Hacker News new | past | comments | ask | show | jobs | submit login

One that often gets people is this:

    struct foo {
        int bar;
    }

    void myfunc(struct foo *p) {
        int *t = &p->bar;
        if(p == NULL) return;
        *t = 5;
    }
Is this undefined? Probably. Absent compiler optimizations, it won't cause a crash on any system you're ever likely to encounter because it's not actually dereferencing the pointer, but some versions of gcc have caused security issues in Linux by optimising away NULL checks like this.



I'm not sure that's undefined though. It's equivalent to

  ...
  
  void myfunc(struct foo *p) {
    int *t = (int *)((char *)p + offsetof(p->bar));
    ...
  }
right? In the C abstract machine taking the address of an offset of a pointer is always defined, I think.


It is not always defined. It's defined to take an address to a pointer with an offset within the object's space plus one. Subtracting two pointers to distinct objects is undefined. This is to allow for segmented memory architectures. It's also to allow implementation of garbage collectors by the compiler


FWIW, the tis-interpreter doesn't flag that code (aside from the missing semicolon). I think you're right, though, that it has UB.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: