pmatos rambles

x87

float PytIdent(float x) {
  return sinf(x)*sinf(x) + cosf(x)*cosf(x);
}
  sub rsp, 4
  movss [rsp], xmm0
  fld [rsp]
  fsincos
  fmul st0, st0
  fxch
  fmul st0, st0
  faddp
  fstp [rsp]
  movss xmm0, [rsp]

	%9 i64 = LoadRegister #0x4, GPR
	%10 i128 = LoadMem FPR, %9 i64, %Invalid, #0x10, SXTX, #0x1
	(%11 i0) PushStack %10 i128, %10 i128, #0x10, #0x1
	(%12 i0) F80SINCOSStack
	%13 i64 = Constant #0x0
	(%14 i8) StoreContext GPR, %13 i64, #0x3fa
	(%15 i0) F80MulStack #0x0, #0x0
	(%16 i0) F80StackXchange #0x1
	%17 i64 = Constant #0x0
	(%18 i8) StoreContext GPR, %17 i64, #0x3f9
	(%19 i0) F80MulStack #0x0, #0x0
	(%20 i0) F80AddStack #0x1, #0x0
	(%21 i0) PopStackDestroy
	%23 i64 = LoadRegister #0x4, GPR
	(%24 i0) StoreStackMemory %23 i64, i128, #0x1, #0x8
	(%25 i0) PopStackDestroy

	%9 i64 = LoadRegister #0x4, GPR
	%10 i128 = LoadMem FPR, %9 i64, %Invalid, #0x10, SXTX, #0x1

	(%11 i0) PushStack %10 i128, %10 i128, #0x10, #0x1

	(%12 i0) F80SINCOSStack

	%13 i64 = Constant #0x0
	(%14 i8) StoreContext GPR, %13 i64, #0x3fa

	(%15 i0) F80MulStack #0x0, #0x0

	(%16 i0) F80StackXchange #0x1

	%17 i64 = Constant #0x0
	(%18 i8) StoreContext GPR, %17 i64, #0x3f9

	(%19 i0) F80MulStack #0x0, #0x0

	(%20 i0) F80AddStack #0x1, #0x0

	(%21 i0) PopStackDestroy

	%23 i64 = LoadRegister #0x4, GPR
	(%24 i0) StoreStackMemory %23 i64, i128, #0x1, #0x8
	(%25 i0) PopStackDestroy

	%9 i64 = LoadRegister #0x4, GPR
	%10 i128 = LoadMem FPR, %9 i64, %Invalid, #0x10, SXTX, #0x1
	(%11 i0) PushStack %10 i128, %10 i128, #0x10, #0x1
	(%12 i0) F80SINCOSStack
	%13 i64 = Constant #0x0
	(%14 i8) StoreContext GPR, %13 i64, #0x3fa
	(%15 i0) F80MulStack #0x0, #0x0
	(%16 i0) F80StackXchange #0x1
	%17 i64 = Constant #0x0
	(%18 i8) StoreContext GPR, %17 i64, #0x3f9

	(%19 i0) F80MulStack #0x0, #0x0
	(%20 i0) F80AddStack #0x1, #0x0
	(%21 i0) PopStackDestroy
	%23 i64 = LoadRegister #0x4, GPR
	(%24 i0) StoreStackMemory %23 i64, i128, #0x1, #0x8
	(%25 i0) PopStackDestroy

	(%19 i0) F80MulStack #0x0, #0x0

const a = ["a", "b", "c"];
for (const value of a) {
  console.log(value);
}
// =>
// "a"
// "b"
// "c"
const a = ["a", "b", "c"];
const it = a[Symbol.iterator]();
let result = it.next();
while (!result.done) {
  console.log(result.value);
  result = it.next();
}
iterator = symbolIterator.@call(iterable);
next = iterator.next;

nextResult = next.@call(iterator);
done = nextResult.done;
value = done ? (undefined / bottom) : nextResult.value;

macro nextInstruction()
    loadb [PB, PC, 1], t0
    leap _g_opcodeMap, t1
    jmp [t1, t0, PtrSize], BytecodePtrTag
end
llintOp(op_iterator_open, OpIteratorOpen, macro (size, get, dispatch)
    defineOSRExitReturnLabel(op_iterator_open, size)
    break
    if C_LOOP or C_LOOP_WIN
        # Insert superflous call return labels for Cloop.
        cloopCallJSFunction a0 # symbolIterator
        cloopCallJSFunction a0 # get next
    end
end)

