[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: Bytecode: Safe or not? / luac manual
- From: Stefan Reich <stefan.reich.maker.of.eye@...>
- Date: Tue, 1 Nov 2011 14:48:36 +0000
On Tue, Nov 1, 2011 at 1:51 PM, Rob Kendrick <rjek@rjek.com> wrote:
> The halting problem is impossible to solve. A byte code verifier is a
> halting problem. Thus, a perfect byte code verifier cannot exist.
What? How is a byte code verifier a halting problem? Doesn't it depend
on the format of the byte code and how the VM operates?
Verification, to me, means assuring the byte code will not crash the
VM or access internals in wrong ways.
That is easily possible with many VMs. For example, a C64 emulator can
in all likelihood not be crashed by bad C64 code. It just doesn't work
that way as 6510 assembly instructions are easy to control. (Only
controlled halting of the VM is possible.)
Also, I once wrote a VM for an assembly language with only one
instruction. That was also very easily verifiable bytecode.
Also, Java has a bytecode verifier that, AFAIK, has no known vulnerabilities.
So a bytecode verifier is obviously different from a halting problem.
>> Don't you rather want to contribute something related to the topic?
>
> He did. And as a bonus, he didn't bring up some fantasy about us not
> using money by next year. *That* is off-topic.
Haha. No it's not. It's extremely important and very real. Because
many people believe - wrongly - that money is something that will
continue to exist. And base their lives on this fantasy.
I offer you reality. Are you ready for it? Seems like you're a little
outside of it, Rob.
And since you chose to attack me: Who are you anyway? All I found on
your homepage is:
"Rob Kendrick has no website design skills."
Sounds... uhm, "impressive" :)
Cheers,
Stefan
