{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T04:14:43Z","timestamp":1750220083251,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":32,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,6,14]],"date-time":"2022-06-14T00:00:00Z","timestamp":1655164800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,6,14]]},"DOI":"10.1145\/3520313.3534656","type":"proceedings-article","created":{"date-parts":[[2022,6,9]],"date-time":"2022-06-09T20:46:24Z","timestamp":1654807584000},"page":"9-15","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Modeling code manipulation in JIT compilers"],"prefix":"10.1145","author":[{"given":"HeuiChan","family":"Lim","sequence":"first","affiliation":[{"name":"University of Arizona, USA"}]},{"given":"Xiyu","family":"Kang","sequence":"additional","affiliation":[{"name":"University of Arizona, USA"}]},{"given":"Saumya","family":"Debray","sequence":"additional","affiliation":[{"name":"University of Arizona, USA"}]}],"member":"320","published-online":{"date-parts":[[2022,6,14]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Ng Zhi An. 2019. Issue 9980 Fix. https:\/\/chromium.googlesource.com\/v8\/v8.git\/+\/d9feec111268d796d46b3e48511ba11738006dc8%5E%21\/#F0  Ng Zhi An. 2019. Issue 9980 Fix. https:\/\/chromium.googlesource.com\/v8\/v8.git\/+\/d9feec111268d796d46b3e48511ba11738006dc8%5E%21\/#F0"},{"key":"e_1_3_2_1_2_1","volume-title":"Proc. Sixth International Workshop on Coq for Programming Languages (CoqPL\u201920)","author":"Barri\u00e8re Aur\u00e8le","year":"2020","unstructured":"Aur\u00e8le Barri\u00e8re , Sandrine Blazy , and David Pichardie . 2020 . Towards Formally Verified Just-in-Time Compilation . In Proc. Sixth International Workshop on Coq for Programming Languages (CoqPL\u201920) . Aur\u00e8le Barri\u00e8re, Sandrine Blazy, and David Pichardie. 2020. Towards Formally Verified Just-in-Time Compilation. In Proc. Sixth International Workshop on Coq for Programming Languages (CoqPL\u201920)."},{"key":"e_1_3_2_1_3_1","volume-title":"Proceedings of the 29th USENIX Security Symposium. 235\u2013252","author":"Blazytko Tim","year":"2020","unstructured":"Tim Blazytko , Moritz Schl\u00f6gel , Cornelius Aschermann , Ali Abbasi , Joel Frank , Simon W\u00f6rner , and Thorsten Holz . 2020 . Aurora: Statistical Crash Analysis for Automated Root Cause Explanation . In Proceedings of the 29th USENIX Security Symposium. 235\u2013252 . Tim Blazytko, Moritz Schl\u00f6gel, Cornelius Aschermann, Ali Abbasi, Joel Frank, Simon W\u00f6rner, and Thorsten Holz. 2020. Aurora: Statistical Crash Analysis for Automated Root Cause Explanation. In Proceedings of the 29th USENIX Security Symposium. 235\u2013252."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/143095.143108"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2009.5070506"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/177492.177517"},{"key":"e_1_3_2_1_7_1","unstructured":"Intel Corp.. 2019. Intel XED. https:\/\/intelxed.github.io Accessed 2020-08-23  Intel Corp.. 2019. Intel XED. https:\/\/intelxed.github.io Accessed 2020-08-23"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/53990.54003"},{"key":"e_1_3_2_1_9_1","unstructured":"V8 Developer. 2016. Issue 5129: Turbofan changes x - y < 0 to x < y which is not equivalent when (x - y) overflows. https:\/\/bugs.chromium.org\/p\/v8\/issues\/detail?id=5129  V8 Developer. 2016. Issue 5129: Turbofan changes x - y < 0 to x < y which is not equivalent when (x - y) overflows. https:\/\/bugs.chromium.org\/p\/v8\/issues\/detail?id=5129"},{"key":"e_1_3_2_1_10_1","unstructured":"V8 Developer. 2019. Issue 9980. https:\/\/bugs.chromium.org\/p\/v8\/issues\/detail?id=9980&q=9980&can=2  V8 Developer. 