Removing access to parts of memeory

Discussion in 'C++' started by Kasper Middelboe Petersen, Oct 1, 2010.

  1. Hello,

    I'm working on a CSP library. I have channels and communicate messages
    between processes using these. I would really like to be able to
    enforce the concepts of CSP by removing accesss to variables for one
    process as its passed trough a channel to another somehow. I'm looking
    for any ideas as to how to actually do this.

    Just to examplify what I mean:

    I have two processes, p1 and p2. They share a channel c of a datatype
    d which p1 writes to and p2 reads from.

    Now d could be very simple like a bool or int in which case copying
    wouldnt be a real problem thus leaving p2 with its own copy of the
    message that p1 does not in anyway have access to.

    However more often than not it would be a larger datastructure which
    would be passed as a pointer to avoid the overhead of copying. In this
    case p1 ofcause passes a pointer trough the channel instead. Problem
    is this means you have no problem accessing the same object from p1
    after its send to p2 as the pointer remains valid.

    My question is, anyone have any ideas how to invalidate the pointer p1
    has after its been send to p2? I'm willing to take some performane
    hits all though not so much as to having to force a copy on every
    channel communication.


    /Kasper
     
    Kasper Middelboe Petersen, Oct 1, 2010
    #1
    1. Advertising

  2. On 10/1/2010 2:39 PM, Kasper Middelboe Petersen wrote:
    > I'm working on a CSP library.


    Is is supposed to be common knowledge as to what it contains or what
    it's for? I'm asking because I have no idea what it is...

    > I have channels and communicate messages
    > between processes using these. I would really like to be able to
    > enforce the concepts of CSP by removing accesss to variables for one
    > process as its passed trough a channel to another somehow. I'm looking
    > for any ideas as to how to actually do this.
    >
    > Just to examplify what I mean:
    >
    > I have two processes, p1 and p2. They share a channel c of a datatype
    > d which p1 writes to and p2 reads from.
    >
    > Now d could be very simple like a bool or int in which case copying
    > wouldnt be a real problem thus leaving p2 with its own copy of the
    > message that p1 does not in anyway have access to.
    >
    > However more often than not it would be a larger datastructure which
    > would be passed as a pointer to avoid the overhead of copying. In this
    > case p1 ofcause passes a pointer trough the channel instead. Problem
    > is this means you have no problem accessing the same object from p1
    > after its send to p2 as the pointer remains valid.


    Huh? When you pass an address from one process to another, you got no
    problem? That's interesting and must be very much platform-specific.
    On the OS I use (and program for), a pointer is useless in another
    process since they exist in "protected memory", i.e. the memory of one
    process is only available to that process...

    > My question is, anyone have any ideas how to invalidate the pointer p1
    > has after its been send to p2? I'm willing to take some performane
    > hits all though not so much as to having to force a copy on every
    > channel communication.


    What do you mean by "to invalidate"? Set the pointer to NULL and it
    becomes invalid, if that's what you're after.

    V
    --
    I do not respond to top-posted replies, please don't ask
     
    Victor Bazarov, Oct 1, 2010
    #2
    1. Advertising

  3. * Kasper Middelboe Petersen, on 01.10.2010 20:39:
    > Hello,
    >
    > I'm working on a CSP library.


    Which of the acronyms at <url: http://acronyms.tfd.com/Csp> is *your* "CSP"?

    OK, I'll make an educated guess, that you're talking about Concurrent Sequential
    Processes in the sense of Hoare.


    > I have channels and communicate messages
    > between processes using these. I would really like to be able to
    > enforce the concepts of CSP by removing accesss to variables for one
    > process as its passed trough a channel to another somehow.


    Which concept is that?


    > I'm looking
    > for any ideas as to how to actually do this.


    It's unclear what you mean by "removing access to variables".



    > Just to examplify what I mean:
    >
    > I have two processes, p1 and p2. They share a channel c of a datatype
    > d which p1 writes to and p2 reads from.
    >
    > Now d could be very simple like a bool or int in which case copying
    > wouldnt be a real problem thus leaving p2 with its own copy of the
    > message that p1 does not in anyway have access to.
    >
    > However more often than not it would be a larger datastructure which
    > would be passed as a pointer to avoid the overhead of copying. In this
    > case p1 ofcause passes a pointer trough the channel instead. Problem
    > is this means you have no problem accessing the same object from p1
    > after its send to p2 as the pointer remains valid.


    It appears you're talking about a data structure placed in shared memory, or,
    you're talking about threads, not processes.



    > My question is, anyone have any ideas how to invalidate the pointer p1
    > has after its been send to p2? I'm willing to take some performane
    > hits all though not so much as to having to force a copy on every
    > channel communication.


