Previous: C99 features avoided, Up: Portability guidelines [Contents][Index]
The GNU coding standards allow one departure from strict C: Gnulib
code can assume that standard internal types like
ptrdiff_t
and size_t
are no
wider than long
. POSIX requires implementations to support at
least one programming environment where this is true, and such
environments are recommended for Gnulib-using applications. When it
is easy to port to non-POSIX platforms like MinGW where these types
are wider than long
, new Gnulib code should do so, e.g., by
using ptrdiff_t
instead of long
. However, it is not
always that easy, and no effort has been made to check that all Gnulib
modules work on MinGW-like environments.
Gnulib code makes the following additional assumptions:
int
and unsigned int
are at least 32 bits wide. POSIX
and the GNU coding standards both require this.
Previously, Gnulib code sometimes also assumed that signed integer arithmetic wraps around, but modern compiler optimizations sometimes do not guarantee this, and Gnulib code with this assumption is now considered to be questionable. See Integer Properties.
Although some Gnulib modules contain explicit support for the other signed integer representations allowed by the C standard (ones’ complement and signed magnitude), these modules are the exception rather than the rule. All practical Gnulib targets use two’s complement.
memset (A, 0, sizeof A)
initializes an array A
of
pointers to NULL.
intptr_t
and uintptr_t
exist, and pointers
can be converted to and from these types without loss of information.
ptrdiff_t
or size_t
values, then S + T
cannot overflow.
(char *) &O <= (char *) P && (char *) P <
(char *) (&O + 1)
.
uintptr_t
, except that offsets are
multiplied by the size of the pointed-to objects.
For example, if P + I
is a valid expression involving a pointer
P and an integer I, then (uintptr_t) (P + I) ==
(uintptr_t) ((uintptr_t) P + I * sizeof *P)
.
Similar arithmetic can be done with intptr_t
, although more
care must be taken in case of integer overflow or negative integers.
P
has alignment A
if and only if
(uintptr_t) P % A
is zero, and similarly for intptr_t
.
S + T
cannot overflow.
Overflow in this case would mean that the rest of your program fits
into T bytes, which can’t happen in realistic flat-address-space
hosts.
0 + (char *) NULL == (char *) NULL
.
Some system platforms violate these assumptions and are therefore not Gnulib porting targets. See Unsupported Platforms.
Previous: C99 features avoided, Up: Portability guidelines [Contents][Index]