Re: How to develop a random number generation device

On Sat, 15 Sep 2007 07:14:28 -0700, MooseFET wrote:

Please explain how "An OS can surely make it impossible to write safe
code and a real OS is required to make safe code possible" addresses the
question of whether the OS can prevent buffer overruns.

You seem to be confusing "Windows" and an "OS".

You seem to be confusing whether it is possible to address an issue with
whether a particular statement actually addresses the issue.

Please read my actual question, quoted above, and removed from any
irrelevant context which might confuse the issue.

FWIW, I have no problem with either "An OS can surely make it impossible
to write safe code" or "a real OS is required to make safe code possible".
However, they don't appear to address the question which was actually
being asked.

If it helps, that question can be rephrased as whether an OS (any OS)
can "make unsafe code impossible", which is a different property to either
of those given.

AFAICT, you cannot do this without sacrificing the ability to run
arbitrary chunks of machine code, which appears to be a "must have"
feature for any OS (if there are OSes which don't allow this, they have
yet to escape from the lab).

Actually, even if you do sacrifice that ability, you can't truly
eliminate buffer overruns. If the OS only allows you to run e.g. Java
bytecode, you can write an x86 emulator in Java then feed it x86 code
which contains buffer-overrun bugs. Requiring the use of a higher-level
language simply means that a programmer has to make some effort to get
buffer overruns.

All things considered, eliminating buffer overruns is something which
should be the responsibility of the language. If you don't allow unbounded
arrays (i.e. referring to an array by its start address and relying upon
the programmer to keep track of where it ends), buffer overruns aren't an
issue. Once the program has been compiled into machine code, the
information which is required has been lost.

.

Relevant Pages

  • Re: How to develop a random number generation device
    ... question of whether the OS can prevent buffer overruns. ... to write safe code" or "a real OS is required to make safe code possible". ... Requiring the use of a higher-level ... language simply means that a programmer has to make some effort to get ...
    (sci.electronics.design)
  • Re: [Lit.] Buffer overruns
    ... We might have seen fewer buffer overruns if the latter had ... You can say that C strings work as defined, so any mistakes ... real problem, you want a real solution, and two come to ... programmers sometimes makes mistakes (hell, ...
    (sci.crypt)
  • Re: How to develop a random number generation device
    ... question of whether the OS can prevent buffer overruns. ... to write safe code" or "a real OS is required to make safe code possible". ... I'm not talking about process isolation. ...
    (sci.electronics.design)
  • Re: How to develop a random number generation device
    ... Perhaps buffer overruns can't be prevented using ... required to make safe code possible. ... Actually, with the *nix permissions system, that's pretty much ...
    (sci.electronics.design)
  • Re: How to develop a random number generation device
    ... required to make safe code possible. ... question of whether the OS can prevent buffer overruns. ... One CPU would do nothing but manage the ... high-performance CPUs would be assigned to user tasks. ...
    (sci.electronics.design)