<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Jun 2, 2016 at 7:49 AM, Ben Coman <span dir="ltr"><<a href="mailto:btc@openinworld.com" target="_blank">btc@openinworld.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex"><br>
On Thu, Jun 2, 2016 at 10:19 AM, Ryan Macnak <<a href="mailto:rmacnak@gmail.com">rmacnak@gmail.com</a>> wrote:<br>
><br>
> I'll second that simulators are an essential tool for building a JIT. In the Dart VM, we have our own simulators for ARM, ARM64 and MIPS that allow us to test changes against all the architectures we support, locally on our x64 workstations. When we first got the VM running on iOS, we were even running the ARM simulator on the iPhone to work around the no-JITing-unless-you're-Apple policy (we have since completed an AOT mode). Although it was sluggish compared to its JIT counterpart running on Android, it was certainly usable. And given our loading code is also implemented in Dart, having simulators allows us to cross-compile AOT code for Android and iOS from x64 desktops.<br>
<br>
<br>
One thing I've been contemplating for a while, given that Sista will<br>
IIUC cache hotspot info in the Image, enabling a hot-start, would that<br>
be a reasonable workaround for Apple's no-JIT policy. You could use<br>
unit tests to warm up Sista then code-sign the whole resultant image<br>
??<br>
<br>
<br></blockquote><div>Yes and no.</div><div><br></div><div>One problem is that the sista image has optimized code in the form of bytecoded method. The baseline JIT is still required to generate the machine code. So the application would need a prepackaged machine code zone, which is not possible without some work right now. Currently sista methods are optimized to use the baseline JIT as the back-end and are not optimized for the interpreter.</div><div><br></div><div>Another problem is things like inline caches that patch the machine code. We would need to change that logic. One way would be to keep in the cache values in a non executable memory zone, another one would be to have inline cache failure never patch the code.</div><div><br></div><div>Currently the Stack VM works on iOS and the Stack VM interpreter is very fast (between 10 and 20% overhead compared to the ASM template production version of Java's hotspot). There are multiple solutions to boost the performance on iOS using the existing infrastructure, but there is no obvious way on how to make that production ready in less than (optimistically) 6 months of work.</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex">
btw I got curious what exactly the policy[1] was... "Further<br>
protection is provided by iOS using ARM’s Execute Never (XN) feature,<br>
which marks memory pages as non-executable. Memory pages marked as<br>
both writable and executable can be used only by apps under tightly<br>
controlled conditions: The kernel checks for the presence of the<br>
Apple-only dynamic code-signing entitlement. Even then, only a single<br>
mmap call can be made to request an executable and writable page,<br>
which is given a randomized address. Safari uses this functionality<br>
for its JavaScript JIT compiler."<br></blockquote><div><br></div><div>Ahah. "Apple-only". How fancy. </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex">
<br>
[1] <a href="https://www.apple.com/business/docs/iOS_Security_Guide.pdf" rel="noreferrer" target="_blank">https://www.apple.com/business/docs/iOS_Security_Guide.pdf</a><br>
<br>
cheers -ben<br>
</blockquote></div><br></div></div>