1. 24 Oct, 2017 1 commit
    • Daniel Clifford's avatar
      Reimplement Array.prototype.slice in CSA and C++ · 6452b26a
      Daniel Clifford authored
      Previously, V8's slice was implemented in a combination of C++ and a 
      Javascript fallback. The disadvantage of this approach was that the
      fast-path required a call through the CEntryStub, which introduced
      considerable overhead for small arrays with fast elements kinds.
      
      Now the implementation primarily uses the CSA to generate both the
      full spec-complaint implementation as well as fast paths for argument
      objects and arrays with fast elements kinds. The CSA implementation
      uses a C++ implementation fallback in select situations where the the
      complexity of a CSA implementation would be too great and the
      CEntryStub overhead is not decisive (e.g. slices of dictionary
      elements arrays).
      
      Performance results on semi-random arrays with small number of
      elements (old vs. new):
      
      smi copy: 48.7 ms vs. 12 ms
      smi slice: 43.5 ms 14.8 ms
      object copy: 35.5 ms 7.7 ms
      object slice: 38.7 ms 8.8 ms
      dictionary slice: 2398.3 ms vs. 5.4 ms
      fast sloppy arguments slice: 9.6 ms vs. 7.2 ms
      slow sloppy arguments slice: 28.9 ms vs. 8.5 ms
      
      As a bonus, the new implementation is fully spec-compliant and fixes
      at least one existing bug.
      
      The design document for Array.prototype builtin rework can be found
      at https://goo.gl/wFHe2n
      
      Bug: v8:1956,v8:6601,v8:6710,v8:6978
      Change-Id: Ia0155bedcf39b4577605ff754f416c2af938efb7
      Reviewed-on: https://chromium-review.googlesource.com/574710
      Commit-Queue: Daniel Clifford <danno@chromium.org>
      Reviewed-by: 's avatarBenedikt Meurer <bmeurer@chromium.org>
      Cr-Commit-Position: refs/heads/master@{#48853}
      6452b26a