From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED.blaine.gmane.org!not-for-mail From: Philipp Stephani Newsgroups: gmane.emacs.devel Subject: Re: [PATCH] Change module interface to no longer use GMP objects directly. Date: Wed, 20 Nov 2019 22:06:04 +0100 Message-ID: References: <20191117183828.82379-1-phst@google.com> <089f3d06-e227-27da-c8fe-afcbbbbc934a@cs.ucla.edu> Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Injection-Info: blaine.gmane.org; posting-host="blaine.gmane.org:195.159.176.226"; logging-data="206058"; mail-complaints-to="usenet@blaine.gmane.org" Cc: Philipp Stephani , Stefan Monnier , Emacs developers To: Paul Eggert Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Wed Nov 20 22:06:28 2019 Return-path: Envelope-to: ged-emacs-devel@m.gmane.org Original-Received: from lists.gnu.org ([209.51.188.17]) by blaine.gmane.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from ) id 1iXXBC-000rSr-SX for ged-emacs-devel@m.gmane.org; Wed, 20 Nov 2019 22:06:27 +0100 Original-Received: from localhost ([::1]:34472 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iXXBB-00054T-Lp for ged-emacs-devel@m.gmane.org; Wed, 20 Nov 2019 16:06:25 -0500 Original-Received: from eggs.gnu.org ([2001:470:142:3::10]:35571) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iXXB4-00054B-OP for emacs-devel@gnu.org; Wed, 20 Nov 2019 16:06:19 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iXXB3-0008FT-JQ for emacs-devel@gnu.org; Wed, 20 Nov 2019 16:06:18 -0500 Original-Received: from mail-oi1-x242.google.com ([2607:f8b0:4864:20::242]:44855) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1iXXB3-0008FP-Ek for emacs-devel@gnu.org; Wed, 20 Nov 2019 16:06:17 -0500 Original-Received: by mail-oi1-x242.google.com with SMTP id s71so1090660oih.11 for ; Wed, 20 Nov 2019 13:06:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=iTGRFE90eJR82ecRwQbYa6EeSvb0bYNxrSoTKTlk5e4=; b=qvfB/NdcDr69NjY2D8/KrQNEeCPIkK4Xm/5Qw+Uu2W6CkTBlyr5tn/v2Y7WsczaSiE hKr0o3PrqQUq+pZKfN2kabElG6kJuWKpujNPfJzk0oWS8VAa/Z4Hm/RENi+JCFvnNBMP NNjKEDaLRk57jBzq9WqEJkHNL6DTI4XSeTjodD6joJjkhy9rdv0Kq5cfBgTguI8sx5aj NSCO9VWjVgtrn5hqfxjexTw79fzKaSlickQ0MjPnoJku5q2ahszlaOG7DG7EHdyjzvIW dFm0aSjwzHHPNPD5Ni3YMIjrXB+3w+uoysafqice5AUAsFr152qh3H3QKeK8/+GcK71G l0XQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=iTGRFE90eJR82ecRwQbYa6EeSvb0bYNxrSoTKTlk5e4=; b=dx5pYVpAB9Or0K8EQkbwqX51JN1E74ddq4WJDt6viaTaehiAL9cOEl8e+254eVzEs3 77gccDtY1sFgERDPobVz8z/nNNjndPrmL3k+Hc+CsZIsBM/3+llbarf3C030kNP/Jjd0 K5GZ1e0zSW9eqdN+Fpy/mpBsfreg87ofDYI56dT9F/1C2fgy0m1WWTifBCacQO+NhhxP hVCBwewIImAsV2CLqrdsNvCQ/U5W5VxFKjIugiiAYzOmD3Qf0iTSVW2+Mz1EmA3Xzmma ujGM2dDZOLpNNM+lZK7CuYC4KHr4Hzoz+9Mlqa49GjeXtfDKmXp2ED43rVnKCkqQf0is U2cA== X-Gm-Message-State: APjAAAXRsFCwT+f9brwRRgHSOl5LqqkhPHD9DERAfRhbmn5/QhCbjt3/ VnXC6xMkvsx8S5bUvKnXtYyY6a5/wdCNTkgzxU0= X-Google-Smtp-Source: APXvYqzgkN41HgERi+YCQAb+7/Fk6wfRmg4f4AK/LdApEvHrbzpCjbh2jNhIKq8NkftVxpPBSs+oh1SQ4iTPj3iSbOQ= X-Received: by 2002:aca:4945:: with SMTP id w66mr4750684oia.98.1574283976149; Wed, 20 Nov 2019 13:06:16 -0800 (PST) In-Reply-To: X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2607:f8b0:4864:20::242 X-BeenThere: emacs-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Emacs development discussions." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Original-Sender: "Emacs-devel" Xref: news.gmane.org gmane.emacs.devel:242543 Archived-At: Am Di., 19. Nov. 2019 um 22:54 Uhr schrieb Paul Eggert : > > On 11/19/19 1:12 PM, Philipp Stephani wrote: > > > I'm not against a typedef to provide clearer semantics, but then we'd > > also have to define EMACS_LIMB_MAX etc., and I see relatively little > > benefit in that (since we can't realistically change it anyway later). > > I can see a benefit, partly for the cleaner semantics, partly as it lets > us arrange for Emacs limbs to be the same size as GMP limbs. If we can't > realistically change this later, let's do it the better way the first > time. It's easy enough to do; for example, we can define EMACS_LIMB_MAX > to be the equivalent of ((emacs_limb_t) -1). GMP seems to make a very complex series of choices when selecting the limb datatype, which we can't and shouldn't replicate. I guess the best we can do is to use unsigned long long if unsigned long is 4 bytes, and unsigned long otherwise. > > > The current "unsigned long" type is identical to mpz_limb_t on most > > platforms > > unsigned long differs from mpz_limb_t on significant-enough platforms > (MinGW, Cygwin, ...) that it's worth creating an emacs_limb_t to support > those platforms better. I really don't want to pollute the emacs-module header with lots of platform-specific cruft just to support a very specific micro-optimization. > > > I'm not feeling strongly about the function in isolation, but the > > current interface is modeled after the existing copy_string_contents > > Why does copy_string_contents always return true when it returns? If > there's no good reason, let's have the new function use a cleaner API. A > flaw in an old function's API does not require us to have a similar flaw > in the new one. It's not a flaw, just a different design choice. copy_string_contents returns false if and only if it has signaled an error, which is a quite useful invariant. > > >> It should document that this size cannot exceed (min (PTRDIFF_MAX, > >> SIZE_MAX) / sizeof (emacs_limb_t)).... > > > > It's true that this allows > > callers to use malloc without checking for overflow, and it seems this > > already follows from the C standard (can an array with total size > > larger than SIZE_MAX exist?), > It does not follow from the C standard, as there's no requirement > anywhere that Emacs internally must represent each integer as a > contiguous array. > > I found the guarantee useful in the first function I wrote that > attempted to use the proposed API, so that's good evidence that it's > worth documenting. I don't think so, it's a very narrow guarantee that we also don't give for other functions. Each guarantee, however minor, comes with a cost: we need to document it and stick to it forever.