Safe Virtual Machine

A VirtualMachine that guarantees that the code it executes cannot violate its type, thus allowing security enforcement via type constraints.

Examples: One advantage of SafeVirtualMachine is to be able to apply TaglessGarbageCollection.
The JavaVirtualMachine uses this method to allow execution of UntrustedCode? in a SandBox. Multiple disjoint code spaces can coexist in one VirtualMachine. In Java this separation is controlled by ClassLoaders and SecurityManagers.
In doing some VisualBasicDotNet development, I got an exception that came from deep in the system libraries. The exception was "Attempted to access invalid memory. This is an indication that other memory is corrupt." After some investigation (and some pointless HeroicDebugging), I determined the crash was in handling the message <CB_ADDSTRING, 0, 0> in the underlying native control. A bit of investigation revealed the whole story: inserting an object whose ToString? method returned Nothing into the Items collection of a ComboBox caused a null pointer dereference deep inside the system.
See StronglyTypedWithoutLoopholes, ObjectCapabilityModel, ProofCarryingCode, TypedAssemblyLanguage

View edit of June 9, 2010 or FindPage with title or text search