[cap-talk] Memory Accounting without partitions(was: Language-based OS domain separation.)
Jonathan S. Shapiro
shap at eros-os.com
Sat Jun 16 12:58:13 EDT 2007
On Sat, 2007-06-16 at 08:44 -0700, Jed Donnelley wrote:
> At 08:14 AM 6/16/2007, Jonathan S. Shapiro wrote:
> >Okay. All of this makes sense. It also follows my rule of thumb that "he
> >who pays must be able to deallocate".
> We had a similar working rule in our NLTSS system. It's difficult
> for me to imagine a workable system without this criteria being met.
I would be curious how often anybody actually "pulled the trigger" on
reclaiming such storage. While I definitely think this rule is
necessary, current programming languages really aren't prepared to
recover from memory maps simply disappearing out from under them, and
programmers are generally not prepared to build defensively w.r.t. this
type of issue.
How did developers deal with such matters in NLTSS?
More information about the cap-talk