Firefox 99 on POWER

Firefox 99 is out. The major change here is that the Linux sandbox has been strengthened to eliminate direct access to X11 (which is important because many of us do not live in the Wayland Wasteland). Note that the sandbox apparently doesn't work currently on ppc64le; this is something I intend to look at later when I'm done with the JIT unless someone™ gets to it first.

Unfortunately, Fx99 does not build from source on ppc64 or ppc64le and I was too busy on the JIT to do my usual smoke tests early. The offender is bug 1758610 but the patches do not apply cleanly to 99, so I have provided a consolidated diff for your convenience. You will also need a tweaked PGO-LTO patch; with those applied the .mozconfigs from Firefox 95 will work.

All three stages of the JIT (Baseline Interpreter, Baseline Compiler and Ion, as well as Wasm) now function and pass tests on POWER9 except for a couple depending on memory layout oddities; that last unexpected test failure took me almost a week and a half to find. (TenFourFox users will be happy because a couple of these bugs exist in TenFourFox and I'll generate patches to fix them there for source builders.) However, it isn't shippable because when I built a browser with it there were regressions compared to Baseline Compiler alone (Google Maps fonts look fuzzier in Ion, the asm.js DOSBOX dies with a weird out of range error, etc.). The shippable state is that Ion should be a strict superset of Baseline Compiler: it may not make everything work, but anything that worked in Baseline Compiler should also work with Ion enabled, just faster. These problems don't seem to have coverage in the test suite. You can build the browser and try it for yourself from the new branch, but make sure that you set the Ion options in about:config back to true. Keep in mind that this is 97.0a1, so it has some unrelated bugs, and you shouldn't use it with your current Firefox profile.

Smoking out these failures is going to be a much harder lift because debugging a JIT in a heavily multi-threaded browser is a nightmare, especially on a non-tier-1 platform with more limited tooling; a lot of the old options to disable Electrolysis and Fission seem to be ignored in current releases. With that in mind and with the clock counting down to Firefox 102 (the next ESR) I've decided to press on and pull down Firefox 101 as a new branch, drag the JIT current with mozilla-central and see if any of the added tests can shed light on the regressions. A potential explanation is that we could have some edges where 32-bit integer quantities still have the upper word set (64-bit PowerPC doesn't really have comprehensive 32-bit math and clearing the upper bits all the time is wasteful, so there are kludges in a few places to intercept those high-word-set registers where they matter), but changing these assumptions would be major surgery, and aside from the delays may not actually be what's wrong: after all, it doesn't seem to break Baseline. One other option is to deliberately gimp the JIT so that Ion is never activated and submit it as such to Mozilla to make the ESR, and we'd have to do this soon, but indefinitely emasculating our Ion implementation would really suck to me personally and may not pass code review. I'm sure I've made stupid and/or subtle errors somewhere and a lot of code just isn't covered by the test suite (we have tons of controlled crashes, asserts and traps in untested paths, and none of it is triggered in the test suite), so I really need more eyes on the code to see what I can't.


  1. I wish I could meaningfully contribute - I'm still waiting for my Power9 kit, and I'm not much of a coder - but please know that we all appreciate the work you do.

  2. Great to hear that there is still progress, and Ion almost works! It's unfortunate that there are still some nasty hard to find bugs present (that aren't even hit by the tests...), I understand your frustration!

    Especially with the clock counting I image this can give a lot of stress. What's the downside of waiting to the next ESR after 102? I know patches need to be maintained separately and tested with every release, and they also can't be included in the prebuilt Firefox provided by Linux distros. But other than that I don't see main issues with delaying to the next ESR?

    Another option is indeed just shipping Baseline for 102 and leave Ion for the next ESR. Baseline still works great, I still use it on a daily basis with 91 ESR, no bugs so far encountered! :). I don't know how much faster everything gets with Ion . There was a huge difference between Firefox without a JIT and Firefox with a baseline JIT (IMO Firefox without JIT is not usable on modern websites, with baseline it's usable on almost every website).

    A small question out of curiosity: how can Google Maps fonts look fuzzier with Ion? What does a JIT have to do with font sharpness?

    1. Ion is largely of benefit for long-running scripts (asm.js, SPAs, etc.). These optimize poorly in Baseline, because Baseline isn't intended to do much optimization.

      I'll certainly do a code pack for 102 regardless of whether it gets upstreamed, but I'd rather upstream a complete and shippable JIT.

      I suspect Google Maps is doing font rendering in JS. The fuzziness only appears on the map itself.

  3. Thank you so much for your hard work! Rooting for you here!


Post a Comment

Comments are subject to moderation. Be nice.