Operating Systems 2014F Lecture 2: Difference between revisions
No edit summary |
No edit summary |
||
(7 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
Audio from the lecture given on September 10, 2014 [http://homeostasis.scs.carleton.ca/~soma/os-2014f/lectures/comp3000-2014f-lec02-10Sep2014.mp3 is now available]. | Audio from the lecture given on September 10, 2014 [http://homeostasis.scs.carleton.ca/~soma/os-2014f/lectures/comp3000-2014f-lec02-10Sep2014.mp3 is now available]. | ||
{{{ | {{{ | ||
Line 38: | Line 35: | ||
A process - is an executable that has been executed - loaded into memory and started running. A process you should think of as an abstraction of a computer that can only run one program at a time. (Older personal computers, early 1960's or something, there is no abstraction of a process. There is no notion of running more than one program at a time. Logically speaking: when you wanted to run a program, all of memory would be loaded with that program, when you wanted to quit the program, you cut the power (turn the computer off).) They run one program at a time, you load it off the disk, and it has complete control of the machine. A process is the abstraction you get when you say, we don't want every program to have complete control of the computer because I do not want to have to reboot the computer to switch programs. I want to run different programs concurrently, for multiple reasons. Want to chain multiple programs in order to produce a result. (A Unix pipeline) The process - giving each running program (each executable) it's own virtual computer to run. | A process - is an executable that has been executed - loaded into memory and started running. A process you should think of as an abstraction of a computer that can only run one program at a time. (Older personal computers, early 1960's or something, there is no abstraction of a process. There is no notion of running more than one program at a time. Logically speaking: when you wanted to run a program, all of memory would be loaded with that program, when you wanted to quit the program, you cut the power (turn the computer off).) They run one program at a time, you load it off the disk, and it has complete control of the machine. A process is the abstraction you get when you say, we don't want every program to have complete control of the computer because I do not want to have to reboot the computer to switch programs. I want to run different programs concurrently, for multiple reasons. Want to chain multiple programs in order to produce a result. (A Unix pipeline) The process - giving each running program (each executable) it's own virtual computer to run. | ||
Virtualizing / virtualization (term is rather overloaded) What am I talking about when I say virtual? Something that isn't real. It's not a real thing. When people talk about virtual reality, they are talking about something that can be experienced. What we are saying in a computer science context: When we say virtual, we are really talking about an abstraction - What we actually have, the real thing is not good enough, it doesn't have qualities that you want, you want to transform it into something more useful (in some way). When we talk about a virtual machine, a machine that does not exist, is not embodied in actual hardware. All programming languages or programming system, a system is known as | Virtualizing / virtualization (term is rather overloaded) What am I talking about when I say virtual? Something that isn't real. It's not a real thing. When people talk about virtual reality, they are talking about something that can be experienced. What we are saying in a computer science context: When we say virtual, we are really talking about an abstraction - What we actually have, the real thing is not good enough, it doesn't have qualities that you want, so you want to transform it into something more useful (in some way). When we talk about a virtual machine, we are talking about a machine (computer) that does not exist, in the sense that it is not embodied in actual hardware. | ||
(from the theoretical side of computer science): All programming languages or programming system to a first approximation are equivalent, a system is known as Turing complete it can run anything. Turning one Turing complete system into another Turing complete system is the process of virtualization. The ones you've often heard of are: Language Based Virtual machine - an example: java virtual machine. Really you could talk about any time you run a higher level language (perl, javascript, python, etc) That code does not run directly on the processor. It runs inside of another program which has some kind of virtual machine. Strictly speaking, a lot of languages can be interpreted, which means that you have a program that goes through line by line and figures out what that line is supposed to do and what the next instruction is. The point is that no modern language operates that way. What they all go through is some sort of translation phase, converts it to some binary code, and then it runs the byte code. That runtime is what's called a virtual machine. But virtual machines are everywhere when we are talking about trying to run programs. Operating systems can be thought of as implementing a virtual machine and that virtual machine it implements is the process. Key difference between a virtual machine that makes processes and the vm that is typically in these language based virtual machines. The difference between these is getting smaller. Any idea what this difference is? | |||
Java based Virtual Machine - executes byte codes. | |||
hardware can't interpret byte code | hardware can't interpret byte code | ||
What is the nature of the binary format that is being run in an operating system process? What format is that code? - machine code - it's the code that is understood by the processor. Machine code here, byte code here, what's the difference? The hardware can't interpret this, This language the processor needs another program to translate. Why can't the processor understand java byte code? It could, there are chips that run java byte code natively. What's worse, the machine code that your processor understand? it actually doesn't. Modern processors such as x86 or x86-64 these are the most common things for a pc, arm byte code, arm machine language, that sort of thing. | |||
