libera/#commonlisp - IRC Chatlog
Search
20:56:37
copec
White_Flame, what kind of organizational system would you have in mind? Storing the code in some sort of DB under declarations & scopes?
21:06:23
pjb
copec: this could still be files, for compatibility with current tools (git, asdf, quicklisp).
21:07:34
pjb
copec: the heuristic would start with 1 package = 1 file, plus some topological sorting of dependencies (compilation-time and run-time), so eval-when or separate dependent files would be generated automatically.
21:57:28
skeemer
hello all, i am reading SICP and fell in love with lispy languages... i know the book uses MIT-scheme but I found scheme implementations frustrating for their lack of ecosystem and libraries... which i find too fragmented... I was wondering how common lisp was in this concern...
21:59:58
edgar-rft
skeemer: in contrast to Scheme, Common Lisp incudes the "standard library" in its specification.
22:01:37
mzan
skeemer: hi, I'm new here too. I used recently Racket, that it is a Scheme with a rather broad set of libraries. Now I'm trying CL. I'm using QuickLisp and it seems very very good.
22:04:56
etimmons
skeemer: There are a lot of libraries for CL and they tend to be relatively stable since the core language is not continuously evolving.
22:05:35
skeemer
pjb, mzn what i liked about scheme was functional programming, is it something lisp does/allows?
22:06:58
etimmons
However, there are some frustrations. There does seem to be a tendency for libraries to be reimplemented, resulting in a number of libraries that so similar things (this seems especially prevalent in anything web related)
22:07:31
skeemer
etimmons, i am ok with having a bunch of libraries... for doing the same thing and having the choice
22:09:17
skeemer
how is the common lisp landscape in terms of modernity of the language, i mean is it a dying language or people is still developing libraries/modules and so on ?
22:09:52
etimmons
Additionally, I think there's a lack of documentation (no clue how the Schemes fair on this front). Quickdocs is nice, but IMO, extracted docstrings does not a user manual make.
22:11:05
Odin-
skeemer: While a fair question, I suspect even COBOL is more 'alive' than people would expect in those terms.
22:12:06
Odin-
skeemer: And one of the problems I've had with modern JavaScript is that it's _so_ live that something that worked three months ago might not do so now, unless you've been keeping it working for the duration.
22:13:00
etimmons
Last, this is related to documentation, but I don't think there are any great channels for developers to communicate what has changed between versions of their systems.
22:13:08
etimmons
A lot of projects don't have numbered versions, nor changelogs. And for those that do, we don't have a great way to disseminate that information when someone is installing or upgrading a dep
22:14:11
etimmons
But, other than that, in my experience CL systems tend to be high quality and typically don't arbitrarily break things on you, even when they're still being actively developed
22:14:30
skeemer
another thing that confuses me is that lisp is case insensitive when it comes to function/variables/constant
22:16:00
etimmons
Odin-, skeemer : The problem with multiple approaches to the same thing is it's very frustrating when they do practically the same thing except for a handful of situations, but the developers just decided to not work together
22:16:02
Odin-
skeemer: The underlying system _is_ case sensitive, but unless you specifically mark that you don't want it to, everything gets uppercased.
22:16:13
ulfvonbe`
it can be a little unusual when you try using mathematical symbols like δ and find that it gets printed as Δ ;-)
22:17:36
etimmons
One example that comes to mind is Drakma and Dexador. Dexador is so much easier to deploy on Windows because it uses built-in Windows libs, but I prefer Drakma everywhere else because its code is more readable and I've had fewer problems with it
22:19:17
etimmons
Odin-: I think tooling and convention is largely how other languages I've used solve it.
22:20:37
etimmons
I'm slowly working on CLPM (a QL alternative), and one thing I'm particularly proud of is that it uses conditions to tell you what systems its going to update and drops you in the debugger to let you have final approval/disapproval.
22:21:41
etimmons
I'd love to attach changelogs to those conditions so that it could say "I'm updating system A from 1.1 to 1.3, here are the changes as summarized by the project author" so you can make more informed decisions about upgrades and take advantage of new capabilities
22:22:16
Odin-
There's work on establishing that for CL. Honestly, the notion that most programs will predominantly consist of code that's part of other projects developed independently is newer than you'd think.
