Communities

Writing
Writing
Codidact Meta
Codidact Meta
The Great Outdoors
The Great Outdoors
Photography & Video
Photography & Video
Scientific Speculation
Scientific Speculation
Cooking
Cooking
Electrical Engineering
Electrical Engineering
Judaism
Judaism
Languages & Linguistics
Languages & Linguistics
Software Development
Software Development
Mathematics
Mathematics
Christianity
Christianity
Code Golf
Code Golf
Music
Music
Physics
Physics
Linux Systems
Linux Systems
Power Users
Power Users
Tabletop RPGs
Tabletop RPGs
Community Proposals
Community Proposals
tag:snake search within a tag
answers:0 unanswered questions
user:xxxx search by author id
score:0.5 posts with 0.5+ score
"snake oil" exact phrase
votes:4 posts with 4+ votes
created:<1w created < 1 week ago
post_type:xxxx type of post
Search help
Notifications
Mark all as read See all your notifications »
Q&A

Welcome to Software Development on Codidact!

Will you help us build our independent community of developers helping developers? We're small and trying to grow. We welcome questions about all aspects of software development, from design to code to QA and more. Got questions? Got answers? Got code you'd like someone to review? Please join us.

Comments on Is it undefined behaviour to just make a pointer point outside boundaries of an array without dereferencing it?

Parent

Is it undefined behaviour to just make a pointer point outside boundaries of an array without dereferencing it?

+6
−0

I have heard that it is undefined behaviour to make a pointer point outside boundaries of an array even without dereferencing it. Can that really be true? Consider this code:

int main(void) 
{
    char arr[10];
    char *ptr = &arr[-1];
    char c = *ptr;
}

The line char c = *ptr is obviously bad, because it's accessing out of bounds. But I heard something that even the second line char *ptr = &arr[-1] invokes undefined behaviour? Is this true? What does the standard say?

History
Why does this post require attention from curators or moderators?
You might want to add some details to your flag.
Why should this post be closed?

1 comment thread

General comments (5 comments)
Post
+10
−0

Yes, the second line invokes undefined behavior.

First of all, according to C17 6.5.2.1 regarding array subscripting, an expression E1[E2] is just "syntactic sugar" for *((E1)+(E2))). So what applies here is actually the binary + operator. More info regarding why [] is actually never used with an array operand here.

So your example is equivalent to char *ptr = &*((arr) + (-1));, where arr "decays" into a pointer to the first element. The arr operand ends up as a pointer type and the -1 operand is an integer type.

C17 6.5.6/8 then provides the following text for additive operators:

When an expression that has integer type is added to or subtracted from a pointer, the result has the type of the pointer operand. /--/
If both the pointer operand and the result point to elements of the same array object, or one past the last element of the array object, the evaluation shall not produce an overflow; otherwise, the behavior is undefined.

In this case, the result does not point inside arr so "otherwise, the behavior is undefined".

That is, the evaluation of the + operator is what first causes undefined behavior, before the de-referencing.


We can demonstrate this UB with gcc x86 -O3 by first compiling:

int arr[3] = {1,2,3};
printf("%d\n", arr[0]);

which disassembles into

    mov     edi, offset .L.str
    mov     esi, 1

That is, as part of some calling convention ESI gets directly loaded with the value 1 , equivalent to what would have been stored in arr[0] if the array got allocated. If I change this to printf("%d\n", arr[-1]);, the instruction for setting up ESI is simply removed from the disassembly and I suppose the program prints whatever garbage value that happened to be stored inside ESI. The compiler doesn't even attempt to de-reference the variable by fetching a value from the stack corresponding to memory address arr - 1.

History
Why does this post require attention from curators or moderators?
You might want to add some details to your flag.

1 comment thread

General comments (1 comment)
General comments
klutt‭ wrote over 4 years ago

You were assuming right. I have edited the question, so you might want to remove that part.