On 2025-04-08 12:41, Qing Zhao wrote:
The gimple IR is:

   1 int main ()
   2 {
   3   int D.5072;
   4
   5   {
   6     struct annotated * q;
   7
   8     q = alloc_buf (10);
   9     _1 = __builtin_dynamic_object_size (q, 1);
  10     __builtin_printf ("the bdos whole is %d\n", _1);
  11     D.5072 = 0;
  12     return D.5072;
  13   }
  14   D.5072 = 0;
  15   return D.5072;
  16 }
  17
  18
  19 __attribute__((noinline))
  20 struct annotated * alloc_buf (int index)
  21 {
  22   struct annotated * D.5074;
  23   struct annotated * p;
  24   25   _1 = (long unsigned int) index;
  26   _2 = _1 + 9;
  27   _3 = MAX_EXPR <_2, 16>;
  28   p = malloc (_3);
  29   _4 = (long unsigned int) index;
  30   p->count = _4;
  31   D.5074 = p;
  32   return D.5074;
  33 }

When we generate the .ACCESS_WITH_SIZE for a pointer reference to “struct 
annotated”,
Looks like all the pointer references, at line 8, “q”,  at line 9, “q”, at line 
28, “p”, need to be changed
to a call to .ACCESS_WITH_SIZE. this might increase the IR size unnecessarily.  
 Might have some
Impact on the inlining decision heuristics or other heuristic that depend on 
the code size.

Do you need a .ACCESS_WITH_SIZE for initialization sites? I was thinking we ought to need it only for read/dereference sites (which should be sufficient as a barrier too), so in this case it would only be for 'q' at line 9.

For a reference to a structure with FAM, such as p, we can generate a call to 
.ACCESS_WITH_SIZE whose 3rd argument
is 0 (the number of bytes). And this information can be used in 
__builtin_object_size. But not in array bound sanitizer.

Would that be necessary though, given that the array bound sanitizer only works on arrays and not other kinds of objects?

Thanks,
Sid

Reply via email to