对来源视频中涉及到V8引擎部分的总结。

  • JIT Compiler
    • Numbers
      • Small ints (SMIs)
        • Immediate, fast
        • 31 bits on 32 bit machines OR on 32 bits x64
      • 64 bits “heap numbers”
        • Won’t fit in an SMI and is not local
        • Wrapped and heap allocated
        • Slightly slower
        • Doubles may be optimized, no guarantees
    • Arrays
      • TypedArrays
        • Uint32Array, Float64Array, etc
        • Memory efficient, no boxing
      • JS Arrays
        • API allows operations not possible in C
        • Backing storage: sparse vs. dense
        • C-like array OR hash table (“dictionary mode”)
        • Many factors switch backing, e.g. space efficiency
  • Object Model
    • Objects are associative arrays
    • Large systems have structured data
    • Hidden classes: Internal type system
      • Group objects with same structure
      • Shared across objects
      • Expensive to generate once, cheap afterwards
    • Property inline caching (IC)
      • Check hidden class on property lookup
      • First time fully generic lookup
        Remember where you found the property
      • Generate new optimized code
        Next time, direct access
    • Object properties storage
      • directly on object
      • array
      • hash table “dictionary mode” >_<
      • What triggers dictionary mode?
        • Too many properties (around 30)
        • Change property attributes
        • Delete a property
  • Optimizing Compiler
    • Heavier operations than JIT compiler
    • Warm up on fully-general path
    • Profile for hot functions
      • Non-deterministic sampling profiler
    • Mine types, specialize
      • New optimized code (inlining, licm, gvn)
      • Speculative optimization
    • Not all constructs are handled
      “bailout” == tried to optimize but quit
      V8 --trace-bailout
      V8 --trace-opt
      • Function too long
      • TryCatch, ForIn, NonStringToString, etc (may change)
    • But those optimizations were speculative
      “deopt” == assumptions of fast path violated
      V8 --trace-deopt
    • Javascriptisms: so elegant, so slow
      • Static and “like C” is often fast
      • Create a few well-defined object types
      • Avoid objects with too many properties (< 30)
      • Feed your functions consisten data
      • Don’t use gigantic functions
      • Keep an eye on your code with V8 flag
  • Garbage Collector
    • Two generations
      V8 --trace-gc
      • Young: small frequently collected space
      • Old: longer-lived data
    • Promotion (between young and old) is expensive
      Want very long or very short lived objects
    • Release your references
      Execution contexts can hold onto references
      Closures can hold onto references
    • Avoid GC stalls
      Use SMIs, scratchpads, update in place