[cap-talk] Capabilities and value types?

Sandro Magi naasking at higherlogics.com
Wed Nov 1 19:19:23 CST 2006


So, from a language perspective, a capability is an object reference;
very simple to explain. But what about types with value semantics? ie.
C# System.ValueType and structs.

//structs are stack-allocated
public struct /*class*/ Test {
  bool enabled = true;
 
  public void Run() {
    while(enabled) {
      Console.WriteLine("Still going..."); }
    }
    Console.WriteLine("Revoked!");
  }
  //t is a new COPY of Test
  public static void RunTest(Test capToTest) {
    new Thread(capToTest.Run).Start();
    Thread.Sleep(1000);
  }
  public static void Main(string[] args) {
    Test capToTest = new Test();
    RunTest(capToTest);
    //when a struct this disables the original instance,
    //not the copy that RunTest() got
    capToTest.enabled = false;
    Console.ReadLine();
  }
}

The above behaves differently when Test is a struct, and a class. As a
class, the loop terminates. As a struct, it runs forever.

I'm not sure it's a huge deal other than "programmer beware", but in
trying to map capabilities as access control to the language's
semantics, I'm at a bit of a loss. Is "capToTest" a capability?

Given value semantics, I would conclude that a variable bound to a
struct either:

1. is not a capability
2. is a capability to an object whose behaviour is bound to the
capability (ie. clone-on-capability-copy)

Perhaps this seems overly complicated only because System.ValueType
inherits from System.Object; really, a struct is only a tuple of data
and/or references, which is fully covered by the capability model. How
to explain this clearly though?

Sandro


More information about the cap-talk mailing list