A thread is not a process. | |||
This language is too annoying to use internally inside the microprocessor, it's not efficient, it was not designed to run very fast. It actually has a front end that takes that code and translates it to another byte code. There have been processor startups, where instead of having it done directly on the chip, they put something like a java virtual machine on the processor. Why am I saying this? The virtual and the real in computer science are often hard to tell apart. Virtual to one group could actually be real to another group. When you are coding in java / c, that is the language, that is real to you. That is the abstraction you are working i. but there are actually other levels below you. That generally is not the real level. when you are dealing with millions of transistors, there is a lot of abstraction. The process is the virtual machine that you run processes in. You take a file and loads it to disk. there is a little problem with this concept: Program on disk, is it a one to one mapping between programs on disk, and programs in memory? Not at all! Most programs on disk are not running at any given time. A given program on disk can be running in many different processes, you can have multiple instances of the same program running at the same time. Logically in an API for an operating system, you have to distinguish between the creation of a process, and the loading of an executable into that process. because you want to be able to facilitate the many to many mapping. What does that API look like? I'll give you another funny thing, if you are running one program, can you make that program do multiple things at the same time? Yes, now there is this whole notion of threading, but a thread is not a process. | |||
==A thread is not a process.== | |||
Process = thread(s) + address space | Process = thread(s) + address space | ||
The cPU is virtual, because that would be really annoying to only have 4 things running at a time. Talking about things that are running at the same time. how many things are running @ the same time? Hyperthreading. What does it mean to run things at the same time, is it actually running? or is it logically running. we want the abstraction so that every process has it's own computer. That's what we are talking about when we talk about threads. Process has memory in which it can run, inside that process, how many processors do I have running? Classic only has 1. When you get to multithreaded processors, there is more than one logical solution. If you think about this? That's a mess! Having more than one program counter to track inside of one address space. this causes lots of problems! What happens when they step on each other. They do crazy things like chance teh loop index, from outside the loop. how do you reason about your code when things like this happen? When you put more than one logical cpu inside an address space that can happen. For a long time Operating systems, only supported processes with a single thread of execution. They supported lots of processes. Just made sure each one only had 1 thread. | |||
Having more than one cpu running around inside the address space. What happens if they try running the same code twice? Change the loop index in the loop from outside of the loop. The right way to think of this is don't do that. When you put more than one cpu inside the address space. For a long time operating system supported one cpu inside the address space. They supported lots of processes but only one cpu. That's kind of limiting, but why do you want your running programs to be sharing memory, the main reason you want them to share memory is to communicate. Shared memory has only one advantage - it can be very fast. How do you make sure you don't overwrite each other's messages? In modern computation, distributed systems, big systems - you do almost everything you can - when you share memory you put some sort of API on top of it to control access. The only problem is - other than having potential communication overhead, you have higher overhead in general, you now have an address space to keep track of, it's own version of memory for each running program. That's so much overhead, it was a good while before computers started to allow multithreading, because it takes a lot of transistors to do. Used to be you'd have a Completely separate processor (a MMU) to take care of every running program in it's own address space, it is now integrated into cpus. | |||
A running program is a process, address space, plus one or more threads. That's the virtual machine in which you are running in. It's got machine code. | |||
Virtual memory and physical memory | Did you see any assembly in 2401? Not really. | ||
=Sharing= | |||
Explain terminology. Time space sharing, when we talk about virtualizing resources, talking about virtualizing cpu, virtualizing ram, what we are actually talking about is sharing. Like on a playground, we need to place nicely together. | |||
An operating system is a set of mechanisms and policies for allowing for time and space sharing of the (computer resources) processor. In Time sharing: (taking turns) The processor is a limited resource. one program gets it for a while, another gets it for another while, then another gets it for a while. Space sharing means that you have all this RAM, split it up, you have this disk, split it up, one program gets part of it, and another program gets part of it. That's what we mean by space sharing. | |||
=Virtual memory and physical memory= | |||
[[File:Virtualmemory.png]] | [[File:Virtualmemory.png]] | ||
