Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I would wager that even most software developers who understand the difference between kernel and user mode aren't going to be aware there is a "third" address space, which is essentially a highly-restricted and verified byte code virtual machine that runs with limited read-only access to kernel memory



Not that it changes your point, and I could be wrong, but I'm pretty sure eBPF bytecode is typically compiled to native code by the kernel and runs in kernel mode with full privileges. Its safety properties entirely depend on the verifier not having bugs.


all code is native code eventually (although there are experimental cpus that can execute java byte code directly eg. [0]https://en.wikipedia.org/wiki/Java_processor )


No, lots of VMs don't have any JIT and just interpret bytecode with a loop around a big switch statement (e.g. Python before 3.13).


fwiw there's like a billion devices out there with cpus that can run java byte code directly - it's hardly experimental. for example, Jazelle for ARM was very widely deployed


Listed in that wiki, along with the much older Picojava




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: