...
The C Standard identifies four situations in which undefined behavior (UB) may arise as a result of incompatible declarations of the same function or object:
UB | Description | Code |
|---|---|---|
Two declarations of the same object or function specify types that are not compatible (6.2.7). | All noncompliant code in this guideline | |
| 3130 | Two identifiers differ only in nonsignificant characters (6.4.2.1). | Excessively Long Identifiers |
An object has its stored value accessed other than by an lvalue of an allowable type (6.5). | Incompatible Object Declarations | |
| A function is defined with a type that is not compatible with the type (of the expression) pointed to by the expression that denotes the called function (6.5.2.2). | Incompatible Function Declarations |
...
In this noncompliant code example, the variable i is declared to have type int in file a.c but defined to be of type short in file b.c. The declarations are incompatible, resulting in undefined behavior 1514. Furthermore, accessing the object using an lvalue of an incompatible type, as shown in function f(), is undefined behavior 37 with 36 with possible observable results ranging from unintended information exposure to memory overwrite to a hardware trap.
| Code Block | ||||
|---|---|---|---|---|
| ||||
/* In a.c */ extern int i; /* UB 1514 */ int f(void) { return ++i; /* UB 3736 */ } /* In b.c */ short i; /* UB 1514 */ |
Compliant Solution (Incompatible Object Declarations)
...
In this noncompliant code example, the variable a is declared to have a pointer type in file a.c but defined to have an array type in file b.c. The two declarations are incompatible, resulting in undefined behavior 1514. As before, accessing the object in function f() is undefined behavior 3736 with the typical effect of triggering a hardware trap.
| Code Block | ||||
|---|---|---|---|---|
| ||||
/* In a.c */ extern int *a; /* UB 1514 */ int f(unsigned int i, int x) { int tmp = a[i]; /* UB 3736: read access */ a[i] = x; /* UB 3736: write access */ return tmp; } /* In b.c */ int a[] = { 1, 2, 3, 4 }; /* UB 1514 */ |
Compliant Solution (Incompatible Array Declarations)
...
In this noncompliant code example, the function f() is declared in file a.c with one prototype but defined in file b.c with another. The two prototypes are incompatible, resulting in undefined behavior 1514. Furthermore, invoking the function is undefined behavior 4137 and typically has catastrophic consequences.
| Code Block | ||||
|---|---|---|---|---|
| ||||
/* In a.c */ extern int f(int a); /* UB 1514 */ int g(int a) { return f(a); /* UB 4137 */ } /* In b.c */ long f(long a) { /* UB 1514 */ return a * 2; } |
Compliant Solution (Incompatible Function Declarations)
...
In this noncompliant code example, the length of the identifier declaring the function pointer bash_groupname_completion_function() in the file bashline.h exceeds by 3 the minimum implementation limit of 31 significant initial characters in an external identifier. This introduces the possibility of colliding with the bash_groupname_completion_funct integer variable defined in file b.c, which is exactly 31 characters long. On an implementation that exactly meets this limit, this is undefined behavior 3130. It results in two incompatible declarations of the same function. (See undefined behavior 1514.) In addition, invoking the function leads to undefined behavior 4137 with typically catastrophic effects.
| Code Block | ||||
|---|---|---|---|---|
| ||||
/* In bashline.h */ /* UB 1514, UB 3130 */ extern char * bash_groupname_completion_function(const char *, int); /* In a.c */ #include "bashline.h" void f(const char *s, int i) { bash_groupname_completion_function(s, i); /* UB 4137 */ } /* In b.c */ int bash_groupname_completion_funct; /* UB 1514, UB 3130 */ |
NOTE: The identifier bash_groupname_completion_function referenced here was taken from GNU Bash, version 3.2.
...