Re: [RFC PATCH 3/7] kcfi: Add core Kernel Control Flow Integrity infrastructure

Hi, Kees, I have several suggestions and questions first for this patch: 1. Is -fsanitize=kcfi a C only feature? If so, you might need to mention this in the documentation and also reject its usage in other languages. 2. There is no overall description of the design of this kcfi implementa

Re: [PATCH v3] Fix sanitizer attribute infrastructure to use standard TREE_LIST format [PR113264]

Hi, Kees, > On Aug 26, 2025, at 13:25, Kees Cook wrote: > > The __attribute__((__copy__)) functionality was crashing when copying > sanitizer-related attributes because these attributes violated the standard > GCC attribute infrastructure by storing INTEGER_CST values directly instead > of wrapp

Re: [PATCH] Fix sanitizer attribute infrastructure to use standard TREE_LIST format [PR113264]

Hi, Kees, Is this patch for GCC14? I noticed that some codes have been changed in the latest trunk GCC already. > On Aug 25, 2025, at 11:59, Kees Cook wrote: > > The __attribute__((__copy__)) functionality was crashing when copying > sanitizer-related attributes because these attributes viola

Re: [RFC PATCH 2/7] mangle: Introduce C typeinfo mangling API

> On Aug 25, 2025, at 04:13, Peter Zijlstra wrote: > > On Fri, Aug 22, 2025 at 03:29:11PM -0700, Kees Cook wrote: >> On Fri, Aug 22, 2025 at 08:29:16PM +, Qing Zhao wrote: >>>> On Aug 22, 2025, at 15:02, Kees Cook wrote: >>>> Right, and sometime

Re: [RFC PATCH 2/7] mangle: Introduce C typeinfo mangling API

> On Aug 22, 2025, at 15:02, Kees Cook wrote: > > On Fri, Aug 22, 2025 at 03:11:16PM +0000, Qing Zhao wrote: >>> On Aug 21, 2025, at 17:29, Kees Cook wrote: >>> For non-static functions, we cannot know if other compilation units may >>> make indirect

Re: [RFC PATCH 2/7] mangle: Introduce C typeinfo mangling API

> On Aug 21, 2025, at 17:29, Kees Cook wrote: > > On Thu, