The principal maintainers of this code are Eric S. Raymond and Jason
Ninneman. Eric received Don Woods's encouragement to update and ship
the game; Jason signed on early in the process to help. The assistance
-of Peje Nilson in restructuring some particularly grotty gotos is
-gratefully acknowledged.
+of Peje Nilsson in restructuring some particularly grotty gotos is
+gratefully acknowledged. Petr Voropaev contributed fuzz testing.
== Nomenclature ==
The adventure.text file is no longer required at runtime. Instead, it
is compiled at build time to a source module containing C structures,
-which is then linked to the advent binary.
+which is then linked to the advent binary. There is an adventure.yaml file
+as well; this is also compiled to C code, and will eventually replace
+adventure.text altogether.
-The game-save format has changed. This was done to simplify
-FORTRAN-derived code that formerly implemented these functions;
-without C's fread(3)/fwrite() and structs it was necessarily pretty
-ugly by modern standards. Encryption and checksumming have been
-discarded - it's pointless to try tamper-proofing saves when everyone
-has the source code.
+The game-save format has changed. This was done to simplify the
+FORTRAN-derived code that formerly implemented the save/restore
+functions; without C's fread(3)/fwrite() and structs it was
+necessarily pretty ugly by modern standards. Encryption and
+checksumming have been discarded - it's pointless to try
+tamper-proofing saves when everyone has the source code.
+
+A -r command-line been added. When it is given (with a file path
+argument) it is functionally equivalent to a RESTORE command.
== Translation ==
Jason Ninneman and I have moved it to what is almost, but not quite,
idiomatic modern C. We refactored the right way, checking correctness
-against a comprehesive test suite that we built first and verified with
-coverage tools. This is what you are running when you do "make check".
+against a comprehensive test suite that we built first and verified
+with coverage tools (we now have over 90% coverage, with the remaining
+confined to exception cases that are very difficult to reach). This is
+what you are running when you do "make check".
-This move entailed some structural changes. The most important was
-the refactoring of over 350 gotos into if/loop/break structures. We
-also abolished almost all shared globals; the main one left is a
-struct holding the game's saveable/restorable state.
+The move to modern C entailed some structural changes. The most
+important was the refactoring of over 350 gotos into if/loop/break
+structures. We also abolished almost all shared globals; the main one
+left is a struct holding the game's saveable/restorable state.
The original code was greatly complicated by a kind of bit-packing
that was performed because the FORTRAN it was written in had no string
abstraction, but this is one of the rare cases in which they are
an obvious improvement over what they're displacing...
+We have also conducted extensive fuzz testing on the game using
+afl (American Fuzzy Lop). We've found and fixed some crashers in
+our new code (which occasionally uses malloc(3)) but none as yet
+in Don's old code (which didn't).
+
The code falls short of being fully modern C in the following
ways:
and the choice to refrain will make forward translation into future
languages easier.
-* There are a few gotos left that resist restructuring; all of these
- are in the principal command interpreter function implementing its
- state machine.
+* There are a few gotos left that resist restructuring; all are in the
+ principal command interpreter function implementing its state
+ machine.
* Linked lists (for objects at a location) are implemented using an array
of link indices. This is a surviving FORTRANism that is quite unlike
to fix it because doing so would (a) be quite difficult, and (b)
compromise forward-portability to other languages.
-* The code still has an unfortunately high density of magic numbers - in
- particular, numeric object and room IDs. There are plans to fix this.
-
* Much of the code still uses FORTRAN-style uppercase names.
+* The code still assumes one-origin array indexing. Thus, arrays are
+ a cell larger than they strictly need to be and cell 0 is unused.
+
* The code is still mostly typeless, slinging around machine longs
like a FORTRAN or BCPL program. Some (incomplete) effort has been made
to introduce semantic types.
projects / open-adventure.git / blobdiff