The Structure of the "THE"-Multiprogramming System Background This paper, first published in 1967 by Edsger Dijkstra, describes the structure of the "THE" operating/multiprogramming system. Responding to what Dijkstra calls the "gross underestimation" of talent needed to design an operating system, Dijkstra explains that the "THE" system has been designed by six individuals with extensive mathematical background, and that those individuals have gone to extraordinary lengths to prove their correctness of their system at each step in the design path. In doing so, he claims that their system will not be susceptible to the major corner-case bugs to which other systems have fallen victim. One of the first and most critical observations of this paper is that it is that it is not the time that a program takes but the sequence of events it executes that determines the correctness of a program execution. As such, system designers should not be trying to ensure that these events occur within n milliseconds of each other, but rather, that event a always proceeds event b. To that end, Dijkstra events and presents the concept of a semaphore. A semaphore, as we are all familiar with is a method by which we can enforce mutual exclusion between two separate events. This is the first paper that I know of to make reference to such a concept, and is doubtlessly one of this papers most important contributions to systems design. Another amazing contribution of this work is the abstraction of "core" pages and "drum" pages into one unified piece of information, called a segment. This allowed the system to deal with data abstractly and not worry whether it was going to "core" or "drum" -- it's clearly the beginning of virtual memory systems and general hardware independence. As they state in their paper, their drum died at some point, but they were able to continue using the system using only core memory. Lastly, they claim that they constructed their system in an abstract enough way that they could rigorously prove the correctness of their system. This was clearly a new concept to engineers and one from which APIs and levels of abstraction have been born. Review This was just a fanstastic paper. First, it proves that the Dutch are some of the funniest people in the world, especially people as twistedly brilliant as Dijkstra. The paper is just a joy to read beginning to end. It's hard to completely imagine what the state of systems design was at this point, but my intuition tells me this paper introduced a number of concepts that had been before unknown. Besides introducing semaphores, the fundamental synchronization primitive used by many systems, this paper also laid the groundwork for virtual memory systems and layers of abstraction (layers 0 through layer 4 in this system). While their goal in rigourously proving the correctness of their system was noteworthy and honourable, I doubt the ability to do that today. Perhaps the more important legacy of that was to encapsulate functionality and limit the number of states that a system could have at each step, and to prove the correctness of each of those states. It's clearly not full-proof, and it would be impossible to prove the correctness of a machine that we have today. But it is an interesting and laudable goal. The Structure of the "THE" Multiprogramming System (Dijkstra, 1968) and The Nucleus of a Multiprogramming System (Hansen, 1970) Jonathan Ledlie CS 736 January 26, 2000 The Dijkstra paper appears to be trying to attack the problem of a monolithic system: one where the designers have bitten off more than they can chew, and bugs are extremely difficult to track down. His team’s approach to this problem is to design an operating system in layers, where one layer abstracts away the ugliness of the details below it. The lowest layer hides the number of processors, the next virtual memory (into segments), the next I/O, and the last is made up of user programs. His idea, then, is to divide up the functionality of these layers into processes, each of which take their turn on the real cpu. As long as each one does its job and doesn’t step on each other’s memory, the system is guaranteed to go smoothly, according to Dijkstra. The ability to avoid using each other’s resources with semaphores allows these processes to do their jobs, and Dijkstra explains how semaphores work in this paper. Several key points here are that he believed he had designed a system so simple via its nicely layered structure, that one could prove it was correct by testing all possible states at each layer. This ideal and the layered structure are two keys here, and the introduction of semaphores makes a third. Hansen, coming two years after Dijkstra, is clearly responding to some of the problems in Dijkstra’s work. Hansen argues that it is not true that all interprocess communication can be done with semaphores, as Dijkstra states. Instead, Hansen prefers to have a central nucleus handle message passing among the various processes. He believes that semaphores are inadequate because if some process does not conform to what it is supposed to do (is a “black sheep”), the whole system will break down. I find this more realistic. Another key point in the paper is the idea of this nucleus, which Hansen explains is not regarded as just another process, as it is for Dijkstra, “but rather as a software extension of the hardware structure.” The full operating system is then built around this nucleus, or kernel as we would call it today, with the idea that the OS is an easily replaceable and upgradeable unit. He extends this idea through explaining that multiple OS’s could run simultaneously on the same machine, to switch between batch and interactive modes, for example. Hansen also describes parent-child resource allocation, where a child’s resources are a subset of the parents. My reading group found this a difficult idea to digest (as we discussed it over lunch), because he did not include what would happen when a child needed to take more resources than the parent had available.