API allows using data managed by one VM with another VM (unsound)

Question

API allows using data managed by one VM with another VM (unsound)

Opened this issue a year ago · 2 comments

SpecificProtagonist commented a year ago

The API allows data (CallStack, AbstractObject, ClassRefm …) managed by one VM to be used with another VM. This allows e.g. storing a pointer to an object on the heap of vm1 in a static field in the heap of vm2. If a garbage collection then triggers on vm1, the static field on vm2 now points to cleared/invalid data.

Answer 1 · 2023-09-07T09:33:17.000Z

That is a good observation, however I am unsure how to fix it. If you have any ideas on how to do it, I would love the guidance. :-)

More precisely, I have some idea on how to fix it at runtime, but is there any way to fix it at compile time? If I changed the Vm definition so that it does not have a lifetime, but each method returns data that is bound to the lifetime of the Vm, for example:

impl Vm {
      pub <'a> fn allocate_call_stack(&'a mut self) -> &'a mut CallStack<'a>
}

that still would not fix the issue, no?

Answer 2 · 2023-09-07T10:41:16.000Z

Yep, even with closure trickery you can't limit a lifetime to a single object, and even if you'd try to do something with a const generic parameter, different VMs having different types would limit what you could do with them (e.g. can't them into a collection). So runtime it is (or alternatively making the VM a singleton :/ ).