--- a/src/testdir/test_textformat.vim
+++ b/src/testdir/test_textformat.vim
@@ -1303,4 +1303,13 @@ func Test_correct_cursor_position()
   set encoding=utf8
 endfunc
 
+" This was crashing Vim
+func Test_textwdith_overflow()
+  new
+  setl tw=999999999
+  normal 10ig
+  call feedkeys('a ab cd ef', 'xt')
+  bw!
+endfunc
+
 " vim: shiftwidth=2 sts=2 expandtab

--- a/src/textformat.c
+++ b/src/textformat.c
@@ -56,6 +56,7 @@ internal_format(
     colnr_T	leader_len;
     int		no_leader = FALSE;
     int		do_comments = (flags & INSCHAR_DO_COM);
+    int		safe_tw = trim_to_int(8 * (vimlong_T)textwidth);
 #ifdef FEAT_LINEBREAK
     int		has_lbr = curwin->w_p_lbr;
 
@@ -95,7 +96,7 @@ internal_format(
 	// Cursor is currently at the end of line. No need to format
 	// if line length is less than textwidth (8 * textwidth for
 	// utf safety)
-	if (curwin->w_cursor.col < 8 * textwidth)
+	if (curwin->w_cursor.col < safe_tw)
 	{
 	    virtcol = get_nolist_virtcol()
 		+ char2cells(c != NUL ? c : gchar_cursor());
@@ -156,8 +157,7 @@ internal_format(
 	// line to textwidth border every time for each line break.
 	//
 	// Ceil to 8 * textwidth to optimize.
-	curwin->w_cursor.col = startcol < 8 * textwidth ? startcol :
-	    8 * textwidth;
+	curwin->w_cursor.col = startcol < safe_tw ? startcol : safe_tw;
 
 	foundcol = 0;
 	skip_pos = 0;

--- a/src/version.c
+++ b/src/version.c
@@ -705,6 +705,8 @@ static char *(features[]) =
 static int included_patches[] =
 {   /* Add new patch number below this line */
 /**/
+    309,
+/**/
     308,
 /**/
     307,