@cwebber Most recently arguing about #microkernels where #Lisp has previously demonstrated the argument about modularity & memory safety to be true (https://catern.com/microkernels.html).
Conversation
Notices
-
Embed this notice
LisPi (lispi314@mastodon.top)'s status on Friday, 03-Nov-2023 08:53:31 JST 
LisPi
-
Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Friday, 03-Nov-2023 08:53:30 JST 
Haelwenn /элвэн/ :triskell:
@lispi314 @cwebber
Except not really:
- You're not going away from C in your kernel, nobody wants to rewrite all filesystems or drivers entirely from scratch (for example BSDs, Linux, Haiku, … share drivers code between each others)
- AFAIK you need memory-unsafe bits to write an operating system, and I'm not sure if you can use an IOMMU (which you definitely want to avoid things like DMA-based attacks) entirely without something close to a process model
- You're going to have process-like modules (see Erlang) if you want better reliability
- Several third-party OS components can benefit from sharing the same interfaces as drivers (see Plan9, where for example FUSE is a bootleg inspiration from it), at that point you're just one step away from a microkernel -
Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Friday, 03-Nov-2023 09:05:05 JST
Haelwenn /элвэн/ :triskell:
@lispi314 @cwebber The Erlang bit was because drivers are crashy and can end up hanging in bad states and I'd say that if you can restart an instance of a module… well done you have processes. -
Embed this notice
LisPi (lispi314@mastodon.top)'s status on Friday, 03-Nov-2023 09:05:06 JST
LisPi
@lanodan @cwebber Did you know that #OpenGenera had a #C and an #Ada compiler (among others)?
You don't need to rewrite the drivers, you can just implement a shim (with error handling) so they can run on top of the system in their little isolated bubble like the #rumpkernel idea was about.
You do need those bits in some specific areas, but you can tightly constrain access to them to very specific modules & threads.
Erlang's message-passing approach isn't required for condition handling.
-
Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Friday, 03-Nov-2023 09:08:25 JST
Haelwenn /элвэн/ :triskell:
@lispi314 @cwebber
> I do not consider the unstructured text/binary stream approach of Plan9's "everything is a file even more" desirable.
That's not Plan9, that's UNIX. Plan9 is "everything is a filesystem", which means you have a lot more structure already.
And that's also not the reason why I gave Plan9 as an example. -
Embed this notice
LisPi (lispi314@mastodon.top)'s status on Friday, 03-Nov-2023 09:08:26 JST
LisPi
@lanodan @cwebber The #CommonLisp #ConditionSystem is more than powerful enough to handle the task just fine.
I do not consider the unstructured text/binary stream approach of Plan9's "everything is a file even more" desirable.
It makes #interoperability a nightmare and any reliable structured use then requires ad-hoc structuring through additional serialization.
-
Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Friday, 03-Nov-2023 09:12:26 JST
Haelwenn /элвэн/ :triskell:
@lispi314 @cwebber Why are you arguing on this, GOTO 10. -
Embed this notice
LisPi (lispi314@mastodon.top)'s status on Friday, 03-Nov-2023 09:12:27 JST
LisPi
@lanodan @cwebber I'd prefer to wrap those interfaces to rely on something more sane, even if they internally think they're working with something else.
If they're all expecting that less sane interface and it's stable-enough, the wrapping can probably be turned into a few macros with minimal maintenance burden.
-
Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Friday, 03-Nov-2023 09:32:39 JST
Haelwenn /элвэн/ :triskell:
@lispi314 @cwebber The only reason mentioned Plan9 is as an example of the concept of "Several third-party OS components can benefit from sharing the same interfaces as drivers".
Then you went with implementation *details* of Plan9, rather than the concept.
I don't disagree with having proper structures, in fact I'd almost argue that a microkernel means you're going to have complete enough ones for an usable modern system where isolated third-party drivers are a thing. -
Embed this notice
LisPi (lispi314@mastodon.top)'s status on Friday, 03-Nov-2023 09:32:40 JST
LisPi
@lanodan @cwebber I'm not quite sure what you mean by this.
Even better than "approaching structured approaches through filesystem-like interaction" (paraphrasing) is simply "using structured approaches and actual structures/objects".
The microkernel depends on address-space separation (via processes typically), so insofar as you don't introduce such separation (which isn't needed if you need references to access anything) you don't have one.
-
Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Friday, 03-Nov-2023 09:50:49 JST
Haelwenn /элвэн/ :triskell:
@lispi314 @cwebber How do you pass data around (be it functions or messages) without some kind of a defined structure?
To be very specific, I don't mean carrying around the structure with you like with JSON/XML, you can separate those two, like what you get with compiled languages.
Or for *example* like how Wayland does with XML to define the structures in a language-independent way, but how you have no XML in-transit (that would prevent binary-data among other annoying limitations). -
Embed this notice
LisPi (lispi314@mastodon.top)'s status on Friday, 03-Nov-2023 09:50:50 JST
LisPi
@lanodan @cwebber I see, though I do not see why purposely hobbling your system for the benefit of 3rd-party components written for inferior systems is desirable when you can transparently support them with better external interfaces anyway.
You can implement microkernel RPCs with well-defined structures (instead of very general message-passing), but you don't absolutely have to.
-
Embed this notice
All GNU social JP content and data are available under the