    Before thinking about performance, try to implement something that works.

    I think you'll find that the performance problems you're envisioning are not
    relevant, but that other performance problems are.


    Cheers & hth.,

    - Alf


    --
    blog at <url: http://alfps.wordpress.com>
     
    Alf P. Steinbach /Usenet, Oct 1, 2010
    #3
  4. On Oct 1, 11:13 pm, "Alf P. Steinbach /Usenet" <alf.p.steinbach
    > wrote:
    > * Kasper Middelboe Petersen, on 01.10.2010 20:39:
    >
    > > Hello,

    >
    > > I'm working on a CSP library.

    >
    > Which of the acronyms at <url:http://acronyms.tfd.com/Csp> is *your* "CSP"?
    >
    > OK, I'll make an educated guess, that you're talking about Concurrent Sequential
    > Processes in the sense of Hoare.


    Correct. And sorry meant to put in a link but forgot about it.


    > > I have channels and communicate messages
    > > between processes using these. I would really like to be able to
    > > enforce the concepts of CSP by removing accesss to variables for one
    > > process as its passed trough a channel to another somehow.

    >
    > Which concept is that?


    That the way to share information is by passing messages, not by using
    shared memory (and not get tempted to use shared memory because it is
    possible).

    > > I'm looking
    > > for any ideas as to how to actually do this.

    >
    > It's unclear what you mean by "removing access to variables".
    >
    > > Just to examplify what I mean:

    >
    > > I have two processes, p1 and p2. They share a channel c of a datatype
    > > d which p1 writes to and p2 reads from.

    >
    > > Now d could be very simple like a bool or int in which case copying
    > > wouldnt be a real problem thus leaving p2 with its own copy of the
    > > message that p1 does not in anyway have access to.

    >
    > > However more often than not it would be a larger datastructure which
    > > would be passed as a pointer to avoid the overhead of copying. In this
    > > case p1 ofcause passes a pointer trough the channel instead. Problem
    > > is this means you have no problem accessing the same object from p1
    > > after its send to p2 as the pointer remains valid.

    >
    > It appears you're talking about a data structure placed in shared memory, or,
    > you're talking about threads, not processes.


    In my case the abstraction "process" it is implemented using threads.
    But either way both p1 and p2 have access to the same object after the
    communication unless a copy is taken.


    > > My question is, anyone have any ideas how to invalidate the pointer p1
    > > has after its been send to p2? I'm willing to take some performane
    > > hits all though not so much as to having to force a copy on every
    > > channel communication.

    >
    > Before thinking about performance, try to implement something that works.
    >
    > I think you'll find that the performance problems you're envisioning are not
    > relevant, but that other performance problems are.


    I'm not too concerned with performance more than I do not want to get
    something to work thats doomed beforeahnd. I'll rather just accept the
    shared memory and leave it to whoever is using the library to not
    screw themselves over by using it.

    The faster the channels are the easier it is to write code that has
    good utilization as you won't get slapped in the face everytime you
    try to communicate.


    /Kasper
     
    Kasper Middelboe Petersen, Oct 3, 2010
    #4
  5. On Oct 1, 9:46 pm, Victor Bazarov <> wrote:
    > On 10/1/2010 2:39 PM, Kasper Middelboe Petersen wrote:
    >
    > > I'm working on a CSP library.

    >
    > Is is supposed to be common knowledge as to what it contains or what
    > it's for?  I'm asking because I have no idea what it is...


    Forgot the link - <url: http://en.wikipedia.org/wiki/Communicating_sequential_processes>.
    Sorry.

    >  > I have channels and communicate messages
    > > between processes using these. I would really like to be able to
    > > enforce the concepts of CSP by removing accesss to variables for one
    > > process as its passed trough a channel to another somehow. I'm looking
    > > for any ideas as to how to actually do this.

    >
    > > Just to examplify what I mean:

    >
    > > I have two processes, p1 and p2. They share a channel c of a datatype
    > > d which p1 writes to and p2 reads from.

    >
    > > Now d could be very simple like a bool or int in which case copying
    > > wouldnt be a real problem thus leaving p2 with its own copy of the
    > > message that p1 does not in anyway have access to.

    >
    > > However more often than not it would be a larger datastructure which
    > > would be passed as a pointer to avoid the overhead of copying. In this
    > > case p1 ofcause passes a pointer trough the channel instead. Problem
    > > is this means you have no problem accessing the same object from p1
    > > after its send to p2 as the pointer remains valid.

    >
    > Huh?  When you pass an address from one process to another, you got no
    > problem?  That's interesting and must be very much platform-specific.
    > On the OS I use (and program for), a pointer is useless in another
    > process since they exist in "protected memory", i.e. the memory of one
    > process is only available to that process...


