This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: missing warnings with -Warray-bounds

On Mon, Nov 10, 2014 at 12:52:02AM -0800, Martin Uecker wrote:
> Jakub Jelinek <jakub@redhat.com>:
> > On Mon, Nov 10, 2014 at 12:20:03AM -0800, Martin Uecker wrote:
> > > There is also no warning in the following example
> > > when the array is the last element of a struct.
> > > 
> > > struct h3 {
> > >         int i;
> > >         int j[3];
> > > };
> > > 
> > > struct h3* h3 = malloc(sizeof(struct h) + 3 * sizeof(int));
> > > h3->j[4] = 1;
> > > 
> > > I guess this is to avoid warnings for the 'struct hack', but why 
> > > is this not limited to arrays with size 0 (and maybe 1) and 
> > > flexible array members?
> > 
> > Because 0 or 1 are not the only ones recognized as poor man's flexible array
> > members, any trailing arrays are, whatever the constant is.  So it is very
> > much intentional we don't warn above.  
> 
> Is such code common?

Yes.

> Clang does warn in this case. 

Clang clearly doesn't care about false positives, it is driven by the desire
to emit as many warnings as possible.

> The warning seems very useful to me and can easily be turned off. 
> Or one could add -W(no-)warn-struct-hack if really needed.
> 
> Another odd case is:
> 
> struct h0b {
> 	int i;
> 	int j[0];
> 	int k;
> };
> 
> struct h0b* h0b = ...
> 
> h0b->j[4] = 1;  

-fsanitize=undefined should catch this.

> > You haven't provided struct h definition,
> 
> Sorry, this should have been sizeof(struct h3).

In that case the code you've posted is valid, there should be no warnings or
runtime error messages.

	Jakub
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]