From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <msebor@gmail.com>
Received: from mail-io1-xd31.google.com (mail-io1-xd31.google.com
 [IPv6:2607:f8b0:4864:20::d31])
 by sourceware.org (Postfix) with ESMTPS id D581B385828E
 for <gcc-patches@gcc.gnu.org>; Tue, 28 Jun 2022 16:22:00 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org D581B385828E
Received: by mail-io1-xd31.google.com with SMTP id i194so13327232ioa.12
 for <gcc-patches@gcc.gnu.org>; Tue, 28 Jun 2022 09:22:00 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:message-id:date:mime-version:user-agent:subject
 :content-language:to:cc:references:from:in-reply-to
 :content-transfer-encoding;
 bh=wsmNbRVZjBdm4CTxVcN9M9U7mbwmwGmMbVhoLgyV4YM=;
 b=zYJV6tCmaP34WNBrxv+ew8+C7Vak5Q+6MeZEHdVKLtmao7mKz8pd7HPWaUQX9KMYXI
 B+hKKwJzkr2gbcWEUZKi4qmuHY1hK3fsIlFqs4eFjZBsyiedcgP9A2MoysPvE+wOozUq
 9QLXmDl+oqvle1vLLii0nAiwEUqpUd4QDdn+Adm4Vp+EEBOWAVxbUkO9Z9apNzlgx3zL
 j8YK++TwnMECXcbf7wwz3HGB0TIMeFazvezcBFtjOKnDIItWz/XdYuz8wSxfxI05SKlR
 376gq7IpOs3n1HihVlCpMjayMSAnRIO8D0ogbRZ/RzfUSM1d13UHbVb0u9xgbwlQqnCk
 J88Q==
X-Gm-Message-State: AJIora9a/uznq+uo01t+Uv9oReVpE8fziXl78agsUS1EygMTalaJlzhH
 hN0ADBOOFqJEUZ5INfz5oXs=
X-Google-Smtp-Source: AGRyM1sKbbFYzKxe6dsI4/aJKp8d4uQzf8O8NrjykXFomzyXhXBMKPsJucfNEBFSXbIZr+laDWBwCg==
X-Received: by 2002:a02:caae:0:b0:33c:8ae0:cc51 with SMTP id
 e14-20020a02caae000000b0033c8ae0cc51mr9245311jap.92.1656433319906; 
 Tue, 28 Jun 2022 09:21:59 -0700 (PDT)
Received: from [192.168.0.41] (184-96-231-56.hlrn.qwest.net. [184.96.231.56])
 by smtp.gmail.com with ESMTPSA id
 b28-20020a026f5c000000b0032e70c4e12fsm6331930jae.28.2022.06.28.09.21.58
 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
 Tue, 28 Jun 2022 09:21:58 -0700 (PDT)
Message-ID: <c160eb6d-a887-99ff-05cd-382298fb4d02@gmail.com>
Date: Tue, 28 Jun 2022 10:21:57 -0600
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101
 Thunderbird/91.4.0
Subject: Re: [GCC 13][PATCH] PR101836: Add a new option
 -fstrict-flex-array[=n] and use it in __builtin_object_size
Content-Language: en-US
To: Richard Biener <richard.guenther@gmail.com>,
 Qing Zhao <qing.zhao@oracle.com>
Cc: Jakub Jelinek <jakub@redhat.com>,
 gcc-patches Paul A Clarke via <gcc-patches@gcc.gnu.org>,
 kees Cook <keescook@chromium.org>
References: <45936DE9-4099-4ED2-8B2B-6956A2FB493D@oracle.com>
 <CAFiYyc21atAmFmRh64RDWhFeHj3BJYuk1gtmxRxNHa17RzrZWQ@mail.gmail.com>
From: Martin Sebor <msebor@gmail.com>
In-Reply-To: <CAFiYyc21atAmFmRh64RDWhFeHj3BJYuk1gtmxRxNHa17RzrZWQ@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, NICE_REPLY_A,
 RCVD_IN_BARRACUDACENTRAL, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP,
 T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
 server2.sourceware.org
X-BeenThere: gcc-patches@gcc.gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Gcc-patches mailing list <gcc-patches.gcc.gnu.org>
List-Unsubscribe: <https://gcc.gnu.org/mailman/options/gcc-patches>,
 <mailto:gcc-patches-request@gcc.gnu.org?subject=unsubscribe>
List-Archive: <https://gcc.gnu.org/pipermail/gcc-patches/>
List-Post: <mailto:gcc-patches@gcc.gnu.org>
List-Help: <mailto:gcc-patches-request@gcc.gnu.org?subject=help>
List-Subscribe: <https://gcc.gnu.org/mailman/listinfo/gcc-patches>,
 <mailto:gcc-patches-request@gcc.gnu.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jun 2022 16:22:02 -0000

