Re: Preview: portable dumper

[Andy Moreton]

On Sat 17 Feb 2018, Eli Zaretskii wrote:
> Since MAX_RW_COUNT is less than INT_MAX, we have no real problem here
> for MS-Windows, as 'nbyte' will never overflow an unsigned int.  We
> could add an eassert there, for Windows only, though, to make this
> assumption explicit.

Comments mentioning MAX_RW_COUNT show that somebody checked an invariant
when writing the comment, but they do not guarantee that the invariant
will continue to be maintained in future versions of emacs. A check that
can be enforced by the compiler is preferable.

> As for pdumper, we could do one of 2 things:
>
>  . make a reasonable assumption that no .pdmp file will ever be larger
>    than 2GB, change the assertion there which checks against SSIZE_MAX
>    to check against UINT_MAX instead, and work internally with
>    unsigned int instead of size_t counts; or

This seems perfectly reasonable, and is the current implementation,
albeit checking for INT_MAX.

>  . write a separate Windows-specific version of dump_read_all, which
>    in the 64-bit build would limit to UINT_MAX the number of bytes we
>    read on each iteration through the loop.

This offers more opportunity for divergent implementations, so the other
option is preferable.

> Daniel, which of these 2 alternatives do you prefer?  Or does anyone
> have a better proposal?  (I already considered rewriting the code in
> w32.c:sys_read so that it accepts a size_t last argument, and decided
> it was unjustified for this single caller, as all the other direct
> calls to 'read' in Emacs either use fixed small byte counts, or are
> not compiled in the Windows build.)

Is there a gnulib replacement for read() that works for emacs, so that
we could use the proper prototype even on Windows ? If so we could get
rid of sys_read etc.

    AndyM