Sandboxing x86 (as opposed to RISC) code is difficult because variable-length x86 instructions are hard for the verifier to parse. In Molvania, however, code is shipped as ASCII assembly language source. The verifier modifies the source to ensure the following properties:

- Register %edx is only used to define the logical fault domain (i.e., for segment matching).

- Every instruction that modifies memory. . .

* . . . is relative to the stack or frame pointer (with a small enough offset not to go out of bounds), or

* . . . uses the %edx register for segment matching with the following code: mov DEST, %edx bound %edx,domainrange INST SRC, (%edx)

Here DEST is the memory location that is being written, domainrange is the location of pointers to the beginning and end of the fault domains data segment, the bound instruction traps if %edx is not within that range, and INST and SRC can be any instruction and source that modify the memory pointed to by DEST. The verifier allows relative branches to any byte within the fault domains code segment, but control transfers outside the code segment use a jump table which transfers to trusted code stubs not in the code segment. Explain how, even with this scheme, malicious code could escape the sandbox and modify other regions of a processs address space.