This issue has been automatically converted from the original issue lists and some formatting may not have been preserved.
Authors: Frank Farance, WG14
Date: 1996-02-06
Submitted against: C90
Status: Closed
Cross-references: 0051, 0073
Converted from: dr.htm, dr_178.html
Is the following conforming?
struct x
{
char y[1];
};
struct x *z;
z = (struct x *) malloc(sizeof (*z) + 100);
z- y[5] = '?';
Defect Report #051 states that this isn't conforming behavior because the pointer arithmetic for the larger structure might not be compatible with a smaller structure. Thus, it recommends the safer idiom:
#define HUGE_ARR 1000 /* or bigger than ever needed */
struct x
{
char y[HUGE_ARR];
};
struct x *z;
z = (struct x *) malloc(sizeof (*z) + 100);
z- y[5] = '?';
However, Defect Report #073 states that the safer idiom is
undefined behavior because it is possible to implement the operator - as first
fetching all of *z, then selecting y[5] from it. This approach would cause
access to unallocated memory. Thus, the operation produces undefined behavior.
These responses are inconsistent. At the Oct 95 meeting in Nashua NH, WG14 indicated that it wanted to designate this as undefined behavior.