Re: Safety of running and stopping dynamically loaded code


Bill Foote (Bill.Foote@eng.sun.com)
Fri, 19 Mar 1999 11:10:40 -0800 (PST)


David Chase wrote: > I can imagine, actually, certain ways to limit > these absolutelypositivelycomplete clauses. One is > to calculate, before entering one, the number of > computational units (whatever THOSE are) that will be > consumed by this code, and if that number is exceeded, > then the code is arbitrarily killed. One plausible > measure of computational unit is "backedge or call", > which corresponds to the places that a Java implementation > that polls for thread switches and interrupts must > check these things (I'm ignoring finalization and > thread creation in my accounting). Of course, the amount of > computing that must be performed might depend on the > inputs, so that number might itself might also depend > upon some calculation, whose length must also be bounded. It's interesting to note that PERC (http://www.newmonics.com) tries to do a simple form of this, but in the process it restricts the code it will accept to a subset of what Java is. In PERC, absolutelypositivelycomplete with restrictions roughly correspond to "atomic" and "timed" (my memory of the details are a bit fuzzy), and the restrictions amount to disallowing backwards branches in finally clauses, finalizers and the like. This is in interesting language choice, but it's certainly a restriction on Java language semantics. PERC is, in this regard, a restricted subset of Java. Bill -- Bill Foote bill.foote@eng.sun.com EmbeddedJava VM Group, Sun Microsystems http://java.sun.com/people/billf/ ---------------------------------------------------------------------------- To unsubscribe (or other requests) mailto:majordomo@media.mit.edu List archives, FAQ, member list, etc. http://gee.cs.oswego.edu/dl/javares/



This archive was generated by hypermail 2.0b3 on Fri Mar 19 1999 - 14:48:01 EST