macro llintOp(opcodeName, opcodeStruct, fn)

llintOpWithMetadata(op_iterator_open, OpIteratorOpen, macro (size, get, dispatch, metadata, return)
    macro fastNarrow()
        callSlowPath(_iterator_open_try_fast_narrow)
    end
    macro fastWide16()
        callSlowPath(_iterator_open_try_fast_wide16)
    end
    macro fastWide32()
        callSlowPath(_iterator_open_try_fast_wide32)
    end
    size(fastNarrow, fastWide16, fastWide32, macro (callOp) callOp() end)
    bbeq r1, constexpr IterationMode::Generic, .iteratorOpenGeneric
    dispatch()

.iteratorOpenGeneric:
    macro gotoGetByIdCheckpoint()
        jmp .getByIdStart
    end

    macro getCallee(dst)
        get(m_symbolIterator, dst)
    end

    macro getArgumentIncludingThisStart(dst)
        getu(size, OpIteratorOpen, m_stackOffset, dst)
    end

    macro getArgumentIncludingThisCount(dst)
        move 1, dst
    end

    callHelper(op_iterator_open,                    # opcodeName
               _llint_slow_path_iterator_open_call, # slowPath
               OpIteratorOpen,                      # opcodeStruct
               m_iteratorProfile,                   # valueProfileName
               m_iterator,                          # dstVirtualRegister
               prepareForRegularCall,               # prepareCall
               size,                                # size
               gotoGetByIdCheckpoint,               # dispatch
               metadata,                            # metadata
               getCallee,                           # getCallee
               getArgumentIncludingThisStart,       # getArgumentStart
               getArgumentIncludingThisCount)       # getArgumentCountIncludingThis

.getByIdStart:
	macro storeNextAndDispatch(valueTag, valuePayload)
        move valueTag, t2
        move valuePayload, t3
        get(m_next, t1)
        storei t2, TagOffset[cfr, t1, 8]
        storei t3, PayloadOffset[cfr, t1, 8]
 	    dispatch()
 	end

    # We need to load m_iterator into t3 because that's where
 	# performGetByIDHelper expects the base object   
 	loadVariable(get, m_iterator, t3, t0, t3)
 	bineq t0, CellTag, .iteratorOpenGenericGetNextSlow
 	performGetByIDHelper(OpIteratorOpen,                  # opcodeStruct
                         m_modeMetadata,                  # modeMetadataName
                         m_nextProfile,                   # valueProfileName
                         .iteratorOpenGenericGetNextSlow, # slowLabel
                         size,                            # size
                         metadata,                        # metadata
                         storeNextAndDispatch)            # return

.iteratorOpenGenericGetNextSlow:
 	callSlowPath(_llint_slow_path_iterator_open_get_next)
 	dispatch()
end)

void JIT::emit_op_iterator_open(const Instruction* instruction)
{
    auto bytecode = instruction->as<OpIteratorOpen>();
    auto* tryFastFunction = ([&] () {
        switch (instruction->width()) {
        case Narrow: return iterator_open_try_fast_narrow;
        case Wide16: return iterator_open_try_fast_wide16;
        case Wide32: return iterator_open_try_fast_wide32;
        default: RELEASE_ASSERT_NOT_REACHED();
        }
    })();

    JITSlowPathCall slowPathCall(this, instruction, tryFastFunction);
    slowPathCall.call();
    Jump fastCase = branch32(NotEqual, GPRInfo::returnValueGPR2, TrustedImm32(static_cast<uint32_t>(IterationMode::Generic)));
    compileOpCall<OpIteratorOpen>(instruction, m_callLinkInfoIndex++);

    advanceToNextCheckpoint();

    // call result (iterator) is in regT1 (tag)/regT0 (payload)
    const Identifier* ident = &vm().propertyNames->next;

    emitJumpSlowCaseIfNotJSCell(regT1);
    GPRReg tagIteratorGPR = regT1;
    GPRReg payloadIteratorGPR = regT0;

    GPRReg tagNextGPR = tagIteratorGPR;
    GPRReg payloadNextGPR = payloadIteratorGPR;

