Invited Experts Questions
Verifying Web Sandboxes (Arjun Guha)
To verify that ADsafe works correctly, the authors had to first
determine the security properties that ADsafe tries to
enforce. There were four properties. Pick one of the properties
and describe it.
Instead of verifying the code of JSLint, the authors modeled its
behavior using types. However, the type-based model did not
exactly match what JSLint does. Why was this okay?
Imagine you wanted to build your own Web sandbox and have some
assurance that it is secure. What might be good ways to proceed?
Incremental and Concurrent Garbage Collection (Jan Vitek)
Give an example of how careless incremental collection can result
in live objects being marked dead and vice versa.
In the incremental/concurrent algorithm presented for copying
collectors, a write operation can sometimes fail. What is the
simplest way to ensure that copy never fails, and what is its
major drawback because of which that solution is never used?
The presentation ended by discussing in incremental/concurrent
algorithm for copying collectors. Try to sketch that code for
write and read operations in an incremental (but not concurrent)
mark-and-sweep collector for programs that never create large
Parsing Ad-Hoc Data (Kathleen Fisher)
What makes processing ad hoc data difficult?
Pick an ad hoc data format you've had to deal with, and write a
PADS description for it.
Submit at this link: