[Vm-dev] Re: SegmentationFault in with OmniBrowser
philippe.marschall at gmail.com
Tue May 22 18:21:06 UTC 2007
2007/5/22, John M McIntosh <johnmci at smalltalkconsulting.com>:
> Well a CPU is a bytecode reader in a sense too. When I was working on
> a 68K assembler interface for Ian's squeak compiler I was surprised
> to see
> many instructions could be created that were not covered in the op
> code manual. Also I recall in the days of VirtualPC that team
> discovered certain
> i386 machine sequences which would effectively crash the microcode,
> anyone recall what that "bug" was. Certainly I remember patchs being
> loaded on
> my linux box to prevent the problem from happening, once it had been
> leaked to the internet.
> Lastly if this verify is so perfect, why the Java exploits I read
> about from time to time?
Sandbox violations. I think they have been around since Java exists. I
think most update releases fix one of them and you only hear about
them once they are fixed. I don't know if .Net is any better in this
> On May 22, 2007, at 11:03 AM, tim Rowledge wrote:
> > On 22-May-07, at 10:56 AM, Philippe Marschall wrote:
> >> Java has a bytecode verifyer to prevent these problems with zero
> >> runtime cost (if you don't count class loading). Squeak could have
> >> the
> >> same.
> > Absolutely irrelevant to the problem in question. Smalltalk has a
> > 'bytecode verifier' too - it's called the compiler. It too makes
> > sure the bytecodes are suitable as it 'loads' them.
> > The problem is that if some *other* tool is generating bytecodes it
> > can make 'bad' ones that will stomp over other objects. Just as in
> > java you could etc etc. At least, I assume java could have a tool
> > to generate bytecodes and run them? I wouldn't really know, never
> > having had anything to do with it.
> > tim
> > --
> > tim Rowledge; tim at rowledge.org; http://www.rowledge.org/tim
> > Gotta run, the cat's caught in the printer.
> John M. McIntosh <johnmci at smalltalkconsulting.com>
> Corporate Smalltalk Consulting Ltd. http://www.smalltalkconsulting.com
More information about the Vm-dev