[cap-talk] Midori in The Register
Jonathan S. Shapiro
shap at eros-os.com
Tue Aug 5 20:09:55 CDT 2008
On Tue, 2008-08-05 at 17:01 -0700, Dean Tribble wrote:
> That's consistent with my understanding. "Unsafe managed code" is
> similar, but with explicit regions that may violate "a" above (and
> therefore won't pass the verifier). Code in an unsafe block may do
> things that might break the memory or type model (e.g., pointer
> mucking). In some sense, that means it is just "b" above, but the
> unsafe code is effectively part of implementing the managed
> environment that provides both.
Yes. There is a layering of abstractions problem here. It is possible to
implement a runtime in a purely safe VM, but not at the same level of
interpretation as the programs that run on top of that VM. The VLISP
PreScheme work is an interesting look at how to do it.
shap
More information about the cap-talk
mailing list