This is a list of resources I used to learn about virtual machines in general, from an architecture point of view to optimizations and garbage collection strategies. I've also put together some parts into a talk format, you can see the video here (slides).

Contributions are very welcome!

Table of Contents generated with DocToc

Virtual machines

Emoji, Represents
:---:, ---
:bar_chart:, Blog post
:page_facing_up:, White paper
:computer:, Code
:microphone:, Podcast
:movie_camera:, Slides
:pencil:, Documentation

Virtual machines

:movie_camera: Dynamic Compilation and Adaptive Optimization in Virtual Machines - Stephen Fink, David Grove, and Michael Hind
:page_facing_up: On-stack replacement - Soman and Krintz
:page_facing_up: Optimizing Dynamically-Typed Object-Oriented Languages With Polymorphic Inline Caches - Hölzle, Chambers and Ungar
:page_facing_up: Adaptive optimization for self: reconciling high performance with exploratory programming - Hölzle
:page_facing_up: A Survey of Adaptive Optimization in Virtual Machines - Arnold, Fink, Grove, Hind and Sweeney
:page_facing_up: A Simple Graph-Based Intermediate Representation - Click
:page_facing_up: Combining Analyses, Combining Optimizations - Click
:page_facing_up: A Brief History of Just-In-Time - Aycock

JavaScript Engines

V8

:bar_chart: A tour of V8 garbage collection - Jay Conrod
V8 perf - Thorsten Lorenz
:movie_camera: TurboFan JIT Design - Ben L. Titzer
:bar_chart: Sea of Nodes - Fedor Indutny
:bar_chart: Digging into TurboFan JIT - V8's blog
:bar_chart: Jank Busters Part One - V8's blog
:bar_chart: JavaScript and V8’s TurboFan - Ariya Hidayat
:page_facing_up: Instrumenting V8 to Measure the Efficacy of Dynamic Optimizations on Production Code - Maass and Shafer
:bar_chart: V8 resources - Vyacheslav Egorov
:bar_chart: V8: Behind the Scenes (November Edition) - Benedikt Meurer
:bar_chart: The story of a V8 performance cliff in React - Benedikt Meurer and Mathias Bynens

JavaScriptCore

:bar_chart: Introducing FTL JIT - Webkit blog
:bar_chart: Introducing B3 JIT compiler - Webkit blog
:pencil: Bare Bones Backend - Webkit Documentation
:pencil: B3 Assembly IR - Webkit Documentation
:pencil: B3 IR - Webkit Documentation
:pencil: FTL JIT - Webkit Documentation
:bar_chart: Inside javascriptcore's low-level interpreter - Andy Wingo's blog

ChakraCore

:computer: List of performance hint descriptions - ChakraCore's repository
:microphone: Chakra, Microsoft's Open Source JavaScript Engine - JavaScriptAir
:pencil: ChakraCore Architecture overview - ChakraCore's wiki

SpiderMonkey

:bar_chart: Compacting Garbage Collection in SpiderMonkey - Mozilla Hacks
:bar_chart: SpiderMonkey Internals - MDN
:bar_chart: IonMonkey: Evil on your behalf - Mozilla's JavaScript blog
:bar_chart: IonMonkey: Optimizing Away - Mozilla's JavaScript blog
:bar_chart: The Unofficial Incomplete Spidermonkey Bibliography - Matthew Gaudet

Benchmarks

Inline caches

:bar_chart: PICing on JavaScript for fun and profit - Chris Leary

Garbage collection

:page_facing_up: On-the-fly Garbage Collection: An Exercise in Cooperation - Dijkstra, Lamport, Martin, Scholten, and Steffens
:bar_chart: Back to basic: Series on dynamic memory management - MSDN
Memory Management Reference
:page_facing_up: A non-recursive list compacting algorithm - Cheney
:page_facing_up: Generation Scavenging - Ungar
:page_facing_up: Reconciling Responsiveness with Performance in Pure Object-Oriented Languages - Hölzle and Ungar
:page_facing_up: Garbage Collection in an Uncooperative Environment - Boehm
:page_facing_up: Garbage Collection with Ambiguous Roots - Bartlett
:page_facing_up: Quantifying the Performance of Garbage Collection vs. Explicit Memory Management - Hertz and Berger
:page_facing_up: 'Infant Mortality' and Generational Garbage Collection - Baker
:page_facing_up: Fast Conservative Garbage Collection - Shahriyar, Blackburn and McKinley

Exploitation

:bar_chart: Introduction to SpiderMonkey exploitation - Axel "0vercl0k" Souchet
:bar_chart: Attacking JavaScript Engines: A case study of JavaScriptCore and CVE-2016-4622 - Samuel Groß
:bar_chart: Weaponization of a JavaScriptCore Vulnerability - RET2's blog
:bar_chart: Don't Follow The Masses: Bug Hunting in JavaScript Engines - Dimitri Fourny and Moritz Jodeit
:bar_chart: A journey into IonMonkey: root-causing CVE-2019-9810 - Axel "0vercl0k" Souchet
:bar_chart: Introduction to TurboFan -Jeremy Fetiveau

Name With Owner	a0viedo/demystifying-js-engines
Primary Language	JavaScript
Program language	(Language Count: 0)
Platform
License:	MIT License

Created At	2016-08-02 16:44:26
Pushed At	2019-12-11 16:37:55
Last Commit At	2019-12-11 13:37:43
Release Count	0

Stargazers Count	1.6k
Watchers Count	48
Fork Count	46
Commits Count	11
Has Issues Enabled
Issues Count	4
Issue Open Count	3
Pull Requests Count	0
Pull Requests Open Count	0
Pull Requests Close Count	0

Has Wiki Enabled
Is Archived
Is Fork
Is Locked
Is Mirror
Is Private

demystifying-js-engines

Github stars Tracking Chart