Re: Dynamic modules: MODULE_HANDLE_SIGNALS etc.

From: Eli Zaretskii
Subject: Re: Dynamic modules: MODULE_HANDLE_SIGNALS etc.
Date: Sun, 03 Jan 2016 19:39:45 +0200

> Cc: address@hidden
> From: Daniel Colascione <address@hidden>
> Date: Sun, 3 Jan 2016 09:22:32 -0800
> > IOW, a requirement as fundamental as safety-criticality _does_ affect
> > the design and the techniques allowed during implementation.  I submit
> > that this is a fundamental software engineering issue which cannot be
> > cast away, and as long as Daniel misinterprets it, we can never agree
> > on anything.  Because in safety-critical software, even a single nasty
> > crash can be fatal, something that is very far from what Emacs can do.
> You're creating a false dichotomy between safety-critical software and
> everything else. Emacs merely not avionics-grade software does not
> excuse the use of techniques that are both inherently incorrect and that
> add no real value and quite a bit of real danger.

It's not false dichotomy, it's real.  That you misunderstand this
crucial issue is the root cause of this dispute and of our fundamental
disagreement.  You are applying theory outside of its domain of

> You have *still* not presented any evidence, not one shred, that we have
> a real stack overflow problem that makes it worth relying on more than
> the auto-save functionality and that makes it worth reaching for unsafe
> and completely undefined behavior.

Not sure what evidence you are looking for.  Does the fact that 2 not
entirely stupid Emacs developers, each one with years of hacking Emacs
on their record, disagree with you constitute such an evidence?

> All you have is your assertion that Emacs is not safety-critical
> software, we can should use this technique, which you have not
> demonstrated saves anyone anything and which I have demonstrated is
> completely unsafe.

We are not looking for safe techniques.  That's exactly your mistake.
We are looking for pragmatically helpful techniques.

