[M3devel] Moving ahead with Modula3. Making my code safe.

[wagner at elegosoft.com]

Quoting Chris <Highjinks at gmx.com>:

> Alright, I'm finally comfortable enough with Modula3 to start doing   
> some serious work with it.

That sounds promising :-)

> However, I'm now in the process of learning how to do things the   
> Modula3 way. Or probably more correctly, writing things that are   
> easily managed by other Modula3 developers.
>
> What is the "proper" Modula3 way of taking an unsafe interface to an  
>  external library and making it "safe" for the purposes of my fellow  
>  Modula3 developers? I know how I would it with Ada and GNAT GPL;  
> but  even though the languages are similiar, the environments are  
> quite a  bit different.

I don't think you can really make external C and C++ code safe in
the sense that Modula-3 code is safe. What you can do is to make sure
that the types are mapped correctly, there are no memory leaks and
memory overwrites, that all parameters actually are in the expected
range, and the returned values are interpreted correctly in the enclosing
M3 code. Interfaces to C or C++ are never safe. You can do your best
to make the module that uses them safe, i.e. there should be no undetected
runtime error or unnoticed side-effect by calling methods of your module.

> The same thing goes for pretty much everything else. I really want   
> to nail down my libraries and make them as bulletproof as possible.

Yes, that's the general idea :-)

> I'd like to make everything as exception free as possible. This   
> means very few uses of the "RAISES" keyword. If a properly defined   
> function returns a predefined error, I dont consider that   
> exceptional. I typically consider any undefined behavior to be   
> exceptional.

This depends. Exceptions, as the name suggests, should be used
for exceptional situations that occur rather infrequently. They may
also impose some performance penalty depending on their implementation.
The usual, error-free code path should not involve any exceptions.

> Also, does Modula3 provide any facilities for Synchronous threads   
> and/or State Machines/Automata, or do these all have to be coded   
> manually?

Offhand, I don't know of any modules for coroutines or finite state
machines. Regarding lexical analysis, you will surely find some
FSM-based scanner generators in the compiler tools (caltech-parser).

> One last question, in regards to threads...how do I get access to   
> Atomic ops? Typically I like to prefetch a dataset into the   
> processors data cache and do most of my operations there. I can   
> doubletime it on a multicore processor, assuming I dont have to use   
> Mutexes and such.

Atomic operations on processor level are or course very platform
specific, and are not exposed in the standard libraries. The standard
way to synchronize resource access and make certain operations atomic
from an external view is to use mutexes, which are defined in the
Thread interface. If this is too high-level or inefficient for
certain purposes, Antony Hosking has recently added some generic
atomics support in m3core/src/atomic/Atomic.ig. I'm pretty sure it
is only in the current head though, and don't know if it's really
already implemented on all target platforms.

> Any tips, pointers, or articles you might recommend?
The language definition as well as a tutorial and a bibliography
are online, though I'm afraid that several of the links to external
resources are outdated. You surely have browsed through the documentation
section of http://www.opencm3.net/?

Hope this helps,

Olaf