They all happen at a slightly higher layer, but they all exist similar to an OS. (I'm not sure if the higher layer makes it easier or harder to understand - but in terms of what you need to know, an OS class or three is definitely helpful)
OSs are built on hardware, browsers are built on OSs. Even though they "sort of" do the same types of things, the abstractions are very different.
- OS memory management is more about managing hardware page tables, copy-on-write, page sharing, page protections etc. Browser memory management is typically custom allocators optimizing for different types of structures.
- OS process management is about using CPU primitives to multitask segments of code, context switching, timers, wait queues, interrupt management etc. In the browser, it's more about managing webpage/process relationships, application threading, rendering pipelines, and the JS runtime.
- OS network management is all about interfaces, packet processing, buffer management, low level protocols (ethernet, IP, etc.) Browser network management is all about protocols, and not really much about the hardware.
Sure there's a lot of broad-stroke similarity between OSs and browsers, but for a university course, where one typically gets deep into the details, they're entirely different.
I think that highly optimized browsers have to deal with memory usage and page sharing as well. And QUIC started out as a userspace implementation shipped with Chrome handling packets and such, so I think browsers and OSes are not "entirely different".
> IPC, memory management, process management, network management.
I imagine the non-trivial parts of these are done for the JS VM (correct me if I'm wrong), and therefore a VM design course would have more intersection with Browsers with respect to these disciplines than an OS course.
> security
This one is everywhere, it has no special connection to OSes.
> They all happen at a slightly higher layer
Slightly?! That's an understatement of the week! The difference in abstraction levels is huge here and the specifics of the two levels are very, very different.
> in terms of what you need to know, an OS class or three is definitely helpful
Sure. But I think it's as useful as any systems programming course. I can agree that systems programming is a good preliminary for both Browsers and OSes, and learning either of the two will teach you a good deal about systems programming, but I doubt they will repeat each other.
These are all part of the browser outside the VM too.
Multi-process architecture requires you to think deeply about IPC.
Memory management is all over the place - there isn't a browser without custom allocators, investment into GC, etc.
Process management -> see multi-process architecture.
Network management: Browsers need to handle a tremendous amount of network issues. I mean... that's what they do. Outside of the VM, too.
As for "security is everywhere" - the whole point of an OS (and a browser) is to make it possible for security to be everywhere. To provide the primitives that you can securely build on.
> Slightly?! That's an understatement of the week!
Not really, no. I've worked on embedded networking stacks, on full-fledged OSs, and on browsers. I stand by "slightly". Yes, granted, a browser doesn't get quite as bit-fiddly as a on-the-metal OS, but it's a matter of degrees, not quality.
Can you work on many areas of a browser without ever touching OS-like code? Absolutely. This particular book has a good chance of avoiding most, because it focuses on the rendering part.
But a browser, as a whole, provides an abstracted platform just like an OS. And it echoes many concepts, if in slightly different forms.
I think a good example of two solutions used in browsers and OSes that are meaningfully similar (and not inherent to all systems software) would convince me better. Do you have one?
The security problems of a browser are very similar to the security problems of a traditional mainframe OS.
You need to execute potentially malicious code in isolated containers (processes / pages). You need to protect the system from these processes, and protect these processes from one another. You need to run some code with elevated privileges / additional capabilities (setuid / permissioned APIs), including some with superuser privileges (root user processes / browser extensions).
There's IPC. There's memory management. There's process management. There's network management. There's security. There's device management.
They all happen at a slightly higher layer, but they all exist similar to an OS. (I'm not sure if the higher layer makes it easier or harder to understand - but in terms of what you need to know, an OS class or three is definitely helpful)