BUG: Post Increment Operator Works Incorrectly for __huge Ptrs

Last reviewed: July 22, 1997
Article ID: Q125969

1.00 1.50 1.51 1.52 WINDOWS kbtool kbbuglist

The information in this article applies to:

The Microsoft C/C++ compiler (CL.EXE), included with: Microsoft Visual C++ for Windows, versions 1.0, 1.5, 1.51, 1.52

SYMPTOMS

When the post increment operator ++ is applied to a huge pointer within an argument list for a function call, the resulting pointer value will not be normalized. This problem occurs only when you use the optimizing compiler to compile the code. The pointer will not cross over the 64K data-segment boundary. Instead, it wraps around and points to the beginning of the current data segment. The sample code in this article demonstrates the problem.

RESOLUTION

When using the optimizing compiler, do not use the increment operator for huge pointers inside function calls. Instead, increment the pointer after the function call.

STATUS

Microsoft has confirmed this to be a bug in the Microsoft products listed at the beginning of this article. We are researching this problem and will post new information here in the Microsoft Knowledge Base as it becomes available.

MORE INFORMATION

Sample Code to Reproduce Problem

/* Compile options needed: /f- or /O2 or /Ox or any combinations
            of compiler optimizations, except /Od..
*/

#include <stdio.h>
#include <malloc.h>

#define ARRAYSIZE       32769L   /* (64K/2)+1 of integers */

void Change( int __huge *ptr ) { *ptr += 1; }

int main( void )

{

    int __huge *ptr, __huge *save;
    long i;

    ptr = (int __huge *)_halloc(ARRAYSIZE, (size_t)sizeof( int ));
    save = ptr;

    /* Instead of adding one to the last element of the array (which
       is in a new 64K segment), save wraps around to the beginning
       of the array and increments the element in the first position
       a second time.
    */

    for (i = 0; i < ARRAYSIZE; i++)
   Change( save++ );

    printf( "ptr[0] == %d, incremented twice.\n",
        ptr[0L] );
    printf( "ptr[32767] == %d, incremented once.\n",
        ptr[32767L] );
    printf( "ptr[32768] == %d, not incremented.\n",
        ptr[32768L] );

    _hfree( ptr );
    return 0;

}

Additional reference words: autoincrement gpf 1.00 1.50 8.00 8.00c
KBCategory: kbtool kbbuglist
KBSubcategory: CLIss
Keywords : kb16bitonly

THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.

Last reviewed: July 22, 1997
© 1998 Microsoft Corporation. All rights reserved. Terms of Use.