I could just ask this on the mailing list, but this way the answer will be archived for posterity.
I seem to recall that there's a set of primitives in Racket that allow the sharing of a resource at the process level. For instance, suppose there's a (non-Racket) shared library whose initialization produces a unique token used to communicate with it (bad idea, I know). What's the best way to share this with all threads that need to access it?
Many thanks!
EDIT: clearly I did an extraordinarily poor job of explaining myself. The fundamental issue here is that I have a DrRacket tool that runs at init time, and a user thread that runs in a user's eventspace, and the challenge is to communicate a value from the one to the other. One obvious but grotesque way would be to alter the behavior of the "run" button for all DrRacket programs. Another way would be to ...
Okay, perhaps the right question is whether there's an easy way for all instantiations of a module to share a mutable box.
You might be thinking of scheme_register_process_global. It's used, for example, to avoid initializing the OpenSSL library multiple times; see openssl/mzssl.rkt near the end of the file.
Related
I have an open-source GUI for which I've just implemented a very basic extension mechanism that allows the user to embed a snippet of Lisp (Guile) code in a document to allow certain functions to be customized. Currently the use case (my own) is that in a certain situation I just want a certain number to be divided by 10 automatically.
In principle this means that if someone uses my GUI, someone else can send them a document containing a Trojan horse attack in the form of malicious Guile code. This seems unlikely in reality due to my very small user base and the relevant social factors, but anyway I would like to protect against this by sandboxing the code.
Guile 2.2.1 has a sandboxing mechanism: https://www.gnu.org/software/guile/manual/html_node/Sandboxed-Evaluation.html However, this seems entirely focused on preventing excessive use of resources (and many users will not have such a current version of Guile, e.g., I don't right now).
Is it possible in a Guile program, after the interpreter has started up, to delete libraries such as POSIX so that any later code can't do things like read files? If so, then I could just have my GUI prepend the sandboxing code to the potentially untrusted code supplied by the document. My goal would basically be to ensure that the untrusted code would have to be 100% without side effects.
It seems like other people must have run into this issue before, since Guile has been promoted as a standard extension language for Linux.
EDIT: After coming across How to undefine a variable in Scheme? , it seems to me that I could probably create a new scope, override the definition of any dangerous function by doing a set! within that scope, and then execute the untrusted code within that scope. I suppose if I could read the entire symbol table somehow, I could do this kind of overriding on every function that isn't on a whitelist. This just seems clumsy and inefficient, and might depend on reading the symbol table using some implementation-specific mechanism. It also might be vulnerable to syntactical tricks, like if the untrusted code uses a ) to pop itself out of the scope of the sandbox.
i have never done embedded (i dont know if thats what you call this) programming and know nothing about it. my question:
is it possible to have two devices sharing a wireless connection (no internet, just between themselves, perhaps bluetooth, but i dont know what ever is best) ?
is it possible to have one editing a file and the other person editing the same file and they can see changes in real time? sort of like google docs?
does this exist already?
what can i do to get started regarding this kind of programming?
to clarify:
i want two people with iphones or any other hand held device, to be able to edit a text file at the same time and see each other's changes in real-time. how do i do this?
There are a bunch of slightly strange assumptions hidden in your questions. I'll try to unpick them as best as I can.
You've used "embedded" programming in a strange way. Usually this would suggest some kind of low-power devices used in settings without direct user interaction in some sense (e.g. factory controllers, refrigerator controllers, sensor nodes), performing a very specific task, but you've gone on to talk bout people editing files. What exactly would be the user interface here? What would make this embedded programming? I think you need to describe an application before any advice can be offered.
If you actually mean embedded devices, then whether they can connect wirelessly to one another is going to depend on the nature of the device. Similarly, the protocol/technologies involved will depend on the device. Embedded programming tends to be very much device-specific. There certainly exist wireless sensor nodes, for example, that incorporate small radio transceivers for serial comms.
Google docs already exists. Without a clearer problem description it's difficult to say whether what you want exists already or not.
