This is a list of resources I used to learn about virtual machines in general, from an architecture point of view to optimizations and garbage collection strategies. I've also put together some parts into a talk format, you can see the video here (slides).
Contributions are very welcome!
Table of Contents generated with DocToc
| Emoji | Represents |
|---|---|
| Blog post | |
| White paper | |
| Code | |
| Podcast | |
| Slides | |
| Documentation |
Virtual machines
π₯ Dynamic Compilation and Adaptive Optimization in Virtual Machines - Stephen Fink, David Grove, and Michael Hindπ On-stack replacement - Soman and Krintzπ Optimizing Dynamically-Typed Object-Oriented Languages With Polymorphic Inline Caches - HΓΆlzle, Chambers and Ungarπ Adaptive optimization for self: reconciling high performance with exploratory programming - HΓΆlzleπ A Survey of Adaptive Optimization in Virtual Machines - Arnold, Fink, Grove, Hind and Sweeneyπ A Simple Graph-Based Intermediate Representation - Clickπ Combining Analyses, Combining Optimizations - Clickπ A Brief History of Just-In-Time - Aycock
JavaScript Engines
V8
π A tour of V8 garbage collection - Jay Conrod- V8 perf - Thorsten Lorenz
π₯ TurboFan JIT Design - Ben L. Titzerπ Sea of Nodes - Fedor Indutnyπ Digging into TurboFan JIT - V8's blogπ Jank Busters Part One - V8's blogπ JavaScript and V8βs TurboFan - Ariya Hidayatπ Instrumenting V8 to Measure the Efficacy of Dynamic Optimizations on Production Code - Maass and Shaferπ V8 resources - Vyacheslav Egorovπ V8: Behind the Scenes (November Edition) - Benedikt Meurerπ The story of a V8 performance cliff in React - Benedikt Meurer and Mathias Bynens
JavaScriptCore
π Introducing FTL JIT - Webkit blogπ Introducing B3 JIT compiler - Webkit blogπ Bare Bones Backend - Webkit Documentationπ B3 Assembly IR - Webkit Documentationπ B3 IR - Webkit Documentationπ FTL JIT - Webkit Documentationπ Inside javascriptcore's low-level interpreter - Andy Wingo's blog
ChakraCore
π» List of performance hint descriptions - ChakraCore's repositoryπ€ Chakra, Microsoft's Open Source JavaScript Engine - JavaScriptAirπ ChakraCore Architecture overview - ChakraCore's wiki
SpiderMonkey
π Compacting Garbage Collection in SpiderMonkey - Mozilla Hacksπ SpiderMonkey Internals - MDNπ IonMonkey: Evil on your behalf - Mozilla's JavaScript blogπ IonMonkey: Optimizing Away - Mozilla's JavaScript blogπ The Unofficial Incomplete Spidermonkey Bibliography - Matthew Gaudet
Benchmarks
- Introducing the JetStream Benchmark Suite
- Sunspider
- Octane
- Kraken
- Dromaeo
- AreWeFastYet?
- Web Tooling Benchmark
Inline caches
π PICing on JavaScript for fun and profit - Chris Leary
Garbage collection
π On-the-fly Garbage Collection: An Exercise in Cooperation - Dijkstra, Lamport, Martin, Scholten, and Steffensπ Back to basic: Series on dynamic memory management - MSDN- Memory Management Reference
π A non-recursive list compacting algorithm - Cheneyπ Generation Scavenging - Ungarπ Reconciling Responsiveness with Performance in Pure Object-Oriented Languages - HΓΆlzle and Ungarπ Garbage Collection in an Uncooperative Environment - Boehmπ Garbage Collection with Ambiguous Roots - Bartlettπ Quantifying the Performance of Garbage Collection vs. Explicit Memory Management - Hertz and Bergerπ 'Infant Mortality' and Generational Garbage Collection - Bakerπ Fast Conservative Garbage Collection - Shahriyar, Blackburn and McKinley
Exploitation
π Introduction to SpiderMonkey exploitation - Axel "0vercl0k" Souchetπ Attacking JavaScript Engines: A case study of JavaScriptCore and CVE-2016-4622 - Samuel GroΓπ Weaponization of a JavaScriptCore Vulnerability - RET2's blogπ Don't Follow The Masses: Bug Hunting in JavaScript Engines - Dimitri Fourny and Moritz Jodeitπ A journey into IonMonkey: root-causing CVE-2019-9810 - Axel "0vercl0k" Souchetπ Introduction to TurboFan -Jeremy Fetiveau