3

In this thread, it uses &x + 1 to determine the size of some random struct x. I'm wondering why this is a legitimate solution? Will this ever cause a segmentation fault?

My understanding is as long as &x + 1 remains within the memory accessible to the current thread, it will be fine, but if &x + 1 somehow tries to access a piece of memory outside of its allowed range, it will cause seg fault, is that right?

Community
  • 1
  • 1
turtlesoup
  • 3,188
  • 10
  • 36
  • 50

2 Answers2

6

Third, the C standard explicitly allows pointers to point one past the end of an array.

...If both the pointer operand and the result point to elements of the same array object, or one past the last element of the array object, the evaluation shall not produce an overflow ...

And as @alk points out, when doing pointer arithmetic, a pointer to an object is treated like an array of length 1.

For the purposes of these operators, a pointer to an object that is not an element of an array behaves the same as a pointer to the first element of an array of length one with the type of the object as its element type.

(from sections 6.5.6.8 and 6.5.6.7 of the C99 draft here )

AShelly
  • 34,686
  • 15
  • 91
  • 152
  • Yes, but we we are dealing with a single object, not an array. – Johan Råde Feb 17 '14 at 18:57
  • 6
    @user763305: C99 6.5.6/7: "*For the purposes of these [additive] operators, a pointer to an object that is not an element of an array behaves the same as a pointer to the first element of an array of length one.*" – alk Feb 17 '14 at 19:00
  • Note that the question is about C, not C++, and that the C standard in this case has the same rule. – This isn't my real name Feb 17 '14 at 19:42
  • right. I could have sworn I saw a ++ in the original question. References updated. – AShelly Feb 17 '14 at 19:55
  • thanks! but if I define a variable who sits right on the boundary of allocated memory and go &x+1, will that allow me to sneak data from unallocated memory?? That doesn't sound safe at all – turtlesoup Feb 17 '14 at 22:34
  • 1
    C pointer arithmetic is never safe. `&x+1` is valid for comparing pointers, but `*(&x+1)` is undefined (see 6.5.3.4) - Meaning the compiler could do virtually anything. In real compilers, it will usually do one of two things, depending on what you mean by 'boundary of allocated memory'. Accesses to heap memory owned by the memory manager but not yet allocated generally just return whatever garbage value is there, possibly allocator bookkeeping stuff. Accesses to memory outside the range that the OS has given your program usually cause a segfault or illegal access violation. – AShelly Feb 18 '14 at 14:55
5

First, in C, all memory that is accessible by any thread is accessible by all threads. Threads are just not an issue here.

Second, you never dereference the pointer &x + 1, so you are not accessing any memory anyway.

So your code is correct.

Johan Råde
  • 20,480
  • 21
  • 73
  • 110
  • 1
    Accessing unallocated memory provokes undefined behaviour. And it's not the "*not dereferencing*" but the `+1` which does the magic. Doing `&x + n` with `n>1` would also provoke undefined behaviour even without dereferencing the result, reading the pointer would be enough to do so. Please see *AShelly*'s answer above: http://stackoverflow.com/a/21837091/694576 – alk Feb 17 '14 at 19:07
  • 2
    This is incorrect about why `&x+1` is okay. It is not true that “not accessing any memory” will avoid a problem. The actual reason is that the C standard permits incrementing a pointer to one beyond the end of an array (including a single object, which is treated as an array of one element). If the expression were `&x+2`, the program could crash. Per C 2011 (N1570) 6.5.6 8: “If both the pointer operand and the result point to elements of the same array object, or one past the last element of the array object, the evaluation shall not produce an overflow; otherwise, the behavior is undefined.” – Eric Postpischil Feb 17 '14 at 19:44
  • Eric Postpischil: So `(&x + 2) - 1` could crash the program? – Johan Råde Feb 17 '14 at 19:51
  • @user763305: sure. It could also cause the program to order a burrito for a randomly chosen compiler engineer using your credit card. Or it could do nothing. The behavior is undefined. – Stephen Canon Feb 17 '14 at 19:59
  • 1
    I'm under attack by a cabal of language lawyers. Resistance is useless! – Johan Råde Feb 17 '14 at 20:01