A program running with full privileges can still have a segmentation fault. The kernel can also have segmentation fault. When this happens the machine will crash hard. | There's this distinction between virtual memory and physical memory. Physical memory, is the RAM your computer actually has. You buy those little chips, and plug them in (voila, it goes faster)! (Sims & DIMMS, you expand the RAM) you see them at startup, that's physical memory, it's a real thing, you get gigs of it now. Virtual memory is the memory each running program thinks it has. Memory is shared, we want to share it between multiple processes. A wierd consequence of this is how do we refer to memory, with addresses, with 4 gigs of ram, you get 4 million memory locations. 2^32 locations. That's a number of addresses, one way you could say to share a program running in memory. the first program you run, it will get address ranges 200 - 400, the second 500 - 800. when you load any program binary, you have to then change it to use the addresses it is supposed to use. What address range is it supposed to be? Where is it going to get? What if your program wants more RAM? It's a bit of a pain. It's annoying. What we actually have is physical addresses and virtual addresses: When you load a process, all of the memory references are referencing virtual addresses. Unless you have special hardware to accellerate it, you have to do some sort of table lookup. This is happening on every memory access. There's a lot of hardware, there's a lot of operating system mechanism to make this run pretty damn fast. That's what we mean, every process can have an address 2000, but the address 2000 is the virtual address 2000, each is mapped to a different physical address. (it's OVER 9000) | ||
It can be as big as you want it to be. When you talk about 64 bit processors vs. 32 bit processors. It's not the difference in how much physical memory you have, it's the virtual memory. It is much bigger. Do we have any computer with 2^64 bytes of RAM? No, it is a really big number. Not in our lifetime. Everyone has their own private address space. It's just like namespaces, when you write program, and run another program. Do you expect the x in one program to be the same in another? No. the scoping is between processes. These address spaces are the same thing, but they are mapped differently. The address space is fixed in size, because it's limited by the processor word size. How much of it is allocated to the program? Might have a program that's taking up 50 Mb, but I want some more memory, asking for more address space? Asking for part of your virtual address space to be turned into storage, ask the operating system, please can I have some more ram? (Can I have some more sir?) | |||
The operating system notices when you access parts of physical memory that you are not allowed to. It raises an exception, handles it, and you get a segmentation fault. Accessing memory you shouldn't be accessing. The operating system is very firm about it, if you don't handle it in your process, you die. | |||
In modern operating systems, some programs are not equal. Just because you are root, does not mean you are in control! It si not the root user, it is the kernel? Can the kernel have a segmentation fault? A program running with full privileges can still have a segmentation fault. The kernel can also have segmentation fault. When this happens the machine will crash hard. | |||
[http://slacksite.com/slackware/oops.html For Oops vs. Panics] | [http://slacksite.com/slackware/oops.html For Oops vs. Panics] | ||
On the linux system, an oops is a kernel message system being logged. when the kernel fully panics, it just stops. Kernel panic in linux is rare, blue screen of death in windows is a kernel panic. It is possible the system recovers, deep enough in the kernel if you make mistakes, you are just done. you aren't just managing your own memory, you are managing on behalf of other processes. If a kernel is corrupt, it will corrupt everything on disk. Which would you rather have the kernel stop, or continue to do uncontrollable things to other parts of the system? | |||
Environment variables for X: | Environment variables for X: | ||
Did you see the command for listing all the environment variables? env - when you ran env on it, when you look through that list of environment variables. There's an environment variables called display. Looking at systems going, what the heck is that? Looking really far, another is just to look at teh environment variables, which programs require this. Look at the environment variables, which one could it be? Google for Display environment variable, and you see all kinds of stuff. one of the skills you need to have, you need to be able to figure this out! The longer story is, the way you see things in a unix system, is that there is a program controlling the display. There is a part of the kernel that controls their access to the display. Wayland, what does ubuntu use? Next generation replacements for the xwindow system. before the xwindow system, there was the wwindow system.to allow you to separate the notion of a program to interact with the output, it was designed to be network separate. It's actually for display. It's the computer you are running on. That's the server, because all the programs you are running, on it. the program running the process sending all the graphical commands could be somewhere else completely. Xwindow system was based on the xnetwork protocol. processes can be arbitrarily separate from their displays. how does it know where to display things? Provides network transparency. | |||
New view - direct graphical output from another computer on the network - bad because of latency | |||
How to get around lag - run more of the code on the client instead of the server. Have the xclients have some code - transfer code to the xserver, to run on the server. Invisible website, downloads the page and it runs in your browser. Same thing different technology stack. | How to get around lag - run more of the code on the client instead of the server. Have the xclients have some code - transfer code to the xserver, to run on the server. Invisible website, downloads the page and it runs in your browser. Same thing different technology stack. |
Latest revision as of 17:55, 6 October 2014
Audio from the lecture given on September 10, 2014 is now available.
