[Bug c/112539] a struct with an array of unknown size at the end allows writing past end of the struct
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112539 --- Comment #5 from Greg Morse --- Thank you very much for the links.Fascinating stuff for someone who is not a real programming Guru.I do wonder though what is so appealing about 'trailing arrays' that they became so embedded in so much code, that the compiler introduced this undefined behaviour deliberately to accomodate it.But oh well it probably seemed like a good idea at the time.Thanks again.Greg Morse On Tuesday, November 14, 2023 at 11:09:43 p.m. PST, sjames at gcc dot gnu.org wrote: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112539 --- Comment #2 from Sam James --- https://people.kernel.org/kees/bounded-flexible-arrays-in-c and https://developers.redhat.com/articles/2022/09/29/benefits-limitations-flexible-array-members are good reads too
[Bug c/112539] a struct with an array of unknown size at the end allows writing past end of the struct
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112539 --- Comment #4 from Xi Ruoyao --- (In reply to Xi Ruoyao from comment #3) > This invalid bug report is actually not related to flexible array member. > It's just invoking an undefined behavior. With -fsanitize=undefined > -fno-sanitize-recover: Note that the "Enter Bug" page has a red banner referring to https://gcc.gnu.org/bugs/, and this page says: If compiling with -fsanitize=undefined produces any run-time errors, then your code is probably not correct. > In C even > > int a[1]; > return a[114514]; > > will compile. Correction: technically it should be "may compile". The compiler is also allowed to reject programs which *always* invokes an undefined behavior. But AFAIK no C compiler really rejects code because of an OOB array access as at now.
[Bug c/112539] a struct with an array of unknown size at the end allows writing past end of the struct
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112539 Xi Ruoyao changed: What|Removed |Added CC||xry111 at gcc dot gnu.org --- Comment #3 from Xi Ruoyao --- This invalid bug report is actually not related to flexible array member. It's just invoking an undefined behavior. With -fsanitize=undefined -fno-sanitize-recover: t.c:13:19: runtime error: store to address 0x7ffd20f7fb30 with insufficient space for an object of type 'char' 0x7ffd20f7fb30: note: pointer points here 00 00 00 00 00 00 00 00 00 00 00 00 00 c7 f6 e9 8f 37 ae d2 68 fc f7 20 fd 7f 00 00 00 00 00 00 ^ In C even int a[1]; return a[114514]; will compile. But it triggers an undefined behavior at runtime. An undefined behavior may cause a program crash, output some garbage, or "behave as you expected" if you are lucky.
[Bug c/112539] a struct with an array of unknown size at the end allows writing past end of the struct
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112539 --- Comment #2 from Sam James --- https://people.kernel.org/kees/bounded-flexible-arrays-in-c and https://developers.redhat.com/articles/2022/09/29/benefits-limitations-flexible-array-members are good reads too
[Bug c/112539] a struct with an array of unknown size at the end allows writing past end of the struct
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112539 Andrew Pinski changed: What|Removed |Added Resolution|--- |INVALID Status|UNCONFIRMED |RESOLVED --- Comment #1 from Andrew Pinski --- C99 (and above) have this kind of array called flexible array member. Which have exactly the semantics you are describing are happening even. See https://gcc.gnu.org/onlinedocs/gcc-13.2.0/gcc/Zero-Length.html were GCC documents a different extension but references this. You can also read up about them here: https://en.cppreference.com/w/c/language/struct
