3
edits
Mozilla 2: Difference between revisions
no edit summary
(→Project Status: changin metting notes link to ;Plataform) |
TomassMorr (talk | contribs) No edit summary |
||
| Line 1: | Line 1: | ||
(See [[ | (See [[Mozilla 2/Old Moz2|the 2004-era Mozilla 2 pages]] for older ideas.) | ||
== Project Status == | == Project Status == | ||
See the [[Platform#Meeting_Notes|latest status meeting notes]]. | See the [[Platform#Meeting_Notes|latest status meeting notes]]. | ||
=== Work List === | === Work List === | ||
A detailed list of items that we are working on can be found here: | A detailed list of items that we are working on can be found here: | ||
[[Mozilla 2/Work List|Mozilla 2 Work List]] | [[Mozilla 2/Work List|Mozilla 2 Work List]] | ||
=== Ends === | === Ends === | ||
Current thinking on goals, initially pitched in [[User:Brendan | Brendan]]'s [http://weblogs.mozillazine.org/roadmap/archives/2006/10/mozilla_2.html Mozilla 2 blog item], consists of these major bullet items: | Current thinking on goals, initially pitched in [[User:Brendan|Brendan]]'s [http://weblogs.mozillazine.org/roadmap/archives/2006/10/mozilla_2.html Mozilla 2 blog item], consists of these major bullet items: | ||
* Clean up our APIs to be fewer, better, and "on the outside" of Gecko, with symbol visibility strictly limited to public APIs. | *Clean up our APIs to be fewer, better, and "on the outside" of Gecko, with symbol visibility strictly limited to public APIs. | ||
* Based on these APIs and supported embedding scenarios, support intentional Gecko embedding in a first-class way. | *Based on these APIs and supported embedding scenarios, support intentional Gecko embedding in a first-class way. | ||
* Simplify the Mozilla codebase to make it smaller, faster, and easier to approach and maintain. | *Simplify the Mozilla codebase to make it smaller, faster, and easier to approach and maintain. | ||
* Take advantage of standard C++ features and fast paths instead of XPCOM and ad hoc code. | *Take advantage of standard C++ features and fast paths instead of XPCOM and ad hoc code. | ||
* Implement [http://www.ecmascript.org/ JS2] on top of [[Tamarin]] via [[JavaScript:ActionMonkey|ActionMonkey]]. | *Implement [http://www.ecmascript.org/ JS2] on top of [[Tamarin]] via [[JavaScript:ActionMonkey|ActionMonkey]]. | ||
* Optimization including JIT compilation for JS2 with very fast DOM access and low memory costs. | *Optimization including JIT compilation for JS2 with very fast DOM access and low memory costs. | ||
* Tool-time and runtime enforcement of important safety properties including memory safety and confidentiality properties for both XUL and the Web. | *Tool-time and runtime enforcement of important safety properties including memory safety and confidentiality properties for both XUL and the Web. | ||
* Rich graphics support including accelerated SVG/Canvas and Video Support | *Rich graphics support including accelerated SVG/Canvas and Video Support | ||
=== Anti-Goals === | === Anti-Goals === | ||
What these mean in detail is mostly "to be decided", but we should try to say what we don't mean: | |||
*We won't rewrite the Mozilla codebase by hand. | |||
*We won't gratuitously break API compatibility ("some of our APIs are fine, thank you"). | |||
*We won't drop XPCOM completely; we may even have configurable Mozilla 1 XPCOM compatibility. | |||
*We won't bring up Mozilla 2 on mobile devices (but volunteers are welcome to port early and often; Mozilla 2 will fit on such devices much more easily than Mozilla 1 code does). | |||
The goals boil down to competing more effectively with ourselves, with [http://webkit.org/ Webkit], and even with IE and Opera, for all three of the Web, XUL (or equivalent "widget" or "rich client platform" comparable), and C++ embeddable HTML rendering engine platforms. We should aspire to beat the competition on major time, space, and ease-of-use axes, not just show or place. | |||
=== Ongoing Work === | |||
*[[JavaScript:ActionMonkey]]: Rewriting spidermonkey to use actionmonkey. This is also the man hg branch that Moz2 work is being done in | |||
*[[XPCOMGC]]: Switch from reference counting to a GC | |||
*[[Mozilla2/November-Agenda]] | |||
*[[Gfx glue layer removal]] | |||
=== Tools === | |||
The goals are ambitious, and unrealistic without new tools and approaches to the code. Here are some of the major levers we use to move mountains. | |||