{{{ machine state program counter process states paging / swapping process running program virtualizing time/space sharing mechanisms policy }}}
Chapter 4 in the book:
processes - key abstraction in a modern operating system
Sitting all day kills you - seriously reduces your life expectancy. Working out, doesn't necessarily make up for sitting all day. If you walk around for 5 minutes every hour. Anyone use typing break programs? Occupational hazard of the career path you have chosen is that you sit in front of the computer typing. Anil started typing dvorak early in order to avoid repetitive strain injuries.
xwrits link to save your wrists on a *nix machine gives you hand gestures to say it's time to get up. you can get it to insult you with hand gestures. It does hand gesture depending on culture. In order to tell you to take a break.
When typing it is important to take breaks.
You need to distinguish between programs and processes. A program is inprecise in the context of O/S.
Program is precise in context of operating systems - Your web browser is that a program? Web browser is a lot of little programs, but makes up one big program. It is not a precise thing. What is precise is an executable. An executable is a file on disk that can be exec'd. (Disks are no longer disks they are all kinds of things such as filestate, etc) This is the unix version of the statement. There is a system call - called execve - takes as one of it's parameters a file and that file is then loaded into a process obliterating whatever else was in the process.
Code can take many forms in a computer systems, this is just one form of data.
For example, you ahve a text file that has a javascript / perl program / something, that is a program, it is also a text document, the operating system kernel does not really recognize it as an executable. You cannot give it as an argument to the execve system call. It has to run it indirectly, it has to find another exec executable to run that code. You have executables and you have processes.
A process - is an executable that has been executed - loaded into memory and started running. A process you should think of as an abstraction of a computer that can only run one program at a time. (Older personal computers, early 1960's or something, there is no abstraction of a process. There is no notion of running more than one program at a time. Logically speaking: when you wanted to run a program, all of memory would be loaded with that program, when you wanted to quit the program, you cut the power (turn the computer off).) They run one program at a time, you load it off the disk, and it has complete control of the machine. A process is the abstraction you get when you say, we don't want every program to have complete control of the computer because I do not want to have to reboot the computer to switch programs. I want to run different programs concurrently, for multiple reasons. Want to chain multiple programs in order to produce a result. (A Unix pipeline) The process - giving each running program (each executable) it's own virtual computer to run.
Virtualizing / virtualization (term is rather overloaded) What am I talking about when I say virtual? Something that isn't real. It's not a real thing. When people talk about virtual reality, they are talking about something that can be experienced. What we are saying in a computer science context: When we say virtual, we are really talking about an abstraction - What we actually have, the real thing is not good enough, it doesn't have qualities that you want, so you want to transform it into something more useful (in some way). When we talk about a virtual machine, we are talking about a machine (computer) that does not exist, in the sense that it is not embodied in actual hardware.
(from the theoretical side of computer science): All programming languages or programming system to a first approximation are equivalent, a system is known as Turing complete it can run anything. Turning one Turing complete system into another Turing complete system is the process of virtualization. The ones you've often heard of are: Language Based Virtual machine - an example: java virtual machine. Really you could talk about any time you run a higher level language (perl, javascript, python, etc) That code does not run directly on the processor. It runs inside of another program which has some kind of virtual machine. Strictly speaking, a lot of languages can be interpreted, which means that you have a program that goes through line by line and figures out what that line is supposed to do and what the next instruction is. The point is that no modern language operates that way. What they all go through is some sort of translation phase, converts it to some binary code, and then it runs the byte code. That runtime is what's called a virtual machine. But virtual machines are everywhere when we are talking about trying to run programs. Operating systems can be thought of as implementing a virtual machine and that virtual machine it implements is the process. Key difference between a virtual machine that makes processes and the vm that is typically in these language based virtual machines. The difference between these is getting smaller. Any idea what this difference is?
