On Mon, Nov 10, 2014 at 12:52:02AM -0800, Martin Uecker wrote:
> Jakub Jelinek <ja...@redhat.com>:
> > On Mon, Nov 10, 2014 at 12:20:03AM -0800, Martin Uecker wrote:
> > > There is also no warning in the following example
> > > when the array is the last element of a struct.
> > >
> > > struct h3 {
> > > int i;
> > > int j[3];
> > > };
> > >
> > > struct h3* h3 = malloc(sizeof(struct h) + 3 * sizeof(int));
> > > h3->j[4] = 1;
> > >
> > > I guess this is to avoid warnings for the 'struct hack', but why
> > > is this not limited to arrays with size 0 (and maybe 1) and
> > > flexible array members?
> >
> > Because 0 or 1 are not the only ones recognized as poor man's flexible array
> > members, any trailing arrays are, whatever the constant is. So it is very
> > much intentional we don't warn above.
>
> Is such code common?
Yes.
> Clang does warn in this case.
Clang clearly doesn't care about false positives, it is driven by the desire
to emit as many warnings as possible.
> The warning seems very useful to me and can easily be turned off.
> Or one could add -W(no-)warn-struct-hack if really needed.
>
> Another odd case is:
>
> struct h0b {
> int i;
> int j[0];
> int k;
> };
>
> struct h0b* h0b = ...
>
> h0b->j[4] = 1;
-fsanitize=undefined should catch this.
> > You haven't provided struct h definition,
>
> Sorry, this should have been sizeof(struct h3).
In that case the code you've posted is valid, there should be no warnings or
runtime error messages.
Jakub