I think you should really figure out exactly what kind of programming it is that you want to do before we can offer points as to how to best get started with it. Maybe look up a definition of "embedded programming" and see how this relates to your goals such that you can reformulate your questions a little more clearly.
I'm not sure how "real time" would fit into this scenario either. This term is used and abused in many ways. Things are only ever real-time with respect to some constraint, usually defined in terms of the application.
(Note: This might have been more appropriate as a comment, but I felt there was too much to respond to in order to sum up within character limits, and I hope correcting some of the confusion constitutes something of an answer, given the limitations of the question).
Two devices can share a connection like this. It's done all the time. There are many many protocols for this. Weather or not it is wired or wireless or uses the Internet doesn't really matter for 90% of this.
This is sort of doable, but not really. You really have a race condition when two people are editing at the same time. This is generally avoidable by locking out small parts of the document at from all but one editor at a time (like only one person being able to edit one cell of a spreadsheet at a time), but this has problems too (like of the one active editor is taking way too long -- this is a problem seen in many source version control systems too).
1 already exists in many many forms. 2 sort of exists in many forms, but the problems I mentioned are impossible to completely overcome.
The way you asked this question leads me to believe that you are very far from being able to do this. In addition, you didn't tell us anything about what you do know how to do. Can you write a simple text editor for an iPhone (or anything else)? Simple text editors from scratch that aren't crappy aren't easy to write.
What you need to do, if you really want to do this, is to come up with a protocol for the two (or more) devices to talk to each other in. To do this it is probably best if you figure out what type of communication is available between the devices and which of those you will use and what features it does not provide that you will need on top.
You could try to send patches of the file (or something similar) between the two devices as edits are made, but then you'll have to decide what to do in the event of a collision (edits near the same place).
Alternately you could have the two devices exchange permission to make edits (like in token ring networks).
You still have a problem if the two devices lose communication with each other during the editing of the file, though. With the token ring type setup you stand the possibility of losing the token and neither being able to automatically recover easily. Whatever you do you end up with the problem of the two ending up with different ideas of the file's contents.
"iphones or any other hand held device" - the technology stack to do that doesn't exist today. You have to co-ordinate between multiple languages and systems. (Okay, maybe you want to write that software, but it's a huge undertaking).
Your best bet would be to create a web page that all of the mobile browsers can work on and save a text file from.
Of course it's possible. Bluetooth does this. Wi-Fi does this if you join an ad-hoc network.
Of course it's possible. Just run the Google Docs server on one of the devices.
It might.
Way too vague.
I recently became part of a complex embedded project team for which I will be developing a part. For the part which is my responsibility there is only old code and not much documentation.
I am keen to make a good start but shyness and fear of appearing stupid makes it difficult to ask questions. How to ask questions ?
I wanted to ask what techniques do you guys use to understand a project ? I mean there are of lots of technical details which one must remember and keep in context in order to make a design. Your read the code and get some facts but how to move ahead ?
For instance you read the code and the document(s) and get some facts A and fact B . How to reach suitable conclusion X for which you may or may not have needed to take into account facts C and D also ?
Code-reading can be particularly difficult if there is not enough documentation and the code is poorly documented and badly written. I guess the best way now is to find the entry point of the code, and slowly understand its flows and what data it uses. I would keep a look out for
Structure - are there any partitioning of entities/system? Where in the code (and how) do they communicate with each other?
Data - what sort of structures are used to hold the global data? How are the data accessed and saved?
If you are doing C or C++, it is also important to find out how memory is handled and for C++ (and other related non-managed memory OOP languages, I guess), how are object ownership contained.
Since it is an embedded project, are there any non-standard code or coding constructs used?
Reading the code is balanced by writing the documentation.
Write the documentation that your replacement will need. Imagine someone who knows less than you. Explain it for that person.
When you cannot explain something to your replacement, ask questions.
When you have a complete description, you will "know" the system.
And you will have produced complete documentation.
You don't mention what kind of tests exist. If there are test cases, modify them and trace how this would affect the end result.
