Hacker News new | past | comments | ask | show | jobs | submit login

In short, private virtual addressing is legacy cruft from a time when this was the only way to organize things due to a constrained memory block identifier namespace.

Think about it like IPv4 vs. IPv6, i.e. hacks like NAT, vs. "everything has its own IP address in a single flat address space of IPs".

It's the same, but with computer memory. And it has the same benefits.




That's true but I think the bigger reason is that a single address space makes system calls as cheap as regular function calls, since there is no kernel boundary any more.

Ironically, VxWorks's latest major rev was all about turning memory protection on since overwhelmingly people prefer the performance hit of kernel calls over the heisenbugs that come from stomping on the kernel's code and data structures.


But, like you said, you still need protection of kernel data, which means that you need to execute kernel code on a stack not writeable by the user, at a greater permission level that allows ONLY the kernel code to modify kernel pages. Single-address-space or not I can't see these needs being met in a cheaper way than what we already have, presuming that kernel code/data are in never-invalidated global pages available in every address space.

Edit: Oh, I see from your other comment that you're talking about the benefits to people who don't feel this need.


I'm still not seeing the real benefits.

What, specifically, is bad/wrong about the traditional way of doing process isolation, and what does this approach bring to the table ?


The folks at Microsoft Research who worked on Singularity claim the so called "Unsafe Code Tax" from the existing system is a 30-40% performance hit.

http://webcourse.cs.technion.ac.il/236376/Spring2013/ho/WCFi...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: