Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!mailrus!wuarchive!gem.mps.ohio-state.edu!usc!polyslo!unmvax!bbx!bbxsda!scott
From: scott@bbxsda.UUCP (Scott Amspoker)
Newsgroups: comp.std.c
Subject: Re: Out-of-bounds pointers
Message-ID: <220@bbxsda.UUCP>
Date: 9 Oct 89 16:10:32 GMT
References: <1009@mtxinu.UUCP> <12570028@hpclwjm.HP.COM> <868@crdos1.crd.ge.COM> <217@bbxsda.UUCP> <1989Oct7.131404.656@jarvis.csri.toronto.edu>
Reply-To: scott@bbxsda.UUCP (Scott Amspoker)
Organization: Basis International,  Albuquerque, NM
Lines: 55

In article <1989Oct7.131404.656@jarvis.csri.toronto.edu> flaps@dgp.toronto.edu (Alan J Rosenthal) writes:
>scott@bbxsda.UUCP (Scott Amspoker) writes:
>>What was once bad coding style now was considered a bug.  Take the following
>>code fragment as an example:
>>
>>my_proc()
>>   {
>>   register char *p;
>>
>>   p = (char*)malloc(1000);
>>   free(p);  /* free never returns but core dumps instead - why? */
>>   }

>No, no, no.  It was never said that this code fragment wasn't conforming.  It

It was never said that *this* particular example wasn't conforming.  However,
as I pointed out in my posting, the various "rules" that were stated in the
prior thread would lead to the conclusion that this example was non-conforming.
I presented each rule leading to that conclusion.  Please explain which
of the rules you disagree with.

>is, other than the missing declaration of malloc() which I assume you assumed
>was present previously in the file.  free() has to work correctly.  The user
                                      ^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Precisely - so is there something wrong with the ANSI draft or what?

>cannot dereference invalid pointers, but the compiler can if it knows that it
>is safe to do so, and must not dereference invalid pointers if it doesn't know
>whether or not it is safe.

No pointer dereferencing took place at all in the example.  (Now you know
why the prior thread went on so long :-).

>And this fragment was never considered bad coding style, again apart from the
>fact that you are mallocing memory and not doing anything with it.  You seem to

This was a trivial example trying to make a point.  I don't see any reason
to clutter it with "busy code" to make it look real.  It is not too hard
to imagine that something "comforming" was done between malloc() and free().

>be claiming that use of free() is now non-portable and was always considered
>bad coding style.

I am saying that it is possible to come to the conclusion that free() is
not portable depending on how you interpret the ANSI draft.   I was
pointing out something I thought was absurd.  I expect the above program
(assuming the proper declaration of malloc() and that there is available 
memory) to *always* work no matter what.


-- 
Scott Amspoker
Basis International, Albuquerque, NM
(505) 345-5232