2019. Issue 9980. https:\/\/bugs.chromium.org\/p\/v8\/issues\/detail?id=9980&q=9980&can=2"},{"key":"e_1_3_2_1_11_1","unstructured":"V8 Developer. 2019. Proof-of-Concept of Issue 9980. https:\/\/bugs.chromium.org\/p\/v8\/issues\/attachmentText?aid=422581  V8 Developer. 2019. Proof-of-Concept of Issue 9980. https:\/\/bugs.chromium.org\/p\/v8\/issues\/attachmentText?aid=422581"},{"key":"e_1_3_2_1_12_1","unstructured":"WebKit Developers. 2014. DFG JIT. https:\/\/trac.webkit.org\/browser\/trunk\/Source\/JavaScriptCore\/dfg Accessed 2022-04-23  WebKit Developers. 2014. DFG JIT. https:\/\/trac.webkit.org\/browser\/trunk\/Source\/JavaScriptCore\/dfg Accessed 2022-04-23"},{"key":"e_1_3_2_1_13_1","unstructured":"Jeremy Fetiveau. 2019. Introduction to TurboFan. https:\/\/doar-e.github.io\/blog\/2019\/01\/28\/introduction-to-turbofan\/ Accessed 2022-01-22  Jeremy Fetiveau. 2019. Introduction to TurboFan. https:\/\/doar-e.github.io\/blog\/2019\/01\/28\/introduction-to-turbofan\/ Accessed 2022-01-22"},{"key":"e_1_3_2_1_14_1","unstructured":"Mozilla Foundation. 2016. IonMonkey\/MIR. https:\/\/wiki.mozilla.org\/IonMonkey\/MIR Accessed 2022-01-22  Mozilla Foundation. 2016. IonMonkey\/MIR. https:\/\/wiki.mozilla.org\/IonMonkey\/MIR Accessed 2022-01-22"},{"key":"e_1_3_2_1_15_1","unstructured":"OpenJS Foundation. 2009. node.js. https:\/\/github.com\/nodejs\/node Accessed 2022-02-18  OpenJS Foundation. 2009. node.js. https:\/\/github.com\/nodejs\/node Accessed 2022-02-18"},{"key":"e_1_3_2_1_16_1","unstructured":"Google. 2008. v8 JavaScript Engine. https:\/\/v8.dev\/ Accessed 2022-01-18  Google. 2008. v8 JavaScript Engine. https:\/\/v8.dev\/ Accessed 2022-01-18"},{"key":"e_1_3_2_1_17_1","unstructured":"Google. n.d. Google Chromium Bug Report Community. https:\/\/bugs.chromium.org\/p\/v8\/issues\/list Accessed 2022-01-15  Google. n.d. Google Chromium Bug Report Community. https:\/\/bugs.chromium.org\/p\/v8\/issues\/list Accessed 2022-01-15"},{"key":"e_1_3_2_1_18_1","unstructured":"Apple Inc.. 2014. JavaScriptCore DFG Source Code. https:\/\/trac.webkit.org\/browser\/trunk\/Source\/JavaScriptCore\/dfg Accessed 2022-01-22  Apple Inc.. 2014. JavaScriptCore DFG Source Code. https:\/\/trac.webkit.org\/browser\/trunk\/Source\/JavaScriptCore\/dfg Accessed 2022-01-22"},{"key":"e_1_3_2_1_19_1","unstructured":"Fedor Indutny. 2015. Sea of Nodes. Accessed 2022-02-22  Fedor Indutny. 2015. Sea of Nodes. Accessed 2022-02-22"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/1321631.1321660"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/1869459.1869481"},{"key":"e_1_3_2_1_22_1","unstructured":"Piotr Krysiuk. 2021. [CVE-2021-29154] Linux kernel incorrect computation of branch displacements in BPF JIT compiler can be abused to execute arbitrary code in Kernel mode. https:\/\/www.openwall.com\/lists\/oss-security\/2021\/04\/08\/1  Piotr Krysiuk. 2021. [CVE-2021-29154] Linux kernel incorrect computation of branch displacements in BPF JIT compiler can be abused to execute arbitrary code in Kernel mode. https:\/\/www.openwall.com\/lists\/oss-security\/2021\/04\/08\/1"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/780822.781148"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/3453933.3454021"},{"key":"e_1_3_2_1_25_1","first-page":"190","article-title":"Pin: Building Customized Program Analysis Tools with Dynamic Instrumentation. In Proc. ACM Conference on Programming Language Design and Implementation (PLDI)","author":"Luk C.-K.","year":"2005","unstructured":"C.-K. Luk , R. Cohn , R. Muth , H. Patil , A. Klauser , G. Lowney , S. Wallace , V. J. Reddi , and K. Hazelwood . 