTRE_INDEX_MASKING:
|
||||
jit::JitOptions.spectreIndexMasking = !!value;
|
||||
break;
|
||||
case JSJITCOMPILER_SPECTRE_OBJECT_MITIGATIONS:
|
||||
jit::JitOptions.spectreObjectMitigations = !!value;
|
||||
case JSJITCOMPILER_SPECTRE_OBJECT_MITIGATIONS_BARRIERS:
|
||||
jit::JitOptions.spectreObjectMitigationsBarriers = !!value;
|
||||
break;
|
||||
case JSJITCOMPILER_SPECTRE_OBJECT_MITIGATIONS_MISC:
|
||||
jit::JitOptions.spectreObjectMitigationsMisc = !!value;
|
||||
break;
|
||||
case JSJITCOMPILER_SPECTRE_STRING_MITIGATIONS:
|
||||
jit::JitOptions.spectreStringMitigations = !!value;
|
||||
|
||||
@ -2640,10 +2640,11 @@ extern JS_PUBLIC_API void JS_SetOffthreadIonCompilationEnabled(JSContext* cx,
|
||||
Register(NATIVE_REGEXP_ENABLE, "native_regexp.enable") \
|
||||
Register(SIMULATOR_ALWAYS_INTERRUPT, "simulator.always-interrupt") \
|
||||
Register(SPECTRE_INDEX_MASKING, "spectre.index-masking") \
|
||||
Register(SPECTRE_OBJECT_MITIGATIONS, "spectre.object-mitigations") \
|
||||
Register(SPECTRE_OBJECT_MITIGATIONS_BARRIERS, "spectre.object-mitigations.barriers") \
|
||||
Register(SPECTRE_OBJECT_MITIGATIONS_MISC, "spectre.object-mitigations.misc") \
|
||||
Register(SPECTRE_STRING_MITIGATIONS, "spectre.string-mitigations") \
|
||||
Register(SPECTRE_VALUE_MASKING, "spectre.value-masking") \
|
||||
Register(SPECTRE_JIT_TO_CXX_CALLS, "spectre.jit-to-cxx-calls") \
|
||||
Register(SPECTRE_JIT_TO_CXX_CALLS, "spectre.jit-to-C++-calls") \
|
||||
Register(WASM_FOLD_OFFSETS, "wasm.fold-offsets") \
|
||||
Register(WASM_DELAY_TIER2, "wasm.delay-tier2") \
|
||||
Register(WASM_JIT_BASELINE, "wasm.baseline") \
|
||||
|
||||
@ -10994,13 +10994,15 @@ static bool SetContextOptions(JSContext* cx, const OptionParser& op) {
|
||||
if (const char* str = op.getStringOption("spectre-mitigations")) {
|
||||
if (strcmp(str, "on") == 0) {
|
||||
jit::JitOptions.spectreIndexMasking = true;
|
||||
jit::JitOptions.spectreObjectMitigations = true;
|
||||
jit::JitOptions.spectreObjectMitigationsBarriers = true;
|
||||
jit::JitOptions.spectreObjectMitigationsMisc = true;
|
||||
jit::JitOptions.spectreStringMitigations = true;
|
||||
jit::JitOptions.spectreValueMasking = true;
|
||||
jit::JitOptions.spectreJitToCxxCalls = true;
|
||||
} else if (strcmp(str, "off") == 0) {
|
||||
jit::JitOptions.spectreIndexMasking = false;
|
||||
jit::JitOptions.spectreObjectMitigations = false;
|
||||
jit::JitOptions.spectreObjectMitigationsBarriers = false;
|
||||
jit::JitOptions.spectreObjectMitigationsMisc = false;
|
||||
jit::JitOptions.spectreStringMitigations = false;
|
||||
jit::JitOptions.spectreValueMasking = false;
|
||||
jit::JitOptions.spectreJitToCxxCalls = false;
|
||||
|
||||
@ -826,97 +826,111 @@ static void LoadStartupJSPrefs(XPCJSContext* xpccx) {
|
||||
|
||||
JSContext* cx = xpccx->Context();
|
||||
|
||||
// Some prefs are unlisted in all.js / StaticPrefs (and thus are invisible in
|
||||
// about:config). Make sure we use explicit defaults here.
