| Issue |
60928
|
| Summary |
provide "element_count" attribute to give more context to __builtin_dynamic_object_size() and -fsanitize=bounds
|
| Labels |
new issue
|
| Assignees |
|
| Reporter |
kees
|
Frequently a structure containing a flexible array member will also contain a member where the count of array elements is stored. For example:
```
struct foo {
...
unsigned int count;
...
int data[];
};
struct foo *allocate_foo(unsigned int how_many)
{
struct foo *p;
p = malloc(sizeof(*p) + how_many * sizeof(*byte_array));
p->count = how_many;
return p;
}
```
While `__builtin_dynamic_object_size(p->data, 1)` will know the size within `allocate_foo()` due to `malloc`'s `__alloc_size` hinting, this information is immediately lost on return. However, the information _is_ still available in `p->count`, but the compiler has no way to know about it.
Please provide a struct member attribute `element_count` that can be used to associate the size of a flexible array to another struct member. For example:
```
struct foo {
...
unsigned int count;
...
int data[] __attribute__((__element_count__(count)));
};
```
Now any later examination of the size of `data` can be calculated. For example, this equality will hold true:
```
__builtin_dynamic_object_size(p->data) == p->count * sizeof(*p->data)
```
and `-fsanitize-bounds` can examine this as well, to trap:
```
p->data[index] = ...; /* traps when index < 0, or index >= p->count */
```
![]()
_______________________________________________
llvm-bugs mailing list
[email protected]
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
