Search code examples
cflexible-array-member

getting the following warning : The ABI of passing struct with a flexible array member has changed in GCC 4.4

When I try and run my program I get this warning and some weird bugs. rmi_pdu in the following structure contains a variable sized array which I want to access.

struct rmi_message_s {  /* Queue element containing Rmi message */
  struct rmi_message_s          *hnext;
  struct rmi_message_s          *hprev;
  uint16_t                      gen_counter;   /* Generation counter */
  time_value                    send_time;
  uint8_t                       retry_count;
  TAILQ_ENTRY(rmi_message_s)    rmi_message_next;
  rmi_message_pdu               rmi_pdu; /* contains a variable sized array */ 
};

typedef struct {
  uint16_t        zero;
  uint16_t        type;
  uint8_t         version;
  uint8_t         len;
  uint8_t         protocol;
  uint16_t        edge_port;
  uint16_t        core_port;
  uint32_t        connexus_id;
  pi_ipv4_addr_t  edge_addr;
  pi_ipv4_addr_t  core_addr;
  uint16_t        gen_count;     /* Integer to identify a stale packet */
  uint8_t         payload[];
} rmi_message_pdu;

the problem is when I am trying to free the memory which I am dynamically allocating. The contents are there but the free() API is abort()ing . This what the core looks like

in raise () from /lib64/libc.so.6
in abort () from /lib64/libc.so.6
in __libc_message () from /lib64/libc.so.6
in _int_free () from /lib64/libc.so.6
in free () from /lib64/libc.so.6
in free (p=0x2aaabc000fa0) at mallocdbg.cc:188
in rmi_hash_cleanup (rmi_msg=0x2aaabc000fa0) at tcpsvc_rmi.c:126
in rmi_process_response (response_packet=0x27422e00) at tcpsvc_rmi.c:239
in rmi_message_handle (pkt=0x27422e00 "", cnt=28) at tcpsvc_base.c:154
in udpif_worker (arg=0x2b01f7014340) at rumpnet_virtif/if_udp_netbsd_guest.c:573
in threadbouncer (arg=0x2b01f7016428) at rumpkern/emul.c:428
in clone () from /lib64/libc.so.6

This is what the allocation looks like. The caller who wants to use rmi, will pass the size as an argument.

struct rmi_message_s *rmi_msg;
rmi_msg = (struct rmi_message_s *) malloc (sizeof(struct rmi_message_s *) + len * sizeof(uint8_t));

len is passed as an argument.

Solution

  • You are not allocating enough memory:

    struct rmi_message_s *rmi_msg ;
    rmi_msg = (struct rmi_message_s *) malloc
           (sizeof(struct rmi_message_s) + len * sizeof(uint8_t));

    You had ...sizeof(struct rmi_message_s *)..., but it should have been ...sizeof(struct rmi_message_s)...