Pointer increment

[braton]

Hello

I'm wondering about the following thing:

Let's define variable and set a pointer to points to it:

int a = 0;
int * p_a = &a;

Now, according to C99, clause 6.5.6.7 I can treat pointer to "a"
like a pointer to the first element of the array of length 1 for
the purpose of additive operators. So after:

p_a++;

my pointer points to one past last element of the array and
it seems to be ok. But what about the following next statement:

++p_a;

I found the following part of clause 8 a bit unclear:

"If both the pointer operand and the result point to elements of the
same
array object, or one past the last element of the array object, the
evaluation
shall not produce an overflow; otherwise, the behavior is undefined."

The question is:
the behaviour is undefined when I just incremented pointer more than
one past last
element of the array or it is undefined when I dereference such
incremented pointer.
If the former could somebody give an example of architecture where
just setting
pointer that way produces some sort of exception.

Thanks for your help

 

[santosh]

Hello

I'm wondering about the following thing:

Let's define variable and set a pointer to points to it:

int a = 0;
int * p_a = &a;

Now, according to C99, clause 6.5.6.7 I can treat pointer to "a"
like a pointer to the first element of the array of length 1 for
the purpose of additive operators. So after:

p_a++;

my pointer points to one past last element of the array and
it seems to be ok. But what about the following next statement:

++p_a;
Identical.


I found the following part of clause 8 a bit unclear:

"If both the pointer operand and the result point to elements of the
same
array object, or one past the last element of the array object, the
evaluation
shall not produce an overflow; otherwise, the behavior is undefined."

The question is:
the behaviour is undefined when I just incremented pointer more than
one past last
element of the array or it is undefined when I dereference such
incremented pointer.
If the former could somebody give an example of architecture where
just setting
pointer that way produces some sort of exception.

Thanks for your help

It is allowed to point to one past an object, but not to actually access
that location. No such guarantees for one before the object.

 

[Eric Sosman]

Hello

I'm wondering about the following thing:

Let's define variable and set a pointer to points to it:

int a = 0;
int * p_a = &a;

Now, according to C99, clause 6.5.6.7 I can treat pointer to "a"
like a pointer to the first element of the array of length 1 for
the purpose of additive operators. So after:

p_a++;

my pointer points to one past last element of the array and
it seems to be ok. But what about the following next statement:

++p_a;

It depends on what you mean by "following next." If you
mean to ask about `++p_a' *instead of* `p_a++', the effect is
identical. If you mean to ask about `++p_a' *after* `p_a++'
has already been executed, the outcome is undefined.

I found the following part of clause 8 a bit unclear:

"If both the pointer operand and the result point to elements of the
same
array object, or one past the last element of the array object, the
evaluation
shall not produce an overflow; otherwise, the behavior is undefined."

It's worded circularly: The definedness or undefinedness
rests on "the result," but the result itself is the thing in
question. I think if you read the rest of paragraph 8 and
ignore the final sentence it may make more sense. Note the
care with which the notion of "one past the end" is handled:
the Standard doesn't say there's an object at this location,
merely that the result of incrementing a pointer to the final
location is defined, and the result of decrementing that value
is also defined (and so is equivalent arithmetic starting and
ending at other in-the-array positions).

The question is:
the behaviour is undefined when I just incremented pointer more than
one past last
element of the array or it is undefined when I dereference such
incremented pointer.

Both.

If the former could somebody give an example of architecture where
just setting
pointer that way produces some sort of exception.

"Exception" is not the only manifestation of undefined
behavior. Maybe the invalid increment produces a NULL, or
maybe it leaves the value unchanged (so `++p, --p' might not
return to the starting point), or maybe it does something
else. "Undefined behavior" just means that the Standard does
not define the outcome, not that the outcome must be a trap
or exception or anything of the kind.

The IBM AS/400 is often cited as an example of a system
that enforces limits on pointer arithmetic, at least under
some circumstances. I haven't used one myself, but a colleague
who has once told me about something very like your case: The
code incremented a pointer past the end of a malloc()'ed area
and then tried to decrement back into range again, only to find
that the increment had yielded a pointer value that was marked
as "invalid," and that the "invalid" marker remained set no
matter what subsequent arithmetic was done on the value.

 

[Ben Bacarisse]

Let's define variable and set a pointer to points to it:

int a = 0;
int * p_a = &a;

Now, according to C99, clause 6.5.6.7 I can treat pointer to "a"
like a pointer to the first element of the array of length 1 for
the purpose of additive operators. So after:

p_a++;

my pointer points to one past last element of the array and
it seems to be ok. But what about the following next statement:

++p_a;

I found the following part of clause 8 a bit unclear:

"If both the pointer operand and the result point to elements of the
same
array object, or one past the last element of the array object, the
evaluation
shall not produce an overflow; otherwise, the behavior is
undefined."

You'd have to say what you find unclear. To me it is clear. The fist
pointer increment is OK, the second is not.

The question is:
the behaviour is undefined when I just incremented pointer more than
one past last
element of the array or it is undefined when I dereference such
incremented pointer.

The pointer arithmetic itself gives the UB. You get UB if you
de-reference the "one past the end" pointer, but just computing the
next pointer is not permitted.

If the former could somebody give an example of architecture where
just setting
pointer that way produces some sort of exception.

A system where every object is in its own bounded memory segment would
be one. I think some ICL machines could do this. Cambridge
University made a machine with hardware security where every object
was in hardware-checked segment and the pointer had access permission
information in it.

Of course, standards are there so your code will also work on machines
not yet designed.