    JITGetByIdGenerator gen(
        m_codeBlock,
        CodeOrigin(m_bytecodeIndex),
        CallSiteIndex(BytecodeIndex(m_bytecodeIndex.offset())),
        RegisterSet::stubUnavailableRegisters(),
        CacheableIdentifier::createFromImmortalIdentifier(ident->impl()),
        JSValueRegs(tagIteratorGPR, payloadIteratorGPR),
        JSValueRegs(tagNextGPR, payloadNextGPR),
        AccessType::GetById);
    gen.generateFastPath(*this);
    addSlowCase(gen.slowPathJump());
    m_getByIds.append(gen);

    emitValueProfilingSite(bytecode.metadata(m_codeBlock));
    emitPutVirtualRegister(bytecode.m_next, JSValueRegs(tagNextGPR, payloadNextGPR));

    fastCase.link(this);
}
void JIT::emit_op_iterator_open(const Instruction* instruction)
{
    // ...
    JITSlowPathCall slowPathCall(this, instruction, tryFastFunction);
    slowPathCall.call();
    Jump fastCase = branch32(NotEqual, GPRInfo::returnValueGPR2, TrustedImm32(static_cast<uint32_t>(IterationMode::Generic)));
    // ...
    fastCase.link(this);
}

void JIT::emitSlow_op_iterator_open(const Instruction* instruction, Vector<SlowCaseEntry>::iterator& iter)
{
    // …
    linkAllSlowCases(iter);

    GPRReg tagIteratorGPR = regT1;
    GPRReg payloadIteratorGPR = regT0;

    JumpList notObject;
    notObject.append(branchIfNotCell(tagIteratorGPR));
    notObject.append(branchIfNotObject(payloadIteratorGPR));

    auto bytecode = instruction->as<OpIteratorOpen>();
    VirtualRegister nextVReg = bytecode.m_next;
    UniquedStringImpl* ident = vm().propertyNames->next.impl();

    JITGetByIdGenerator& gen = m_getByIds[m_getByIdIndex++];

    Label coldPathBegin = label();

    Call call = callOperationWithProfile(
        bytecode.metadata(m_codeBlock),                  // metadata
        operationGetByIdOptimize,                        // operation
        nextVReg,                                        // result
        TrustedImmPtr(m_codeBlock->globalObject()),      // arg1
        gen.stubInfo(),                                  // arg2
        JSValueRegs(tagIteratorGPR, payloadIteratorGPR), // arg3
        CacheableIdentifier::createFromImmortalIdentifier(ident).rawBits()); // arg4

    gen.reportSlowPathCall(coldPathBegin, call);
    auto done = jump();

    notObject.link(this);
    callOperation(operationThrowIteratorResultIsNotObject, TrustedImmPtr(m_codeBlock->globalObject()));

    done.link(this);
    //…
}

void JIT::emit_op_iterator_next(const Instruction* instruction)
{
    //…
    JSValueRegs nextRegs(regT1, regT0);
    emitGetVirtualRegister(bytecode.m_next, nextRegs);
    //…
}

$ WebKitBuild/Release/bin/jsc
>>> 2+2
4
>>> 
$ WebKitBuild/Release/bin/jsc --options
All JSC runtime options:
   useKernTCSM=true   ... Note: this needs to go before other options since they depend on this value.
   validateOptions=false   ... crashes if mis-typed JSC options were passed to the VM
   dumpOptions=0   ... dumps JSC options (0 = None, 1 = Overridden only, 2 = All, 3 = Verbose)

