http://gcc.gnu.org/bugzilla/show_bug.cgi?id=52944
Bug #: 52944
Summary: [4.5/4.6 Regression] __builtin_object_size(..., 1) no
longer returns (size_t)-1 for consecutive
flexible/zero-length array members
Classification: Unclassified
Product: gcc
Version: unknown
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: other
AssignedTo: unassig...@gcc.gnu.org
ReportedBy: vap...@gentoo.org
Target: x86_64-linux-gnu
consider the code:
struct stct {
int i;
union {
short k;
char buf[0];
};
char tail[];
};
char buf[100];
main()
{
struct stct *foo = (void *)buf;
printf("%i\n", __builtin_object_size(foo->buf, 1));
}
when compiled with gcc-4.4, we get -1. but with gcc-4.5 and gcc-4.6, we get 0.
granted, this code is a bit odd, but in some cases, it makes sense. imo, the
trailing series of flexible/zero-length array members should get the same
treatment rather than just the last one. gcc doesn't allow flexible array
members inside of unions which is unfortunate.
with tftp, the packet is described by:
struct tftphdr {
short opcode;
union {
unsigned short tu_block;
short tu_code;
char tu_stuff[0];
};
char th_data[];
};
when opcode is 1, the rest of the packet is a C string. i.e. the buffer:
char x[] = { 1, 0, 'f', 'i', 'l', 'e', '\0', };
opcode = 1, tu_stuff = "file"
when opcode is 3 though, the tu_block field will be a number, and the rest of
the data will be in th_data. i.e. the buffer:
char x[] = { 2, 0, 3, 0, <8KiB>, };
opcode = 2, tu_block = 3, th_data = 8KiB
