>Sorry, but no. Garbage collector is the very opossite from what's needed.
You can't have a managed OS without GC (well, you can - but it's going to be pointless).
>History teaches us that again and again. LISP machines bet big on GC, Intel bet big on GC (remember iAPX 432?), others bet big on GC - all these bets failed.
You are using example that is at least 30 years old?!? That's insane. EVERYTHING has changed since then.
>Ada may not be big on desktop today, yet it still used quite heavility where security is important. But guess what: no GC. In most impementations, at least.
>Right. But the only solution which works is "non-flat RAM" (it many forms). Because for security you need compartmentalization - and this implies non-flat memory model. GC is just not enough. If you have non-flat memory model then you don't need a GC. In fact it hurts security because it makes your design more complex for no good reason.
Nope. You clearly don't know what you're talking about. Flat-memory Singularity-like OSes implement (essentially) capability-based security - which is the only proven security model, btw. Each object reference is a capability, processes can exchange them using pipes and so on.
The crucial part is impossibility to forge a capability which can be done easily without a GC. Like this: create an object, get a pointer to it, remove an object (pointer becomes dangling), create an object of another type in its place, use your dangling pointer to manipulate private data of another object.
However, once you have a GC and safe language - you don't need memory protection.
>Not all. It's pointer includes memory address, size of region and offset in that region. This is enough for compartmentalization.
Not enough. See my scenario with a dangling reference.
>I'm pretty sure architecture astronauts will try to push something like this. They will find another suitable victim with billions to burn and we'll have yet another fiasco. Complete with grand promises, industry-wide madness and disappointment at the end. But they will need to wait about 10 years till they'll try that: people are fed up with astoronautics for the moment.
Dude, Azul _already_ sells machines that work like this. And they routinely outperform top-of-the-line POWER (and x86) servers on tasks that require management of LARGE amounts of data. I know a Wall Street company that had rewritten their insanely tuned C++ HFT (High Frequency Trading) code into Java running on Azul system - and got great speedups.
So the future is here, it's only unevenly distributed.
The transition to secure systems won't happen overnight, it'll probably happen in 20-30 years after the Great Permanent Crash event of 2015 when a virus bricks half of Linux-based routers in the world and causes massive outages.