January 09, 2013
On Wednesday, January 09, 2013 14:14:15 Walter Bright wrote:
> On 1/9/2013 1:23 PM, Mehrdad wrote:
> > And are you considering reference counting to be garbage collection like Walter does,
> 
> It's not something I came up with. It is generally accepted that ref counting is a form of garbage collection.

I definitely would never have referred to reference counting as garbage collection and find it quite odd that it would be considered to be such, but Wikipedia does indeed list it as being a form of garbage collection:

http://en.wikipedia.org/wiki/Garbage_collection_(computer_science)

So, it's backing you up in your usage of the term.

- Jonathan M Davis
January 09, 2013
On Wednesday, 9 January 2013 at 21:13:35 UTC, H. S. Teoh wrote:
> Dereferencing null is also moot, because you'll just get an exception or a segfault, which is no help for a potential expoit.

BTW, not necessarily... this is a fairly unlikely situation, granted, but imagine:

struct Thing {
    ubyte[1024*1024] buffer;
    int a;
}

Thing* t = null;
t.a = 10;


That'd turn into something like

mov eax, 0 ; the pointer value itself
mov dword ptr [eax + 1024*1024], 10 ; add the offset of the field before doing the read/write...


which quite possibly does overwrite something exploitable.
January 09, 2013
On 1/9/13 1:23 PM, Mehrdad wrote:
> On Wednesday, 9 January 2013 at 21:14:56 UTC, Andrei Alexandrescu wrote:
>> If it holds the actual address you can't implement memory reclamation
>> and keep it safe.
>>
>> Andrei
>
>
> You mean because of circular references, or something else?
>
> And are you considering reference counting to be garbage collection like
> Walter does, or are you claiming refcounting won't solve this problem
> but GC will?

This is a bit of a crash course in GC and formal semantics in the form of a Q&A, which is rather inefficient.

The topic of GC and memory safety is well studied but unfortunately little information about it is available in book format. I suggest you start e.g. with http://llvm.org/pubs/2003-05-05-LCTES03-CodeSafety.pdf and the papers it refers to get a grip on the challenges and tradeoffs involved.

If anyone has better suggestions of reading materials, please chime in - I'd be very interested as well.


Thanks,

Andrei
January 09, 2013
On Wednesday, 9 January 2013 at 23:14:37 UTC, Andrei Alexandrescu wrote:
> On 1/9/13 1:23 PM, Mehrdad wrote:
>> On Wednesday, 9 January 2013 at 21:14:56 UTC, Andrei Alexandrescu wrote:
>>> If it holds the actual address you can't implement memory reclamation
>>> and keep it safe.
>>>
>>> Andrei
>>
>>
>> You mean because of circular references, or something else?
>>
>> And are you considering reference counting to be garbage collection like
>> Walter does, or are you claiming refcounting won't solve this problem
>> but GC will?
>
> This is a bit of a crash course in GC and formal semantics in the form of a Q&A, which is rather inefficient.
>
> The topic of GC and memory safety is well studied but unfortunately little information about it is available in book format. I suggest you start e.g. with http://llvm.org/pubs/2003-05-05-LCTES03-CodeSafety.pdf and the papers it refers to get a grip on the challenges and tradeoffs involved.
>
> If anyone has better suggestions of reading materials, please chime in - I'd be very interested as well.
>
>
> Thanks,
>
> Andrei

My favorite GC book:

http://www.amazon.com/Garbage-Collection-Algorithms-Automatic-Management/dp/0471941484/ref=sr_1_2?s=books-intl-de&ie=UTF8&qid=1357774599&sr=1-2


January 09, 2013
On 1/9/13 3:38 PM, Paulo Pinto wrote:
> My favorite GC book:
>
> http://www.amazon.com/Garbage-Collection-Algorithms-Automatic-Management/dp/0471941484/ref=sr_1_2?s=books-intl-de&ie=UTF8&qid=1357774599&sr=1-2

I own the more recent edition and made a pass through it but I don't think it discusses safety that much. Any chapter I should be looking at?

Andrei
January 10, 2013
On 1/9/2013 3:14 PM, Andrei Alexandrescu wrote:
> If anyone has better suggestions of reading materials, please chime in - I'd be
> very interested as well.

"Garbage Collection" is the K+R of garbage collection:

http://digitalmars.com/bibliography.html#Compilers

January 10, 2013
On 1/9/2013 2:30 PM, Adam D. Ruppe wrote:
> On Wednesday, 9 January 2013 at 21:13:35 UTC, H. S. Teoh wrote:
>> Dereferencing null is also moot, because you'll just get an exception or a
>> segfault, which is no help for a potential expoit.
>
> BTW, not necessarily... this is a fairly unlikely situation, granted, but imagine:

And that is not dereferencing null, it is dereferencing 0x1000000.
January 10, 2013
On Thursday, 10 January 2013 at 00:18:26 UTC, Walter Bright wrote:
> And that is not dereferencing null, it is dereferencing 0x1000000.

Yes, but it is worth noting that dmd will happily compile that code, even if marked @safe - just because the pointer on the language level is null doesn't mean it is memory safe at the assembly level.

the generated code with @safe is still just what we'd expect too:
   3:   31 c0                   xor    eax,eax
   5:   c7 80 00 00 10 00 0a    mov    DWORD PTR [eax+0x100000],0xa
January 10, 2013
On Wednesday, 9 January 2013 at 23:38:10 UTC, Paulo Pinto wrote:
> On Wednesday, 9 January 2013 at 23:14:37 UTC, Andrei Alexandrescu wrote:
>> On 1/9/13 1:23 PM, Mehrdad wrote:
>>> On Wednesday, 9 January 2013 at 21:14:56 UTC, Andrei Alexandrescu wrote:
>>>> If it holds the actual address you can't implement memory reclamation
>>>> and keep it safe.
>>>>
>>>> Andrei
>>>
>>>
>>> You mean because of circular references, or something else?
>>>
>>> And are you considering reference counting to be garbage collection like
>>> Walter does, or are you claiming refcounting won't solve this problem
>>> but GC will?
>>
>> This is a bit of a crash course in GC and formal semantics in the form of a Q&A, which is rather inefficient.
>>
>> The topic of GC and memory safety is well studied but unfortunately little information about it is available in book format. I suggest you start e.g. with http://llvm.org/pubs/2003-05-05-LCTES03-CodeSafety.pdf and the papers it refers to get a grip on the challenges and tradeoffs involved.
>>
>> If anyone has better suggestions of reading materials, please chime in - I'd be very interested as well.
>>
>>
>> Thanks,
>>
>> Andrei
>
> My favorite GC book:
>
> http://www.amazon.com/Garbage-Collection-Algorithms-Automatic-Management/dp/0471941484/ref=sr_1_2?s=books-intl-de&ie=UTF8&qid=1357774599&sr=1-2

I have that one and it is very informative : http://www.amazon.com/The-Garbage-Collection-Handbook-Management/dp/1420082795/
January 10, 2013
On Thursday, 10 January 2013 at 00:50:30 UTC, Adam D. Ruppe wrote:
> Yes, but it is worth noting that dmd will happily compile that code, even if marked @safe - just because the pointer on the language level is null doesn't mean it is memory safe at the assembly level.

See: http://d.puremagic.com/issues/show_bug.cgi?id=5176

David