-
Benedikt Meurer authored
This extends the support in TurboFan and the ICs for OOB loads to also apply to typed arrays and receivers whose prototype chain is protected by the "no elements" protector (aka the Array protector). TurboFan will generate code to materialize undefined instead when it sees a load that has the OOB bit set and add an appropriate code dependency on the global protector. For typed arrays it doesn't even need to check the global protector since elements are never looked up in the prototype chain for typed arrays. In the simple micro-benchmark from the bug we go from testInBounds: 103 ms. testOutOfBounds: 289 ms. to testInBounds: 103 ms. testOutOfBounds: 102 ms. which fixes the 3x slowdown and thus addresses the performance cliff. In general it's still beneficial to make sure that you don't access out of bounds, especially once we introduce a bounds check elimination pass to TurboFan. This also seems to improve the jQuery benchmark on the Speedometer test suite by like 1-2% on average. And the SixSpeed rest benchmarks go from rest-es5: 25 ms. rest-es6: 23 ms. to rest-es5: 6 ms. rest-es6: 4 ms. so a solid 5.7x improvement there. Bug: v8:6936, v8:7014, v8:7027 Change-Id: Ie99699c69cc40057512e72fd40ae28107216c423 Reviewed-on: https://chromium-review.googlesource.com/750089 Commit-Queue: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by:
Benedikt Meurer <bmeurer@chromium.org> Reviewed-by:
Tobias Tebbi <tebbi@chromium.org> Cr-Commit-Position: refs/heads/master@{#49095}
b7168573
