Home/ Questions/Q 7052491
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-28T03:23:24+00:00

The following simple code segfaults under gcc 4.4.4 #include<stdio.h> typedef struct Foo Foo; struct

  • 0

The following simple code segfaults under gcc 4.4.4

#include<stdio.h>

typedef struct Foo Foo;
struct Foo {
    char f[25];
};

Foo foo(){
    Foo f = {"Hello, World!"};
    return f;
}

int main(){
    printf("%s\n", foo().f);
}

Changing the final line to

 Foo f = foo(); printf("%s\n", f.f);

Works fine. Both versions work when compiled with -std=c99. Am I simply invoking undefined behavior, or has something in the standard changed, which permits the code to work under C99? Why does is crash under C89?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I believe the behavior is undefined both in C89/C90 and in C99.

    foo().f is an expression of array type, specifically char[25]. C99 6.3.2.1p3 says:

    Except when it is the operand of the sizeof operator or the unary
    & operator, or is a string literal used to initialize an array, an
    expression that has type “array of type” is converted to an
    expression with type “pointer to type” that points to the initial
    element of the array object and is not an lvalue. If the array object
    has register storage class, the behavior is undefined.

    The problem in this particular case (an array that’s an element of a structure returned by a function) is that there is no “array object”. Function results are returned by value, so the result of calling foo() is a value of type struct Foo, and foo().f is a value (not an lvalue) of type char[25].

    This is, as far as I know, the only case in C (up to C99) where you can have a non-lvalue expression of array type. I’d say that the behavior of attempting to access it is undefined by omission, likely because the authors of the standard (understandably IMHO) didn’t think of this case. You’re likely to see different behaviors at different optimization settings.

    The new 2011 C standard patches this corner case by inventing a new storage class. N1570 (the link is to a late pre-C11 draft) says in 6.2.4p8:

    A non-lvalue expression with structure or union type, where the
    structure or union contains a member with array type (including,
    recursively, members of all contained structures and unions) refers to
    an object with automatic storage duration and temporary lifetime.
    Its lifetime begins when the expression is evaluated and its initial
    value is the value of the expression. Its lifetime ends when the
    evaluation of the containing full expression or full declarator ends.
    Any attempt to modify an object with temporary lifetime results in
    undefined behavior.

    So the program’s behavior is well defined in C11. Until you’re able to get a C11-conforming compiler, though, your best bet is probably to store the result of the function in a local object (assuming your goal is working code rather than breaking compilers):

    [...]
int main(void ) {
    struct Foo temp = foo();
    printf("%s\n", temp.f);
}
    • 0