Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 02b44f2ad986575436f69f51863b556cbd460180
      
https://github.com/WebKit/WebKit/commit/02b44f2ad986575436f69f51863b556cbd460180
  Author: Sosuke Suzuki <[email protected]>
  Date:   2026-07-03 (Fri, 03 Jul 2026)

  Changed paths:
    A JSTests/microbenchmarks/string-split-empty-long.js
    A JSTests/microbenchmarks/string-split-empty-short.js
    A JSTests/stress/string-split-empty-single-character-index-of.js
    M Source/JavaScriptCore/dfg/DFGOperations.cpp
    M Source/JavaScriptCore/runtime/ArrayPrototype.cpp
    M Source/JavaScriptCore/runtime/StringPrototype.cpp

  Log Message:
  -----------
  [JSC] Skip Latin-1 single-character atomization in `s.split('')`
https://bugs.webkit.org/show_bug.cgi?id=318510

Reviewed by Yusuke Suzuki.

The empty-separator fast path of s.split("") atomizes every resulting
character through toIdentifier / DeferGC / atomStringToJSStringMap
.ensureValue,
even though Latin-1 single characters are already
atom-backed SmallStrings cells. This patch skips that block for Latin-1
characters.

Skipping alone would break the Array.prototype.indexOf onlyAtomStrings
fast path, which treats absence from atomStringToJSStringMap as absence
from the array. To prevent that, indexOf now treats a single Latin-1
character search as potentially present and falls through to the
pointer-comparison scan.

string-split-empty-long     45.4817+-1.1086  ^  14.8687+-0.3740  ^ definitely 
3.0589x faster
string-split-empty-short    38.2363+-1.1574  ^  16.1969+-0.1237  ^ definitely 
2.3607x faster

No regression on the indexOf microbenchmarks that now always scan:

atom-string-array-split-empty-index-of-not-found   0.8349+-0.0327     
0.8123+-0.0378   might be 1.0278x faster
atom-string-array-split-empty-index-of-found       1.0105+-0.0291  ^  
0.9138+-0.0307   ^ definitely 1.1058x faster

Tests: JSTests/microbenchmarks/string-split-empty-long.js
  
JSTests/microbenchmarks/string-split-empty-short.js
       JSTests/stress/string-split-empty-single-character-index-of.js

* JSTests/microbenchmarks/string-split-empty-long.js: Added.
(test):
* JSTests/microbenchmarks/string-split-empty-short.js: Added.
(test):
* JSTests/stress/string-split-empty-single-character-index-of.js: Added.
(shouldBe):
* Source/JavaScriptCore/dfg/DFGOperations.cpp:
(JSC::DFG::JSC_DEFINE_JIT_OPERATION):
* Source/JavaScriptCore/runtime/ArrayPrototype.cpp:
(JSC::JSC_DEFINE_HOST_FUNCTION):
* Source/JavaScriptCore/runtime/StringPrototype.cpp:
(JSC::stringSplitFast):

Canonical link: 
https://flagged.apple.com:443/proxy?t2=De4P4Z6cH6&o=aHR0cHM6Ly9jb21taXRzLndlYmtpdC5vcmcvMzE2NDY1QG1haW4=&emid=0c412fe8-d378-4d3d-bb56-1b53b31c491a&c=11



To unsubscribe from these emails, change your notification settings at 
https://github.com/WebKit/WebKit/settings/notifications

Reply via email to