On 2023-01-31 07:46, Jakub Jelinek wrote:
On Wed, Dec 21, 2022 at 05:25:54PM -0500, Siddhesh Poyarekar wrote:
The tree object size pass tries to fail when it detects a flex array in
the struct, but it ends up doing the right thing only when the flex
array is in the outermost struct. For nested cases (such as arrays
nested in a union or an inner struct), it ends up taking whatever value
the flex array is declared with, using zero for the standard flex array,
i.e. [].
Rework subobject size computation to make it more consistent across the
board, honoring -fstrict-flex-arrays. With this change, any array at
the end of the struct will end up causing __bos to use the allocated
value of the outer object, bailing out in the maximum case when it can't
find it. In the minimum case, it will return the subscript value or the
allocated value of the outer object, whichever is larger.
I think it is way too late in the GCC 13 cycle to change behavior here
except for when -fstrict-flex-arrays is used.
I agree.
Plus, am not really convinced it is a good idea to change the behavior
here except for the new options, programs in the wild took 2+ years
to acommodate for what we GCC requiring and am not sure they'd be willing
to be adjusted again.
The behaviour change basically does two things: better minimum object
size estimates and more conservative object size estimates for trailing
arrays. ISTM that this should in fact reduce breakages due to flex
arrays, although one could argue that protection gets reduced for
trailing arrays without -fstrict-flex-arrays. It wouldn't cause
non-mitigation behaviour changes though, would it?
We don't need to rush this of course, we could consider this for gcc 14
given that we're well into stage 4.
Thanks,
Sid