Java based Virtual Machine - executes byte codes. hardware can't interpret byte code
What is the nature of the binary format that is being run in an operating system process? What format is that code? - machine code - it's the code that is understood by the processor. Machine code here, byte code here, what's the difference? The hardware can't interpret this, This language the processor needs another program to translate. Why can't the processor understand java byte code? It could, there are chips that run java byte code natively. What's worse, the machine code that your processor understand? it actually doesn't. Modern processors such as x86 or x86-64 these are the most common things for a pc, arm byte code, arm machine language, that sort of thing.
This language is too annoying to use internally inside the microprocessor, it's not efficient, it was not designed to run very fast. It actually has a front end that takes that code and translates it to another byte code. There have been processor startups, where instead of having it done directly on the chip, they put something like a java virtual machine on the processor. Why am I saying this? The virtual and the real in computer science are often hard to tell apart. Virtual to one group could actually be real to another group. When you are coding in java / c, that is the language, that is real to you. That is the abstraction you are working i. but there are actually other levels below you. That generally is not the real level. when you are dealing with millions of transistors, there is a lot of abstraction. The process is the virtual machine that you run processes in. You take a file and loads it to disk. there is a little problem with this concept: Program on disk, is it a one to one mapping between programs on disk, and programs in memory? Not at all! Most programs on disk are not running at any given time. A given program on disk can be running in many different processes, you can have multiple instances of the same program running at the same time. Logically in an API for an operating system, you have to distinguish between the creation of a process, and the loading of an executable into that process. because you want to be able to facilitate the many to many mapping. What does that API look like? I'll give you another funny thing, if you are running one program, can you make that program do multiple things at the same time? Yes, now there is this whole notion of threading, but a thread is not a process.
A thread is not a process.
Process = thread(s) + address space
The cPU is virtual, because that would be really annoying to only have 4 things running at a time. Talking about things that are running at the same time. how many things are running @ the same time? Hyperthreading. What does it mean to run things at the same time, is it actually running? or is it logically running. we want the abstraction so that every process has it's own computer. That's what we are talking about when we talk about threads. Process has memory in which it can run, inside that process, how many processors do I have running? Classic only has 1. When you get to multithreaded processors, there is more than one logical solution. If you think about this? That's a mess! Having more than one program counter to track inside of one address space. this causes lots of problems! What happens when they step on each other. They do crazy things like chance teh loop index, from outside the loop. how do you reason about your code when things like this happen? When you put more than one logical cpu inside an address space that can happen. For a long time Operating systems, only supported processes with a single thread of execution. They supported lots of processes. Just made sure each one only had 1 thread.
Having more than one cpu running around inside the address space. What happens if they try running the same code twice? Change the loop index in the loop from outside of the loop. The right way to think of this is don't do that. When you put more than one cpu inside the address space. For a long time operating system supported one cpu inside the address space. They supported lots of processes but only one cpu. That's kind of limiting, but why do you want your running programs to be sharing memory, the main reason you want them to share memory is to communicate. Shared memory has only one advantage - it can be very fast. How do you make sure you don't overwrite each other's messages? In modern computation, distributed systems, big systems - you do almost everything you can - when you share memory you put some sort of API on top of it to control access. The only problem is - other than having potential communication overhead, you have higher overhead in general, you now have an address space to keep track of, it's own version of memory for each running program. That's so much overhead, it was a good while before computers started to allow multithreading, because it takes a lot of transistors to do. Used to be you'd have a Completely separate processor (a MMU) to take care of every running program in it's own address space, it is now integrated into cpus.
A running program is a process, address space, plus one or more threads. That's the virtual machine in which you are running in. It's got machine code.
Did you see any assembly in 2401? Not really.
Sharing
Explain terminology. Time space sharing, when we talk about virtualizing resources, talking about virtualizing cpu, virtualizing ram, what we are actually talking about is sharing. Like on a playground, we need to place nicely together. An operating system is a set of mechanisms and policies for allowing for time and space sharing of the (computer resources) processor. In Time sharing: (taking turns) The processor is a limited resource. one program gets it for a while, another gets it for another while, then another gets it for a while. Space sharing means that you have all this RAM, split it up, you have this disk, split it up, one program gets part of it, and another program gets part of it. That's what we mean by space sharing.
