Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
Tokumei-no-hito 4 days ago

it's interesting that a lot of innovation happened on mobile runtimes to deal with apples JIT restriction. what was that about and why didn't android have the constraint?

of course i can look it up, but you probably have a better insight than the slop i'll find off google.

thanks for the article. these days it's rare to see something so well researched and written while still being able to tell it was authored by a human. cheers

toast0 4 days ago | parent | next [-]

Apple has a JIT restriction because JIT introduces native code that was not present during app review, and app review is where they prohibit calling non-public APIs, at least historically.

Android doesn't have a JIT restriction. API restrictions are expected to be enforced at runtime, not through review time checks.

quotemstr 4 days ago | parent [-]

> Apple has a JIT restriction because JIT introduces native code that was not present during app review, and app review is where they prohibit calling non-public APIs, at least historically.

Another regrettable thing about our industry is the proliferation of locked-gate-in-an-open-field-tier security theater. Apple's PROT_EXEC restriction has zero security benefit: anything JIT-compiled code can do, interpreted code can do too.

(In the same vein, macOS Santa (used by many a tech company to police programs runnable on Apple developer endpoints) doesn't restrict script launches at all. The interpreters that Apple ships with macOS have built-in FFIs like Python ctypes that enables programs launched using these interpreters to do anything a Mach-O binary can do.)

While I respect the sweat and cleverness that went into making JS runtimes work efficiently while wearing Apple's no-PROT_EXEC hairshirt, none of this work ought to have been necessary. Imagine how much further ahead the industry would be if these big brains had focused on solving some other problem.

LinguaBrowse 4 days ago | parent [-]

I totally agree that the lack of JIT has been a huge waste of human resources. NativeScript and React Native have had to move so many mountains to make viable software despite it.

LinguaBrowse 4 days ago | parent | prev [-]

The other reploies seem to have answered it! I've never understood why iOS allows JIT inside WKWebView yet not inside bare JavaScriptCore. Maybe because WKWebView runs in its own separate process while a JavaScriptCore instance would run in-process? As for Android, guess Google are just a little more gung-ho?

> thanks for the article. these days it's rare to see something so well researched and written while still being able to tell it was authored by a human. cheers

Really appreciated, thanks! I do despaire that the ease of generating content with AI disincentivises (and discourages) authors from expending real effort, but there's a satisfying inflection point at which you can be sure you've written something that an LLM couldn't possibly have come up with.