[cap-talk] Backwater (was: Language-based OS domain separation)
Marc Stiegler
marcs at skyhunter.com
Tue Jun 19 10:49:19 EDT 2007
Jonathan said:
>Yes. One project in particular that is doing some very interesting work
>is the Singularity project at Microsoft. They don't quite have a domain
>separation story that is right, but they have done some work that
>demonstrates a sound foundation for building one.
>From what I have heard, it sounds like the Singularity project folks
threw out the simplicity as their first step in development. Of
course, once you throw the simplicity away, you can never get it back,
and moreover, things that need simplicity as a foundation (like
security) can never be right.
What I find far more interesting is the Backwater work by our own
Matej Kosik using Pict as the programming language. I just got back
from a 2-week vacation, on which the only technical material I took
with me was the Pict tutorial and the Backwater report (at
http://altair.dcs.elf.stuba.sk:60001/mediawiki/index.php/Backwater).
As nearly as I can tell, Matej has more of a securely-cooperative
operating system in fewer lines of code than I have ever seen before.
Ever. Even KeyKos is a clumsy oversized behemoth compared to this.
And yes, that is including the runtime support for the language. The
only gotcha that I see (one that Jonathan has already identified as a
significant issue with language-based approaches, and one there's been
a lot of talk about here lately) is the resource management.
Anyway, Jonathan, I'd be intrigued by your opinion of Backwater, if
you find yourself suddenly with time on your hands and a sudden mad
desire to learn an actors-style language (pict).
If I myself ever get back on schedule with my currently
hopelessly-late project, I plan to spend some time playing with
Backwater myself (if Matej will help me, that is :-) Since I seem to
have gotten myself into the business of doing performance benchmarks
(since doing Emily, so we'd have a high-performance language in the
object-cap family), I'm thinking of comparing benchmarks in Backwater
against benchmarks in Windows and Linux.
As an actors language, it seems to me that pict might present some
interesting opportunities to exploit multicore processors. Matej, I
presume that Backwater does not currently have any support for a
multicore, right? Any clue how difficult it might be to put some
primitive multicore functionality into it?
--marcs
More information about the cap-talk
mailing list