[M3devel] [M3commit] CVS Update: cm3

Jay K jay.krell at cornell.edu
Wed Jul 22 00:37:49 CEST 2009


Correct. Unless this stuff is "well known" -- like the chmod values -- the code was wrong and/or highly platform specific, yet blithely did the same thing for all platforms. struct termio ws declared as merely an array of 500 char. Just an arbitrary size hoped to be large enough? Or known to be surely large enough? Or even exactly the right size?
There was also a race condition in the initialization, typical, though arguably there still is.
"Look at the code, not just checkin comments or the file extensions" I like to think to advise people.
Except for .sh and .cmd, that I can indict just by extension. :)
 
 
As I understand, when writing C code to interface to Modula-3, one has to really think about it before marking the interface as safe.
For example, the C code I provided trusts the pointers it is given. So it is probably not safe.
I would probably need to check the struct termios I get and compare them to the two known ones and only dereference them if it is one of them.
NULL could also be deemed ok, as long as I silently did nothing with it, no dereference.
 
 
 - Jay

----------------------------------------
> From: hosking at cs.purdue.edu
> To: jay.krell at cornell.edu
> Subject: Re: [M3devel] [M3commit] CVS Update: cm3
> Date: Tue, 21 Jul 2009 14:25:44 -0400
> CC: rcoleburn at scires.com; m3devel at elegosoft.com
>
> I assume the argument here is the same as for the POSIX interfaces.
>
> Sent from my iPhone
>
> On Jul 21, 2009, at 1:53 PM, jay.krell at cornell.edu wrote:
>
>> I might have left it able to be called safe. Honestly I look more
>> for human verifiable safety and correctness and it lacked those
>> before and now does not. If that coincides with machine verifable
>> safety, great. Either way you need C here for correctness and
>> safety. It isn't 'nasty'. Not using C here would be nasty. I think
>> you have it backwards. UNLESS the sizes and constants here are well
>> known but reading docs quickly I didn't see that. Unsafe does not
>> imply not portable.
>>
>> - Jay (phone)
>>
>> On Jul 21, 2009, at 9:03 AM, Tony Hosking 
>> wrote:
>>
>>> Hear, hear!
>>>
>>>
>>> Sent from my iPhone
>>>
>>> On Jul 21, 2009, at 11:17 AM, "Randy Coleburn"
>>> wrote:
>>>
>>>> Granted, I see that Term.m3 is an UNSAFE module, so that by
>>>> definition means it is not portable.
>>>> Why though do we want to replace it by nasty C code where non-
>>>> portable stuff can be easily hidden? This is Modula-3. Why not
>>>> fix the Modula-3 code so that it doesn't have to be UNSAFE? (My 2
>>>> cents.)
>>>> --Randy
>>>>
>>>>>>> Jay Krell 7/21/2009 11:55 AM>>>
>>>> CVSROOT:/usr/cvs
>>>> Changes by:jkrell at birch.09/07/21 11:55:36
>>>>
>>>> Added files:
>>>> cm3/caltech-parser/term/src/: TermC.c
>>>>
>>>> Log message:
>>>> initial copy of dangerous non portable Term.m3 to rewrite portably
>>>> and have it do nothing silently on Win32 which should suffice, or
>>>> if not, can probably be done better, specifically the MakeRaw
>>>> function
>>>>
>>>>
>>>


More information about the M3devel mailing list