Why does the online review system crash during an online programming competition?

We all know that various coding platforms nowadays include competitive coding such as GeeksforGeeks, CodeChef, Codeforces, atCoder, SPOJ, HackerRank, HackerEarth, etc. and they should code themselves. Either attach a local editor file (e.g. Sublime Editor) or write directly on the respective editor.

So how to access these test cases or in a simple way we can say our code is compiling and running? On these programming competition platforms, online judges serve as the backbone of code compilation and execution.

Online Judgment

The code submitted by the user is judged, and then compiled and tested in a homogeneous environment, which is completed by online judges. Online judging is divided into systems that support the establishment of competitive programming competitions, enhance education and recruitment processes, facilitate solving data mining challenges, online compilers, and development platforms that integrate as components of other custom systems. Therefore, it will be implemented as an effective system to help students acquire knowledge of data structures and programming skills. The system includes a user interface, a sandbox review environment, assessment scores, and the ability to update reports to a database. In this article, we’ll discuss how online judges break down in programming competitions. This picture will help us better explain how it breaks down.

• Time Limit Completion - Code should be executed at a specific time. Can we set a time limit when threads are executed by default on the operating system?

• Memory Limit Complete - The program should not occupy all the memory on the CPU. How can we change this in a simpler way?

• Stack Overflow Errorr - After tracing a program, the system will know whether the program ran successfully. So how does this information get to us?

The above points all illustrate the problems that occur when the system checks and runs the program. Users can submit any code within the program. How do we determine whether or how malicious a submitted code is.

Some code can execute different processes, or it can investigate your document directory and get some information, or it can run administrative commands, or it can consume the bandwidth of the server. The code can perform a variety of operations. We don't need to allow the system to do this. So the question is, how can we put these licensing guidelines into practice? To handle the above situation, we will explain the following methods -

Way

The technology used to apply system permissions and hardware is called code sandboxing. Web decided to code sandbox in two ways to handle the different scenarios mentioned above.

• The lame way

• The long road to history

Method 1: Lame way

There are few visible online decision-making initiatives that allow developers to try to discover malicious functionality on code before it is executed. For example, if our code is C-based, the decision will first look to see if any lines of code use the "system" phrase. This answer doesn't draw differently because many programming languages ​​don't draw the same way. You can generate features dynamically and touch it in several programming languages, so filtering is not drawn in code. Another thing, what if you want to print "system" as output? This answer would say that the code is malicious, but it's not.

Method 2: The long historical road

In this method, the maximum value determined by the network is valid. This answer is relevant for completely Linux-based systems. Stack overflow/runtime errors can be checked by way of program's return cost. If it is far from 0, then we can say that the system was able to run successfully, if in other cases it crashed.

Memory Limit troubles and time limit restrictions can be provided by using various complete Unix-based libraries. Some programming languages ​​enable this feature of restriction flags by default, such as Java. Time limit bounds and memory limit flaws can be solved by using many complete Unix-based libraries. Some programming languages ​​support this type of boundary flag by default, such as Java.

On Linux, directory permissions are simple. We can simply create a user and allow that user access to some directories and some read/write permissions. You can then solve the document list troubles by executing the application for that user's usage. Additionally, the code cannot run some administrative commands.

Using some libraries (such as Trickle) can also limit community skills. To simply close a security hole, we can set up different libraries and write different code.

in conclusion

If we use Docker or box based entirely on VM (virtual machine), all the above problems can be solved. If we want to have a preliminary memory, we can create a box and preset the community permissions and time limits of the box. With the help of virtual machines, all the troubles can be ignored. There can be alternatives that developers know about. The entire judgment machine in this solution may also appear to be slower than other technologies, but absolutely at scale it is much faster than any other solution and is safer and more sanitized. You can take a look at this GitHub Repo to learn how to use docker for judgment.

The entire judging method is one of the most important parts of online judging. In order to execute a judgment machine, one needs to understand how an operating system works, or how a programming language works.

The above is the detailed content of Why does the online review system crash during an online programming competition?. For more information, please follow other related articles on the PHP Chinese website!