Virtual memory and physical memory
There's this distinction between virtual memory and physical memory. Physical memory, is the RAM your computer actually has. You buy those little chips, and plug them in (voila, it goes faster)! (Sims & DIMMS, you expand the RAM) you see them at startup, that's physical memory, it's a real thing, you get gigs of it now. Virtual memory is the memory each running program thinks it has. Memory is shared, we want to share it between multiple processes. A wierd consequence of this is how do we refer to memory, with addresses, with 4 gigs of ram, you get 4 million memory locations. 2^32 locations. That's a number of addresses, one way you could say to share a program running in memory. the first program you run, it will get address ranges 200 - 400, the second 500 - 800. when you load any program binary, you have to then change it to use the addresses it is supposed to use. What address range is it supposed to be? Where is it going to get? What if your program wants more RAM? It's a bit of a pain. It's annoying. What we actually have is physical addresses and virtual addresses: When you load a process, all of the memory references are referencing virtual addresses. Unless you have special hardware to accellerate it, you have to do some sort of table lookup. This is happening on every memory access. There's a lot of hardware, there's a lot of operating system mechanism to make this run pretty damn fast. That's what we mean, every process can have an address 2000, but the address 2000 is the virtual address 2000, each is mapped to a different physical address. (it's OVER 9000)
It can be as big as you want it to be. When you talk about 64 bit processors vs. 32 bit processors. It's not the difference in how much physical memory you have, it's the virtual memory. It is much bigger. Do we have any computer with 2^64 bytes of RAM? No, it is a really big number. Not in our lifetime. Everyone has their own private address space. It's just like namespaces, when you write program, and run another program. Do you expect the x in one program to be the same in another? No. the scoping is between processes. These address spaces are the same thing, but they are mapped differently. The address space is fixed in size, because it's limited by the processor word size. How much of it is allocated to the program? Might have a program that's taking up 50 Mb, but I want some more memory, asking for more address space? Asking for part of your virtual address space to be turned into storage, ask the operating system, please can I have some more ram? (Can I have some more sir?)
The operating system notices when you access parts of physical memory that you are not allowed to. It raises an exception, handles it, and you get a segmentation fault. Accessing memory you shouldn't be accessing. The operating system is very firm about it, if you don't handle it in your process, you die. In modern operating systems, some programs are not equal. Just because you are root, does not mean you are in control! It si not the root user, it is the kernel? Can the kernel have a segmentation fault? A program running with full privileges can still have a segmentation fault. The kernel can also have segmentation fault. When this happens the machine will crash hard.
On the linux system, an oops is a kernel message system being logged. when the kernel fully panics, it just stops. Kernel panic in linux is rare, blue screen of death in windows is a kernel panic. It is possible the system recovers, deep enough in the kernel if you make mistakes, you are just done. you aren't just managing your own memory, you are managing on behalf of other processes. If a kernel is corrupt, it will corrupt everything on disk. Which would you rather have the kernel stop, or continue to do uncontrollable things to other parts of the system?
Environment variables for X:
Did you see the command for listing all the environment variables? env - when you ran env on it, when you look through that list of environment variables. There's an environment variables called display. Looking at systems going, what the heck is that? Looking really far, another is just to look at teh environment variables, which programs require this. Look at the environment variables, which one could it be? Google for Display environment variable, and you see all kinds of stuff. one of the skills you need to have, you need to be able to figure this out! The longer story is, the way you see things in a unix system, is that there is a program controlling the display. There is a part of the kernel that controls their access to the display. Wayland, what does ubuntu use? Next generation replacements for the xwindow system. before the xwindow system, there was the wwindow system.to allow you to separate the notion of a program to interact with the output, it was designed to be network separate. It's actually for display. It's the computer you are running on. That's the server, because all the programs you are running, on it. the program running the process sending all the graphical commands could be somewhere else completely. Xwindow system was based on the xnetwork protocol. processes can be arbitrarily separate from their displays. how does it know where to display things? Provides network transparency.
New view - direct graphical output from another computer on the network - bad because of latency
How to get around lag - run more of the code on the client instead of the server. Have the xclients have some code - transfer code to the xserver, to run on the server. Invisible website, downloads the page and it runs in your browser. Same thing different technology stack.
Mechanisms vs. Policy -
mechanisms - things to do things - the knobs that let us manipulate program state - should be maximally flexible so that they can implement whatever policies you want to do.
policy are what you should do
X Server <= mechanism
window manager, toolkit <= policy
Windows - two calls - create process () <--- many different parameters
unix - fork() and execve(file, cmdline, env)