Editing Just-in-time compilation (section)

== Security ==

JIT compilation fundamentally uses executable data, and thus poses security challenges and possible exploits.

Implementation of JIT compilation consists of compiling source code or byte code to machine code and executing it. This is generally done directly in memory: the JIT compiler outputs the machine code directly into memory and immediately executes it, rather than outputting it to disk and then invoking the code as a separate program, as in usual ahead of time compilation. In modern architectures this runs into a problem due to [[executable space protection]]: arbitrary memory cannot be executed, as otherwise there is a potential security hole. Thus memory must be marked as executable; for security reasons this should be done ''after'' the code has been written to memory, and marked read-only, as writable/executable memory is a security hole (see [[W^X]]).<ref name="Bendersky" /> For instance Firefox's JIT compiler for Javascript introduced this protection in a release version with Firefox 46.<ref name="De Mooij" />

[[JIT spraying]] is a class of [[computer security exploit]]s that use JIT compilation for [[heap spraying]]: the resulting memory is then executable, which allows an exploit if execution can be moved into the heap.