> On Apr 10, 2025, at 10:55, Siddhesh Poyarekar <siddh...@gotplt.org> wrote:
>
> On 2025-04-10 10:50, Andrew MacLeod wrote:
>> Its not clear to me exactly what is being asked, but I think the suggestion
>> is that pointer references are being replaced with a builtin function called
>> .ACCESS_WITH_SIZE ? and I presume that builtin function has some
>> parameters that give you relevant range information of some sort?
>
> Added, not replaced, but yes, that's essentially it.
>
>> range-ops is setup to pull range information from builtin functions already
>> in gimple-range-op.cc:: gimple_range_op_handler::maybe_builtin_call ().
>> We'd just need to write a handler for this new one. You can pull
>> information from 2 operands under normal circumstances, but exceptions can
>> be made. I'd need a description of what it looks like and how that
>> translates to range info.
>
> That's perfect! It's probably redundant for cases where we end up with both
> .ACCESS_WITH_SIZE and a __bos/__bdos call, but I don't remember if that's the
> only place where .ACCESS_WITH_SIZE is generated today.
.ACCESS_WITH_SIZE was defined as following:
.ACCESS_WITH_SIZE (REF_TO_OBJ, REF_TO_SIZE, CLASS_OF_SIZE,
TYPE_OF_SIZE, ACCESS_MODE))
which returns the REF_TO_OBJ same as the 1st argument;
In the above call to .ACCESS_WITH_SIZE:
1st argument REF_TO_OBJ: The reference to the object;
2nd argument REF_TO_SIZE: The reference to the size of the object,
3rd argument CLASS_OF_SIZE: The size referenced by the REF_TO_SIZE represents
0: the number of bytes.
1: the number of the elements of the object type;
4th argument TYPE_OF_SIZE: A constant 0 with its TYPE being the same as the
TYPE
of the object referenced by REF_TO_SIZE
5th argument ACCESS_MODE:
-1: Unknown access semantics
0: none
1: read_only
2: write_only
3: read_write
6th argument: A constant 0 with the pointer TYPE to the original flexible
array type.
C FE generates calls to .ACCESS_WITH_SIZE;
Expand phase converts the call to .ACCESS_WITH_SIZE back to the first argument.
All tree phases before Expand can utilize the size information carried by the
call to .ACCESS_WITH_SIZE.
Currently, every reference to a flexible array member field with counted_by
attribute will be replaced by:
(*.ACCESS_WITH_SIZE (REF, COUNTED_BY_REF, 1, (TYPE_OF_SIZE)0, -1,
(TYPE_OF_ARRAY *)0))
For example:
struct annotated {
size_t count;
char array[] __attribute__((counted_by (count)));
} *obj;
Given
obj->array
It will be converted to:
_2 = &obj->array;
_3 = &obj->count;
(* .ACCESS_WITH_SIZE (_2, _3, 1, 0, -1, 0B));
Currently, two phases utilized the size information from .ACCESS_WITH_SIZE:
1. Bound sanitizer (c-family/c-ubsan.cc)
2. _bdos (tree-object-size.cc)
> Qing, could you please work with Andrew on this?
Sure!
Andrew, Please see the above brief introduction of .ACCESS_WITH_SIZE. let me
know if you need more details.
Thanks a lot for your help.
Qing
>
> Thanks,
> Sid