2005 . Pin: Building Customized Program Analysis Tools with Dynamic Instrumentation. In Proc. ACM Conference on Programming Language Design and Implementation (PLDI) . Chicago , IL. 190 \u2013 200 . C.-K. Luk, R. Cohn, R. Muth, H. Patil, A. Klauser, G. Lowney, S. Wallace, V. J. Reddi, and K. Hazelwood. 2005. Pin: Building Customized Program Analysis Tools with Dynamic Instrumentation. In Proc. ACM Conference on Programming Language Design and Implementation (PLDI). Chicago, IL. 190\u2013200.","journal-title":"Chicago"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/1706299.1706313"},{"key":"e_1_3_2_1_27_1","volume-title":"14th USENIX Symposium on Operating Systems Design and Implementation (OSDI 20)","author":"Nelson Luke","year":"2020","unstructured":"Luke Nelson , Jacob Van Geffen , Emina Torlak , and Xi Wang . 2020 . Specification and verification in the field: Applying formal methods to BPF just-in-time compilers in the Linux kernel . In 14th USENIX Symposium on Operating Systems Design and Implementation (OSDI 20) . 41\u201361. Luke Nelson, Jacob Van Geffen, Emina Torlak, and Xi Wang. 2020. Specification and verification in the field: Applying formal methods to BPF just-in-time compilers in the Linux kernel. In 14th USENIX Symposium on Operating Systems Design and Implementation (OSDI 20). 41\u201361."},{"key":"e_1_3_2_1_28_1","volume-title":"Proceedings of the 1st Java Virtual Machine Research and Technology Symposium","author":"Paleczny Michael","year":"2001","unstructured":"Michael Paleczny , Christopher A. Vick , and Cliff Click . 2001 . The Java HotSpot Server Compiler . In Proceedings of the 1st Java Virtual Machine Research and Technology Symposium , April 23-24, 2001, Monterey, CA, USA, Saul Wold (Ed.). USENIX. http:\/\/www.usenix.org\/publications\/library\/proceedings\/jvm01\/paleczny.html Michael Paleczny, Christopher A. Vick, and Cliff Click. 2001. The Java HotSpot Server Compiler. In Proceedings of the 1st Java Virtual Machine Research and Technology Symposium, April 23-24, 2001, Monterey, CA, USA, Saul Wold (Ed.). USENIX. http:\/\/www.usenix.org\/publications\/library\/proceedings\/jvm01\/paleczny.html"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2013.6693093"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/ITC30.2018.00039"},{"key":"e_1_3_2_1_31_1","unstructured":"Max Van Amerongen. 2020. Exploiting CVE-2019-17026 - A Firefox JIT Bug. https:\/\/labs.f-secure.com\/blog\/exploiting-cve-2019-17026-a-firefox-jit-bug\/  Max Van Amerongen. 2020. Exploiting CVE-2019-17026 - A Firefox JIT Bug. https:\/\/labs.f-secure.com\/blog\/exploiting-cve-2019-17026-a-firefox-jit-bug\/"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICSE.2012.6227210"}],"event":{"name":"SOAP '22: 11th ACM SIGPLAN International Workshop on the State Of the Art in Program Analysis","sponsor":["SIGPLAN ACM Special Interest Group on Programming Languages"],"location":"San Diego CA USA","acronym":"SOAP '22"},"container-title":["Proceedings of the 11th ACM SIGPLAN International Workshop on the State Of the Art in Program Analysis"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3520313.3534656","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3520313.3534656","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T18:09:31Z","timestamp":1750183771000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3520313.3534656"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,6,14]]},"references-count":32,"alternative-id":["10.1145\/3520313.3534656","10.1145\/3520313"],"URL":"https:\/\/doi.org\/10.1145\/3520313.3534656","relation":{},"subject":[],"published":{"date-parts":[[2022,6,14]]},"assertion":[{"value":"2022-06-14","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}