Signal mis-handling

One of the things that made the Bourne Shell notorious (apart from the obvious Bournegol) was its memory management. Its allocator just walked up the address space as needed. If it hit the end of its mapped memory, it would SEGV, drop into its signal handler, ask the kernel for more memory, and return. This caused inordinate problems later when Unix was ported to systems with less amenable signal handling. (See OpenSolaris for a slightly cleaned-up Bourne shell.)

Larry Wall's 1987 IOCCC winner goes something like:

    extern int fd[];
    signal(SIGPIPE, start);
    pipe(fd);
    close(fd[0]);
    for(;;)
        write(fd[1],ptr,n);

The write serves only to trigger SIGPIPE, and the signal handler is repeatedly changed in order to implement the flow of control (which the judges called "amazing").

I thought it would be amusing to combine these ideas.

    extern char *prog[];
    extern int pc;
    for(;;)
        ((void(*)(void))dlsym(NULL,prog[pc]))();

This looks like a pretty boring interpreter if you assume that the prog consists entirely of built-in function names. But what if it doesn't? Then dlsym() will return NULL and the program will SEGV. The signal handler can then push a return address on the interpreter stack, change pc to point to the user-defined function definition, and longjmp() back to the loop.

(Aside: you can have symbolic builtins like +-*/ if you choose function names that have the same ELF hash as the symbols you want, then run sed over the object code to change their names to symbols.)

The problem is that dlsym() isn't very portable - certainly not enough for the IOCCC. So we need a better way of constructing a symbol table, and preferably without having to mention the function name loads of times (e.g. as in Larry's program). The problem is that you can't interleave the array initializers with the function definitions (at least not without non-portable hacks like linker sets). But how about this:

    #define BUILTIN(name, code) \
        void name(void) code { #name, name },
    
    BUILTIN(add,{
        int b = pop();
        int a = pop();
        push(a + b);
    }
    
    BUILTIN(sub,{
        int b = pop();
        int a = pop();
        push(a - b);
    }
    
    BUILTIN(exch,{
        int b = pop();
        int a = pop();
        push(b);
        push(a);
    }
    
    struct {
        const char *name;
        void (*code)(void);
    } builtin[] = {
          )))
        { 0,0 }
    };

Strategy month

According to Our Glorious Leader the Computing Service's director, March is "strategy month" and we are supposed to come up with ideas. So, this is my long-term wish list. No restraint has been exerted in its compilation :-)

• Get the Chat service deployed!
  
• Hermes projects:
  
  • Re-do and improve the anti-spam and anti-virus infrastructure. This has three parts:
    
    1. Replace MailScanner with exiscan, so that we can scan messages at SMTP time, and reject those we don't like instead of discarding them. If we don't want to rely totally on ClamAV we'd need to replace McAfee with a better commercial AV scanner, because McAfee is not fast enough for non-batch-mode scanning; it's also pretty bad at promptly issuing new signatures. This would allow us to have a default SpamAssassin threshold (without the lost-email consent problems caused by the way MailScanner works) which in turn would help with our AOL problems.
       
    2. Allow per-user options at SMTP time, e.g. spam threshold, stricter sender verification, greylisting, etc. This requires some data-shifting infrastructure which I have made a small start at, and user-interface extensions to Prayer.
       
    3. Add a new component for per-user statistical spam filtering. This would live on the message store (with other per-user state), and hook into message delivery for initial filtering, and copying to or from the spam folder for training. Again we need user-interface changes to Prayer to present the results of the filter and allow users to train it - similar functionality to full MUAs like Mac OS X Mail or Thunderbird.
       
  • Shared folders. Requires a new IMAP proxy (like the Cyrus Murder) and changes to the replication system. Does Cyrus 2.3 have the necessary functionality?
    
  • Internationalized webmail. Replace (or run alongside) Prayer with some better-known software?
    
  • Finish the ratelimit project. Will require time to work on a user interface, so that it is sufficiently friendly. My current idea for how it would work requires the double-bounce patch mentioned below.
    
  • Deploy DKIM (server-side message signatures for anti-spam).
    
• Exim projects:
  
  • Improved hints DB infrastructure. The aim is to remove the performance bottleneck caused by whole-table locking, and make the back-end more pluggable so that we could have distributed hints databases. PPswitch would then act as a cluster with the machines sharing knowledge about other hosts on the net.
    
  • Concurrent DNS lookups during routing, to improve mailing list performance. I've done some work on this already.
    
  • Better handling of double bounces. If we can't deliver a bounce to recipient@domain, try postmaster@domain then postmaster@cam instead of freezing the message.
    
  • Finish the bounce address protection code.
    
• Service integration:
  
  • Kerberos. Proper single-sign-on! Users really hate typing in passwords.
    
  • Raven-authenticated webmail for more single-sign-on.
    
  • Mailing lists generated from Lookup groups. Lookup groups generated from data in CamSIS/CHRIS.
    
  • Web presence: an extension to the chat service which allows other Raven-authenticated sites (such as lookup and webmail) to display a presence icon next to a username. If I am looking at your lookup page and you are on my chat buddy list, then I can see whether you are currently on-line and I can click on the presence icon to chat with you. Depends crucially on transparent single-sign-on. In particular, the default for Raven at the moment is confirmed sign-on, which isn't transparent enough.
    
  • Short URL service, like go.warwick.ac.uk, which doesn't host content but instead redirects to full URLs. Mainly for use on printed material such as business cards, academic papers, posters, press releases, etc. Namespace divided into ~CRSID for homepages (using data from lookup) and ad-hoc names managed by user-admin. Could include societies.
    
• Web stuff, etc.:
  
  • Blogging service.
    
  • Web forums.
    
  • The two could be aspects of the same thing (e.g. Livejournal's blogs and communities).
    
  • Society information in Lookup, similar to the institution information.
    
  • More effective use of talks.cam.ac.uk.
    
  • Shared calendars / meeting manager.
    
• Networking:
  
  • Make it easier for depts and colleges to host conferences. e.g. at the Durham UKUUG I was given a short-term uid which gave me access to their PWF and wifi.