    The "process" is an abstraction. I've implemented them using threads.
    In either case to communicate an object over a channel it would have
    to placed in shared memeory.

    > > My question is, anyone have any ideas how to invalidate the pointer p1
    > > has after its been send to p2? I'm willing to take some performane
    > > hits all though not so much as to having to force a copy on every
    > > channel communication.

    >
    > What do you mean by "to invalidate"?  Set the pointer to NULL and it
    > becomes invalid, if that's what you're after.


    I want to "unshare" the memeory after a communication so that p1
    wouldnt be able to access the data it "passed on" to p2. It's to force
    people to use channels and not use shared memory.

    If I force the writing process to pass its message by reference I
    guess I could set its message to NULL. I'm using templates for the
    datatypes tough - is there anyway to set a datatype T to NULL
    genericly for all datatypes?


    /Kasper
     
    Kasper Middelboe Petersen, Oct 3, 2010
    #5
  6. Kasper Middelboe Petersen

    Öö Tiib Guest

    On 3 okt, 21:53, Kasper Middelboe Petersen <>
    wrote:
    > On Oct 1, 9:46 pm, Victor Bazarov <> wrote:
    >
    > > On 10/1/2010 2:39 PM, Kasper Middelboe Petersen wrote:

    >
    > > > I'm working on a CSP library.

    >
    > > Is is supposed to be common knowledge as to what it contains or what
    > > it's for?  I'm asking because I have no idea what it is...

    >
    > Forgot the link - <url:http://en.wikipedia.org/wiki/Communicating_sequential_processes>.
    > Sorry.


    By that link it looks like you are creating another language.

    For interprocess communication people use things like ACE or CORBA or
    Boost.Interprocess. Why you do not use something from these things?

    > > > My question is, anyone have any ideas how to invalidate the pointer p1
    > > > has after its been send to p2? I'm willing to take some performane
    > > > hits all though not so much as to having to force a copy on every
    > > > channel communication.

    >
    > > What do you mean by "to invalidate"?  Set the pointer to NULL and it
    > > becomes invalid, if that's what you're after.

    >
    > I want to "unshare" the memeory after a communication so that p1
    > wouldnt be able to access the data it "passed on" to p2. It's to force
    > people to use channels and not use shared memory.


    The C++ programs in windows and unix memory is protected by process
    boundary. C++ itself does not talk about virtual memory (nor its
    protection). So if you want to have memory protected between modules
    you have to put the modules into different processes (relatively
    simple) or write platform specific code (relatively hard).

    You can of course use some silly way ... like write some sort of smart
    pointers that check current thread id on attempt to dereference and
    throw if it is wrong. On such case you also have to ensure that every
    part of code uses only such smart pointers to achieve it being
    effective.

    > If I force the writing process to pass its message by reference I
    > guess I could set its message to NULL. I'm using templates for the
    > datatypes tough - is there anyway to set a datatype T to NULL
    > genericly for all datatypes?


    What are you asking here? There is "generic" std::auto_ptr<T> ... it
    sets itself to NULL if you assign it to (or construct from it) another
    auto_ptr<T>.
     
    Öö Tiib, Oct 3, 2010
    #6
  7. On 1 Okt., Kasper Middelboe Petersen wrote:

    [snip]

    > My question is, anyone have any ideas how to invalidate the pointer p1
    > has after its been send to p2? I'm willing to take some performane
    > hits all though not so much as to having to force a copy on every
    > channel communication.


    I would choose the approach that Öö labeled as the "silly" way: Force
    the user to use some special pointer class which is aware of the
    thread context (ideally it should know when the underlying buffer has
    been sent so that it forbids the sender to manipulate the buffer
    afterwards). IOW, you'll will have to implement your own version of
    "shared memory" with all the security aspects that you need.

    Regards,
    Stuart
     
    Stuart Redmann, Oct 4, 2010
    #7
  8. Kasper Middelboe Petersen

    James Kanze Guest

    On Oct 1, 7:39 pm, Kasper Middelboe Petersen <>
    wrote:

    > I'm working on a CSP library. I have channels and communicate
    > messages between processes using these. I would really like to
    > be able to enforce the concepts of CSP by removing accesss to
    > variables for one process as its passed trough a channel to
    > another somehow. I'm looking for any ideas as to how to
    > actually do this.


    The usual solution is to use auto_ptr. It has the disadvantage
    that it requires everything to be allocated dynamically, but
    once you've passed the auto_ptr to the channel (or anywhere
    else), the original auto_ptr cannot be used.

