SpiderMonkey Newsletter 3 (Firefox 74-75)

JavaScript

🏆 New contributors

• Rob Rico tidied up some code in the parser

🎁 New features

• Yulia implemented the optional chaining (?.) operator (Firefox 74)
• André implemented public static class fields (Firefox 75)
• André implemented the Intl.Locale proposal (Firefox 75)

🐒 SmooshMonkey

The previous newsletter introduced Visage, a new JavaScript frontend we’re working on that’s written in Rust. Visage has since been renamed to SmooshMonkey, a name that’s known and well accepted by the JavaScript community (#SmooshGate). After a dinner and discussions with project members, it got authoritatively renamed by speaking about it at the All-Hands.

The team is making good progress:

• SmooshMonkey has been integrated in Gecko behind a configure flag and a runtime flag.
• Passes 100% of SpiderMonkey tests (falling back on SpiderMonkey’s current parser for non-implemented features).
• Added stats about the project using Github CI.
• The bytecode emitter has been improved to prevent generating bytecode which might have undefined behaviour.
• There’s a new parser generator to support context-dependent aspects of the JavaScript grammar instead of exploding the number of states of the equivalent context-free grammar.

❇️ Stencil

Progress on Project Stencil is continuing. Huge thanks to André for helping knock three blocking bugs off in quick succession!

Matthew landed many patches to clean up our compilation management data structures. He also added a SourceExtent structure to store source information and changed the frontend to always defer supported GC allocations.

Kannan is working on removing GC atom allocation from the frontend. The frontend uses atoms in many places and to make the frontend GC-free we need a different strategy for that.

Caroline is working at cleaning up the flags used throughout the frontend, to unify BaseScript::ImmutableFlags, CompileOptions, and FunctionBox flags into one representation.

📚 JSScript/LazyScript unification

The JSScript/LazyScript unification is nearing completion. Ted has landed patches for Firefox 75 to use the same GC TraceKind for LazyScript and JSScript and after that was able to merge the GC arenas. The is-lazy state has been moved from JSFunction to BaseScript.

The next big step is delazifying/relazifying scripts in place so that we never have to keep both a JSScript and a LazyScript for a function.

🛸 WarpBuilder

Ion, our optimizing JIT, currently relies on a global Type Inference (TI) mechanism. Ion and TI have a number of shortcomings so we’re experimenting with a much simpler MIR builder for Ion that’s based on Baseline ICs (CacheIR) instead of TI. If this works out it will let us delete some of our most complicated code, allow us to do more work off-thread, and result in memory usage reductions and performance improvements across the engine.

The past weeks Jan landed patches preparing for this and added a very primitive WarpBuilder implementation that’s able to build MIR off-thread. He’s now adding support for more bytecode instructions.

⏩ Regular expression engine update

Iain is working on upstreaming some changes to v8 to improve case-insensitive match support. He also started posting patches to implement shim definitions to make the code work in SpiderMonkey.

🏎 JIT optimizations for classes and spread calls

André added Ion support for derived class constructors. He then made it possible for Ion to inline class constructors. He also added Ion support for spread-new and spread-super calls.

✏️ Miscellaneous

• Steve started converting our JS test suites to support Python 3.
• Steve also added a mach hazards command to make it easier to run the GC rooting analysis locally.
• Jon enabled (browser) tests for JS WeakRefs.
• André added nursery allocation support for BigInts.
• Iain noticed the C++ interpreter was not using computed goto on Windows (supported since the switch to clang-cl) and fixed this.
• IRC has been shut down. You can now find us in chat.mozilla.org’s Spidermonkey room.

WebAssembly

• Ryan added support for using Cranelift when reference types are enabled. Reference types allow WebAssembly to pass JavaScript values as function arguments and return values, to store them in local variables, and to load and store them in tables. Cranelift can now emit annotations that inform the JavaScript garbage collector of value locations, so that the GC can trace and relocate object pointers.
• Andy from Igalia added support for functions that return multiple values to the WebAssembly baseline compiler; when the corresponding implementation lands in the optimizing compiler (Firefox 76), the feature will finally be able to ride the train out of Nightly.
• Work is ongoing to replace Cranelift’s instruction selection mechanism as well as register allocation. We can now compile basic wasm programs with either Wasmtime or Spidermonkey using Cranelift’s new pipeline.
• We also bid a fond farewell to the #wasm IRC channel; you can now find the SpiderMonkey WebAssembly team over on chat.mozilla.org’s WebAssembly room.