[Bug middle-end/121000] __builtin_dynamic_object_size should work for FAM with VLA element when annotated with counted_by

Wed, 09 Jul 2025 10:41:27 -0700 

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=121000

--- Comment #4 from qinzhao at gcc dot gnu.org ---
The size of the element of the FAM actually _cannot_ reliably depends on the
original TYPE of the FAM that we passed as the 6th parameter to the
.ACCESS_WITH_SIZE:

     TYPE_SIZE_UNIT (TREE_TYPE (TREE_TYPE (gimple_call_arg (call, 5))))

when the element of the FAM has a variable length type. Since the variable that
represents TYPE_SIZE_UNIT has no explicit usage in the original IL, compiler
transformations (such as DSE) that are applied before object_size phase might
eliminate the whole definition to the variable that represents the
TYPE_SIZE_UNIT of the element of the FAM. 

In order to resolve this correctness issue, instead of passing the original
TYPE of the FAM as the 6th argument to .ACCESS_WITH_SIZE, we should explicitly
pass the original TYPE_SIZE_UNIT of the element TYPE of the FAM as the 6th
argument to the call to  .ACCESS_WITH_SIZE.   


As a result, the new ACCESS_WITH_SIZE is:  (change the 6th argument to the
TYPE_SIZE_UNIT of the element TYPE of the FAM)

ACCESS_WITH_SIZE (REF_TO_OBJ, REF_TO_SIZE, CLASS_OF_SIZE,
                   TYPE_OF_SIZE, ACCESS_MODE, TYPE_SIZE_UNIT for element)
 which returns the REF_TO_OBJ same as the 1st argument;

 1st argument REF_TO_OBJ: The reference to the object;
 2nd argument REF_TO_SIZE: The reference to the size of the object,
 3rd argument CLASS_OF_SIZE: The size referenced by the REF_TO_SIZE represents
   0: the number of bytes.
   1: the number of the elements of the object type;
 4th argument TYPE_OF_SIZE: A constant 0 with its TYPE being the same as the
TYPE
  of the object referenced by REF_TO_SIZE
 5th argument ACCESS_MODE:
  -1: Unknown access semantics
   0: none
   1: read_only
   2: write_only
   3: read_write
 6th argument: The TYPE_SIZE_UNIT of the element TYPE of the FAM when 3rd
argument   
  is 1. NULL when 3rd argument is 0. 

In tree-object-size.cc, instead of the following current code to get the
"element_size":

  /* The type of the 6th argument type is the pointer TYPE to the original
     flexible array type.  */
  tree pointer_to_array_type = TREE_TYPE (gimple_call_arg (call, 5));
  gcc_assert (POINTER_TYPE_P (pointer_to_array_type));
  tree element_type = TREE_TYPE (TREE_TYPE (pointer_to_array_type));
  tree element_size = TYPE_SIZE_UNIT (element_type);

the New code should be:

+  /* The 6th argument is the TYPE_SIZE_UNIT for the element of the original
+     flexible array.  */
+  tree element_size = gimple_call_arg (call, 5);

Reply via email to