|
||||
bool useBaselineInterp = Preferences::GetBool(JS_OPTIONS_DOT_STR "blinterp");
|
||||
bool useBaselineJit = Preferences::GetBool(JS_OPTIONS_DOT_STR "baselinejit");
|
||||
bool useIon = Preferences::GetBool(JS_OPTIONS_DOT_STR "ion");
|
||||
bool useJitForTrustedPrincipals =
|
||||
Preferences::GetBool(JS_OPTIONS_DOT_STR "jit_trustedprincipals", false);
|
||||
bool disableWasmHugeMemory = Preferences::GetBool(
|
||||
JS_OPTIONS_DOT_STR "wasm_disable_huge_memory", false);
|
||||
Preferences::GetBool(JS_OPTIONS_DOT_STR "jit_trustedprincipals");
|
||||
bool useNativeRegExp =
|
||||
Preferences::GetBool(JS_OPTIONS_DOT_STR "native_regexp");
|
||||
|
||||
bool offthreadIonCompilation =
|
||||
Preferences::GetBool(JS_OPTIONS_DOT_STR "ion.offthread_compilation");
|
||||
bool useBaselineEager = Preferences::GetBool(
|
||||
JS_OPTIONS_DOT_STR "baselinejit.unsafe_eager_compilation");
|
||||
bool useIonEager =
|
||||
Preferences::GetBool(JS_OPTIONS_DOT_STR "ion.unsafe_eager_compilation");
|
||||
#ifdef DEBUG
|
||||
bool fullJitDebugChecks =
|
||||
Preferences::GetBool(JS_OPTIONS_DOT_STR "jit.full_debug_checks");
|
||||
#endif
|
||||
|
||||
int32_t baselineInterpThreshold =
|
||||
Preferences::GetInt(JS_OPTIONS_DOT_STR "blinterp.threshold", -1);
|
||||
int32_t baselineThreshold =
|
||||
Preferences::GetInt(JS_OPTIONS_DOT_STR "baselinejit.threshold", -1);
|
||||
int32_t normalIonThreshold =
|
||||
Preferences::GetInt(JS_OPTIONS_DOT_STR "ion.threshold", -1);
|
||||
int32_t ionFrequentBailoutThreshold = Preferences::GetInt(
|
||||
JS_OPTIONS_DOT_STR "ion.frequent_bailout_threshold", -1);
|
||||
|
||||
bool spectreIndexMasking =
|
||||
Preferences::GetBool(JS_OPTIONS_DOT_STR "spectre.index_masking");
|
||||
bool spectreObjectMitigationsBarriers = Preferences::GetBool(
|
||||
JS_OPTIONS_DOT_STR "spectre.object_mitigations.barriers");
|
||||
bool spectreObjectMitigationsMisc = Preferences::GetBool(
|
||||
JS_OPTIONS_DOT_STR "spectre.object_mitigations.misc");
|
||||
bool spectreStringMitigations =
|
||||
Preferences::GetBool(JS_OPTIONS_DOT_STR "spectre.string_mitigations");
|
||||
bool spectreValueMasking =
|
||||
Preferences::GetBool(JS_OPTIONS_DOT_STR "spectre.value_masking");
|
||||
bool spectreJitToCxxCalls =
|
||||
Preferences::GetBool(JS_OPTIONS_DOT_STR "spectre.jit_to_C++_calls");
|
||||
|
||||
bool disableWasmHugeMemory =
|
||||
Preferences::GetBool(JS_OPTIONS_DOT_STR "wasm_disable_huge_memory");
|
||||
|
||||
bool safeMode = false;
|
||||
nsCOMPtr<nsIXULRuntime> xr = do_GetService("@mozilla.org/xre/runtime;1");
|
||||
if (xr) {
|
||||
bool safeMode = false;
|
||||
xr->GetInSafeMode(&safeMode);
|
||||
if (safeMode) {
|
||||
useBaselineJit = false;
|
||||
useIon = false;
|
||||
useJitForTrustedPrincipals = false;
|
||||
useNativeRegExp = false;
|
||||
}
|
||||
}
|
||||
|
||||
// NOTE: Baseline Interpreter is still used in safe-mode. This gives a big
|
||||
// perf gain and is our simplest JIT so we make a tradeoff.