22:24:26
etimmons
Do you have any pointers to people working on that? All efforts I'm aware of that seem to be going that direction are either related to CLPM or dead (Qi, CLDM)
22:24:56
GreaseMonkey
"the notion that most programs will predominantly consist of code that's part of other projects developed independently is newer than you'd think" --> it's probably due to the popularity of making libraries non-copyleft open-source which tends to get exploited by a lot of companies
22:26:37
skeemer
like to wrap libs written in C and/or other languages? is it something explained in practical common lisp ?
22:27:25
etimmons
skeemer: I don't think PCL describes it. CFFI is the de facto, portable way of doing FFI and it's a pleasure to use for relatively small libs
22:27:36
Odin-
ACTION has on more than one occasion used a CL REPL to experiment with a C library in preference to short C programs.
22:27:56
GreaseMonkey
if you want a good test library for CFFI, zlib is worth doing... unless the zlib wrapper in quicklisp is no longer hopelessly broken
22:28:25
etimmons
For larger libs, you may want to consider evaluating things like CLAW or cl-autowrap to automatically generate the low level bindings for you and then slap a Lisp-ier interface on top
22:30:36
etimmons
But the standard feeling around these parts is that it's better to make a native CL solution if possible, rather than use FFI
22:31:10
etimmons
Easier to distribute and leaves you (and your users) less at the whim of the C library devs
22:32:33
Odin-
Also worth keeping in mind that there are CL implementations that are not based around the C runtime abstraction, such as ABCL.
22:32:36
skeemer
Odin-, do you have any good tutorial/blog article explaining how to do what you do? like experimenting with a C library with a lisp repl ?
22:52:33
jcowan
etimmons: It is certainly possible to do crypto or TCP/IP in Lisp (indeed, Interlisp does), but doesn't strike me as a good idea in either case.
22:53:59
hayley
Crypto in C is only marginally easier - I read the OpenSSL developers read the assembler output for what C code they have to make sure it's still constant time.
23:41:59
jcowan
hayley: My point is that you shouldn't write your own crypto code in any language: you should use a widely deployed library.
23:44:07
jcowan
as the saying is, "unless you trust nobody and your crypto skills are second to none"
23:44:21
ulfvonbelow
I always thought "don't roll your own crypto" generally referred to devising cryptographic algorithms, not necessarily writing or porting an implementation
23:46:16
jcowan
That is certainly even worse. But if you are concerned with covert timing channels, porting is also a Bad Thing.
23:50:23
mzan
Is there someone using CL, coming from Scheme? I'm using Racket in some semi-production utility, but I want to test CL.
23:51:17
ulfvonbelow
For sufficiently large probabilistic sets, existential and universal qualifiers become trivially true and false, respectively
0:02:15
ulfvonbelow
heh, I'd say they both have their charm, but I do like the lack of opinion of CL, the gradual typing system, the simplicity of writing macros, and the fact that the standard designers thought of just about everything possible (want to specialize your data structure that requires an integer serialization to hold characters, but don't know how high a char-code can go? CHAR-CODE-LIMIT, built right into the standard!)
0:04:53
mzan
I tried Typed Racket, and it seems very good in this regard. My first impression with CL and SBCL it is that it is all more professional and industrial grade.
1:22:58
hayley
Does anyone know where the Intel intrinsic guide was moved to? It's not at <https://software.intel.com/sites/landingpage/IntrinsicsGuide/> and the search tool isn't really helping.
1:23:39
hayley
(It is for Lisp code, not that anyone cares, but I need to check how the instructions work. And I don't know where else you ask a question like that.)