...
$ WebKitBuild/Release/bin/jsc --options 2>&1 | grep verbose
   verboseDFGBytecodeParsing=false
   verboseCompilation=false
   verboseFTLCompilation=false
   verboseValidationFailure=false
   verboseOSR=false
   verboseDFGOSRExit=false
   verboseFTLOSRExit=false
   verboseCallLink=false
   verboseCompilationQueue=false
   verboseExitProfile=false
   verboseCFA=false
   verboseDFGFailure=false
   verboseFTLToJSThunk=false
   verboseFTLFailure=false
   verboseSanitizeStack=false
   verboseVisitRace=false
   verboseExecutableAllocationFuzz=false
$ ~/dev/WebKit/WebKitBuild/Debug/bin/jsc --options 2>&1 | grep JIT    
   useJIT=true   ... allows the executable pages to be allocated for JIT and thunks if true
   useBaselineJIT=true   ... allows the baseline JIT to be used if true
   useDFGJIT=true   ... allows the DFG JIT to be used if true
   useRegExpJIT=true   ... allows the RegExp JIT to be used if true
   useDOMJIT=true   ... allows the DOMJIT to be used if true
   crashIfCantAllocateJITMemory=false
   dumpDisassembly=false   ... dumps disassembly of all JIT compiled code upon compilation
   logJITCodeForPerf=false
   bytecodeRangeToJITCompile=<null>   ... bytecode size range to allow compilation on, e.g. 1:100
   reportBaselineCompileTimes=false   ... dumps JS function signature and the time it took to BaselineJIT compile
   useFTLJIT=true   ... allows the FTL JIT to be used if true
   enableJITDebugAssertions=true
   useConcurrentJIT=true   ... allows the DFG / FTL compilation in threads other than the executing JS thread
   jitPolicyScale=1   ... scale JIT thresholds to this specified ratio between 0.0 (compile ASAP) and 1.0 (compile like normal).
   thresholdForJITAfterWarmUp=500
   thresholdForJITSoon=100
   forceGCSlowPaths=false   ... If true, we will force all JIT fast allocations down their slow paths.
   alwaysGeneratePCToCodeOriginMap=false   ... This will make sure we always generate a PCToCodeOriginMap for JITed code.
   useBBQJIT=true   ... allows the BBQ JIT to be used if true
   useOMGJIT=true   ... allows the OMG JIT to be used if true
   traceBaselineJITExecution=false
   dumpJITMemoryPath=""
   dumpJITMemoryFlushInterval=10   ... Maximum time in between flushes of the JIT memory dump in seconds.
$ ~/dev/WebKit/WebKitBuild/Debug/bin/jsc --options 2>&1 | grep -i gc
   repatchBufferingCountdown=8
   bytecodeRangeToDFGCompile=<null>   ... bytecode size range to allow DFG compilation on, e.g. 1:100
   logCompilationChanges=false
   validateDoesGC=true
   reportDFGCompileTimes=false   ... dumps JS function signature and the time it took to DFG and FTL compile
   useGenerationalGC=true
   useConcurrentGC=true
   criticalGCMemoryThreshold=0.8   ... percent memory in use the GC considers critical.  The collector is much more aggressive above this threshold
   concurrentGCMaxHeadroom=1.5
   concurrentGCPeriodMS=2
   minimumGCPauseMS=0.3
   gcPauseScale=0.3
   gcIncrementBytes=10000
   gcIncrementMaxBytes=100000
   gcIncrementScale=0
   numberOfDFGCompilerThreads=2
   priorityDeltaOfDFGCompilerThreads=0
   maximumInliningCallerBytecodeCost=10000
   numberOfGCMarkers=8
   useParallelMarkingConstraintSolver=true
   slowPathAllocsBetweenGCs=0   ... force a GC on every Nth slow path alloc, where N is specified by this option
   sweepSynchronously=false   ... debugging option to sweep all dead objects synchronously at GC end before resuming mutator
   logGC=None   ... debugging option to log GC activity (0 = None, 1 = Basic, 2 = Verbose)
   useGC=true
   gcAtEnd=false   ... If true, the jsc CLI will do a GC before exiting
   forceGCSlowPaths=false   ... If true, we will force all JIT fast allocations down their slow paths.
   forceDidDeferGCWork=false   ... If true, we will force all DeferGC destructions to perform a GC.
   gcMaxHeapSize=0
   recordGCPauseTimes=false
   numberOfGCCyclesToRecordForVerification=3
   validateDFGClobberize=false   ... Emits extra validation code in the DFG/FTL for the Clobberize phase
$ /home/pmatos/roots/br-root.jsc32-mips/host/bin/qemu-mipsel -L \
	/home/pmatos/roots/br-root.jsc32-mips/target ./WebKitBuild/Debug/bin/jsc \
	load-varargs-then-inlined-call-and-exit.js 
qemu: uncaught target signal 4 (Illegal instruction) - core dumped
#!/bin/bash
/home/pmatos/roots/br-root.jsc32-mips/host/bin/qemu-mipsel -L \
	/home/pmatos/roots/br-root.jsc32-mips/target /home/pmatos/dev/WebKit/WebKitBuild/Debug/bin/jsc \
	load-varargs-then-inlined-call-and-exit.js &> err.txt
grep -q 'Illegal instruction' err.txt
$ creduce --not-c --n 16 ./red.sh load-varargs-then-inlined-call-and-exit.js
===< 26334 >===
running 16 interestingness tests in parallel
===< pass_blank :: 0 >===
(0.6 %, 1046 bytes)
===< pass_lines :: 0 >===
(-0.3 %, 1055 bytes)
(1.2 %, 1039 bytes)
===< pass_lines :: 1 >===
(-1.9 %, 1072 bytes)
(17.6 %, 867 bytes)
(20.9 %, 832 bytes)
(26.5 %, 773 bytes)
(34.8 %, 686 bytes)
...
===================== done ====================

