On August 25, 2025 11:44:40 AM EDT, Marco Elver <el...@google.com> wrote:
>Additionally, when I compile my kernel with -Rpass=alloc-token, which
>provides diagnostics where (after dead-code elimination) type inference
>failed, I see 966 allocation sites where the compiler failed to identify
>a type. Some initial review confirms these are mostly variable sized
>buffers, but also include structs with trailing flexible length arrays
>(the latter could be recognized by the compiler by teaching it to look
>more deeply into complex expressions such as those generated by
>struct_size).
Can the type be extracted from an AST analysis of the lhs?
struct foo *p = kmalloc(bytes, gfp);
Doesn't tell us much from "bytes", but typeof(*p) does...
--
Kees Cook
