Version 1 (modified by Ross Kirsling, 4 years ago) (diff)


by Saam Barati, Michael Saboff, Tadeu Zagallo, Yusuke Suzuki, Robin Morisset


  • New Bytecode
    • reduced bytecode size by 65%
    • 12-13% less memory usage on a page like Facebook
    • can be cached (not being done in Safari yet)
  • JetStream 2
    • join JS benchmarks together into a single suite (JetStream 1, ARES-6, RexBench, ...)
    • 64 subtests emphasizing startup perf, peak throughput perf, worst-case perf
  • RAMification
    • memory benchmark for JS
    • leverages JetStream 2 tests, measures peak & current usage
  • ExecState -> GlobalObject refactor
    • less error prone; most cases that were passing call frames didn't really need to be
    • prereq for IsoSubspace work
  • WASM Interpreter
    • improves startup time (3x), neutral on throughput
    • perf is now similar to V8 / SM
  • Fuzz Zero
    • improve security & stability by fuzzing
    • fix all bugs and allow no regressions


  • BigInt
    • ship
    • JIT improvements
    • new benchmark
  • Turbo DFG:
    • vs. llint: baseline 2x, DFG 11x, FTL 17x
    • DFG does not impact page load tests
    • version of DFG that's less optimized but quicker to compile may help
  • Fast for-of:
    • as fast as old-school for!
    • involves inline caching for next iteration
  • IsoHeap Everything
    • allocate like types together, prevent type confusion attacks
    • do this for all JSObjects
    • avoid memory/perf regression
  • Software Verified JIT
    • constrain where calls/jumps go
    • create a whitelist for far calls
    • known near calls (e.g. for slow paths) can be whitelisted too
    • pointer authentication