Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!uunet!husc6!rutgers!labrea!decwrl!pyramid!prls!philabs!pwa-b!mmintl!franka
From: franka@mmintl.UUCP (Frank Adams)
Newsgroups: comp.lang.c
Subject: Re: char (*a)[]  (was: Style [++i vs i++])
Message-ID: <2348@mmintl.UUCP>
Date: Mon, 7-Sep-87 21:27:15 EDT
Article-I.D.: mmintl.2348
Posted: Mon Sep  7 21:27:15 1987
Date-Received: Fri, 11-Sep-87 00:38:18 EDT
References: <8298@brl-adm.ARPA> <587@cblpe.ATT.COM> <189@xyzzy.UUCP> <2310@mmintl.UUCP> <871@mcgill-vision.UUCP>
Reply-To: franka@mmintl.UUCP (Frank Adams)
Organization: Multimate International, E. Hartford, CT.
Lines: 38

In article <871@mcgill-vision.UUCP> mouse@mcgill-vision.UUCP (der Mouse) writes:
>Yes.  But arithmetic on a null pointer is not what Mark was saying
>produces undefined results, it's indirecting through the result.
>
>(Of course, arithmetic on a null pointer may *also* be illegal, or produce
>undefined results, I don't know for sure.  But that's not my point.)

A good point.

So does arithmetic on a null pointer produce undefined results?  I don't
have a copy of the proposed standard available, so I don't know what it
says.  This is about what it *should* say; if it doesn't, it should be
changed.

Arithmetic on a null pointer should produce an undefined result.

To see this, first consider arithmetic on non-null pointers.  Given a
pointer to an element of an array a of size N.  Arithmetic on such a pointer
should not produce a pointer to anything outside the range a[0] to a[N].
That is, doing so should produce an undefined result.  This is because such
an operation may produce an arithmetic overflow in some cases; and
implementations should be able to enable interrupts for arithmetic overflow
without having to generate special code for pointer arithmetic.

So we have the general principle that pointer arithmetic should not be able
to adjust the value of the pointer outside the guaranteed "neighborhood" of
legal values near that pointer.

In the case of a null pointer, the only legal value in that neighborhood
is null itself; thus "(char *)0 + 1" produces an undefined result.
("(char *)0 + 0" would be legal, and equivalent to "(char *)0".)

As further evidence for this point of view, I note that there could be
machines where the hardware traps attempts to increment the null pointer.
-- 

Frank Adams                           ihnp4!philabs!pwa-b!mmintl!franka
Ashton-Tate          52 Oakland Ave North         E. Hartford, CT 06108