On Mon, Feb 8, 2021 at 10:22 AM Larry McVoy <lm@mcvoy.com> wrote:
On Mon, Feb 08, 2021 at 12:11:08PM -0600, Will Senn wrote:
> And a bonus question, why, oh why, can't we have a contained kernel that
> provides minimal functionality (dare I say microkernel), that is securable,
> and layers above it that other stuff (everything else) can run on with
> auditing and suchlike for traceability?

I can answer the microkernel question I think.  It's discipline.
The only microkernel I ever liked was QNX and I liked it because it was
a MICROkernel.  The entire kernel easily fit in a 4K instruction cache.

The only way that worked was discipline.  There were 3 guys who could
touch the kernel, one of them, Dan Hildebrandt, was sort of a friend
of mine, we could, and did, have conversations about the benefits of a
monokernel vs a microkernel.  He agreed with me that QNX only worked
because those 3 guys were really careful about what went into the
kernel.  There was none of this "Oh, I measured performance and it is
only 1.5% slower now" nonsense, that's death by a hundred paper cuts.
Instead, every change came with before and after cache miss counts
under a benchmark.  Stuff that increased the cache misses was heavily
frowned upon.

Most teams don't have that sort of discipline.  They say they do,
they think they do, but when marketing says we have to do $WHATEVER,
it goes in.

This describes pretty much every project I've ever worked on.  It starts small, with a manageable feature set and a clean and performant codebase and then succumbs to external pressure for features and slowly bloats.  If the features prove useful then the project will live on of course (and those features may well be the reason the project lives on), but at some point the bloat and techdebt become the dominant development story.

My question then is, are there any examples of projects that maintained discipline, focus and relevance over years/decades that serve as counter examples to the above statement(s)?  OpenBSD?  Go?  Is there anything to learn here?

+1 (858) 230-1436