    --
    James Kanze
     
    James Kanze, Oct 5, 2010
    #8
  9. Kasper Middelboe Petersen

    James Kanze Guest

    On Oct 1, 10:13 pm, "Alf P. Steinbach /Usenet" <alf.p.steinbach
    > wrote:
    > * Kasper Middelboe Petersen, on 01.10.2010 20:39:
    > > I'm working on a CSP library.


    > Which of the acronyms at <url:http://acronyms.tfd.com/Csp> is *your* "CSP"?


    > OK, I'll make an educated guess, that you're talking about
    > Concurrent Sequential Processes in the sense of Hoare.


    That would seem rather obvious (and I find it surprising that
    people with your experience, or that of Victor, aren't familiar
    with the acronym).

    > > I have channels and communicate messages
    > > between processes using these. I would really like to be able to
    > > enforce the concepts of CSP by removing accesss to variables for one
    > > process as its passed trough a channel to another somehow.


    > Which concept is that?


    The concept of CSP. Basically, that a "job" consists of a set
    of data and a sequence of steps, each step being handled by
    a separate "process" (a process in CSP would typically be
    a thread today). And only one process has access to the data of
    the job.

    > > I'm looking for any ideas as to how to actually do this.


    > It's unclear what you mean by "removing access to variables".


    > > Just to examplify what I mean:


    > > I have two processes, p1 and p2. They share a channel c of a datatype
    > > d which p1 writes to and p2 reads from.


    > > Now d could be very simple like a bool or int in which case copying
    > > wouldnt be a real problem thus leaving p2 with its own copy of the
    > > message that p1 does not in anyway have access to.


    > > However more often than not it would be a larger datastructure which
    > > would be passed as a pointer to avoid the overhead of copying. In this
    > > case p1 ofcause passes a pointer trough the channel instead. Problem
    > > is this means you have no problem accessing the same object from p1
    > > after its send to p2 as the pointer remains valid.


    > It appears you're talking about a data structure placed in
    > shared memory, or, you're talking about threads, not
    > processes.


    He's talking about the processes in CSP, not the processes in
    Windows or in Unix. Processes in CSP are typically implemented
    as threads; they could be implemented as processes, using shared
    memory, but in that case, the solution to his problem is
    obvious: unmap the shared memory from the process which has
    passed the data on. (This is actually not a bad idea: maintain
    all pertinent data in files which are mmap'ed. The channel
    interface unmaps the file, and sends its name by some other
    means, maybe a pipe, to the next process, which mmap's it.)

    > > My question is, anyone have any ideas how to invalidate the pointer p1
    > > has after its been send to p2? I'm willing to take some performane
    > > hits all though not so much as to having to force a copy on every
    > > channel communication.


    > Before thinking about performance, try to implement something that works.


    > I think you'll find that the performance problems you're
    > envisioning are not relevant, but that other performance
    > problems are.


    Independently of performance... Having to pass complex data
    through a serial channel involves marshalling, which is a lot of
    additional complexity.

    For a large scale, industrial application, I'd certainly look
    into the mmap'ed solution, with custom allocators so that
    I could use things like std::vector in the client data. But
    such a solution is a lot of work, and just using auto_ptr at the
    channel interface has been sufficient in numerous applications
    I've written.

    --
    James Kanze
     
    James Kanze, Oct 5, 2010
    #9
  10. On 10/5/2010 5:07 AM, James Kanze wrote:
    > On Oct 1, 10:13 pm, "Alf P. Steinbach /Usenet"<alf.p.steinbach
    > > wrote:
    >> * Kasper Middelboe Petersen, on 01.10.2010 20:39:
    >>> I'm working on a CSP library.

    >
    >> Which of the acronyms at<url:http://acronyms.tfd.com/Csp> is *your* "CSP"?

    >
    >> OK, I'll make an educated guess, that you're talking about
    >> Concurrent Sequential Processes in the sense of Hoare.

    >
    > That would seem rather obvious (and I find it surprising that
    > people with your experience, or that of Victor, aren't familiar
    > with the acronym). [..]


    You presume way too much.

    V
    --
    I do not respond to top-posted replies, please don't ask
     
    Victor Bazarov, Oct 5, 2010
    #10
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Ravi

    System Memeory

    Ravi, Mar 27, 2006, in forum: Java
    Replies:
    11
    Views:
    641
    Chris Uppal
    Mar 30, 2006
  2. Replies:
    3
    Views:
    600
    Keith Thompson
    Mar 31, 2007
  3. Replies:
    1
    Views:
    951
    =?Utf-8?B?UGV0ZXIgQnJvbWJlcmcgW0MjIE1WUF0=?=
    Apr 12, 2007
  4. kizk
    Replies:
    0
    Views:
    599
Loading...

Share This Page