Another way to crash the VM (was:Re: [Vm-dev] pinning GC)

Igor Stasenko siguctua at gmail.com
Wed Jan 12 11:46:08 UTC 2011


>
> myMethod
>
>  x := 1.
>  self becomeForward: y.
>  x := 5.
>
> in the above, x is an instance variable of receiver.
> If become primitive turns receiver oop into forwarding corpse, now we
> have a problem that
> after returning back to given method, a bytecode will attempt to write
> new ivar value at old location,
> instead of a new one, since receiver reference are not updated and
> still points to old object memory location.
>

The code above crashing Squeak VM (and i guess Cog as well).

I wonder, what security measures can be added to VM in order to
prevent it from crashing or corrupting the object memory.

The problem is that at any moment, a receiver's identity could change
(it could be due to use of become either in some nested
message sends, or even in higher priority process, which interrupted a
current one), and after activating the context back,
we have a real problem, because there is no range/format checking for
receiver, to make sure that it is safe to continue run given
compiled method.


-- 
Best regards,
Igor Stasenko AKA sig.


More information about the Vm-dev mailing list