The bootstrapping operations for the sandbox escape exploit are written to run on this logic circuit and the whole thing runs in this weird, emulated environment created out of a single decompression pass through a JBIG2 stream. It's pretty incredible, and at the same time, pretty terrifying.
Whole article how they made it - https://googleprojectzero.blogspot.com
Explanation what they have made - Pegasus_(spyware).
The lesson from the whole article is that there are still programmers who can work without using https://stackoverflow.com!
As we say in my homeland - "the road to hell is paved with good intentions ..."
The result of their briliant work is simply awwful!
Please note another interesting idea, using the same concept - "Open Redstone project" and his description.