Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!csri.toronto.edu!norvell
From: norvell@csri.toronto.edu (Theo Norvell)
Newsgroups: comp.std.c
Subject: Re: Bounds checks.  (was variable-length struct hack)
Message-ID: <1989Dec11.181631.3864@jarvis.csri.toronto.edu>
Date: 11 Dec 89 23:16:31 GMT
References: <448@longway.TIC.COM> <450@longway.TIC.COM> <15364@haddock.ima.isc.com> <809@prles2.UUCP> <1989Dec8.161820.24804@jarvis.csri.toronto.edu>
Organization: University of Toronto, CSRI
Lines: 18

In article <1989Dec8.161820.24804@jarvis.csri.toronto.edu> norvell@csri.toronto.edu (I) write:
>The drafts were not very explicit on this point [bounds checks], but when
>I was writing a compiler that did bounds checks, I read the then current
> draft and came to the following conclusion. [nonsense omitted]

After looking at a more recent draft (May 88) I found that (at least) 3 things
I said were either out of date or plain wrong.  Let me make amends by saying:
	(1) The draft is very explicit (3.3.6) that bounds checking is allowed.
	(2) Even creating a pointer that points out of the array is
	    undefined with the exception of the pointer just past the end.
	(3) Merely dereferencing the just past the end pointer is undefined,
	    not as I said loading or storing the resultant lvalue (although
	    that is naturally undefined too). Thus
		    int A[N], *p;
		    for(p=A; p < A+N ; ++p ) { ... } /* Good */
		    for(p=A; p <  &A[N] ; ++p ) { ... } /* Undefined! */

Theo Norvell