deep
as in Deepsea
Posts: 1066
Registered: 09-01 |
Regardless of how you think computer OSes and hardware ought to function, it is NOT up to the OS to allow for every sort of hardware interrupt and control that peripheral manufacturers can think up. Hence the need for drivers to run at the kernel level, where protection against errors are virtually nonexistent. In such an environment, the slightest mistake or unhandled exception can be fatal.
Regardless of how you think computer OSes work, you've only had experience with the PC world - a world torn between games, speed, cost and constant change. (never assume too much about what the other guys background is).
Granted a video driver is a pretty serious thing to screw up - but in a properly designed system you have multiple consoles, the main ones controlling the system run in dumb terminal mode. Something the consumer PC's couldn't afford. But that has nothing to do with the academic argument of "ought to function" - just a cost issue.
It's perfectly possible and feasible (AND it has been done) to build a "gracefully terminate" driver into an OS. All you have to do is catch the "exception" created by the fault - provided you have a clean protected design where the driver NEVER usurps or corrupts the basic OS kernel.
Why exactly does a driver have to run at "the kernel level"? I'll tell you - it has NOTHING to do with a good design, but is related to:
1. It's much easier to design/write it that way.
2. For games, it speeds it up quite a bit.
A good way for a stable system, Nope. Indeed a poor security choice.
The IBM VM machine (not the same as Digital) can boot/run multiple copies of OS's at the same time, have "crashes", yet recover from any one of them at any time without bringing down the machine. Even the drives are virtual spanning any number of physical disks. Old old technology:)
Ideally the OS should be protected against driver malfunctions, but that is not very realistic.
It's quite realistic .. see previous. Not only ideal, but that's the way a PROFESSIONAL COMMERCIAL OS should be designed (and has been).
The design of the OS is not at fault here. It is merely following common-sense guidelines.
Please - more hand waving. What exactly is "common-sense"? Whose common sense, yours? Something you read? Something somebody else told you? Pure bunk. It's not common sense at all - it's a bad design compromise as listed above.
However, let's keep focus here. Remember, it is YOU who claimed that the OS wouldn't blue screen or lockup in some catastrophic way. Now you are giving reasons why it's ok to do so. This is contradicting your own original premise here - but that was my point in the first place - I agree it's a poor design rationalized for the reasons given:)
|
11-05-01 04:18 
!logo.gif)
