Invited Experts Questions

Verifying Web Sandboxes (Arjun Guha)

  1. To verify that ADsafe works correctly, the authors had to first determine the security properties that ADsafe tries to enforce. There were four properties. Pick one of the properties and describe it.
  2. Instead of verifying the code of JSLint, the authors modeled its behavior using types. However, the type-based model did not exactly match what JSLint does. Why was this okay?
  3. Imagine you wanted to build your own Web sandbox and have some assurance that it is secure. What might be good ways to proceed?

Incremental and Concurrent Garbage Collection (Jan Vitek)

  1. Give an example of how careless incremental collection can result in live objects being marked dead and vice versa.
  2. In the incremental/concurrent algorithm presented for copying collectors, a write operation can sometimes fail. What is the simplest way to ensure that copy never fails, and what is its major drawback because of which that solution is never used?
  3. The presentation ended by discussing in incremental/concurrent algorithm for copying collectors. Try to sketch that code for write and read operations in an incremental (but not concurrent) mark-and-sweep collector for programs that never create large arrays.

Parsing Ad-Hoc Data (Kathleen Fisher)

  1. What makes processing ad hoc data difficult?
  2. Pick an ad hoc data format you've had to deal with, and write a PADS description for it.

Submit at this link: