> On Jul 16, 2025, at 16:38, Jakub Jelinek <ja...@redhat.com> wrote: > > On Tue, Jul 15, 2025 at 06:39:42PM +0000, Qing Zhao wrote: >> I re-implemented the patch based on B to fix PR120929, however, the approach >> B brings undefined behavior into the application. >> >> (Actually, I met this issue in the previous implementation but forgot to >> documented it. >> This issue is the exact reason I chose A in my committed patch). >> >> f->p = malloc (size); >> ***** With the approach B: the IL for the above is: >> tmp1 = f->p; >> tmp2 = &f->n; >> tmp3 = .ACCESS_WITH_SIZE (tmp1, tmp2, ...); >> tmp4 = malloc (size); >> tmp3 = tmp4; > > You shouldn't emit .ACCESS_WITH_SIZE when you're storing to the counted_by > attributed pointer. You shouldn't emit it when just reading the pointer > either. Neither of those operations cares about the object size. > It should be emitted when you dereference that pointer.
Yes, the above solution could also resolve the undefined behavior issue. We can certainly go with this approach. However, from my understanding, this approach will make the C FE implementation harder. I am not sure whether it worths the effect to do it or not. Right now, what we did in C FE is: for every reference to a FAM field or a pointer field, such as f->p, when we “build_component_ref” for it, we check whether there is “counted_by” attached to this field, if so, then replace the COMPONENT_REF for f->p to a call to .ACCESS_WITH_SIZE. For the following two cases: f->p = malloc (size); // C FE should NOT generate a call to .ACCESS_WITH_SIZE for such case f->p[a] = 10; // C FE should generate a call to .ACCESS_WITH_SIZE for such case. When C FE generates the COMPONENT_REF to f->p, can it decide whether this COMPONENT_REF should be replaced by a call to .ACCESS_WITH_SIZE without looking at the tokens following it? If it should check the tokens following it to decide, then how to decide? Any idea here? Since I am not very familiar with the C FE implementation, I am not sure whether this approach works or not. That’s the major reason I chose approach A, A. Pass the ADDRESS of the original pointer &(f->p) as the first argument, and also return the ADDRESS of the original pointer: *.ACCESS_WITH_SIZE (&f->p, &f->n,…) with approach A, the implementation of counted_by for pointer fields use the same framework as counted_by for FAM. Implementation is simple and straightforward in C FE. The call to .ACCESS_WITH_SIZE will be expended to its first argument during expand phase. In additional to some unnecessary call to .ACCESS_WITH_SIZE in the IL, do you see other issues with The approach A? Thanks. Qing > > Jakub >
