From: Qing Zhao <qing.zhao@oracle.com>
To: Richard Biener <richard.guenther@gmail.com>,
Martin Sebor <msebor@gmail.com>
Cc: Jakub Jelinek <jakub@redhat.com>,
gcc-patches Paul A Clarke via <gcc-patches@gcc.gnu.org>,
kees Cook <keescook@chromium.org>
Subject: Re: [GCC 13][PATCH] PR101836: Add a new option -fstrict-flex-array[=n] and use it in __builtin_object_size
Date: Wed, 6 Jul 2022 14:20:15 +0000 [thread overview]
Message-ID: <F9B7B015-4CF1-4656-AEB1-69BF8DAD5182@oracle.com> (raw)
In-Reply-To: <CAFiYyc2S9UvrED1xsMq0StuUwKVy0nUnqk=v4cNR14X7=d4gRg@mail.gmail.com>
(Sorry for the late reply, just came back from a short vacation.)
> On Jul 4, 2022, at 2:49 AM, Richard Biener <richard.guenther@gmail.com> wrote:
>
> On Fri, Jul 1, 2022 at 5:32 PM Martin Sebor <msebor@gmail.com> wrote:
>>
>> On 7/1/22 08:01, Qing Zhao wrote:
>>>
>>>
>>>> On Jul 1, 2022, at 8:59 AM, Jakub Jelinek <jakub@redhat.com> wrote:
>>>>
>>>> On Fri, Jul 01, 2022 at 12:55:08PM +0000, Qing Zhao wrote:
>>>>> If so, comparing to the current implemenation to have all the checking in middle-end, what’s the
>>>>> major benefit of moving part of the checking into FE, and leaving the other part in middle-end?
>>>>
>>>> The point is recording early what FIELD_DECLs could be vs. can't possibly be
>>>> treated like flexible array members and just use that flag in the decisions
>>>> in the current routines in addition to what it is doing.
>>>
>>> Okay.
>>>
>>> Based on the discussion so far, I will do the following:
>>>
>>> 1. Add a new flag “DECL_NOT_FLEXARRAY” to FIELD_DECL;
>>> 2. In C/C++ FE, set the new flag “DECL_NOT_FLEXARRAY” for a FIELD_DECL based on [0], [1],
>>> [] and the option -fstrict-flex-array, and whether it’s the last field of the DECL_CONTEXT.
>>> 3. In Middle end, Add a new utility routine is_flexible_array_member_p, which bases on
>>> DECL_NOT_FLEXARRAY + array_at_struct_end_p to decide whether the array
>>> reference is a real flexible array member reference.
>
> I would just update all existing users, not introduce another wrapper
> that takes DECL_NOT_FLEXARRAY
> into account additionally.
Okay.
>
>>>
>>>
>>> Middle end currently is quite mess, array_at_struct_end_p, component_ref_size, and all the phases that
>>> use these routines need to be updated, + new testing cases for each of the phases.
>>>
>>>
>>> So, I still plan to separate the patch set into 2 parts:
>>>
>>> Part A: the above 1 + 2 + 3, and use these new utilities in tree-object-size.cc to resolve PR101836 first.
>>> Then kernel can use __FORTIFY_SOURCE correctly;
>>>
>>> Part B: update all other phases with the new utilities + new testing cases + resolving regressions.
>>>
>>> Let me know if you have any comment and suggestion.
>>
>> It might be worth considering whether it should be possible to control
>> the "flexible array" property separately for each trailing array member
>> via either a #pragma or an attribute in headers that can't change
>> the struct layout but that need to be usable in programs compiled with
>> stricter -fstrict-flex-array=N settings.
>
> Or an decl attribute.
Yes, it might be necessary to add a corresponding decl attribute
strict_flex_array (N)
Which is attached to a trailing structure array member to provide the user a finer control when -fstrict-flex-array=N is specified.
So, I will do the following:
*****User interface:
1. command line option:
-fstrict-flex-array=N (N=0, 1, 2, 3)
2. decl attribute:
strict_flex_array (N) (N=0, 1, 2, 3)
*****Implementation:
1. Add a new flag “DECL_NOT_FLEXARRAY” to FIELD_DECL;
2. In C/C++ FE, set the new flag “DECL_NOT_FLEXARRAY” for a FIELD_DECL based on [0], [1],
[], the option -fstrict-flex-array, the attribute strict_flex_array, and whether it’s the last field
of the DECL_CONTEXT.
3. In Middle end, update all users of “array_at_struct_end_p" or “component_ref_size”, or any place that treats
Trailing array as flexible array member with the new flag DECL_NOT_FLEXARRAY.
(Still think we need a new consistent utility routine here).
I still plan to separate the patch set into 2 parts:
Part A: the above 1 + 2 + 3, and use these new utilities in tree-object-size.cc to resolve PR101836 first.
Then kernel can use __FORTIFY_SOURCE correctly.
Part B: update all other phases with the new utilities + new testing cases + resolving regressions.
Let me know any more comment or suggestion.
Thanks a lot.
Qing
next prev parent reply other threads:[~2022-07-06 14:20 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-27 14:19 Qing Zhao
2022-06-28 7:16 ` Richard Biener
2022-06-28 15:03 ` Qing Zhao
2022-06-28 15:08 ` Jakub Jelinek
2022-06-28 15:59 ` Qing Zhao
2022-06-28 16:43 ` Jakub Jelinek
2022-06-28 18:15 ` Qing Zhao
2022-06-28 18:22 ` Jakub Jelinek
2022-06-28 18:29 ` Qing Zhao
2022-06-28 18:49 ` Jakub Jelinek
2022-06-28 19:01 ` Qing Zhao
2022-06-29 21:14 ` Martin Sebor
2022-06-30 14:07 ` Qing Zhao
2022-06-30 14:24 ` Richard Biener
2022-06-30 15:31 ` Qing Zhao
2022-06-30 17:03 ` Jakub Jelinek
2022-06-30 19:30 ` Qing Zhao
2022-07-01 6:49 ` Richard Biener
2022-07-01 12:55 ` Qing Zhao
2022-07-01 12:58 ` Richard Biener
2022-07-01 13:40 ` Qing Zhao
2022-07-01 12:59 ` Jakub Jelinek
2022-07-01 14:01 ` Qing Zhao
2022-07-01 15:32 ` Martin Sebor
2022-07-04 6:49 ` Richard Biener
2022-07-06 14:20 ` Qing Zhao [this message]
2022-07-07 8:02 ` Richard Biener
2022-07-07 13:33 ` Qing Zhao
2022-06-29 20:45 ` Qing Zhao
2022-06-28 16:21 ` Martin Sebor
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=F9B7B015-4CF1-4656-AEB1-69BF8DAD5182@oracle.com \
--to=qing.zhao@oracle.com \
--cc=gcc-patches@gcc.gnu.org \
--cc=jakub@redhat.com \
--cc=keescook@chromium.org \
--cc=msebor@gmail.com \
--cc=richard.guenther@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).