This is the mail archive of the
gcc@gcc.gnu.org
mailing list for the GCC project.
Re: missing warnings with -Warray-bounds
- From: Jakub Jelinek <jakub at redhat dot com>
- To: Martin Uecker <uecker at eecs dot berkeley dot edu>
- Cc: gcc Mailing List <gcc at gcc dot gnu dot org>
- Date: Mon, 10 Nov 2014 10:02:29 +0100
- Subject: Re: missing warnings with -Warray-bounds
- Authentication-results: sourceware.org; auth=none
- References: <20141110002003 dot 186cc6d5 at lemur> <20141110082816 dot GE5026 at tucnak dot redhat dot com> <20141110005202 dot 7488e063 at lemur>
- Reply-to: Jakub Jelinek <jakub at redhat dot com>
On Mon, Nov 10, 2014 at 12:52:02AM -0800, Martin Uecker wrote:
> Jakub Jelinek <jakub@redhat.com>:
> > On Mon, Nov 10, 2014 at 12:20:03AM -0800, Martin Uecker wrote:
> > > There is also no warning in the following example
> > > when the array is the last element of a struct.
> > >
> > > struct h3 {
> > > int i;
> > > int j[3];
> > > };
> > >
> > > struct h3* h3 = malloc(sizeof(struct h) + 3 * sizeof(int));
> > > h3->j[4] = 1;
> > >
> > > I guess this is to avoid warnings for the 'struct hack', but why
> > > is this not limited to arrays with size 0 (and maybe 1) and
> > > flexible array members?
> >
> > Because 0 or 1 are not the only ones recognized as poor man's flexible array
> > members, any trailing arrays are, whatever the constant is. So it is very
> > much intentional we don't warn above.
>
> Is such code common?
Yes.
> Clang does warn in this case.
Clang clearly doesn't care about false positives, it is driven by the desire
to emit as many warnings as possible.
> The warning seems very useful to me and can easily be turned off.
> Or one could add -W(no-)warn-struct-hack if really needed.
>
> Another odd case is:
>
> struct h0b {
> int i;
> int j[0];
> int k;
> };
>
> struct h0b* h0b = ...
>
> h0b->j[4] = 1;
-fsanitize=undefined should catch this.
> > You haven't provided struct h definition,
>
> Sorry, this should have been sizeof(struct h3).
In that case the code you've posted is valid, there should be no warnings or
runtime error messages.
Jakub