From 056c99a34c143e1b5162366db07a143ac2b10631 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Mattias=20Engdeg=C3=A5rd?= <mattiase@acm.org>
Date: Mon, 28 Aug 2023 11:13:10 +0200
Subject: [PATCH] Don't use pointer arithmetic for untagging Lisp values

* src/lisp.h (XUNTAG):
Instead of casting a Lisp value to char * and subtracting the tag,
cast it to a suitable integral type and work on that.

This should result in identical or at least equivalent code, except
that it avoids potential problems arising from the restrictions on
pointer arithmetic in C.  In particular, a null pointer can be neither
an operand in nor the result of pointer arithmetic.

C compilers know this and would, prior to this change, optimise

  XUNTAG(obj, Lisp_Int0, mytype) != NULL

to 1.  This means, for example, that make_pointer_integer and
XFIXNUMPTR could not be entrusted with null pointers, and
next_vector in alloc.c was unsafe to use.
---
 src/lisp.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/lisp.h b/src/lisp.h
index 50b68f2e767..35a88d9b238 100644
--- a/src/lisp.h
+++ b/src/lisp.h
@@ -811,7 +811,7 @@ INLINE void
    extracted pointer's type is CTYPE *.  */
 
 #define XUNTAG(a, type, ctype) ((ctype *) \
-				((char *) XLP (a) - LISP_WORD_TAG (type)))
+				((uintptr_t) XLP (a) - LISP_WORD_TAG (type)))
 
 /* A forwarding pointer to a value.  It uses a generic pointer to
    avoid alignment bugs that could occur if it used a pointer to a
-- 
2.39.5