On Thu, Dec 11, 2025 at 10:00:51PM +0000, Qing Zhao wrote:
> Currently, GCC does not fully support the cases when a FAM or pointer field
> and
> its corresponding counted_by field are in different anonymous structure/unions
> of a common named structure.
>
> For example:
>
> struct nested_mixed {
> struct {
> union {
> int b;
> float f;
> };
> int n;
> };
> struct {
> PTR_TYPE *pointer __attribute__((__counted_by__(n)));
> FAM_TYPE c[] __attribute__((__counted_by__(b)));
> };
> } *nested_mixed_annotated;
>
> In order to support such cases, we always need to locate the first outer
> named structure as the root, and then lookup_field inside this named
> structure. When building the component_ref for the counted_by field,
> we need to build a chain of component_ref starting from the root structure.
>
> When supporting the above in general, we also need to handle the following
> several special cases correctly:
>
> A. Support an untagged type as its own top-level type. */
> struct { int a; char b[] __attribute__ ((counted_by (a))); } *x;
>
> B. Support an unnamed field with a named struct/union. */
> struct s { struct { int a; char b[] __attribute__ ((counted_by (a))); } *x; }
> *y;
>
> C. When -fms-extensions is enabled:
>
> C.1 Do not support the inward-to-outward counted-by field reference
> since checking the validity of such reference depends on unknown
> situation at the end of the structure definition.
>
> struct bar {
> char *buf __counted_by (n); /* { dg-error "attribute is not a field
> declaration in the same structure as" } */
> };
>
> C.2 support the outward-to-inward counted-by field reference.
>
> PR C/122495
> PR C/122496
Thanks for working on this! I have prepared the corresponding change in Clang:
https://github.com/llvm/llvm-project/pull/171996
--
Kees Cook
