[Mono-devel-list] Performance issues with security permissions

Willibald Krenn Willibald.Krenn at gmx.at
Tue Jan 25 14:44:14 EST 2005

Sebastien Pouliot schrieb:
> * Sadly declarative security cannot be used everywhere. When security
> decisions requires information only available at runtime then imperative
> security must be used. E.g.
> 	public static string GetEnvironmentVariable (string name)
> 	{
> 		new EnvironmentPermission
> 		    (EnvironmentPermissionAccess.Read, name).Demand ();
> 		return internalGetEnvironmentVariable (name);
> 	}
> * However this results in creating a lot of permission objects with a
> very short lifetime (as Demand wont do anything useful without
> --security). From CodeAccessPermission.cs
>         public void Demand ()
>         {
>         	// note: here we're sure it's a CAS demand
>         	if (!SecurityManager.SecurityEnabled)
>         		return;
>         	...
>         }
> * So the only thing creating the permission object does (without
> --security) is more memory allocations, additional garbage collection...
> All bad for Mono's performance. 

I was already thinking about adding Escape Analysis to Mono. (You 
probably know, I'm doing some Continuous Optimization work, so that 
would fit in this area).

Basically Escape Analysis is an optimization that allows the JIT to 
allocate certain objects on the stack (~alloca), thereby bypassing the 
garbage collector and taking load from the GC-system. (Java programs 
showed 21 (average) to 44 per cent speedup according to papers I read..)

However, Escape Analysis mostly is only meaningful if you do inlining 
too... (And probably devirtualization/inlining)

Dunno what others think about Escape Analysis, but if I've got enough 
time, I'll go for it. (Depends on when Paolo has the new JIT code for 
re-compileable methods ready. As I do not want to duplicate his efforts 
in this area, he kinda disposes of my schedule..)


More information about the Mono-devel-list mailing list