pass statistics:
  method pass_balanced :: curly2 worked 1 times and failed 18 times
  method pass_balanced :: curly-inside worked 1 times and failed 12 times
  method pass_clex :: rm-toks-11 worked 1 times and failed 105 times
  method pass_balanced :: parens-to-zero worked 1 times and failed 25 times
  method pass_blank :: 0 worked 1 times and failed 0 times
  method pass_clex :: rename-toks worked 2 times and failed 4 times
  method pass_lines :: 8 worked 2 times and failed 123 times
  method pass_lines :: 4 worked 2 times and failed 123 times
  method pass_lines :: 10 worked 2 times and failed 123 times
  method pass_lines :: 3 worked 2 times and failed 123 times
  method pass_indent :: regular worked 2 times and failed 0 times
  method pass_lines :: 6 worked 2 times and failed 123 times
  method pass_lines :: 2 worked 5 times and failed 134 times
  method pass_clex :: rm-tok-pattern-4 worked 5 times and failed 784 times
  method pass_lines :: 0 worked 5 times and failed 70 times
  method pass_balanced :: parens-inside worked 6 times and failed 7 times
  method pass_clex :: rm-toks-1 worked 7 times and failed 132 times
  method pass_lines :: 1 worked 7 times and failed 147 times
  method pass_clex :: rm-toks-2 worked 8 times and failed 116 times

          ******** /home/pmatos/dev/WebKit/load-varargs-then-inlined-call-and-exit.js ********

function b(a) {
  return { a: a + 1 }
}
function bar() { b.apply(this, array) }
function c() {
  bar()
  c()
}
array = [ 2147483647 ]
c()
$ /home/pmatos/roots/br-root.jsc32-mips/host/bin/qemu-mipsel -L /home/pmatos/roots/br-root.jsc32-mips/target ./WebKitBuild/Debug/bin/jsc load-varargs-then-inlined-call-and-exit.js 
qemu: uncaught target signal 4 (Illegal instruction) - core dumped
$ which chroot
/usr/sbin/chroot
$ chroot --help
Usage: chroot [OPTION] NEWROOT [COMMAND [ARG]...]
  or:  chroot OPTION
Run COMMAND with root directory set to NEWROOT.

  --groups=G_LIST        specify supplementary groups as g1,g2,..,gN
  --userspec=USER:GROUP  specify user and group (ID or name) to use
  --skip-chdir           do not change working directory to '/'
      --help     display this help and exit
      --version  output version information and exit

If no command is given, run '"$SHELL" -i' (default: '/bin/sh -i').

GNU coreutils online help: <https://www.gnu.org/software/coreutils/>
Full documentation at: <https://www.gnu.org/software/coreutils/chroot>
or available locally via: info '(coreutils) chroot invocation'
$ man -s2 chroot
CHROOT(2)

NAME
       chroot - change root directory

SYNOPSIS
       #include <unistd.h>

       int chroot(const char *path);

