Out of range pointers

[Henry Spencer]

In article <33547 at XAIT.XEROX.COM> g-rh at XAIT.Xerox.COM (Richard Harter) writes:
>As a side note, one argument for making x[-1] legal is that it permits
>you to use sentinels in both directions.  I don't see that this is a
>problem, regardless of architecture.  All that is required is that nothing
>be allocated on a segment boundary...

The situation unfortunately isn't as symmetrical as it looks, because
a pointer to an array element points to the *beginning* of the array
element.  A pointer one past the end of an array points to the byte
(well, the addressing unit, whatever it is) following the array; a
pointer one past the beginning points to the byte (etc.) that is one
array-member-size before the beginning.  Computing x[size] without
risk of overflow only requires that there be at least one byte between
the array and the end of a segment; computing x[-1] without risk of
underflow requires an entire array element between the array and the
start of the segment, which can get expensive if the elements are big
(consider multidimensional arrays).

The difference in costs was felt to be sufficient to justify a difference
in treatment.  Both practices have been technically illegal all along,
so legitimizing both wasn't vitally necessary.  Since x[size] gets used
a lot and is cheap to do, it was legalized.  Since x[-1] was rather more
costly and is used less, it wasn't.
-- 
NASA is into artificial        |     Henry Spencer at U of Toronto Zoology
stupidity.  - Jerry Pournelle  | uunet!attcan!utzoo!henry henry at zoo.toronto.edu