0

This question is about passing buffer positions to sscanf using an incrementing index. To make it clear, there's two code snippets below, one works fine, other don't.

The working code is this:

sscanf(line, "%x %x %x %x %x %x %x %x - %x %x %x %x %x %x %x %x",
    &buf[0], &buf[1], &buf[2], &buf[3],
    &buf[4], &buf[5], &buf[6], &buf[7],
    &buf[8], &buf[9], &buf[10], &buf[11],
    &buf[12], &buf[13], &buf[14], &buf[15]);

The not working code is this:

buf_idx = 0;
sscanf(line, "%x %x %x %x %x %x %x %x - %x %x %x %x %x %x %x %x",
    &buf[buf_idx++], &buf[buf_idx++], &buf[buf_idx++], &buf[buf_idx++],
    &buf[buf_idx++], &buf[buf_idx++], &buf[buf_idx++], &buf[buf_idx++],
    &buf[buf_idx++], &buf[buf_idx++], &buf[buf_idx++], &buf[buf_idx++],
    &buf[buf_idx++], &buf[buf_idx++], &buf[buf_idx++], &buf[buf_idx++]);

The second snipped doesn't rise any segmentation fault, it just doesn't load the values as expected.

I am fully aware that the second snipped is bad C and it's usage is not recommended, for academic proposes I'd like to ask the rationale behind the not working code, why is it Unspecified Behavior.

Felipe Lavratti
  • 2,887
  • 16
  • 34
  • 2
    possible duplicate of [Why are these constructs (using ++) undefined behavior?](http://stackoverflow.com/questions/949433/why-are-these-constructs-using-undefined-behavior) – David Ranieri Nov 11 '14 at 13:13
  • I have retracted the "voted to close", but note that this is UB – David Ranieri Nov 11 '14 at 13:31
  • @AlterMann Agreed! I edited the question to make it more objective, and now I agree that it has some intersection with the possible duplicate you brought up. Yet, I see this question valuable enough to not get closed. – Felipe Lavratti Nov 11 '14 at 13:32
  • What answer would fit here but not at the proposed duplicate? (I agree, there might be slightly better duplicates, but this question is asked ~3 times a week.) – mafso Nov 11 '14 at 15:52
  • possible duplicate of [Parameter evaluation order before a function calling in C](http://stackoverflow.com/questions/376278/parameter-evaluation-order-before-a-function-calling-in-c) – mafso Nov 11 '14 at 16:55

2 Answers2

3

The order of evaluation for function arguments is unspecified. So you never know about the exact offset to buf that would be read by the sscanf.

Moreover your code invokes UB as function argument evaluation has no sequence points between successive argument evaluation.

int i = 0;
some_fun(++i, ++i); /* UB */
/* In practice some_fun may get arguments as (2, 2), (1, 1), (2, 1) etc */
Mohit Jain
  • 30,259
  • 8
  • 73
  • 100
2

According to C Standard

3.4.4

1 unspecified behavior use of an unspecified value, or other behavior where this International Standard provides two or more possibilities and imposes no further requirements on which is chosen in any instance

2 EXAMPLE An example of unspecified behavior is the order in which the arguments to a function are evaluated.

Also in this call operators ++ are unsequenced. So the code has undefined behaviour.

Community
  • 1
  • 1
Vlad from Moscow
  • 301,070
  • 26
  • 186
  • 335