Ppsspp: I have an Amazing news about JIT and how to fix micro stutter finally.

I'm not convinced that the "micro stutter" issue is at all related to the "new" (avoiding WX) Jit, but this seems useful.

We need a way to detect it and a way to load it dynamically, so that the emulator will still run on devices that don't have this thing installed. Unless we can of course integrate it directly, which would be nicer. There aren't many details in the thread...

The micro stutter is still there even after disabling the JIT, that's why I'm pretty convinced JIT isn't the source to the micro stutter. @hrydgard Please correct me if I'm wrong , I am no developer = )

@hrydgard thank you for replying. I meant here this is an old JIT implementation like when we on iOS 8.4 by TaiG jailbreak. Which is running all games 30/60 fps without even a little drop of the speed. The speed is very stable. I know you said that a long go. (The new JIT maybe we'll see a micro slowdown) so that's why I suggest at least to bringing new edit version of ppsspp and of course including this old JIT. Believe me if you do tha you'll notice all problems are gone specially micro stutter forever. As you see while ago we could implement the new way of JIT and from this JIT problem is micro stutter.

So please as a try after editing any version of ppsspp and try implement old JIT in order to see the results. For more information this is his link in GitHub:
https://github.com/kpwn/yalu102

Good luck.

@iOS4all what? My friend, please try to understand. Enabling or disabling JIT, it doesn't matter, the micro stutter still appears. How would implementing the old JIT help?

@iOSSOi no this is not correct at all. I'll correct your information.
The micro stutter is happening because of the new way of JIT. And even @hrydgard said this new JIT maybe you'll notice a little slowdown (maybe he refers to this micro stutter. Unlike an old JIT which can you get it after aa good jailbreak like TaiG. Long ago when I was on iOS 8.4 and after jailbreaking by TaiG I used ppsspp on it. And believe me there's no micro stutter AT ALL. All games running on stable speed 30/60 fps. so now after this solid jailbreak iOS 10 we can get JIT functionality like before.

The conclusion:
There's two kind of JIT
1- an old one which is implemented after a solid jailbreak which has free bug.
2-the new JIT which is implemented recently and it has a very known issue which is causing of micro stutter.

I hope you're now understand everything about this stuff.

"The micro stutter is happening because of the new way of JIT"

I doubt this. I believe what you call microstutter is caused by something else, but I can't figure out what.

There are not two kinds of JIT, there's just two kinds of code memory management, what we call "WX-exclusive" which is needed for newer iOS versions and "normal" which is what all other platforms used, and what we previously used on iOS. This requires RWX memory which is no longer available.

@hrydgard thank you for replying

The creator of iOS 10 jailbreak could get JIT functionality which we can take it if we completely defeat KPP and it has RWX as well unlike the new one.

Just see his twitters

He said (maybe some emulation devs don't know how to get RWX to work. it seems very simple).
I gave you his open source jailbreak above to see if you want.

@hrydgard @iOS4all now you heard it from man himself, he doubts the micro stutter is caused by the JIT. Can you (iOS4all aka Fadi555) please stop talking about how the JIT is the cause, please!!

@iOSSOi I just give him some clues about this stuff. Don't worry about bothering him he is a creator and it's normal to give him issues and fix that. Go and see how many issues there? And how many people talk about their issues it's normal bro.

Even if I fadi or not. I'm a human. so please stop thinking in negative way. At least this issue is related to you as well. Because you have an iOS device. And complaining about this issue as well.

this issue is not only related to you or me only. This is for all iOS devices including my friends because they will notice that issue so easily.

Finally you just leave all people with all their different issues and just come here to said that? So if this specific annoying issue is hurting you to talk about even it's related to you. I have to say sorry.

@iOS4all @hrydgard "Don't worry about bothering him he is a creator and it's normal to give him issues and fix that"

Boy, we do not create issues to bother any developer!! We create issues because we want to help developers! It doesn't matter if I think in a positive way, me nagging about something that is wrong with this emulator again and again wont help anyone.

Anyway I just give him a very known clues about this thing.
I won't saying anything anymore but you'll see the results. You'll said wow it fixed.
Because RWX is implementing here as well as an old JIT.
So that's enough even for retroarch pcsx dynarc core to run without crash.

We really don't need X number of issues for same thing just so you can spam and nag Henrik @iOS4all / fadi / whatever.
Closing as duplicate of #9197, the issue is opened nobody needs to be reminded 11 times a day about it.

@LunaMoo You should unlock #9197 again so we can discuss there :smiley:

Anyway, I think it could be worth a try to implement this and see if something changes.

jit_mach_vm_allocate(mach_port_t task, mach_vm_offset_t* address, mach_vm_size_t size, int flags)

Users would have to install the .deb to run the the library though.

Done, just behave this time, I closed the discussion due to insults flying around, someone else removed them later on.

And really to all iOS users - remember nobody here has any interest in braking iOS version every X months nor cause any weird behaviour, all of that comes from apple OS updates and it might not always be possible to fix it and even if it might take months, it's not exactly first time and quite likely not last, just get used to it already;p.

