Path: utzoo!utgpu!watmath!att!tut.cis.ohio-state.edu!bloom-beacon!usc!cs.utexas.edu!uunet!ncrlnk!ncr-sd!tw-rnd!johnl
From: johnl@tw-rnd.SanDiego.NCR.COM (John Lindwall)
Newsgroups: comp.sys.atari.st
Subject: Re: Multitasking on the ST
Message-ID: <483@tw-rnd.SanDiego.NCR.COM>
Date: 14 Aug 89 23:00:05 GMT
References: <8908021826.AA05333@ucbvax.Berkeley.EDU> <15627@watdragon.waterloo.edu> <652@opal.tubopal.UUCP> <471@tw-rnd.SanDiego.NCR.COM> <1066@philmds.UUCP> <482@tw-rnd.SanDiego.NCR.COM> <1071@philmds.UUCP>
Reply-To: johnl@tw-rnd.SanDiego.NCR.COM (John Lindwall)
Organization: NCR Distributed Systems Laboratory
Lines: 93

In article <1071@philmds.UUCP> leo@philmds.UUCP (Leo de Wit) writes:
>In article <482@tw-rnd.SanDiego.NCR.COM> johnl@tw-rnd.SanDiego.NCR.COM () writes:
>|In article <1066@philmds.UUCP> leo@philmds.UUCP (Leo de Wit) writes:
>   []
>|>Why should memory protection be a hotter item when parallel processes
>|>are involved?
>|
>|Because of the potential for a single user program to cause the termination
>|of all the processes in the system.
>
>This is equally well possible in the current 'one-process-running-at-a-time'
>scheme. Note that there are already accessory-based editors, batch
>modem transfer programs, TSR print spoolers for the ST right now.
>

This point is well taken, but does not negate the point that process protection
is desirable (in my mind).

>| [My (John Lindwall's) example of a single process crashing the machine]
>
>I think you'll need a bit more than just an MMU for a secure system.
>S'pose your nasty process alters some system vector (applying patch 271
>to SAFEDOS). A pity that the last bug was not yet removed... My point
>is, that a MMU is a probably undispensable ingredient IN AN OTHERWISE
>EXCELLENT SYSTEM.  That safe system (which undoubtedly will have a
>notion of privileges, users) is what you should start with in the first
>place.
>

An MMU can protect pages of memory that the system considers special.  The
system vectors could be marked as un-writable by user level processes. An
attempt to modify the protected pages could be trapped and prevented.

I agree that the capabilities of an MMU are best utilized when designed into a
system as opposed to grafted in as an afterthought.  Current users of
Commodore's 68020/68030 boards have an MMU in the system which has minimal
benefit to the system, because AmigaDOS was not designed to support an MMU.
In fact the only use I see for it (in the Amiga at present) is in copying the
OS ROM into fast ram for a speed gain.  True use of the MMU comes when running
an OS designed to use it (like Unix when that becomes available).

I am using the Amiga as an example here not because I believe it is the ULTIMATE
SYSTEM that Atari should emulate.  I feel ST users and developers can
benefit from examining the problems and shortcomings that the Amiga is seeing
now that MMU's are being phased in as standard equipment.

>B.T.W. what do you do when a thunderstorm is coming up, but your
>raytracer has yet to finish its last hour of calculations? Use a TMU :-) ?
>

Well, here in Sunny California (tm) we don't get many of those! :) :) :)

>|I'm all for system robustness for ANY system.  My point is that when you
>|introduce multitasking, memory protection is more important due to the
>|potential to disrupt other processes.
>
>I heard this one before and I still won't believe it, unless a proper
>argument is given.
>

So I assume (if you were using a multi-tasking system) that you would prefer
NOT to have process protection?  I do not see the logic in this.

>|>[about VM]
>|
>|Sounds Good!  But now you're wandering into the area of virtual memory and
>|that's not what our original discussion was about.  Thanks for the reply.
>
>You bought an MMU but you don't want VM? Gee, that would be the first
>reason I would buy an MMU for (and not for protection). As long as the
>filesystems used are single-user, not write protectable, I don't care
>much for safe core.
>

Yes, VM is nice.  In my day-to-day Amiga experience I do not run out of memory
much.  I DO experience agonizing crashes which kill all my processes.  From
this experience I developed the priority of process protection being more
important.  If VM were available, I'm sure I would enjoy it and make use of it.

Thank you for this enjoyable discussion.  I hope it can continue on the 
amiable and informative level that has been maintained all along.  Looking
forward to your reply.

----------------------------------------------------------------------
John Lindwall                            johnl@tw-rnd.SanDiego.NCR.COM
           "Above opinions are my own, not my employer's"
   Health is merely the slowest possible rate at which one can die.

-- 
----------------------------------------------------------------------
John Lindwall                            johnl@tw-rnd.SanDiego.NCR.COM
           "Above opinions are my own, not my employer's"
   Health is merely the slowest possible rate at which one can die.