|
||||
JS_SetGlobalJitCompilerOption(
|
||||
cx, JSJITCOMPILER_BASELINE_INTERPRETER_ENABLE,
|
||||
StaticPrefs::javascript_options_blinterp_AtStartup());
|
||||
JS_SetGlobalJitCompilerOption(cx, JSJITCOMPILER_BASELINE_INTERPRETER_ENABLE,
|
||||
useBaselineInterp);
|
||||
JS_SetGlobalJitCompilerOption(cx, JSJITCOMPILER_BASELINE_ENABLE,
|
||||
useBaselineJit);
|
||||
JS_SetGlobalJitCompilerOption(cx, JSJITCOMPILER_ION_ENABLE, useIon);
|
||||
JS_SetGlobalJitCompilerOption(cx, JSJITCOMPILER_JIT_TRUSTEDPRINCIPALS_ENABLE,
|
||||
useJitForTrustedPrincipals);
|
||||
JS_SetGlobalJitCompilerOption(cx, JSJITCOMPILER_NATIVE_REGEXP_ENABLE,
|
||||
useNativeRegExp);
|
||||
|
||||
// Disable most JITs in Safe-Mode.
|
||||
if (safeMode) {
|
||||
JS_SetGlobalJitCompilerOption(cx, JSJITCOMPILER_BASELINE_ENABLE, false);
|
||||
JS_SetGlobalJitCompilerOption(cx, JSJITCOMPILER_ION_ENABLE, false);
|
||||
JS_SetGlobalJitCompilerOption(
|
||||
cx, JSJITCOMPILER_JIT_TRUSTEDPRINCIPALS_ENABLE, false);
|
||||
JS_SetGlobalJitCompilerOption(cx, JSJITCOMPILER_NATIVE_REGEXP_ENABLE,
|
||||
false);
|
||||
} else {
|
||||
JS_SetGlobalJitCompilerOption(
|
||||
cx, JSJITCOMPILER_BASELINE_ENABLE,
|
||||
StaticPrefs::javascript_options_baselinejit_AtStartup());
|
||||
JS_SetGlobalJitCompilerOption(
|
||||
cx, JSJITCOMPILER_ION_ENABLE,
|
||||
StaticPrefs::javascript_options_ion_AtStartup());
|
||||
JS_SetGlobalJitCompilerOption(cx,
|
||||
JSJITCOMPILER_JIT_TRUSTEDPRINCIPALS_ENABLE,
|
||||
useJitForTrustedPrincipals);
|
||||
JS_SetGlobalJitCompilerOption(
|
||||
cx, JSJITCOMPILER_NATIVE_REGEXP_ENABLE,
|
||||
StaticPrefs::javascript_options_native_regexp_AtStartup());
|
||||
}
|
||||
|
||||
JS_SetOffthreadIonCompilationEnabled(
|
||||
cx,
|
||||
StaticPrefs::javascript_options_ion_offthread_compilation_AtStartup());
|
||||
JS_SetOffthreadIonCompilationEnabled(cx, offthreadIonCompilation);
|
||||
|
||||
JS_SetGlobalJitCompilerOption(
|
||||
cx, JSJITCOMPILER_BASELINE_INTERPRETER_WARMUP_TRIGGER,
|
||||
StaticPrefs::javascript_options_blinterp_threshold_AtStartup());
|
||||
JS_SetGlobalJitCompilerOption(
|
||||
cx, JSJITCOMPILER_BASELINE_WARMUP_TRIGGER,
|
||||
StaticPrefs::javascript_options_baselinejit_threshold_AtStartup());
|
||||
JS_SetGlobalJitCompilerOption(
|
||||
cx, JSJITCOMPILER_ION_NORMAL_WARMUP_TRIGGER,
|
||||
StaticPrefs::javascript_options_ion_threshold_AtStartup());
|
||||
JS_SetGlobalJitCompilerOption(
|
||||
cx, JSJITCOMPILER_ION_FREQUENT_BAILOUT_THRESHOLD,
|
||||
StaticPrefs::
|
||||
javascript_options_ion_frequent_bailout_threshold_AtStartup());
|
||||
baselineInterpThreshold);
|
||||
