H
houstorx
I've been looking at the committee draft of the C99 specification,
specifically the one at this URI:
http://www.open-std.org/jtc1/sc22/wg14/www/docs/n843.pdf. I don't have
a copy of the official international standard, but I assume that it is
similar.
The rules for pointer arithmetic (6.5.6.7-8) are appended below for
ease of reference. They seem astonishingly restrictive. As far as I can
see, there is no guarantee that the code:
char *p = malloc(10); /* assume this malloc succeeds */
p[2] = 'x';
will write an 'x' into the third byte of the allocated store; in fact,
the behaviour of that code is completely undefined.
(The expression p[2] is defined to be equivalent to *(p+2); p+2 is not
part of the same array object as p, hence the behaviour is undefined.)
Can that possibly be right? Am I misreading the spec, is the spec
misrepresenting the language (or is there another possiblity)?
In anticipation of your collective wisdom,
Robin
behaves the same as a pointer to the first element of an array of
length one with the type of the object as its element type.
8 When an expression that has integer type is added to or subtracted
from a pointer, the result has the type of the pointer operand. If the
pointer operand points to an element of an array object, and the array
is large enough, the result points to an element offset from the
original element such that the difference of the subscripts of the
resulting and original array elements equals the integer expression. In
other words, if the expression P points to the i-th element of an array
object, the expressions (P)+N (equivalently, N+(P)) and (P)-N (where N
has the value n) point to, respectively, the i+n-th and i-n-th
elements of the array object, provided they exist. Moreover, if the
expression P points to the last element of an array object, the
expression (P)+1 points one past the last element of the array object,
and if the expression Q points one past the last element of an array
object, the expression (Q)-1 points to the last element of the array
object. If both the pointer operand and the result point to elements of
the same array object, or one past the last element of the array
object, the evaluation shall not produce an overflow; otherwise, the
behavior is undefined. If the result points one past the last element
of the array object, it shall not be used as the operand of a unary *
operator that is evaluated.
specifically the one at this URI:
http://www.open-std.org/jtc1/sc22/wg14/www/docs/n843.pdf. I don't have
a copy of the official international standard, but I assume that it is
similar.
The rules for pointer arithmetic (6.5.6.7-8) are appended below for
ease of reference. They seem astonishingly restrictive. As far as I can
see, there is no guarantee that the code:
char *p = malloc(10); /* assume this malloc succeeds */
p[2] = 'x';
will write an 'x' into the third byte of the allocated store; in fact,
the behaviour of that code is completely undefined.
(The expression p[2] is defined to be equivalent to *(p+2); p+2 is not
part of the same array object as p, hence the behaviour is undefined.)
Can that possibly be right? Am I misreading the spec, is the spec
misrepresenting the language (or is there another possiblity)?
In anticipation of your collective wisdom,
Robin
7 For the purposes of these operators, a pointer to a nonarray objectFrom section 6.5.6 "Additive operators":
behaves the same as a pointer to the first element of an array of
length one with the type of the object as its element type.
8 When an expression that has integer type is added to or subtracted
from a pointer, the result has the type of the pointer operand. If the
pointer operand points to an element of an array object, and the array
is large enough, the result points to an element offset from the
original element such that the difference of the subscripts of the
resulting and original array elements equals the integer expression. In
other words, if the expression P points to the i-th element of an array
object, the expressions (P)+N (equivalently, N+(P)) and (P)-N (where N
has the value n) point to, respectively, the i+n-th and i-n-th
elements of the array object, provided they exist. Moreover, if the
expression P points to the last element of an array object, the
expression (P)+1 points one past the last element of the array object,
and if the expression Q points one past the last element of an array
object, the expression (Q)-1 points to the last element of the array
object. If both the pointer operand and the result point to elements of
the same array object, or one past the last element of the array
object, the evaluation shall not produce an overflow; otherwise, the
behavior is undefined. If the result points one past the last element
of the array object, it shall not be used as the operand of a unary *
operator that is evaluated.