On 2023-08-04 15:06, Qing Zhao wrote:
Yes, that's what I'm thinking.
so `q` must be pointing to a single element. So you could deduce:
1. the minimum size of the whole object that q points to.
You mean that the TYPE will determine the minimum size of the whole object?
(Does this include the size of the flexible array member, or only the other
part of the structure except the flexible array member?)
Only the constant sized part of the structure.
Okay. I see.
But if the “counted_by” info is available, then from p->array, we can deduce the
minimum size too, as sizeof(struct A) + q->foo * sizeof(int), right?
Yes.
Actually for minimum size we'd also need a guarantee that `alloc_buf_more`
returns a valid allocated object.
Why? Please explain a little bit here.
So `alloc_buf_more` could return NULL, a valid pointer or an invalid pointer.
So, we could end up returning a non-zero minimum size for an invalid or NULL
pointer, which is incorrect, we don't know that.
I see what’ s you mean now.
However, if we already see p->array, then the p is guaranteed a valid pointer and not
a NULL, right? (We are discussing on __builtin_dynamic_object_size (q->array, 2), we
see q->array already)
Yes, you could argue that for p->array, I agree, but not for p.
We won't need the object validity guarantee for (2) beyond, e.g. guarding
against a new NULL pointer dereference because it's a *maximum* estimate; an
invalid or NULL pointer would have 0 size. So for such cases, __bos(q, 0)
could return
sizeof(*q) + (q ? q->foo:0)
and __bos(q->array, 0) could be
sizeof(*q) + q->foo - offsetof(q, array)
There's no need to guard against a dereference in the second case because the
q->array dereference already assumes that q is valid.
q->array should also guarantee that q is a valid pointer for minimum size,
right? Or do I miss anything here?
Yes.
Thanks,
Sid