*Moz2 uses [http://www.selenic.com/mercurial/wiki/ Mercurial] for version control | |||
*[[Pork]] tool suite contains the source rewriting tools. | |||
=== | === More Info === | ||
The info below has not been significantly updated since December 2006 | |||
==== Tasklist ==== | |||
* | *Import final dirlist into Hg (Benjamin/Brendan) | ||
* Begin | *Begin refactoring work/deCOMtamination/API work | ||
** | **Get tools good enough for broad use (Taras) | ||
** | **Develop hitlist of areas to refactor (Taras/Brendan) | ||
** | **Plan for refactoring DOM APIs (JST) | ||
* | *Complete ES4 spec and ref impl (Brendan/Graydon) | ||
* | *Begin Tamarin/SM integration | ||
* | **Extract GC from Tamarin - remove all flash deps (TBH) | ||
**Ensure GC/Taramin compiles/runs on all platforms (TBH) | |||
**[[XPCOMGC]] object model | |||
*Rich Graphics Plan | |||
**Video Prototypes (Chris D) | |||
**SVG/Canvas Plan (Vlad) | |||
**Accelerated Graphics Plan (Vlad) | |||
**OpenText Improvements Plan (Pav) | |||
* | *Security Plan (Window) | ||
* | *Layout Plan (Roc/DBaron) | ||
==== Old Timeline ==== | |||
* | *Q107 - Kickoff of project | ||
** | **VCS up and ready for checkins | ||
**Major areas of focus identified | |||
** | **Owners for each area identified | ||
** | |||
* | *Q207 | ||
** | **ES4 Spec and Ref Impl Draft | ||
** | **Plans flushed out for each major task area | ||
** | **Refactoring tools usable by wider audience | ||
**Prototype VIDEO Tag | |||
* | *Q307 | ||
** | **ES4 Spec and Ref Impl Complete | ||
**Refactoring work begun | |||
***Elimination of raw pointers | |||
***Shift to STD C++ | |||
* | *Q407 | ||
** | **Tamarin GC Building on all major platforms | ||
** | **First prototype of Tamarin | ||
**Design/Prototypes done for each major area | |||
* | *Q108 | ||
** First Fx4 | **First Alpha of Moz2/Gecko2/Fx4 released | ||
* | *Q208 | ||
** | **Fx4 Alphas | ||
**All Major design work done | |||
* | *Q308 | ||
** Moz2 | **First Fx4/Moz2 Beta | ||
*Q408 | |||
**Betas | |||
*Q109 | |||
**Moz2/Fx4 Ship | |||
==== A Better VCS (Brendan/Preed) ==== | |||
See [ | See [[VersionControlSummit2006|the great Version Control System shoot-out]]. We need a better VCS because Mozilla 2 will require more sweeping changes, and more experiments which must be run in parallel, than anything we've done so far. So we need at least | ||
*better, cheaper branching | |||
*better merge algorithms for updating and landing branches | |||
*decentralized operation (no master repository with slave workareas) | |||
*good merge-from-CVS capability to track the Mozilla 1.9 trunk where possible | |||
*great performance on Windows (this rules out cygwin-ported Linux VCSes) | |||
See [http://weblogs.mozillazine.org/preed/2006/11/version_control_system_shootou.html preed's Mortal Kombat] salute and look for news on his blog. | |||
An important aspect to get straight is the branching topology. We will have many unstable branches running concurrently during Moz2 development. Generally for each task you want sub-task branches (possibly per-author or per-feature) plus a task-integration branch that your group tries to keep building and working most of the time. The ability to chain a new branch to a new buildbot, with a minimum of fuss, is very helpful. | |||
==== ES4 ==== | |||
* | *Ref implementation complete June 07 | ||
* | *Merge Tamarin in existing JS APIs | ||
* | *Tamarin Performance Improvements (see above) | ||
*JS Trust labels | |||
By combining APIs, code, and ideas from [http://lxr.mozilla.org/mozilla/source/js/src SpiderMonkey] and [http://lxr.mozilla.org/mozilla/source/js/tamarin Tamarin], we will build a [http://developer.mozilla.org/es4 JS2] virtual machine as part of Mozilla 2. The Tamarin code contribution is a big boost to this effort, and we intend to extend it, not copy code from it. But we need more than today's Tamarin in order to avoid certain pitfalls. We will probably need all of these: | |||
* | *Dynamic optimizations for untyped JS (both Web and XUL JS -- we won't require all XUL JS to be annotated with types). | ||
*Profile-directed Ahead Of Time compilation for critical methods (in lieu of XUL FastLoad, to avoid taking a startup performance hit). | |||
*Fresh thinking and hacking for VM-based security, learning from [[Security:Bibliography|recent security research]]. | |||
