JSObject::putDirectIndexSlowOrBeyondVectorLength should check if indexIsSufficientlyB...
authortzagallo@apple.com <tzagallo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 21 Mar 2019 17:42:41 +0000 (17:42 +0000)
committertzagallo@apple.com <tzagallo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 21 Mar 2019 17:42:41 +0000 (17:42 +0000)
commitc96d2c187183fd62d351e4732fba14a3144e53aa
tree38e33a52e9a4e2ead7c7eeb3e2ef333bdeed1dec
parentbd2cbcd9e77172def289de28da844b467601a9dd
JSObject::putDirectIndexSlowOrBeyondVectorLength should check if indexIsSufficientlyBeyondLengthForSparseMap
https://bugs.webkit.org/show_bug.cgi?id=196078
<rdar://problem/35925380>

Reviewed by Mark Lam.

JSTests:

Add a new benchmark that allocates several objects and invokes put_by_val_direct
with a large index. run-jsc-benchmarks says "definitely 1.6178x faster".

* microbenchmarks/put-by-val-direct-large-index.js: Added.

Source/JavaScriptCore:

Unlike the other variations of putByIndex, it only checked if the index
was larger than MIN_SPARSE_ARRAY_INDEX when the indexingType was
ALL_BLANK_INDEXING_TYPES. This resulted in a huge butterfly being
allocated for object literals (e.g. `{[9e4]: ...}`) and objects parsed
from JSON.

* runtime/JSObject.cpp:
(JSC::JSObject::putDirectIndexSlowOrBeyondVectorLength):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@243299 268f45cc-cd09-0410-ab3c-d52691b4dbfc
JSTests/ChangeLog
JSTests/microbenchmarks/put-by-val-direct-large-index.js [new file with mode: 0644]
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/runtime/JSObject.cpp