Just-in-time Compiler in JavaScriptCore (WebKit)

preview_player
Показать описание
Part 3: Introducing the JavaScript interpreter, DFG JIT and FTL JIT from WebKit in this third part. To do that we use the debug version of JSC again and use environment variables to print useful debug output.

-=[ 🕴️Advertisement ]=-

-=[ ❤️ Support ]=-

-=[ 🔴 Stuff I use ]=-

-=[ 🐕 Social ]=-

-=[ 📄 P.S. ]=-

All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.
  1. LiveOverflow
  2. Live Overflow
  3. liveoverflow
  4. hacking tutorial
  5. how to hack
  6. exploit tutorial
Рекомендации по теме
Just-in-time Compiler in 0:09:50

Just-in-time Compiler in JavaScriptCore (WebKit)

Andy Wingo: JavaScriptCore's 0:29:49

Andy Wingo: JavaScriptCore's DFG JIT -- JSConf EU 2012

Attacking Client-Side JIT 0:42:34

Attacking Client-Side JIT Compilers

Thinking Outside the 0:21:31

Thinking Outside the JIT Compiler

Off-By-One 2024 Day 0:36:49

Off-By-One 2024 Day 1- Exploring WebKit’s Just In Time Compilation: Vignesh S Rao

So what's exactly 0:36:53

So what's exactly a JIT Compiler? - GeekCampSG 2019

JavaScriptCore's DFG JIT 0:29:49

JavaScriptCore's DFG JIT (JSConf EU 2012)

LLV8: Adding LLVM 0:21:30

LLV8: Adding LLVM as an extra JIT tier to V8 JavaScript engine - LLVM Cauldron 2016

Introduction to JavaScript 0:09:17

Introduction to JavaScript #2 🧐 How JavaScript Engine Works? What is Rendering Engine? JIT Compiler?...

Hacking Browsers - 0:11:36

Hacking Browsers - Setup and Debug JavaScriptCore / WebKit

OffensiveCon19 - Bruno 0:48:19

OffensiveCon19 - Bruno Keith - Attacking Edge Through the JavaScript Just-In-Time compiler

Michael Saboff — 1:01:24

Michael Saboff — JavaScriptCore, many compilers make this engine perform

BlueHat IL 2019 0:42:49

BlueHat IL 2019 - Bruno Keith - Attacking Edge Through the JavaScript Just-In-Time Compiler

【TenSec 2018】04 Exploring 0:27:53

【TenSec 2018】04 Exploring the Safari Just In Time Exploitation

WebKit RegExp Exploit 0:13:31

WebKit RegExp Exploit addrof() walk-through

2013 LLVM Developers’ 0:06:35

2013 LLVM Developers’ Meeting: “JavaScript JIT with LLVM”

Building a JS 0:08:55

Building a JS Engine -- For Fun! – Linus Groh, JSNation 2024

JavaScript. Impossible. 0:00:33

JavaScript. Impossible.

[EN] YJIT - 0:27:09

[EN] YJIT - Building a new JIT Compiler inside CRuby / Maxime Chevalier-Boisvert @maximecb

NoJITsu: Locking Down 0:31:38

NoJITsu: Locking Down JavaScript Engines

The Fastest JavaScript 0:10:35

The Fastest JavaScript Compiler EVER! 🤯

Black Hat USA 0:42:34

Black Hat USA 2018 - Attacking Client Side JIT Compilers

Revisiting JavaScriptCore Internals: 0:08:59

Revisiting JavaScriptCore Internals: boxed vs. unboxed

Webkit The Game 0:00:57

Webkit The Game Changing Open Source Project Powering Modern Browsers #Shorts

Комментарии
Автор

Thank you for the video! Clearing the air all around javascript and how it works under the hood is really interesting

nikoshalk
Автор

This turned out to be pretty theoretical. I need to brush up on how JIT compiling in general works to wrap my head fully around this.

EvilSapphireR
Автор

Hans, I love you. You have a gift of explaining everything so well everyone understands!

ZelenoJabko
Автор

Really interesting. Thank you very much! Can't wait for the next video!

SkrekkLich
Автор

I've never seen JS as a real and serious language. Something to use in browsers to spice up the webpage I'm working on. The "real" and interesting compiler-stuff is reserved for "real" languages like C or even python. I never thought about how JS gets executed and that all of this optimization-stuff is used - after all it's just used to spice up webpages.
Thank you for getting me closer to this topic, my view of JS is changing and I am excited for the rest of the series.

TobyAsE
Автор

This video is just in time for my break.

centdemeern
Автор

7:03 Why is there +0x8 after rsi? (I am assuming that rsi is a pointer ro the start of the array so shouldn't it already point at the first element?)

sontapaajokulainen
Автор

It would be nice to see video like this but about V8, since Safari is rather niche.

Byamarro
Автор

Could there be attacks on the butterfly of a function, changing it to one that of a _completely innocent_ string

VaradMahashabde
Автор

the thing with clobberWorld() was very confusing :( I did not understand what you said at all. Who is calling that? When? So this is a marker for not optimizing certain functions, which is hardcoded for, for example String.valueOf ? huh? Why is that function harmful to optimize? What about user defined functions, are they always optimized? ... sorry I think I don't belong here :|

dasten
Автор

Is there a way to decompile (c++ written) dll/exe? Or atleast know what are they doing/changing?

awesmeness
Автор

7:20 Javascript doesn't have doubles. Only floats, bigints and typed arrays.

omri
Автор

Recommend:
If water was made of sponge

florian
Автор

Your channel is my new favorite. How about testing some keygens or game cracks?

gizmoriderfulye
Автор

*I pronounce jit as git*
Thats how jif sounds for us

creeper
Автор

Hello LiveOverflow!
I really tried to be first this time. Sorry for being a bit late.

firefish
Автор

I find this so sad. Such a complex system written by some incredible people... all to run the abomination that is JavaScript.

adamnshame
Автор

1 view
2 likes
*YouTube is drunk again*

OmarMohamed-ynzy