Don't use pointer arithmetic for untagging Lisp values

* src/lisp.h (XUNTAG):
Instead of casting a Lisp value to char * and subtracting the tag,
cast it to a suitable integral type and work on that.

This should result in identical or at least equivalent code, except
that it avoids potential problems arising from the restrictions on
pointer arithmetic in C.  In particular, a null pointer can be neither
an operand in nor the result of pointer arithmetic.

C compilers know this and would, prior to this change, optimise

  XUNTAG(obj, Lisp_Int0, mytype) != NULL

to 1.  This means, for example, that make_pointer_integer and
XFIXNUMPTR could not be entrusted with null pointers, and
next_vector in alloc.c was unsafe to use.

diff --git a/src/lisp.h b/src/lisp.h
index 50b68f2e7678833e2b91dfd5dcb0f4aaa9603eaf..35a88d9b238d503554f62f24f32605ef910d53a0 100644 (file)
--- a/src/lisp.h
+++ b/src/lisp.h
@@ -811,7 +811,7 @@ INLINE void
    extracted pointer's type is CTYPE *.  */
 
 #define XUNTAG(a, type, ctype) ((ctype *) \
-                               ((char *) XLP (a) - LISP_WORD_TAG (type)))
+                               ((uintptr_t) XLP (a) - LISP_WORD_TAG (type)))
 
 /* A forwarding pointer to a value.  It uses a generic pointer to
    avoid alignment bugs that could occur if it used a pointer to a