https://gcc.gnu.org/bugzilla/show_bug.cgi?id=93848
Alexander Cherepanov <ch3root at openwall dot com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |ch3root at openwall dot com --- Comment #7 from Alexander Cherepanov <ch3root at openwall dot com> --- I agree that the original example exhibits UB. One of the violated norms that was not yet mentioned is C11, 6.3.2.1p1: "if an lvalue does not designate an object when it is evaluated, the behavior is undefined" To go further in this direction, let's compare arrays and structs: char (*p)[2] = malloc(1); ... use (*p)[0] struct { char x, y; } *q = malloc(1); ... use (*q).x Are these valid? Do structs differ? DR 073[1], items A, B, C, F, G, H, says that the . operator requires a complete structure as its left operand but fails to address the issue with an array directly. IMHO arrays should not differ. [1] http://open-std.org/jtc1/sc22/wg14/www/docs/dr_073.html OTOH suppose that p[1] is not UB per se in the original example. What is the result of its decay? C11, 6.3.2.1p3 says that it "points to the initial element of the array object". But there is no array object here. Then, which operations are allowed for this pointer? p[1]+0 is ok? Writing it as &p[1][0] is ok? What about p[1]+1 or &p[1][1]? gcc doesn't warn about it: ---------------------------------------------------------------------- #include <stdio.h> int main() { int a[1][4]; printf("%p\n", (void *)&a[1][1]); } ---------------------------------------------------------------------- $ gcc -std=c11 -pedantic -Wall -Wextra -Warray-bounds=2 -O3 test.c && ./a.out 0x7ffc5904aa04 ---------------------------------------------------------------------- gcc x86-64 version: gcc (GCC) 10.0.1 20200225 (experimental) ----------------------------------------------------------------------