One word on this “Software Isolated Processes” !
Lines from the channel9 forum:
In our world, we compile entire MSIL for the kernel into x86 instructions at installation time. There is no libc at the bottom. However, we do have around some assembly code. Like a kernel written in C, our C# kernel needs assembly code to handle the lowest part of the interrupt dispatch on the x86. But once the assembly code has finished, it dispatches directly into compiled C# (no C). BTW, there is some C code in the system, primarily for the debugger stub.
The MSIL to x86 compiler we use is Bartok, developed by Microsoft Research’s Advanced Compiler Technology Group. David Tarditi and his team have created this fantastic whole-program optimizing compiler that reads in a collection of MSIL Assemblies and outputs an x86 binary. At the end of the day, its just code.
Remember that libc is just x86 code. So, we replace whatever one might need from libc, with C# code. Instead of calling a C version of libc, Singularity uses safe code written in C# to directly access the screen hardware (for example).
This probably makes more sense when you realizes the most OSes don’t use BIOS except during the very earliest stage of boot. Singularity does the same as well, it only use BIOS during the 16-bit real-mode boot strap. Once jump to 32-bit mode, we never use BIOS again, but use device drivers written in C# instead. Yes, we had to replace a lot of CLR libraries with different code. However, unlike the CLR, the Singularity runtime is written in C#.
We use the Bartok compiler and runtime from the ACT group in MSR (http://research.microsoft.com/act/). It is a highly optimizing compiler that compilers MSIL down to x86 code. It comes with a runtime system written entirely in C#–though parts of it, most notably the garbage collector (GC) are unsafe C#. (It is an open research challenge to write a real GC in a type-safe language.)
Bartok is a very high quality compiler that produces good code, but it is a research prototype. It doesn’t handle exactly the same language as MS’s product compilers (e.g. no reflection) and isn’t ready for widespread use. Don’t ask when it will be shipped, since it isn’t going to be. If you wonder why, say “research prototype” 10 times fast and you’ll have the reason.
A couple things to note. Everything in Singularity is written in safe managed code (C#), except the kernel. This includes device drives, system components, applications, etc. The kernel, since it implements the memory system, scheduler, and manages devices is pretty low-level code and is primarily written in safe C#, though there are parts written in unsafe C# and a HAL written in C++.
Also note that we own the compiler and can control the code that it generates. Using an off-the-shelf compiler would introduce a lot of difficulties in predicting exactly what code would be generated in different situations. This is not fundamental, but rather a big convenience.
And yes, you too can write a good part of your run-time system in safe code. Look at a library sometime. Most of it is pretty simple data manipulation that can be written in any language. There are a few tricky parts where the unsafe subset of C#, or its equivalent, is essential. The key is to factor your system so these parts live in the kernel, with a safe interface, or are inserted by your compiler.