memory safety and weak references
bruant.d at gmail.com
Wed Mar 27 14:53:10 PDT 2013
Le 27/03/2013 01:55, David Herman a écrit :
> But we need to take this into account as we consider what to do about weak references in ES7.
From what I understand, doing exact rooting (instead of conservative
stack scanning) solves the problem or more precisely prevents the attack
by design (because the attack would be based on numbers being
interpreted as pointers addresses).
Assuming I understand correctly (and tell me if I don't), this is more
an attack based on an implementation detail than an attack based on the
inclusion of a weak references to the language, so I'm puzzled as to why
this attack should be taken into account when discussing the inclusion
of weak references.
Over the last month after Opera announced moving to WebKit, people on
Twitter have been rounds and rounds about Webkits monoculture and how
making spec decisions based on specific implementations is a bad thing
("if specs followed WebKit implementation, we couldn't have parallel
rendering engines like Servo", etc.). I don't see why that could be a
good thing at the ECMAScript level.
More information about the es-discuss