The State of JSC

by Saam Barati, Michael Saboff, Tadeu Zagallo, Yusuke Suzuki, Robin Morisset

Now:

• New Bytecode
  • reduced bytecode size by 65%
  • 12-13% less memory usage on a page like Facebook
  • can be cached (not being done in Safari yet)

• JetStream 2
  • join JS benchmarks together into a single suite (JetStream 1, ARES-6, RexBench, ...)
  • 64 subtests emphasizing startup perf, peak throughput perf, worst-case perf

• RAMification
  • memory benchmark for JS
  • leverages JetStream 2 tests, measures peak & current usage

• ExecState -> GlobalObject refactor
  • less error prone; most cases that were passing call frames didn't really need to be
  • prereq for IsoSubspace work

• WASM Interpreter
  • improves startup time (3x), neutral on throughput
  • perf is now similar to V8 / SM

• Fuzz Zero
  • improve security & stability by fuzzing
  • fix all bugs and allow no regressions

2020+:

• BigInt
  • ship
  • JIT improvements
  • new benchmark

• Turbo DFG:
  • vs. llint: baseline 2x, DFG 11x, FTL 17x
  • DFG does not impact page load tests
  • version of DFG that's less optimized but quicker to compile may help

• Fast for-of:
  • as fast as old-school for!
  • involves inline caching for next iteration

• IsoHeap Everything
  • allocate like types together, prevent type confusion attacks
  • do this for all JSObjects
  • avoid memory/perf regression

• Software Verified JIT
  • constrain where calls/jumps go
  • create a whitelist for far calls
  • known near calls (e.g. for slow paths) can be whitelisted too
  • pointer authentication