Paul Eggert wrote:
> > ! size_t nplus = n + sizeof (small_t) + 2 * sa_alignment_max - 1;
> For expressions like these, it's a bit better to parenthesize the value
> added to N, mostly because it makes it clearer to the reader that we're
> just adding a constant. Also, on (admittedly-weird) platforms where
> SIZE_MAX <= INT_MAX, it avoids undefined behavior in some
> (admittedly-unusual) cases.
Regarding the parentheses, I disagree: If we put parentheses they should
be like this:
size_t nplus = (n + sizeof (small_t)) + (2 * sa_alignment_max - 1);
because we want n + sizeof (small_t) consecutive bytes in memory, and the
other summand is for the alignment. Parenthesizing it in the way you suggest
would make the expression _more_ confusing.
I don't see any potential for undefined behaviour: we are taking a size_t
expression and adding a small constant (> 0, < 100). Undefined behaviour
in addition occurs only when signed integers overflow. If SIZE_MAX <= INT_MAX
we know that INT_MAX >= 2*SIZE_MAX-1 > SIZE_MAX + 100, therefore no 'int'
overflow is possible here.
Bruno
