https://gcc.gnu.org/bugzilla/show_bug.cgi?id=96503
PaX Team <pageexec at gmail dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |pageexec at gmail dot com
--- Comment #2 from Siddhesh Poyarekar <siddhesh at gcc dot gnu.org> ---
(In reply to Kees Cook from comment #1)
> Created attachment 53643 [details]
> PoC showing unexpected __bdos results across inlines
>
> Fixing this is needed for the Linux kernel to do much useful with
> alloc_size. Most of the allocators are inline wrappers, for example.
For cases where the size doesn't really change across the inlines, it ought to
be sufficient to annotate the non-inlined implementation function, e.g. in case
of kvmalloc, annotate kvmalloc_node as __alloc_size(1).
For other cases it may be less trivial, e.g.:
/* Some padding the wrapper adds to the actual allocation. */
size_t metadata_size;
__attribute__ ((alloc_size (1))) void *alloc_wrapper (size_t sz)
{
return real_alloc (size + metadata_size);
}
extern void *real_alloc (size_t) __attribute__ ((alloc_size(1)));
here the compiler will end up seeing the padded size, which may not be correct.
To fix this we'll have to store the alloc_size info somewhere (ptr_info seems
to be aliasing-specific, so maybe a new member to tree_ssa_name) during
inlining and then teach the tree-object-size pass to access it.
