[webkit-changes] [WebKit/WebKit] 1c992e: [JSC] Optimize Function.prototype.bind

Yusuke Suzuki noreply at github.com
Sat Mar 18 10:12:15 PDT 2023 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 1c992e3ed9b1a3c81b0dcf7bec31089caf0b9fbb
      https://github.com/WebKit/WebKit/commit/1c992e3ed9b1a3c81b0dcf7bec31089caf0b9fbb
  Author: Yusuke Suzuki <ysuzuki at apple.com>
  Date:   2023-03-18 (Sat, 18 Mar 2023)

  Changed paths:
    A JSTests/microbenchmarks/function-bind.js
    A JSTests/stress/bound-function-names.js
    M LayoutTests/inspector/model/remote-object-get-properties-expected.txt
    M Source/JavaScriptCore/builtins/BuiltinNames.h
    M Source/JavaScriptCore/builtins/FunctionPrototype.js
    M Source/JavaScriptCore/bytecode/BytecodeIntrinsicRegistry.h
    M Source/JavaScriptCore/bytecode/BytecodeList.rb
    M Source/JavaScriptCore/bytecode/BytecodeUseDef.cpp
    M Source/JavaScriptCore/bytecode/LinkTimeConstant.h
    M Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp
    M Source/JavaScriptCore/bytecompiler/BytecodeGenerator.h
    M Source/JavaScriptCore/bytecompiler/NodesCodegen.cpp
    M Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h
    M Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp
    M Source/JavaScriptCore/dfg/DFGClobberize.h
    M Source/JavaScriptCore/dfg/DFGDoesGC.cpp
    M Source/JavaScriptCore/dfg/DFGFixupPhase.cpp
    M Source/JavaScriptCore/dfg/DFGNodeType.h
    M Source/JavaScriptCore/dfg/DFGOperations.cpp
    M Source/JavaScriptCore/dfg/DFGOperations.h
    M Source/JavaScriptCore/dfg/DFGPreciseLocalClobberize.h
    M Source/JavaScriptCore/dfg/DFGPredictionPropagationPhase.cpp
    M Source/JavaScriptCore/dfg/DFGSafeToExecute.h
    M Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp
    M Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h
    M Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp
    M Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp
    M Source/JavaScriptCore/dfg/DFGStoreBarrierInsertionPhase.cpp
    M Source/JavaScriptCore/ftl/FTLCapabilities.cpp
    M Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp
    M Source/JavaScriptCore/jit/JIT.cpp
    M Source/JavaScriptCore/llint/LowLevelInterpreter.asm
    M Source/JavaScriptCore/runtime/CommonSlowPaths.cpp
    M Source/JavaScriptCore/runtime/CommonSlowPaths.h
    M Source/JavaScriptCore/runtime/FunctionPrototype.cpp
    M Source/JavaScriptCore/runtime/FunctionRareData.cpp
    M Source/JavaScriptCore/runtime/FunctionRareData.h
    M Source/JavaScriptCore/runtime/IntlCollatorPrototype.cpp
    M Source/JavaScriptCore/runtime/IntlDateTimeFormatPrototype.cpp
    M Source/JavaScriptCore/runtime/IntlNumberFormatPrototype.cpp
    M Source/JavaScriptCore/runtime/JSBoundFunction.cpp
    M Source/JavaScriptCore/runtime/JSBoundFunction.h
    M Source/JavaScriptCore/runtime/JSFunction.cpp
    M Source/JavaScriptCore/runtime/JSFunction.h
    M Source/JavaScriptCore/runtime/JSFunctionInlines.h
    M Source/JavaScriptCore/runtime/JSGlobalObject.cpp
    M Source/WebCore/bindings/js/JSDOMAsyncIterator.h

  Log Message:
  -----------
  [JSC] Optimize Function.prototype.bind
https://bugs.webkit.org/show_bug.cgi?id=254054
rdar://problem/106837856

Reviewed by Mark Lam.

This patch improves Function.prototype.bind a bit. We are planning to improve this further
to avoid arguments buffer for small # of arguments cases in a subsequent patch. This changes
two things.

1. Make canAssumeNameAndLengthAreOriginal work for bound functions. It helps when we have bind().bind() calls,
   which can be observed in Speedometer2.
2. Make everything in C++ since we already have a mechanism to avoid costly operation in C++. So we can implement
   Function#bind super efficiently in C++ at this point, let's just make it back.

It improves microbenchmark results.

                                                  ToT                     Patched

function-bind-creation                      15.1042+-0.0587     ^     12.6237+-0.0534        ^ definitely 1.1965x faster
function-bind-no-inlining-repeat-call       43.6672+-0.2105     ^     42.4584+-0.2360        ^ definitely 1.0285x faster
function-bind                              165.5037+-0.7954     ^     61.0135+-0.1911        ^ definitely 2.7126x faster

* JSTests/microbenchmarks/function-bind.js: Added.
(test):
* Source/JavaScriptCore/builtins/BuiltinNames.h:
* Source/JavaScriptCore/builtins/FunctionPrototype.js:
(overriddenName.string_appeared_here.symbolHasInstance):
(bind): Deleted.
* Source/JavaScriptCore/bytecode/LinkTimeConstant.h:
* Source/JavaScriptCore/runtime/FunctionPrototype.cpp:
(JSC::FunctionPrototype::addFunctionProperties):
(JSC::JSC_DEFINE_HOST_FUNCTION):
* Source/JavaScriptCore/runtime/FunctionRareData.cpp:
(JSC::FunctionRareData::FunctionRareData):
* Source/JavaScriptCore/runtime/FunctionRareData.h:
* Source/JavaScriptCore/runtime/JSFunction.cpp:
(JSC::JSFunction::put):
(JSC::JSFunction::deleteProperty):
(JSC::JSFunction::defineOwnProperty):
(JSC::JSFunction::reifyLength):
(JSC::makeNameWithOutOfMemoryCheck): Deleted.
* Source/JavaScriptCore/runtime/JSFunction.h:
* Source/JavaScriptCore/runtime/JSFunctionInlines.h:
(JSC::JSFunction::originalLength):
(JSC::makeNameWithOutOfMemoryCheck):
(JSC::JSFunction::originalName):
(JSC::JSFunction::canAssumeNameAndLengthAreOriginal):
* Source/JavaScriptCore/runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):

Canonical link: https://commits.webkit.org/261825@main

More information about the webkit-changes mailing list