JavaScript ActionMonkey

From MozillaWiki
Revision as of 16:00, 26 July 2007 by Btipling (talk | contribs) (Ok restoring page from Google Cache, Several pages link to this outside of the wiki. Why was it removed?)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

ActionMonkey is the code-name for the project to integrate Tamarin and SpiderMonkey as part of Mozilla 2.

Want to help? Write to jason dot orendorff at gmail dot com. Or visit [1] and say hi.

Goals

The goals are:

  • Preservation (with necessary additions and as few deletions as possible) of jsapi.h.
  • SpiderMonkey's thread safety and property tree integrated/reimplemented in Tamarin.
  • Replacement of SpiderMonkey's decompiler with a better decompiler that can work with ABC.
  • Replacement of SpiderMonkey's GC with Tamarin:MMgc, evolved as needed.
  • Replacement of SpiderMonkey's interpreter by an evolved version of Tamarin's.
  • Advanced JIT optimization for hot paths and untyped code, inspired by Trace Trees.
  • Information flow VM support for better security models.


Stage 0

Replace SpiderMonkey's GC with Tamarin's GC (MMgc). See JavaScript:ActionMonkey:Stage 0 Whiteboard.

Work is underway in the http://hg.mozilla.org/actionmonkey and http://hg.mozilla.org/actionmonkey-tamarin Mercurial repositories. (The actionmonkey repo is a hard hat area, one step removed from the primary mozilla-central repository. This is because we expect things will break intermittently. Also because some of the people working on this aren't CVS committers yet, myself included. -jorendorff)

Stage 1

Integrate SpiderMonkey more closely with MMgc.

  1. Make MMgc::Mark() call SpiderMonkey trace() methods. The plan is to add a per-page type tag to MMgc; this takes over the job of the type bits in SpiderMonkey's GCThingFlags.
  • Get rid of js_GetGCThingFlags.
  • The type bits: move to an MMgc page-level type tag. (Note: The cycle collector sneakily uses these, in nsXPConnect.cpp; it will be changed.)
  • The GCF_LOCK bit: mainly replaced by allowing MMgc to scan rt->gcLocksHash. There is also a string optimization that uses this bit. It's yet to be determined what to do about that.
    • The GCF_MUTABLE bit: move into JSString.
    • The GCF_SYSTEM bit: To be determined.
  • Drop weak roots, newborns, and local root scopes (if they're not already gone in stage 0). These will be replaced by MMgc's conservative stack scanning.
Retrieved from "https://wiki.mozilla.org/index.php?title=JavaScript_ActionMonkey&oldid=63389"