JS_SetGlobalJitCompilerOption(cx, JSJITCOMPILER_BASELINE_WARMUP_TRIGGER,
|
||||
useBaselineEager ? 0 : baselineThreshold);
|
||||
JS_SetGlobalJitCompilerOption(cx, JSJITCOMPILER_ION_NORMAL_WARMUP_TRIGGER,
|
||||
useIonEager ? 0 : normalIonThreshold);
|
||||
JS_SetGlobalJitCompilerOption(cx,
|
||||
JSJITCOMPILER_ION_FREQUENT_BAILOUT_THRESHOLD,
|
||||
ionFrequentBailoutThreshold);
|
||||
|
||||
#ifdef DEBUG
|
||||
JS_SetGlobalJitCompilerOption(
|
||||
cx, JSJITCOMPILER_FULL_DEBUG_CHECKS,
|
||||
StaticPrefs::javascript_options_jit_full_debug_checks_AtStartup());
|
||||
JS_SetGlobalJitCompilerOption(cx, JSJITCOMPILER_FULL_DEBUG_CHECKS,
|
||||
fullJitDebugChecks);
|
||||
#endif
|
||||
|
||||
#if !defined(JS_CODEGEN_MIPS32) && !defined(JS_CODEGEN_MIPS64)
|
||||
JS_SetGlobalJitCompilerOption(cx, JSJITCOMPILER_SPECTRE_INDEX_MASKING,
|
||||
spectreIndexMasking);
|
||||
JS_SetGlobalJitCompilerOption(
|
||||
cx, JSJITCOMPILER_SPECTRE_INDEX_MASKING,
|
||||
StaticPrefs::javascript_options_spectre_index_masking_AtStartup());
|
||||
JS_SetGlobalJitCompilerOption(
|
||||
cx, JSJITCOMPILER_SPECTRE_OBJECT_MITIGATIONS,
|
||||
StaticPrefs::javascript_options_spectre_object_mitigations_AtStartup());
|
||||
JS_SetGlobalJitCompilerOption(
|
||||
cx, JSJITCOMPILER_SPECTRE_STRING_MITIGATIONS,
|
||||
StaticPrefs::javascript_options_spectre_string_mitigations_AtStartup());
|
||||
JS_SetGlobalJitCompilerOption(
|
||||
cx, JSJITCOMPILER_SPECTRE_VALUE_MASKING,
|
||||
StaticPrefs::javascript_options_spectre_value_masking_AtStartup());
|
||||
JS_SetGlobalJitCompilerOption(
|
||||
cx, JSJITCOMPILER_SPECTRE_JIT_TO_CXX_CALLS,
|
||||
StaticPrefs::javascript_options_spectre_jit_to_cxx_calls_AtStartup());
|
||||
#endif
|
||||
|
||||
cx, JSJITCOMPILER_SPECTRE_OBJECT_MITIGATIONS_BARRIERS,
|
||||
spectreObjectMitigationsBarriers);
|
||||
JS_SetGlobalJitCompilerOption(cx,
|
||||
JSJITCOMPILER_SPECTRE_OBJECT_MITIGATIONS_MISC,
|
||||
spectreObjectMitigationsMisc);
|
||||
JS_SetGlobalJitCompilerOption(cx, JSJITCOMPILER_SPECTRE_STRING_MITIGATIONS,
|
||||
spectreStringMitigations);
|
||||
JS_SetGlobalJitCompilerOption(cx, JSJITCOMPILER_SPECTRE_VALUE_MASKING,
|
||||
spectreValueMasking);
|
||||
JS_SetGlobalJitCompilerOption(cx, JSJITCOMPILER_SPECTRE_JIT_TO_CXX_CALLS,
|
||||
spectreJitToCxxCalls);
|
||||
if (disableWasmHugeMemory) {
|
||||
bool disabledHugeMemory = JS::DisableWasmHugeMemory();
|
||||
MOZ_RELEASE_ASSERT(disabledHugeMemory);
|
||||
}
|
||||
|
||||
JS::SetLargeArrayBuffersEnabled(
|
||||
StaticPrefs::javascript_options_large_arraybuffers_AtStartup());
|
||||
StaticPrefs::javascript_options_large_arraybuffers());
