On 09/06/2016 01:40 PM, Joseph Myers wrote:
Sounds like a defect in C11 to me - none of the examples of flexible
array
members anticipate needing to add to the size to allow for tail padding
with unknown alignment requirements.
Yes, I would prefer calling it a defect, as most code I've seen dealing
with flexible array members does not align the tail size. However, GCC +
valgrind does take advantage of this "defect" and I would not be
surprised if other picky implementations do too.
The C11 standard's examples are weird, in that their flexible members
are typically arrays of double, where the alignment in practice is
invariably no less than that of the containing structure so our problem
does not occur. And for the only example that calls malloc and is
directly on point (assuming a weird platform where doubles are
unaligned), the associated commentary says that the flexible array
member behaves "for most purposes" as if it had the natural size, i.e.,
all bets are off unless you read the entire standard carefully! It is
almost as if the C11 authors knew about the problem but did not want to
call the reader's attention to it (I doubt whether that occurred -- it's
just that it reads that way).
C11's prohibition of using alignof on incomplete types.) This is why
Structures with flexible array members are not incomplete types.
Ah, right you are. Sorry, I confused C11 alignof with Gnulib alignof. On
pre-C11 platforms, the Gnulib substitute alignof does not work on such
structures, so code like Gnulib fts.c that is intended to be portable to
pre-C11 compilers can't use that C11 feature. I have corrected the
Gnulib manual's documentation of this limitation.