Defect Report #178
Submission Date: 06 Feb 96
Submittor: WG14
Source: Frank Farance
Question
Is the following conforming?
struct x
{
char y[1];
};
struct x *z;
z = (struct x *) malloc(sizeof (*z) + 100);
z- y[5] = '?';
Defect Report #051 states that this isn't conforming behavior
because the pointer arithmetic for the larger structure might not be
compatible with a smaller structure. Thus, it recommends the safer
idiom:
#define HUGE_ARR 1000 /* or bigger than ever needed */
struct x
{
char
y[HUGE_ARR];
};
struct x *z;
z = (struct x *) malloc(sizeof (*z) + 100);
z- y[5] = '?';
However, Defect Report #073 states that the safer
idiom is undefined behavior because it is possible to implement the
operator
- as first fetching all of *z, then
selecting y[5] from it. This approach would cause
access to unallocated memory. Thus, the operation produces undefined
behavior.
These responses are inconsistent. At the Oct 95 meeting in Nashua
NH, WG14 indicated that it wanted to designate this as undefined
behavior.
Previous Defect Report