You might want to look at diagrams which give the entire picture of the logical structure of the system, like, for example, looking at class diagrams in an OOP system would be of great help. Looking at the design diagrams of large and complex apps gives you a clear understanding of how the internal modules of the system are organized and this way its makes the task of figuring out what functionality does a particular piece of code does much much easier. In the absence of diagrams, you're best bet would be to start from the entry point of the app, like main() and proceed from there while you draw(literally draw or write down on paper) your own conclusions about the system(this way you can have your own documentation) and ask your peers if they're correct.
My experience is that it's best to start with some kind of task -- a bug fix or other small change. That will provide focus to your learning. I find it hard to read through a binder or sift through pages of source code or documentation without having a way to apply it.
If you have a sandbox where you can play with changes that you've made without messing up the code base, that can be even more helpful.
I have this grand idea to basically employ some brute force attack to test/verify that my web application doesn't crash.
Don't get me started on unit testing, and IoC stuff, this is something else entirely.
What I'm doing, and what I'm asking for help with is to create an intelligent exhaustive search, that explore parts of the program state.
What I have is a web page with things I can do, clicking is one thing, text input is another, some inputs like radio buttons and drop down lists are constrained to certain values. Pretty basic things. What I end up with a finite set of events and values and what I want to model is a progression of state. Maybe this is FSM optimization in a way, but the goal is to systematically go through arbitrary permutations of events and values and see what happens.
When a problem is found I want to try and provoke that error with as little effort as possible to be able to present a clear test case.
This relates to formal verification methods and I'm asking for help or insight from people with experience.
What you want to do sounds a little like model-checking, on the one hand, and automated test case generation on the other hand (in the latter category check out Concolic testing, a technique to avoid wasting time with unfeasible execution paths).
Model-checking would be the preferred method if you assume your web application is correct and want to prove that it is. But in the case of a warning, you may have to work to understand if the problem is real or not. Test case generation is oriented towards bug-finding: it does not prove that you app is correct, but if it finds a problem, it gives you an input vector to produce it so you don't need to wonder if the problem is real.
I am not aware of any existing tools for web apps, but that doesn't mean that they don't exist.
It sounds like you want a fuzzer. Peach is one such tool.
Exhaustive search can be non trivial task for limited resource (memory,space) ,but with many techniques the problem can be reduced ,like abstracting you code (ex: replacing database driver classes with stubs), an experience is presented in this paper: Abstract Model Checking of Web Applications Using Java PathFinder (Vinh Cuong Tran, Yoshinori Tanabe, Masami Hagiya, University of Tokyo).
If you look to a kind of formal verification of FSM like models, Java PathFinder has an extension to verify UML state charts written in Java+annotation (it depends on the Javapathfinder VM):
http://babelfish.arc.nasa.gov/trac/jpf/wiki/projects/jpf-statechart
These I come across this term a lot "crosscutting requirements/concerns" in programming world.
Although I think I have an idea what it means still I do not have a clear idea. I hear it a lot in web service and SOA in general.
Can this be explained using a hello world example?
It tends to mean "stuff that you want to do in lots of places, which doesn't have an awful lot to do with the real meat of that piece of code".
Common examples are:
Transaction handling
Security
Logging
Error handling
I find it's usually mentioned in respect to Aspect-Oriented Programming (AOP) which usually attempts to handle things like this declaratively, e.g. with attributes/annotations. As a gross simplification, it's a case of applying boiler-plate code (e.g. to verify the identity/authority of the user in the current context, or to log entry/exit of the method) automatically without making the code itself messy.
The standard "hello world" example for crosscutting is logging: You have an error in your production system and you have no clue what is going on. To solve it, you really need to see which functions in your code are called and what parameters they get and what they return.
This is a simple task that can be fully automated: Locate all functions (or a subset using a filter of some kind) and add a logging call to them which prints the name and the parameters. Since the code contains all the information you need to complete this task, what you really want is a tool that does it for you and which does it in a single place (instead of having you edit thousands of source files adding log statements everywhere).
I recommend you look at a framework like Postsharp and try out this example from the postsharp site. If you know java a lok into AspectJ is worth a look. But first you may want to read the link posted by Jon Skeet :)