We hope to self-host a JS2 compiler on the VM, but if performance can't match or beat the competition (including today's SpiderMonkey), we will have to consider: | |||
*Native compiler front end. | |||
While "it would be nice" (sincerely; but also, these are famous last words) to optimize the VM such that the self-hosted compiler beats a C or C++ hand-crafted compiler, we cannot put purity ahead of performance. The trade-off for Tamarin's embedding in the Flash Player is different: offline compilation via the Flex SDK is the rule there, and the self-hosted compiler need only be fast enough for <code>eval</code> requirements (which will be novel to Flash in a future release). | |||
[[ | Current DOM security checks use the [[Security:Scattered Security Checks]] model. For Mozilla 2, in order to JIT DOM calls efficiently, we need either [[Security:Security Checks In Glue]] or [[Security:Wrapper-based Checks]]. To support "mashups in the browser" and [http://www.w3.org/TR/XBL XBL2], we may need to support data-tainting with static flow analysis as well as dynamic taint propagation. | ||
==== Semi-automated refactoring work/Oink ==== | |||
[[Static Analysis]] via [[FirefoxSummit/2006/ProposedSessions/Oink|Oink]] will play an important role, we think, in partially or fully automating | |||
*deCOMtamination, including getting XPCOM completely out of the middle of Gecko | |||
*static data-tainting checks to uphold confidentiality properties | |||
*conversion to [[Exceptions|exception-safe code]], and holding the line on exception safety | |||
*conversion to C++ exceptions, possibly including a new XPCOM C++ binding | |||
*identification of C++ ripe for conversion to JS2. | |||
*conversion from ad-hoc or Mozilla-private APIs to standard C++ APIs | |||
*simple metrics of code complexity, to be regularly compared to other open source projects | |||
Other good ideas for Oink-based tools should be noted on [[Static Analysis]]. The "conversion" items above will use the to-be-written (but proven-in-concept) pattern-matching patch-generating tool discussed at [http://www.bestessays.com term papers]. | |||
==== | ==== Embedding API Design ==== | ||
*[[Mozilla 2/XPCOM and Binary Embedding]] | |||
*[[Mozilla 2:Embedding APIs]] | |||
*[[Mozilla 2:Obsolete APIs]] | |||
==== Rendering Performance ==== | |||
==== | ==== Graphics/Advanced Rendering ==== | ||
*Get rid of remnants of old gfx | |||
**convert all paint methods to take gfxContext instead of nsIRenderingContext | |||
**optimize API usage, e.g. take advantage of new clipping/transform capabilities | |||
*Add optional acceleration using OpenGL (or Direct3D) | |||
**Involves work to make widget layer 3D-aware | |||
*Add video capabilities to platform, combined with hw accel and complex transform capability | |||
*Make 3D a first-class citizen of platform | |||
**any 2D element should render correctly under an arbitrary 2D transform | |||
*Tighter integration between image decoding and rendering | |||
**decode-on-render | |||
**SVG as image | |||
==== Security ==== | |||
Security Ideas and Wish List for Post Gecko 1.9 | Security Ideas and Wish List for Post Gecko 1.9 | ||
* attack surface reduction | *attack surface reduction | ||
* content restrictions, | *content restrictions, <noscript>, jail | ||
* next level private browsing | *next level private browsing | ||
* low privilege/protected mode, cross platform | *low privilege/protected mode, cross platform | ||
* xbl2 | *xbl2 | ||
* security review for every feature lightweight process to make it manageable | *security review for every feature lightweight process to make it manageable | ||
* offline stuff | *offline stuff | ||
* profile encryption | *profile encryption | ||
* identity management | *identity management | ||
* platform native keychain | *platform native keychain | ||
* all critical – moderate resolved through every major release | *all critical – moderate resolved through every major release | ||
*documenting and enforcing invariants | |||
**what is allows to happen when | |||
**assert if you do that | |||
*clean up assertions | |||
**ones remaining really mean something | |||
*regression test suite for security, pages to assert, measure leaks | |||
*better compartmentalization of javascript between chrome and content | |||
*addons/plugins | |||
*out of process plugins; | |||
[[Category:Mozilla_2]] | |||