Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!uunet!cbmvax!amix!ford From: ford@amix.commodore.com (Mike "Ford" Ditto) Newsgroups: comp.sys.amiga.programmer Subject: Re: Why Amiga Gurus???? Message-ID: <1010@amix.commodore.com> Date: 8 Feb 91 07:31:08 GMT References: <1469@pdxgate.UUCP> <1991Jan31.035105.14277@usenet.ins.cwru.edu> <156@dogmelb.dog.oz.au> <16264@sdcc6.ucsd.edu> Followup-To: comp.sys.amiga.programmer Organization: Commodore-Amiga Unix Development Lines: 75 I hear that this comp.sys.amiga.tech newsgroup no longer exists. Let's take this to .programmer. bairds@eecs.cs.pdx.edu (Shawn L. Baird) writes: > The reason that Unix almost never crashes is usually because of the memory > protection hardware [ ... ] This is true, but primarily in an indirect way, I think. (explained below) > In the Amiga a program can rampantly wade through > memory trashing areas. In Unix you'll get a segmentation violation and thus > avoid crashing any of the other processes and also make it easy to clean up > the dead process. If the only thing that kept Unix from crashing was the run-time memory protection, under Unix you'd see a "Segmentation violation - core dumped" many times more often than a typical Amiga crashes under similar usage. Yet, on most Unix systems, you'll hardly ever see a production program dump core. This is because the programs on Unix systems actually have fewer bugs. Now before you get upset and think I'm saying that Amiga programmers aren't as good as Unix programmers, let me explain. The "crashability" difference isn't due to the memory protection in the end-user execution environment as much as it's due to the programmer's testing environment. Unix is very good at detecting abnormal program behavior, even in ways that would be completely harmless if left alone. Consider a program which, at some point in its execution, writes a zero byte to a random address. Under Unix (on a 68030, say), you have a 4 gigabyte address space, with maybe 100K of it actually used by the program. This gives about a 1 in 40,000 chance of this bug going undecteded even if it is tested only once. But when running the same program under AmigaDOS on a similar system, there might be only a megabyte of memory that's actually in use by the system. Of this memory, only a small portion is going to be used in a way which will change the behavior of some program or the OS, and of that, only a portion will do so in a way that is either detected or causes a crash. Maybe only a 1 in 1,000 chance of the bug *being noticed* each time the program is run. Assuming that the developer tests the program one thousand times, the bug will only be seen about once, and will not show up again when specifically looked for. But when 2,000 users are using this program, there could easily be several bug reports a day. This example is a bit contrived (especially the bit about the bad address being "random"), but if a contrived example shows Unix being 40 million times more likely to detect a bug during development, you can bet that it's at least a few thousand times better. Therefore, I think that having a protected-memory environment during development and testing, even without full resource tracking and process separation, can recover much this reliability difference between AmigaDOS and Unix. But only to the extent that developers use it. > I have heard > of a program called Enforcer which uses the MMU on a 68020 or 68030 to provide > a more protected environment. Yes, I think Enforcer is probably the best way to get the benefit I describe above at this time. ... although I'm still hoping for future versions of AmigaDOS that take this even further. Personally, I'd build Enforcer into the OS just for starters. -=] Ford [=- "But everybody wants a rock (In Real Life: Mike Ditto) to wind a piece of string around." ford@amix.commodore.com - They Might be Giants, uunet!cbmvax!ditto "We want a rock" ford@kenobi.commodore.com