[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Dynamic loading progress

From: Philipp Stephani
Subject: Re: Dynamic loading progress
Date: Fri, 20 Nov 2015 19:29:49 +0000

Paul Eggert <address@hidden> schrieb am Fr., 20. Nov. 2015 um 01:03 Uhr:
On 11/19/2015 03:57 PM, Philipp Stephani wrote:
> Thanks. I saw you changed some other members to ptrdiff_t (the public
> size members of emacs_runtime and emacs_env), is that intentional, and
> if so, what is the reason?

As a general rule, in Emacs source code we prefer signed arithmetic to
unsigned, because the latter is so error prone when it comes to
comparisons. Also, signed arithmetic allows for better low-level
checking, e.g., with -fsanitize=undefined. (There are a few exceptions,
e.g., hash values, but they're relatively rare.)  So the module
interface should encourage the use of signed integer arithmetic when

This is generally a good practice.
However for the size members I think there's still a slight advantage in using size_t. This member will typically be used as follows:

if (env->size >= sizeof *env) {
  // good, object is at least as big as expected
} else {
  // Emacs is too old

The return type of sizeof is size_t. Using ptrdiff_t for the size member means that this is now a comparison between types of different signedness. Such comparisons are rather subtle, and compilers warn about them (e.g. clang with -Wextra). So I'd suggest th avoid such comparisons. As we never do any arithmetic with the size members, the wrap-around behavior is not an issue in this case.

It might also be useful to support modules that, for whatever reason,
cannot deal with signed integers and must use unsigned integers. That
could be something we add later, if necessary.

I think we always expect a reasonably standard C or C++ compiler, which has to support signed integers.

> Anyway, emacs-module.h now lacks an #include <stddef.h>.

Thanks, fixed now.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]