On 24/01/2020 12:41 am, Andrew Haley wrote:
On 1/23/20 10:22 AM, David Holmes wrote:
That aside IIRC the overflow check is not ideal here because we already
enter undefined behaviour territory inside align_up if we actually
overflow.
How is that possible? size_t is an unsigned type, and unsigned types
never overflow.
Yes you are right, I was not recalling the rules correctly. So the
addition to the size_t is guaranteed to wrap and so the < test is valid.
Sorry for the noise on that.
It may still be cleaner if the Java side enforces a maximum of
Integer.MAX_VALUE for 32-bit.
Thanks,
David
On a 32-bit box, 0 <= size < 2**32. So -- in theory at
least -- you could allocate more than 2G.