On 6/28/22 01:16, Richard Biener wrote:
> On Mon, Jun 27, 2022 at 4:20 PM Qing Zhao via Gcc-patches
> <gcc-patches@gcc.gnu.org> wrote:
>>
>> Hi,
>>
>> Per our discussion in the bug report, I came up with the following patch:
>>
>> =======
>>
>> PR101836: Add a new option -fstrict-flex-array[=n]
>>
>> Add the new option and use it in __builtin_object_size.
>>
>> Treat the trailing array of a structure as a flexible array member in a
>> stricter way.  The value of 'n' controls the level of strictness.
>> 'n'=0 is the least strict, all trailing arrays of structures are treated
>> as flexible array members; This is the default behavior of GCC without specify
>> this option.
>> 'n'=3 is the strictest, only when the trailing array is declared as a
>> flexible array member per C99 standard onwards ([]), it is treated as a
>> flexible array member;
>> There are two more levels in between 0 and 3, which are provided to support
>> older codes that use GCC zero-length array extension ([0]), or one-size array as
>> flexible array member ([1]):
>> When 'n' is 1, the trailing array is treated as a flexible array member
>> when it is declared as either [], [0], or [1];
>> When 'n' is 2, the trailing array is treated as a flexible array member
>> when it is declared as either [], or [0].
>>
>> There are other places in GCC that conservatively treat flexible array members.
>> A follow-up patch will make -ftrict-flex-array option to control all these
>> places consistently.
>>
>> Bootstrapped and regression tested on both X86 and aarch64, no issues.
>>
>> Any comment and suggestion?
> 
> Since this aims at the C or C++ frontends but the middle-end eventually consumes
> this it would be much nicer to encode this in the types themselves.
> Since the least
> strict reading is the default right now it would be a flag (on the
> FIELD_DECL I suppose)
> like DECL_NOT_FLEXARRAY or DECL_FIXED_SIZE?  Alternatively the flag could
> also be on the record type enclosing the trailing array member (but
> type sharing might
> make this more difficult in the end).
> 
> There's also array_at_struct_end_p which is supposed to be the main
> query interface
> for this (but it seems people sneaked in more variants with eventually
> different semantics ... :/)

The conservative array_at_struct_end_p has historically been used
for codegen.  component_ref_size was added as a separate function
with more flexible (including stricter) semantics to implement
warnings without running the risk of interfering with codegen.

Martin

> 
> Richard.
> 
> 
> 
>> Okay for commit to Gcc13?
>>
>> thanks.
>>
>> Qing
>>
>> =======================
>>
>> gcc/
>>
>>         PR tree-optimization/101836
>>         * common.opt (fstrict-flex-array, fstrict-flex-array=): New options.
>>         * doc/invoke.texi (-fstrict-flex-array, -fstrict-flex-array=): Document.
>>         * tree-object-size.cc (addr_object_size): Call is_flexible_array_p to
>>         check whether an array is a flexible array.
>>         * tree.cc (special_array_member_type): New routine.
>>         (is_flexible_array_p): New routine.
>>         (component_ref_size): Call special_array_member_type to decide the
>>         type of special array member.
>>         * tree.h (enum struct special_array_member): Add is_vla, trail_flex.
>>         (special_array_member_type): New prototype.
>>         (is_flexible_array_p): New prototype.
>>
>> gcc/testsuite/
>>
>>         PR tree-optimization/101836
>>         * gcc.dg/pr101836.c: New test.
>>         * gcc.dg/pr101836_1.c: New test.
>>         * gcc.dg/pr101836_2.c: New test.
>>         * gcc.dg/pr101836_3.c: New test.
>>         * gcc.dg/pr101836_4.c: New test.
>>         * gcc.dg/pr101836_5.c: New test.
>>
>>
>> The complete patch is:
>>