Yeah, I would argue that SpiderMonkey's self-hosted JS is neither JavaScript nor memory safe. It's a different language that reuses much of the JavaScript implementation. It doesn't support either of the statements `foo()` or `obj.prop = 3`. It does support a whole bunch of memory-unsafe operations that JavaScript does not have, through intrinsics. So if you take a language and remove some stuff and add some other stuff, you end up with neither a subset nor a superset—it's just a different (but related) language.
(I work on SpiderMonkey. I've even suggested that we more explicitly recognize that self-hosted JS is not JS, and compile it differently such that you could add back some of the missing features with different, safer semantics. But it's not really my area and there's a large design space to choose the right language from, so I'm not claiming that that's the right thing to do.)
(I work on SpiderMonkey. I've even suggested that we more explicitly recognize that self-hosted JS is not JS, and compile it differently such that you could add back some of the missing features with different, safer semantics. But it's not really my area and there's a large design space to choose the right language from, so I'm not claiming that that's the right thing to do.)