   Feature Test Macro Requirements for glibc (see feature_test_macros(7)):
...
#include <stdio.h>
#include <stdint.h>
#include <inttypes.h>
#include <stdlib.h>

int main(int argc, char *argv[]) {

  uint64_t result = 1;
  uint32_t arg;

  if (argc != 2)
    return 1;

  arg = strtoul(argv[1], NULL, 0);
  while(arg) result *= arg--;

  printf ("Result: %" PRIu64 "\n", result);
  return 0;
}
$ gcc -Wall -Wextra -o factorial factorial.c
$ ./factorial 20
Result: 2432902008176640000
$ mkdir jail
$ cp factorial jail/
$ chroot jail/ /factorial
chroot: cannot change root directory to 'jail/': Operation not permitted
$ sudo chroot jail/ /factorial
chroot: failed to run command ‘/factorial’: No such file or directory
$ ldd factorial
        linux-vdso.so.1 (0x00007ffe1f7f9000)
        libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f65bf62e000)
        /lib64/ld-linux-x86-64.so.2 (0x00007f65bf844000)
$ gcc -Wall -Wextra -static -o factorial factorial.c
$ ldd factorial
        not a dynamic executable
$ sudo chroot jail/ /factorial 20
Result: 2432902008176640000
$ mkdir build
$ cd build
build/ $ ct-ng armv7-rpi2-linux-gnueabihf
build/ $ ct-ng build
$ export PATH=$HOME/x-tools/armv7-rpi2-linux-gnueabihf/bin:$PATH
$ armv7-rpi2-linux-gnueabihf-gcc -static -o factorial factorial.c
$ ./factorial
zsh: exec format error: ./factorial
$ file factorial
factorial: ELF 32-bit LSB executable, ARM, EABI5 version 1 (SYSV), \
dynamically linked, interpreter /lib/ld-linux-armhf.so.3, for GNU/Linux \
4.19.21, with debug_info, not stripped
$ qemu-arm ./factorial 20 
Result: 2432902008176640000
$ zcat /proc/config.gz| grep BINFMT
CONFIG_BINFMT_ELF=y
CONFIG_COMPAT_BINFMT_ELF=y
CONFIG_BINFMT_SCRIPT=y
CONFIG_BINFMT_MISC=y
$ sudo bash -c 'echo ":qemu-arm:M:0:\\x7f\\x45\\x4c\\x46\\x01\\x01\\x01\\x00\\x00\\x00\\x00\\x00\\x00\
\\x00\\x00\\x00\\x02\\x00\\x28\\x00:\\xff\\xff\\xff\\xff\\xff\\xff\\xff\\x00\\xff\\xff\\xff\\xff\\xff\
\\xff\\xff\\xff\\xfe\\xff\\xff\\xff:/home/pmatos/installs/bin/qemu-arm:OCF" > \
/proc/sys/fs/binfmt_misc/register'
$ ./factorial 20
Result: 2432902008176640000
$ mkdir rootfs
$ debootstrap --foreign --no-check-gpg --arch=arm buster ./rootfs http://httpredir.debian.org/debian/
$ cp -v /usr/bin/qemu-arm-static ./rootfs/usr/bin/
$ chroot ./rootfs ./debootstrap/debootstrap --second-stage --verbose
$ mount -t devpts devpts ./rootfs/dev/pts
$ mount -t proc proc ./rootfs/proc
$ mount -t sysfs sysfs ./rootfs/sys
$ chroot ./rootfs apt-get update
$ chroot ./rootfs apt-get -y upgrade
$ chroot ./rootfs apt-get install -y g++ cmake libicu-dev git ruby-highline ruby-json python
chroot ./rootfs apt-get -y autoremove
chroot ./rootfs apt-get clean
chroot ./rootfs find /var/lib/apt/lists -type f -delete
umount ./rootfs/dev/pts
umount ./rootfs/proc
umount ./rootfs/sys
$ tar --numeric-owner -cvf buster-arm.tar -C ./rootfs .
$ docker import buster-arm.tar jsc-base:arm-raw
$ cat <<EOF > jsc32-base.Dockerfile
FROM jsc32-base:arm-raw

LABEL description="Minimal Debian image to reproduce JSC dev"
LABEL maintainer="Paulo Matos <pmatos@igalia.com>"

