[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: size_t vs EMACS_INT

From: Eli Zaretskii
Subject: Re: size_t vs EMACS_INT
Date: Sat, 16 Jul 2011 10:13:05 +0300

> Date: Fri, 15 Jul 2011 14:52:56 -0700
> From: Paul Eggert <address@hidden>
> CC: address@hidden
>     EMACS_INT new_point = PT + XINT (n);
> This code is currently safe, since C code can always safely add
> two Emacs fixnums, and the addition can't possibly overflow at the C level.
> But if fixnums could equal TYPE_MAXIMUM (EMACS_INT),
> this code would be unsafe and we would have to add a run-time
> check for integer overflow.

But this issue exists with any addition of two integer values of the
same type in a C program.  And yet gobs of C programs do that without
testing for overflow before each addition.  Why should Emacs be

Also, the fact that the underlying C data type cannot overflow doesn't
save us from disasters, because calling make_number on the result
could still "kind of" overflow, when it bit-shifts the value.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]