http://gcc.gnu.org/bugzilla/show_bug.cgi?id=52944
Bug #: 52944 Summary: [4.5/4.6 Regression] __builtin_object_size(..., 1) no longer returns (size_t)-1 for consecutive flexible/zero-length array members Classification: Unclassified Product: gcc Version: unknown Status: UNCONFIRMED Severity: normal Priority: P3 Component: other AssignedTo: unassig...@gcc.gnu.org ReportedBy: vap...@gentoo.org Target: x86_64-linux-gnu consider the code: struct stct { int i; union { short k; char buf[0]; }; char tail[]; }; char buf[100]; main() { struct stct *foo = (void *)buf; printf("%i\n", __builtin_object_size(foo->buf, 1)); } when compiled with gcc-4.4, we get -1. but with gcc-4.5 and gcc-4.6, we get 0. granted, this code is a bit odd, but in some cases, it makes sense. imo, the trailing series of flexible/zero-length array members should get the same treatment rather than just the last one. gcc doesn't allow flexible array members inside of unions which is unfortunate. with tftp, the packet is described by: struct tftphdr { short opcode; union { unsigned short tu_block; short tu_code; char tu_stuff[0]; }; char th_data[]; }; when opcode is 1, the rest of the packet is a C string. i.e. the buffer: char x[] = { 1, 0, 'f', 'i', 'l', 'e', '\0', }; opcode = 1, tu_stuff = "file" when opcode is 3 though, the tu_block field will be a number, and the rest of the data will be in th_data. i.e. the buffer: char x[] = { 2, 0, 3, 0, <8KiB>, }; opcode = 2, tu_block = 3, th_data = 8KiB