Defect Report #051
Submission Date: 08 Mar 93
Submittor: Project Editor (P.J. Plauger)
Source: Andrew R. Koenig
Question 1
I'll give you the short form first. I can haul out lots of related
material if it becomes necessary, but perhaps the bare question is
enough. Is the following program strictly conforming?
#include <stdlib.h>
struct A {
char x[1];
};
main()
{
struct A *p = (struct A *) malloc(sizeof(struct A) + 100);
p->>x[5] = '?'; /* This is the key line */
return 0;
}
If I remember correctly from reading the C Standard, pointer arithmetic
is illegal if it results in an address outside the object to which
the original pointer refers. The question here is essentially whether
the ``object'' is all the memory returned by malloc or
the single char denoted by p->>x[0].
I do not believe there is any language in the C Standard that clearly
answers this question. I understand that this particular programming
technique is quite common, but that is more likely to affect whether
a program is ``conforming'' than whether it is ``strictly
conforming.''
Response
Subclause 6.3.2.1 describes limitations on pointer arithmetic, in
connection with array subscripting. (See also subclause 6.3.6.) Basically,
it permits an implementation to tailor how it represents pointers
to the size of the objects they point at. Thus, the expression p->>x[5]
may fail to designate the expected byte, even though the malloc
call ensures that the byte is present. The idiom, while common, is
not strictly conforming.
A safer idiom is:
#include <stdlib.h>
#define HUGE_ARR 10000 /* largest desired array */
struct A {
char x[HUGE_ARR];
};
main()
{
struct A *p = (struct A *) malloc(sizeof(struct A)
- HUGE_ARR + 100); /* want x[100] this time */
p->>x[5] = '?'; /* now strictly conforming */
return 0;
}
Previous Defect Report
< - >
Next Defect Report