[cap-talk] Wikipedia: Object-capability model - reference vs. capability?

Mark S. Miller markm at cs.jhu.edu
Thu Jan 18 11:19:19 CST 2007


Jonathan S. Shapiro wrote:
> On Wed, 2007-01-17 at 13:17 -0800, David Wagner wrote:
> 
>>> I think we reached consensus that the EQ operation ought to be allowed,
>>> though not required, in obj-cap systems.
>> I didn't sign on to such a consensus.  I think it's reasonable to
>> allow EQ to be applied to non-selfless objects, but unreasonable to
>> allow EQ to be applied to selfless objects.
> 
> David:
> 
> While I think I understand where you are going with this, it violates
> about 45 years of programming language convention. For example, in LISP
> it has long been the case that bignums were selfless, and that two
> bignums having the same value were EQ?

Perhaps you made a parity error above? I would think your point is made by 
observing (correctly) that in Lisp, two bignums that have the same value may 
nevertheless not be EQ. While this is true of actual Lisps, it has proven 
notoriously tricky to give a precise semantics to. In particular, the VLisp 
effort, to do a verified Scheme implementation, singles out the awful 
semantics of Lisp's (and Scheme's) EQ as something that gave them grief.

Not only is the semantics poorly defined, it is also unhelpful. Henry Baker's 
EGAL primitive <http://home.pipeline.com/~hbaker1/ObjectIdentity.html> is a 
clean and useful alternative.


>>From an implementation perspective, it is desirable in a dynamically
> typed language to have *some* equality operator that is known to operate
> efficiently on all object references (including selfless references) of
> scalar type.

Yes, that is the one advantage.



> So: the purist in me agrees with you about overloading EQ?, but I would
> not exclude a language from being an object-capability language merely
> because it overloads EQ? in this way. In particular, I would not want to
> exclude EQ? on number capabilities.

I agree that we should not exclude a system (language, OS, or whatever) from 
the "object-capability" category on this basis. I was not suggesting that 
otherwise.



> While I like the concept, I do not like the label "selfless" in the
> context of the o-c wikipedia entry. It is a label that appeals to useful
> intuitions in the language context, but less so in the OS context. I
> don't think that I have a better label.

I abstain from the issue of what should be on this page. I am only trying to 
clarify concepts for those who wish to go deeper.


-- 
Text by me above is hereby placed in the public domain

     Cheers,
     --MarkM


More information about the cap-talk mailing list