Path: utzoo!utgpu!news-server.csri.toronto.edu!clyde.concordia.ca!uunet!zephyr.ens.tek.com!tekfdi!videovax!bart
From: bart@videovax.tv.tek.com (Bart Massey)
Newsgroups: comp.lang.c++
Subject: Re: references to dereferenced null pointers
Message-ID: <5764@videovax.tv.tek.com>
Date: 19 Mar 90 08:49:59 GMT
References: <51083@microsoft.UUCP> <25EB8EE8.8462@paris.ics.uci.edu> <33188@brunix.UUCP> <10595@alice.UUCP>
Reply-To: bart@videovax.tv.tek.com (Bart Massey)
Organization: Tektronix TV Measurement Systems, Beaverton OR
Lines: 49

In article <10595@alice.UUCP> shopiro@alice.UUCP (Jonathan Shopiro) writes:
> [...]
> The real question is not _when_ is *x evaluated, but __how_.  I claim that
> *x is evaluated differently in
> 
> 	int   i = *x;      // eval *x for rvalue
> 
> than in
> 
> 	int*  p = &*x;     // eval *x for lvalue
> 
> and if x is the null pointer, the first is illegal and the second should
> be legal, since x is never dereferenced.  The call h(*x) is analogous
> to the second example.

The problem is that this precludes stupid compilers from generating code
which dereferences x as a side effect -- *x is an lvalue in C, but it is
still a value.  Some unsophisticated bottom-up tree-based code generator
may construct an expression tree for &*x which looks something like

	addr-of
	 |
	deref
	 |
 	 x
			 
and then generate code like

	move x to r0	; bottom of expression tree
	move *r0 to r1	; next level up
	move x to r2	; whoops! addr-of! search down the tree for the lvalue
	move r2 to p	; whew! that was close

and then not peephole optimize, since -O wasn't specified, leaving a
potentially dangerous dereference in.

Note that I can't give an example of such a C compiler offhand :-).  The
only analogue which comes immediately to mind is the old Apple MDS Pascal
compiler for the Lisa, which will do this with sizeof(x^^), but you're
probably not interested in *Pascal* :-).

Given the limited usefulness of the above construct, and given that I
otherwise might have the choice between a fairly good code generator and no
compiler at all, what I think I want is for writing *p to require p to point
at an object.  The ANSI C draft (3.3.3.2) seems to agree with me.

					Bart Massey
					..tektronix!videovax.tv.tek.com!bart
					..tektronix!reed.bitnet!bart