Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve safety of BIO api #751

Merged
merged 11 commits into from Aug 5, 2023
Merged

Improve safety of BIO api #751

merged 11 commits into from Aug 5, 2023

Conversation

vyzo
Copy link
Collaborator

@vyzo vyzo commented Aug 4, 2023
edited

The bio extension methods erroneously assume that the buffer is an input-buffer; this is blatantly false with delimited input buffers, and also alternative implementations of buffers if someone is so inclined.

This fixes the problem by checking the exact type and only apply the dangerous stuff if it is an exact instance; otherwise fallback to generic methods. This applies for the inline methods and also read-char/peek-char.

This in turn necessitated the introduction of a put-back method to the BufferedReader interface, otherwise generic read-char and peek-char implementations are impossible to implement correctly. I reckon this will be generally useful for parsers, so it's not abstraction leakage.

It also fixes the issue with get-buffer-output-* not flushing the buffer before retrieving the output.

And while at it, it separates input from output file io so that we can't cast one to the other; the file is open in different directions.

@vyzo
Improve safety of BIO api
88b6ef9 
The bio extension methods _erroneously_ assume that the buffer is an
input-buffer; this is blatantly false with delimited input buffers,
and also alternative implementations of buffers if someone is so
inclined.

This fixes the problem by checking the exact type and only apply the
dangerous stuff if it is an exact instance; otherwise fallback to
generic methods. This applies for the inline methods and also
read-char/peek-char.

This in turn necessitated the introduction of a `put-back` method to
the BufferedReader interface, otherwise generic read-char and
peek-char implementations are impossible to implement correctly.
I reckon this will be generally useful for parsers, so it's not
abstraction leakage.

It also fixes the issue with get-buffer-output-* not flushing the
buffer before retrieving the output.
@vyzo vyzo requested a review from fare August 4, 2023 17:21
@vyzo vyzo mentioned this pull request Aug 4, 2023
Merged
1 task
@vyzo vyzo added this to the Gerbil18 milestone Aug 4, 2023
@vyzo
refactor defreader/writer-ext to avoid duplication of code.
bb67933
@vyzo
Separate input from output file io.
e5e8d9a 
So that we can't cast from one to the other, which would be a disaster
as the file is open in different directions.
fare
fare reviewed Aug 5, 2023
View reviewed changes
doc/reference/stdio.md Show resolved Hide resolved
src/std/io/bio/delimited.ss Outdated Show resolved Hide resolved
src/std/io/bio/inline.ss Show resolved Hide resolved
@vyzo
deduplicate code
e43c830
@vyzo
build-deps
3926b8d
@vyzo
remove put-back restrictions in delimited input buffers
05e6073
@vyzo
update stdio docs
367ee49 
- add notes for put-back behavior.
- add thread safety notes for general Reader/Writer behavior.
@vyzo
errata
f496789
fare
fare approved these changes Aug 5, 2023
View reviewed changes
doc/reference/stdio.md Outdated Show resolved Hide resolved
doc/reference/stdio.md Outdated Show resolved Hide resolved
src/std/io/bio/delimited.ss Outdated Show resolved Hide resolved
src/std/io/bio/inline.ss
(bio-read-u8 bio))))))
(if (is-input-buffer? reader)
(let ()
(declare (not interrupts-enabled))
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe a without-interrupts macro would be useful?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nah, i prefer to see the declaration.

Copy link
Collaborator Author

@vyzo vyzo Aug 5, 2023
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I dont want to encourage people to disable interrupts right and left.

src/std/io/bio/input.ss Show resolved Hide resolved
src/std/io/bio/input.ss
(begin
(put-back! buf 0 previous-input)
(set! (&input-buffer-rhi bio) prevlen)
(void))))))))
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That makes consecutive put-backs expensive. Maybe worth noting in the documentation?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yeah, thats why the list.
Maybe worth adding a note.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nah, it is not really deterministic on how much it will cost; it is usually cheap, but sometimes it can be expensive.

src/std/io/bio/inline.ss Show resolved Hide resolved
@vyzo vyzo merged commit b096231 into master Aug 5, 2023
7 checks passed
@vyzo vyzo deleted the bio-safety branch August 5, 2023 22:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fare fare fare approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
Gerbil v0.18: Nimzowitsch
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@vyzo @fare