BUG: Incorrect Code When Increment Pointer Based on a Pointer

Last reviewed: July 24, 1997
Article ID: Q122543

The information in this article applies to:

Microsoft C/C++ Compiler (CL.EXE) included with: - Microsoft C/C++ for MS-DOS, version 7.0 - Microsoft Visual C++ for Windows, versions 1.0, 1.5, 1.51 - Microsoft Visual C++, 32-bit Edition, versions 1.0, 2.0, 2.1, 4.0,
```
     4.1, 4.2, 5.0
```

SYMPTOMS

Incorrect code is generated when an assignment is made in the same statement where a pointer based on a pointer is incremented.

For example, executing the following code:

   char buf[100];
   void *pvbuf=buf;
   unsigned int _based(pvbuf) *Test;

   *(char _based(pvbuf) *)(((char *)Test)++) = '6'

in a Win32-based application causes an application error; executing the same code in a 16-bit Windows-based application causes this error:

   run-time error R6001
   -null pointer assignment

CAUSE

The compiler generates an unnecessary sub command, as shown here:

   mov  bx,WORD PTR _Test
   sub  bx,WORD PTR _pvbuf    ; Not needed
   mov  si,WORD PTR _pvbuf
   mov  BYTE PTR [bx][si],5
   inc  WORD PTR _Test

RESOLUTION

Split the statement into multiple lines. For example,

   *(char _based(pvbuf) *)(((char *)Test)) = '5';
   ((char*)Test)++;

STATUS

Microsoft has confirmed this to be a bug in the Microsoft products listed at the beginning of this article. We are researching this bug and will post new information here in the Microsoft Knowledge Base as it becomes available.

MORE INFORMATION

The following sample demonstrates both the problem and its solution.

Sample Code

   /* Compile options needed: none
   */

   #include <stdio.h>
   #include <conio.h>
   char buf[100];
   void *pvbuf=buf;
   unsigned int _based(pvbuf) *Test;

   void good()
   {
      *(char _based(pvbuf) *)(((char *)Test)) = '5';
      ((char*)Test)++;
      *(char _based(pvbuf) *)(((char *)Test)) = '5';
   }

   void bad()
   {
      *(char _based(pvbuf) *)(((char *)Test)++) = 6;
   }

   void main(void)
   {
      good();
      printf( "Should print out: 5 5 \n%c %c\n",buf[0],buf[1] );
      getch();
      bad();
      printf( "Should print out: 5 6 \n%c %c\n",buf[0],buf[1] );
   }

Additional query words: 8.00 8.00c 9.00 10.00 10.10 10.20
Keywords : CodeGen vcbuglist400 vcbuglist500
Version : 7.0 1.0 1.5 1.51 2.0 2.1 4.0 4.1
Platform : MS-DOS NT WINDOWS
Issue type : kbbug

THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.

Last reviewed: July 24, 1997
© 1998 Microsoft Corporation. All rights reserved. Terms of Use.