@Anuskuss thanks for sharing this idea. It could fix this issue. Because @hrydgard said this micro stutter was happened because of avoiding RWX and the latest iOS 10.2 as well as other jailbroken versions are now able to use JIT and RWX again like before. So bringing this back to ppsspp it could really useful to fix it permanently.

@LunaMoo I know maybe there's a few devs here how interesting to work on iOS version of ppsspp but as you can see this project is for all platforms including (win, mac , Linux , raspberry , Symbian iOS ,android)
so it's very nice to work with all platforms.
Thank.

So the situation right now is
< iOS 8: RWX JIT (but uses WX)
= iOS 9: WX JIT only
= iOS 10: (possibly) RWX (but uses WX)

I'm fine with always using W^X on iOS. But the thing is that iOS 8 and lower can use the normal JIT just fine. Also every device capable of running iOS 9 can also run iOS 10, and most of the iOS 9 users could (and should) upgrade to iOS 10 and keep the jailbreak.

qwertyoruiop said that the function behaves just like mach_vm_allocate except that it actually returns RWX pages, so (and I'm no developer) it shouldn't be super hard to implement it (if there's even demand).

We would end up with WX on > iOS 9 and RWX² on iOS 10, but if we would simply ignore iOS 9, and add a simple check if the .dylib is loaded and apply the prefix (if it behaves 100% like the old function), we would have clean code and everything should work.

enough is enough, can someone please block fadi/ios4all from this repo? how many 100s of comments about the same issue? none of them helpful, but all of them sent to ~350 people. even adding them to personal blocklists isn't enough because other people reply, etc.

their old account was banned from github for this kind of thing. they won't start behaving now.

EDIT: and that's a new sock below. look at the registration date.

EDIT 2: and now the previous useless comment and the reply from a sock below has been deleted. it never ends.

The problem is that he can just create another account...

Well you're right guys. I talked about this issue many times. so I was thinking about fixing it. But I guess from this time I have to stop talking about this issue forever. And just leave this issue for @hrydgard if he could it's ok if he couldn't it's ok as well. So I have to say sorry for all you guys for being not very nice to talk about this issue many times in order to fix. So please forgive me.
🌹

First of all: iOS4all is fucking annoying. He opened multiple pull requests on yalu over this.

Second: JITSupport provides RWX support by MAP_JIT means, without however needing the entitlement due to some other magic. This is should work on both iOS 9 and 10, and requires no patches except the ability to make jitsupportd run (i.e. codesign).

I am honestly amazed that after a year that @comex suggested this, people went with hacking up the JIT engine to support W^X rather than an extremely easy fix. Anyhow, JITSupport abstracts this for you with an extremely easy to use API.

Additionally, I believe that future jailbreaks will move on to things similar to this for all patches (read if apple decides that jit is harmful [and i mean, it is on unjailbroken devices, but it is laughable to think they care about security on jailbroken devices {where due to codesign being disabled it is not even a security issue anyway}] this can be solved with no modifications on your side), not necessarily just vm_protect. This is because it allows jailbreak developers to provide a unified, stable API to handle these cases. Also, I can definitively see how having to mprotect every time can slow this down (especially on Yalu102, where syscalls have an additional overhead due to KPP bypass trashing at least 1 TLB entry (worse on some devices, however, where both the instruction cache and the TLB are wiped)).

Note that JITSupport may have issues as-is, but I am happy to help to solve this issue once and for all.

Additionally, consider mlock()ing memory after allocating it to fault it in in advance. it may provide a perf boost stutter wise, but you might be already doing it. I have never looked at PPSSPP code so I dunno.

@kpwn thing is, it's not at all clear how to best use it. We must obviously still work even if JITSupport is not installed, and I have no idea how to detect and load it dynamically.

Also if it's so easy, where's the source code to JITSupport so we can just integrate it directly?

mmap with MAP_JIT on a process with dynamic-codesign in entitlements. 1 LoC. allows PROT_ALL to be passed as protection.

Anyhow, if you give a look at the jitsupport thing, you can simply dlopen the path where the dylib is installed at, and possibly fall back to either RWX (pre-9) or just avoid rwx jit entirely.

Pull requests or links accepted for the entitlements thing, I really have no idea how that stuff works. iOS has not been a prioritized platform for me for obvious reasons of Apple being hostile to emulators.

I suggest anyway to rely on JITSupport for reasons of providing a stable, portable across jailbreaks API.

This should future proof the entire deal.

Additionally: I doubt Apple cares about emulators. Obviously they care with the appstore, and they care when enterprise certs are abused for them, but as far as jailbroken phones go it is probably the least of their worries. Emulators are just low level enough that without actively maintaining iOS support many things break due to collateral damage of unrelated security hardening.

An idea would be to either jit_mach_vm_allocate or mach_vm_allocate (both use the same argument types and return value, so you can just use a function pointer and simply define some stub eg. try_jit_mach_vm_allocate that does the 'right' thing based on availability) passing RWX on both, then checking resulting protection (many mach APIs can be used for this), and accordingly fall back to W^X jit when required. It should be a very minimal change code wise, I'd expect.