https://gcc.gnu.org/bugzilla/show_bug.cgi?id=125524
Bug ID: 125524
Summary: uint8_t *ptr __counted_by(len) renderes code
undefined?
Product: gcc
Version: 16.1.1
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c
Assignee: unassigned at gcc dot gnu.org
Reporter: cagney at sourceware dot org
Target Milestone: ---
See also https://gcc.gnu.org/bugzilla/show_bug.cgi?id=123569
The code in question is:
#include <stdio.h>
struct buffer {
int len;
char * ptr __attribute((counted_by(len)));
};
int ltrim(struct buffer * const buf) {
while (buf->len > 0 && *buf->ptr == ' ') {
buf->len--;
buf->ptr++;
}
return buf->len;
}
int main() {
struct buffer buf = {.ptr = " 123", .len = 4};
int ret = ltrim(&buf);
fprintf(stderr, "ret: %u\n", ret);
return 0;
}
https://godbolt.org/z/h7d7W3K45
The previous bug was closed on the basis of:
https://gcc.gnu.org/onlinedocs/gcc/Common-Attributes.html#index-counted_005fby
_In addition to the above requirements, there is one more requirement between
this pair if and only if p->array is an array that is pointed by the pointer
field:
p->array and p->count can only be changed by changing the whole structure at
the same time._
However, the cited text is followed by:
_It’s the programmer’s responsibility to make sure the above requirements to be
kept all the time. Otherwise the compiler reports warnings and the results of
the array bound sanitizer and the __builtin_dynamic_object_size built-in are
undefined._
-> GCC is *not* reporting a warning
-> CLANG DTRT with this code
-> how can adding the attribute __counted_by__() make what, to the best of my
knowledge is a well defined and common coding idiom, undefined?
