• Daniel Clifford's avatar
    Reimplement Array.prototype.slice in CSA and C++ · 6452b26a
    Daniel Clifford authored
    Previously, V8's slice was implemented in a combination of C++ and a 
    Javascript fallback. The disadvantage of this approach was that the
    fast-path required a call through the CEntryStub, which introduced
    considerable overhead for small arrays with fast elements kinds.
    
    Now the implementation primarily uses the CSA to generate both the
    full spec-complaint implementation as well as fast paths for argument
    objects and arrays with fast elements kinds. The CSA implementation
    uses a C++ implementation fallback in select situations where the the
    complexity of a CSA implementation would be too great and the
    CEntryStub overhead is not decisive (e.g. slices of dictionary
    elements arrays).
    
    Performance results on semi-random arrays with small number of
    elements (old vs. new):
    
    smi copy: 48.7 ms vs. 12 ms
    smi slice: 43.5 ms 14.8 ms
    object copy: 35.5 ms 7.7 ms
    object slice: 38.7 ms 8.8 ms
    dictionary slice: 2398.3 ms vs. 5.4 ms
    fast sloppy arguments slice: 9.6 ms vs. 7.2 ms
    slow sloppy arguments slice: 28.9 ms vs. 8.5 ms
    
    As a bonus, the new implementation is fully spec-compliant and fixes
    at least one existing bug.
    
    The design document for Array.prototype builtin rework can be found
    at https://goo.gl/wFHe2n
    
    Bug: v8:1956,v8:6601,v8:6710,v8:6978
    Change-Id: Ia0155bedcf39b4577605ff754f416c2af938efb7
    Reviewed-on: https://chromium-review.googlesource.com/574710
    Commit-Queue: Daniel Clifford <danno@chromium.org>
    Reviewed-by: 's avatarBenedikt Meurer <bmeurer@chromium.org>
    Cr-Commit-Position: refs/heads/master@{#48853}
    6452b26a