CMD ["/bin/bash"]
EOF
$ docker build -t pmatos/jsc32-base:arm -f jsc32-base.Dockerfile
$ docker push pmatos/jsc32-base:arm
$ docker run pmatos/jsc32-base:arm file /bin/bash
/bin/bash: ELF 32-bit LSB pie executable, ARM, EABI5 version 1 (SYSV), dynamically linked, \
interpreter /lib/ld-linux-armhf.so.3, for GNU/Linux 3.2.0, \
BuildID[sha1]=40e50d160a6c70d1a4e961200202cf853b4a2145, stripped
$ podman run pmatos/jsc32-base:arm file /bin/bash
/bin/bash: ELF 32-bit LSB pie executable, ARM, EABI5 version 1 (SYSV), dynamically linked, \
interpreter /lib/ld-linux-armhf.so.3, for GNU/Linux 3.2.0, \
BuildID[sha1]=40e50d160a6c70d1a4e961200202cf853b4a2145, stripped
$ git clone --depth=1 git://git.webkit.org/WebKit.git
$ export WEBKIT_PATH=$PWD/WebKit
$ git clone --depth=1 git@github.com:pmatos/WebKit-misc.git
$ cd WebKit-misc/containers
$ ./reprojsc.sh -a arm -b -t -i $WEBKIT_PATH
$ git clone git://git.webkit.org/WebKit.git
...
$ du -hs WebKit
9.7G    WebKit
$ Tools/Scripts/build-jsc --jsc-only --debug
...
====================================================================
 JavaScriptCore is now built (02m:44s). 
====================================================================
$ Tools/Scripts/check-webkit-style
ERROR: Source/WTF/wtf/StackBounds.cpp:25:  Alphabetical sorting problem.  [build/include_order] [4]
ERROR: Source/WTF/wtf/StackBounds.cpp:126:  Place brace on its own line for function definitions.  [whitespace/braces] [4]
Total errors found: 2 in 2 files
$ ls -1 Tools/Scripts/run-*-tests
Tools/Scripts/run-api-tests
Tools/Scripts/run-bindings-tests
Tools/Scripts/run-builtins-generator-tests
Tools/Scripts/run-dashboard-tests
Tools/Scripts/run-gtk-tests
Tools/Scripts/run-iexploder-tests
Tools/Scripts/run-inspector-generator-tests
Tools/Scripts/run-javascriptcore-tests
Tools/Scripts/run-jsc-stress-tests
Tools/Scripts/run-mangleme-tests
Tools/Scripts/run-perf-tests
Tools/Scripts/run-regexp-tests
Tools/Scripts/run-webdriver-tests
Tools/Scripts/run-webkit-tests
Tools/Scripts/run-web-platform-tests
Tools/Scripts/run-wpe-tests
$ Tools/Scripts/run-javascriptcore-tests --no-build --no-fail-fast --debug --jsc-only
...
    0 failures found.

x86 Asm	IR nodes
`fld qword [rsp]`	`LoadMem` + `PushStack`
`fsincos`	`F80SinCosStack`
`fmul st0, st0`	`F80MulStack`
`fxch`	`F80StackXchange`
`fmul st0, st0`	`F80MulStack`
`faddp`	`F80AddStack` + `PopStackDestroy`
`fstp qword [rsp]`	`StoreStackMemory` + `PopStackDestroy`

Game	Before	After	Reduction
Half-Life (Block 1)	2034	1368	32.7%
Half-Life (Block 2)	838	551	34.2%
Oblivion (Block 1)	34065	25782	24.3%
Oblivion (Block 2)	22089	16635	24.6%
Psychonauts (Block 1)	20545	16357	20.3%
Psychonauts Hot Loop (Matrix Swizzle)	2340	165	92.9%

pmatos rambles

FEX x87 Stack Optimization

A brief visit to the x87 FPU

Current issues

The new pass

The Good Case

The Bad Case

The Ugly Case

Results

Future work

WebAssembly Reference Types in Clang/LLVM

WebAssembly Reference Types in LLVM

Introduction

Linker and MC Layer

LLVM IR

Clang

Conclusions and Future

A tour of the `for..of` implementation for 32bits JSC

Context

Overview

javascript and for-of

LLInt

Baseline

Conclusions

Thanks

JSC - what are my options?

CReduce - it's a kind of magic!

Cross-Arch Reproducibility using Containers

Introduction

Starting with chroot

QEMU and binfmt

Creating container base images

Going rootless with podman

Application to JSC

What's missing?

Acknowledgments

A Brief Look at the WebKit Workflow

Cloning

Building and Testing

Submitting a patch

Further notes on the review/commit-queue cycle

The review process

Wrong bug title

Apply patch locally

Command summary

Help

Global Help

Command Help

Upload patch

Apply upstream attachment

Bonus -- WebKit on GitHub

Thanks

Corrections or Comments?