2:50:13
White_Flame
copec: files could be brought together arbitrarily, you could have your own potentially overlapping groupings of views of related toplevel forms, you could have some things (or just their docstrings) always in view for reference, etc
2:50:49
White_Flame
the model of each having a fixed place in a linear file and only a file-based view is limiting and fundamentally disorganized
2:51:27
White_Flame
and yes, the actual storage doesn't have to match what's onscreen at all in terms of how it composes into a saved artifact
2:51:56
White_Flame
it's similar to not having to manually deal with the b-tree structures in your database when you're just grabbing rows or browsing tables
2:52:21
White_Flame
the file's specific format & on-disk layout should just be a hidden implementation detail
2:52:57
White_Flame
however, CL would have to change, as its toplevel forms are not necessarily unordered declarations, but ordered mutations to an image or compilation unit state
6:50:20
pjb
About cryptography, C compilers can also perform optimizations that could be counter-productive to the security of the cryptographic system. Even writing it in assembler is not a guarantee, since the processor itself may have optimization features or other. It may be difficult to find in a processor, instructions that wouldn't leak some RF or some power usage depending on the data being processed.
6:50:58
pjb
That said, those cryptographic system requirements are not something that can be dealt with at the language level, but at the implementation level.
6:51:37
pjb
It is therefore quite possible to design an implementation with an option to generate code that would be adequate to implement cryptgraphic systems.
6:52:42
pjb
(declaim (declaration tempest-protection)) (defun encrypt (message key) (declare tempest-protection) …)
7:06:00
madnificent
pjb: with infinite research budget, introducing unexpected changes into the layers of abstraction sounds like a great way to create issues which are nearly impossible to catch during a code review. one could even introduce them on another layer after the code has been reviewed.
7:07:02
madnificent
I strongly suspect our reality is much simpler and that many issues found in systems are far simpler than incompatibilities between the layers of abstraction but it would be a cool thing to pursue.
7:17:43
jackdaniel
madnificent: but this comes even without such unobvious things like encryption. you assume that when you write a conforming program you are safe, but implementations have bugs and even interpret differently some parts; there may be changes inside the compiler you did not anticipate
7:18:16
pjb
madnificent: well, implementing an algorithm can be validated. In cryptography, the problem is that it's not sufficient to have a correct algorithm. The code must be written so as to minimize physical and logical side effects induced by the execution of the correct code, that could lead to leaking information about the keys or other cryptographic elements.
7:19:09
pjb
Already, running on a VM is bad, since the VM can see what's occuring. But there are solutions: white-box cryptography, where the key are encrypted, and kept encrypted when used.
7:19:53
pjb
But other statistical properties about the keys could be detected from temperature, power, speed variations (physical phenomenon outside of the direct influence of the algorithm and code).
7:20:47
pjb
Perhaps (setf x (* 2 x)) produces more heat when x is full of 1s instead of full of 0s? Perhaps (setf x (ash x 1)) produces the same heat in both cases?
7:21:11
pjb
Depends on the compiler and hardware. Algorithmically, it's the same. Both codes are correct.
7:21:56
pjb
What I'm saying is that it's better to have a compiler option to let it ensure that the code generated from both forms minimize the heat produced and execution speed variation.
7:22:12
pjb
Actually, that it's the only way to ensure that the cryptographic system requirements are met.
7:22:35
pjb
You must include in the requirement fulfillment the specific compiler and hardware, to validate the cryptographic system.
7:23:19
pjb
So, write all the cryptographic code you want, it's not up to the programmer to ensure validity of the final cryptographic system, but up to the integrator who will select the compiler and compiler options, and the hardware.
7:24:40
pjb
Of course, the designers of cryptographic algorithms can help by avoiding things like "if bit 0 of x is 1 then do-something-taking-little-time-and-energy else do-somethign-taking-a-lot-of-time-and-energy".
8:37:21
JeromeLon
Are there any active projects to make a new lisp IDE or to make alternative/radical improvements to emacs/slime? Code or variable extraction, inlining, renaming, real-time warnings, smarter completion, are all taken for granted nowadays, but are not available when using emacs. Presumable these all require the editor to have a deeper understanding of what each character means, which in turns
8:40:50
beach
This paper http://metamodular.com/incremental-parsing.pdf shows how we use READ (the Eclector version of it) to incrementally parse the buffer contents.
8:41:35
beach
Then the plan is to run the code through the first phase(s) of a compiler-like think to determine determine the role of each expression.
8:42:17
beach
From that result, we compute indentation (which I kind of know how to do, but that I haven't worked out the mechanics of yet) and highlighting information.
8:43:13
beach
Then there is the debugger part. This is what I think we should do: http://metamodular.com/SICL/sicl-debugging.pdf