Re: Linus replies. Re: Computer: Can We Make Operating Systems Reliable

l4-hurd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Linus replies. Re: Computer: Can We Make Operating Systems Reliable

From:	Niklas Klügel
Subject:	Re: Linus replies. Re: Computer: Can We Make Operating Systems Reliable and Secure?// SAS
Date:	Thu, 11 May 2006 21:21:18 +0200
User-agent:	Debian Thunderbird 1.0.7 (X11/20051017)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>

> Consider:
>
> 1. The measured performance of the best JVM sucks. 2. There is no
> possibility of hard real-time in a garbage-collected runtime. 3.
> The amount of code needed to implement a decent JVM (or similar
> system) is approximately 10x the amount of code needed to implement
> a protected microkernel.
>
that was not my point. it was an example that software-based
memory protection is already practicable at acceptable costs.
there are probably many ways of making memory protection
software based with less overhead. i could also argue that in
some fields of application program-verification works, so
(leaving inconsitencies caused by concurrency aside)
there is no overhead at all added and the operating
system environment is unequally simpler than anything
beyond DOS :)

to make a clear conculsion: all that i am saying is, that the
complexity introduced by highly modular OSes in order
to adapt to former/common principles of OS-Development/Design/etc
might be a sign that these former/common principles
are wrong for the aims of such highly modular OSes.

> Next time your life depends on the software being right, which one
> would you rather depend on?
>
>> today the programming languages and its environments allow a much
>> finer granularity of modularity.
>
>
> You also mentioned sharing. Sharing isn't the solution to
> robustness. It's the *problem*.

i didnt say that either. i said that sharing is more complex in
non-SAS environments and that there are no
restrictions in SAS-environments about what entity shares which objects.

> Shared-memory concurrency is known to be a completely
> non-engineerable approach.
>
> Finer granularity is not always better. The trick is to discover
> the finest granularity that real programmers can manage
> successfully. Unfortunately, there seem to be different answers for
> program structure (the object boundary) than for protection
> structure (the subsystem boundary).

true.

So long...
niklas

>
>
> shap
>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFEY46t+k24EnBNzsMRAutUAJ4qLHlEmISaHlMB5D4JWNZJK8zqHwCcCTx3
DHqwZHe0deMw83mGgXomb2I=
=WojR
-----END PGP SIGNATURE-----

[Prev in Thread]

Current Thread

[Next in Thread]

Re: Linus replies, (continued)

Prev by Date: Re: Linus replies
Next by Date: Re: Linus replies
Previous by thread: Re: Linus replies. Re: Computer: Can We Make Operating Systems Reliable and Secure?// SAS
Next by thread: Re: Linus replies. Re: Computer: Can We Make Operating Systems Reliable and Secure?// SAS
Index(es):
- Date
- Thread