In addition to the protection aspects mentioned by others (protection from buggy programs, protection of system structures, protection of data that is security sensitive), there's another thing: available address space
If you run each process in a separate address space, you have the full address space available. This means you can do nifty things like allocate a large portion of address space for the stack and automatically map physical pages to the stack as it grows.
Address space is also necessary for memory mapped files: Imagine a 1 GB file that you want to memory-map... in a single address space, chances are you won't be able to get 1 GB of address space in one piece, so it can't be mapped.
@ atheist
Quote:
So, what program CAN NOT be written if there is no memory protection available from the OS?
All programs can be written with memory protection. I don't know who the original poster was, but he's totally off the mark.
What most people are "afraid" of when someone says "memory protection" is that they think that message passing can no longer be done with just passing a pointer around. Most people don't see an immediate solution to this, but it can be done (Mach does it).
Another thing people are afraid of is that they thing tightly integrated programs can no longer run multiple tasks and have them access the same data. This is of course completely invalid when you consider threads.
Regarding slowdown: On some CPU's an address space switch adds an overhead. This is true for example on the x86. OTOH, on the PPC, it's not the case since the PPC simulates a 56 bit address space (on the 32 bit CPU) so switching an address space is nothing more than reloading some registers (no need for any cache/TLB/MMU invalidation).
Quote:
2) I don't think ANY SW HAS to have memory protection, that we know of. (This is of course, IF the SW writer KNOWS EXACTLY what he is doing.)
Well, this is a rather nonsensical thing. Of course, any software that works correctly can work without protection, since the software doesn't violate anything. however, we all know that NO software is 100 % correct. Additionally, even if a program is 100 % correct, that might not be the case for other programs.
OTOH, and I take isolated address spaces as "memory protection" again, consider that some program might need more address space than you have... physical memory is not so much of a problem, just add a large swap partition, and the problem of physically available memory all but vanishes, but in a single address space system, you still have the problem that all programs are limited to their combined address space use (see the 1 GB memory mapped file example).
So bottom line, you CAN say that an isolated address space allows you to run more programs than a single address space.
Quote:
What is missing here is resource tracking. I guess a good implementation of this will slow down the OS much more than memory protection, wouldn't it?
Not necessarily. OS4 can track resources already, but the problem is that a lot of resources are not allocated in the task that actually use them, so if the allocating tasks ends, it would kill off all resources that have been allocated, including those used externally.
Isolated address spaces also help in cleaning up: Non-shared resources will be mapped only in the particular address space, and when the address space is deleted (because the program quit or crashed), all resources are deleted, too (for resources shared among processes, this has to be done differently, of course).
It would also mean that if one thread inside the process crashes, it would kill the whole process (unless the process/thread can handle the crash, of course), making it possible to just restart it.
Quote:
So my idea: when or if resource tracking will be implemented, why not activate it for applications which the user can choose, like the blacklist for Petunia?
You don't know which programs will actually support that... Ibrowse might or might not...
@ Helge
Quote:
I dont understand what the big fuss on other webforums is about and why they are making a scandal out of it
Well, the fact that this was taken from here to another site only shows that the trolls are out again furthering their agenda. That's the usual thing, always happens...