[kaffe] kaffe's default is now to verify all untrusted files

Rob Gonzalez rgonzale@wso.williams.edu
Mon Jun 30 12:37:01 2003


Hi everyone,

My recent checkin means that, by default, kaffe will now perform
verification on all nontrusted class files (i.e. those not found in the
bootclasspath).

I also checked in pass 3a of bytecode verification, which checks most
static constraints of the bytecode (such as that no branch goes into the
middle of an instruction, etc.).

None of the regression checks break with this checkin, but it is certainly
possible that there are bugs in it and that the verifier will complain
about safe files.  The set of classes that I've been testing it on a
pretty small, and it's been difficult to match Sun's JVM behavior, which
is more liberal than it's specification.

If people experience serious problems with the verifier, I'll just go
ahead and turn it off by default until they are resolved.  Hopefully this
won't be necessary ;)

Pass 3b, which performs static type checking on bytecode, will probably be
ready for checkin sometime this weekend.  At that point, kaffe will have a
complete bytecode verifier and will be able to run untrusted code!

Cheers,
Rob