|
||||
}
|
||||
|
||||
static void ReloadPrefsCallback(const char* pref, void* aXpccx) {
|
||||
|
||||
@ -5312,73 +5312,6 @@
|
||||
# Prefs starting with "javascript."
|
||||
#---------------------------------------------------------------------------
|
||||
|
||||
# The JavaScript JIT compilers. These are read once on startup so a browser may
|
||||
# need to be restarted if toggling them. In general each subsequent JIT depends
|
||||
# on the ones before it being enabled.
|
||||
- name: javascript.options.blinterp
|
||||
type: bool
|
||||
value: true
|
||||
mirror: once
|
||||
|
||||
- name: javascript.options.baselinejit
|
||||
type: bool
|
||||
value: true
|
||||
mirror: once
|
||||
|
||||
- name: javascript.options.ion
|
||||
type: bool
|
||||
value: true
|
||||
mirror: once
|
||||
|
||||
# The irregexp JIT for regex evaluation.
|
||||
- name: javascript.options.native_regexp
|
||||
type: bool
|
||||
value: true
|
||||
mirror: once
|
||||
|
||||
# "Warm-up" thresholds at which we attempt to compile a script/function with
|
||||
# the next JIT tier.
|
||||
#
|
||||
# NOTE: These must match JitOptions defaults.
|
||||
- name: javascript.options.blinterp.threshold
|
||||
type: int32_t
|
||||
value: 10
|
||||
mirror: once
|
||||
|
||||
- name: javascript.options.baselinejit.threshold
|
||||
type: int32_t
|
||||
value: 100
|
||||
mirror: once
|
||||
|
||||
- name: javascript.options.ion.threshold
|
||||
type: int32_t
|
||||
value: 1500
|
||||
mirror: once
|
||||
|
||||
# Enable off-main-thread Warp compilation.
|
||||
- name: javascript.options.ion.offthread_compilation
|
||||
type: bool
|
||||
value: true
|
||||
mirror: once
|
||||
|
||||
#ifdef DEBUG
|
||||
# Enable extra correctness checks in the JITs that are slow and only available
|
||||
# in debug builds.
|
||||
- name: javascript.options.jit.full_debug_checks
|
||||
type: bool
|
||||
value: false
|
||||
mirror: once
|
||||
#endif
|
||||
|
||||
# Heuristic threshold for Warp/Ion to decide that too many bailouts are
|
||||
# happening and an IonScript should be discarded.
|
||||
#
|
||||
# NOTE: This must match JitOptions defaults.
|
||||
- name: javascript.options.ion.frequent_bailout_threshold
|
||||
type: int32_t
|
||||
value: 10
|
||||
mirror: once
|
||||
|
||||
- name: javascript.options.compact_on_user_inactive
|
||||
type: bool
|
||||
value: true
|
||||
@ -5397,47 +5330,47 @@
|
||||
|
||||
# Use better error message when accessing property of null or undefined.
|
||||
- name: javascript.options.property_error_message_fix
|
||||
type: bool
|
||||
type: RelaxedAtomicBool
|
||||
value: @IS_NIGHTLY_OR_DEV_EDITION@
|
||||
mirror: always
|
||||
|
||||
# Support for weak references in JavaScript (WeakRef and FinalizationRegistry).
|
||||
- name: javascript.options.weakrefs
|
||||
type: bool
|
||||
type: RelaxedAtomicBool
|
||||
value: true
|
||||
mirror: always
|
||||
|
||||
# Whether to expose the FinalizationRegistry.prototype.cleanupSome method.
|
||||
- name: javascript.options.experimental.weakrefs.expose_cleanupSome
|
||||
type: bool
|
||||
type: RelaxedAtomicBool
|
||||
value: false
|
||||
mirror: always
|
||||
|
||||
#ifdef NIGHTLY_BUILD
|
||||
# Experimental support for Iterator Helpers in JavaScript.
|
||||
- name: javascript.options.experimental.iterator_helpers
|
||||
type: bool
|
||||
value: false
|
||||
mirror: always
|
||||
- name: javascript.options.experimental.iterator_helpers
|
||||
type: RelaxedAtomicBool
|
||||
value: false
|
||||
mirror: always
|
||||
|
||||
# Experimental support for Private Fields in JavaScript.
|
||||
- name: javascript.options.experimental.private_fields
|
||||
type: bool
|
||||
value: false
|
||||
mirror: always
|
||||
- name: javascript.options.experimental.private_fields
|
||||
type: RelaxedAtomicBool
|
||||
value: false
|
||||
mirror: always
|
||||
|
||||
# Experimental support for Private Methods in JavaScript.
|
||||
- name: javascript.options.experimental.private_methods
|
||||
type: bool
|
||||
value: false
|
||||
mirror: always
|
||||
- name: javascript.options.experimental.private_methods
|
||||
type: RelaxedAtomicBool
|
||||
value: false
|
||||
mirror: always
|
||||
|
||||
# Experimental support for Top-level Await in JavaScript.
|
||||
- name: javascript.options.experimental.top_level_await
|
||||
type: bool
|
||||
value: false
|
||||
mirror: always
|
||||
#endif // NIGHTLY_BUILD
|
||||
- name: javascript.options.experimental.top_level_await
|
||||
type: RelaxedAtomicBool
|
||||
value: false
|
||||
mirror: always
|
||||
#endif
|
||||
|
||||
# The amount of time we wait between a request to GC (due to leaving a page) and doing the actual GC, in ms.
|
||||
- name: javascript.options.gc_delay
|
||||
@ -5521,60 +5454,31 @@
|
||||
mirror: always
|
||||
|
||||
#if defined(ENABLE_WASM_SIMD)
|
||||
- name: javascript.options.wasm_simd
|
||||
type: bool
|
||||
value: @IS_NIGHTLY_BUILD@
|
||||
mirror: always
|
||||
#endif // defined(ENABLE_WASM_SIMD)
|
||||
|
||||
#if defined(ENABLE_WASM_SIMD_WORMHOLE) && defined(EARLY_BETA_OR_EARLIER)
|
||||
# This is x64-only and it would break unified macOS builds if
|
||||
# it were in all.js. The feature rides the trains but not the
|
||||
# pref to control it; in late beta and release, it is only
|
||||
# available to privileged content.
|
||||
- name: javascript.options.wasm_simd_wormhole
|
||||
type: bool
|
||||
value: false
|
||||
mirror: always
|
||||
- name: javascript.options.wasm_simd
|
||||
type: bool
|
||||
#if defined(NIGHTLY_BUILD)
|
||||
value: true
|
||||
#else
|
||||
value: false
|
||||
#endif
|
||||
mirror: always
|
||||
#endif
|
||||
|
||||
# Experimental support for ArrayBuffers larger than 2 GB.
|
||||
- name: javascript.options.large_arraybuffers
|
||||
#if defined(ENABLE_WASM_SIMD_WORMHOLE) && defined(EARLY_BETA_OR_EARLIER)
|
||||
# This is x64-only and it would break unified macOS builds if
|
||||
# it were in all.js. The feature rides the trains but not the
|
||||
# pref to control it; in late beta and release, it is only
|
||||
# available to privileged content.
|
||||
- name: javascript.options.wasm_simd_wormhole
|
||||
type: bool
|
||||
value: false
|
||||
mirror: once
|
||||
mirror: always
|
||||
#endif
|
||||
|
||||
#if !defined(JS_CODEGEN_MIPS32) && !defined(JS_CODEGEN_MIPS64)
|
||||
# Spectre security vulnerability mitigations for the JS JITs.
|
||||
#
|
||||
# NOTE: The MIPS backends do not support these mitigations (and generally
|
||||
# do not need them). In that case, leave the pref unlisted with its
|
||||
# default value of false.
|
||||
- name: javascript.options.spectre.index_masking
|
||||
type: bool
|
||||
value: true
|
||||
mirror: once
|
||||
|
||||
- name: javascript.options.spectre.object_mitigations
|
||||
type: bool
|
||||
value: true
|
||||
mirror: once
|
||||
|
||||
- name: javascript.options.spectre.string_mitigations
|
||||
type: bool
|
||||
value: true
|
||||
mirror: once
|
||||
|
||||
- name: javascript.options.spectre.value_masking
|
||||
type: bool
|
||||
value: true
|
||||
mirror: once
|
||||
|
||||
- name: javascript.options.spectre.jit_to_cxx_calls
|
||||
type: bool
|
||||
value: true
|
||||
mirror: once
|
||||
#endif // !defined(JS_CODEGEN_MIPSXX)
|
||||
- name: javascript.options.large_arraybuffers
|
||||
type: RelaxedAtomicBool
|
||||
value: false
|
||||
mirror: always
|
||||
|
||||
#---------------------------------------------------------------------------
|
||||
# Prefs starting with "layers."
|
||||
|
||||
@ -1090,6 +1090,17 @@ pref("dom.event.contextmenu.enabled", true);
|
||||
pref("dom.event.coalesce_mouse_move", true);
|
||||
|
||||
pref("javascript.enabled", true);
|
||||
pref("javascript.options.blinterp", true);
|
||||
// Duplicated in JitOptions - ensure both match.
|
||||
pref("javascript.options.blinterp.threshold", 10);
|
||||
pref("javascript.options.baselinejit", true);
|
||||
// Duplicated in JitOptions - ensure both match.
|
||||
pref("javascript.options.baselinejit.threshold", 100);
|
||||
pref("javascript.options.ion", true);
|
||||
// Duplicated in JitOptions - ensure both match.
|
||||
pref("javascript.options.ion.threshold", 1500);
|
||||
// Duplicated in JitOptions - ensure both match.
|
||||
pref("javascript.options.ion.frequent_bailout_threshold", 10);
|
||||
pref("javascript.options.asmjs", true);
|
||||
pref("javascript.options.wasm", true);
|
||||
pref("javascript.options.wasm_trustedprincipals", true);
|
||||
@ -1103,6 +1114,7 @@ pref("javascript.options.wasm_baselinejit", true);
|
||||
#ifdef ENABLE_WASM_MULTI_VALUE
|
||||
pref("javascript.options.wasm_multi_value", true);
|
||||
#endif
|
||||
pref("javascript.options.native_regexp", true);
|
||||
pref("javascript.options.parallel_parsing", true);
|
||||
pref("javascript.options.source_pragmas", true);
|
||||
|
||||
@ -1112,6 +1124,10 @@ pref("javascript.options.asyncstack", true);
|
||||
pref("javascript.options.asyncstack_capture_debuggee_only", true);
|
||||
|
||||
pref("javascript.options.throw_on_asmjs_validation_failure", false);
|
||||
pref("javascript.options.ion.offthread_compilation", true);
|
||||
#ifdef DEBUG
|
||||
pref("javascript.options.jit.full_debug_checks", false);
|
||||
#endif
|
||||
// This preference instructs the JS engine to discard the
|
||||
// source of any privileged JS after compilation. This saves
|
||||
// memory, but makes things like Function.prototype.toSource()
|
||||
@ -1193,6 +1209,23 @@ pref("javascript.options.shared_memory", true);
|
||||
pref("javascript.options.throw_on_debuggee_would_run", false);
|
||||
pref("javascript.options.dump_stack_on_debuggee_would_run", false);
|
||||
|
||||
// Spectre security vulnerability mitigations.
|
||||
#if defined(JS_CODEGEN_MIPS32) || defined(JS_CODEGEN_MIPS64)
|
||||
pref("javascript.options.spectre.index_masking", false);
|
||||
pref("javascript.options.spectre.object_mitigations.barriers", false);
|
||||
pref("javascript.options.spectre.object_mitigations.misc", false);
|
||||
pref("javascript.options.spectre.string_mitigations", false);
|
||||
pref("javascript.options.spectre.value_masking", false);
|
||||
pref("javascript.options.spectre.jit_to_C++_calls", false);
|
||||
#else
|
||||
pref("javascript.options.spectre.index_masking", true);
|
||||
pref("javascript.options.spectre.object_mitigations.barriers", true);
|
||||
pref("javascript.options.spectre.object_mitigations.misc", true);
|
||||
pref("javascript.options.spectre.string_mitigations", true);
|
||||
pref("javascript.options.spectre.value_masking", true);
|
||||
pref("javascript.options.spectre.jit_to_C++_calls", true);
|
||||
#endif
|
||||
|
||||
// Dynamic module import.
|
||||
pref("javascript.options.dynamicImport", true);
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user