On Thu, Dec 5, 2024 at 1:09 PM Qing Zhao <[email protected]> wrote:
> > On Dec 3, 2024, at 10:29, Qing Zhao <[email protected]> wrote:
> >> On Dec 3, 2024, at 10:07, Martin Uecker <[email protected]> wrote:
> >> The language extension does not exist yet, so there is no problem.
> > Yeah, I should mention this as “corresponding future language extension” -:)
> >>
> >> But I hope we will get it and then specify it so that this works
> >> correctly without this footgun.
> >>
> >> Of course, if GCC gets the "counted_by" attribute wrong, there will
> >> be arguments later in WG14 why the feature is then different to it.
> >
> > I think that we need to resolve this issue first in the design of
> > “counted_by” for pointer fields.
> > I guess that we might need to come up with some additional limitations for
> > using the “counted_by”
> > attribute for pointer fields at the source code level in order to avoid
> > such potential error. But not
> > sure what exactly the additional limitation should be at this moment.
> >
> > Need some study here.
>
> Actually, I found out that this is really not a problem with the current
> design, for the following new testing case I added for my current
> implementation of the counted_by for pointer field:
>
> [ gcc.dg]$ cat pointer-counted-by-7.c
> /* Test the attribute counted_by for pointer field and its usage in
> * __builtin_dynamic_object_size. */
> /* { dg-do run } */
> /* { dg-options "-O2" } */
>
> #include "builtin-object-size-common.h"
>
> struct annotated {
> int b;
> int *c __attribute__ ((counted_by (b)));
> };
>
> struct annotated *__attribute__((__noinline__)) setup (int attr_count)
> {
> struct annotated *p_array_annotated
> = (struct annotated *) malloc (sizeof (struct annotated));
> p_array_annotated->c = (int *) malloc (sizeof (int) * attr_count);
> p_array_annotated->b = attr_count;
>
> return p_array_annotated;
> }
>
>
> int main(int argc, char *argv[])
> {
> struct annotated *x = setup (10);
> int *p = x->c;
> x = setup (20);
> EXPECT(__builtin_dynamic_object_size (p, 1), 10 * sizeof (int));
> EXPECT(__builtin_dynamic_object_size (x->c, 1), 20 * sizeof (int));
> DONE ();
> }
>
> This test case passed without any issue.
>
> Our previous introduction of the new internal function .ACCESS_WITH_SIZE
> already resolved this issue.
>
> So, I think that as long as the whole structure is set at the same time,
> should be fine.
>
> Let me know if you have more comment here.
>
Nice! I think this is going to be an issue with Clang's
implementation. I'll need to create our version of .ACCESS_WITH_SIZE.
It might end up simplifying some of the code. :-)
Martin,
A question about the WG14 proposal (using the designated initializer
syntax for __counted_by). Would the proposal support arbitrary
"expressions" (for lack of a better word) into the struct? For
example, could one have something like:
struct s {
struct count_struct {
int count[32];
} c;
int array[] __counted_by(.c.count[3]);
};
-bw
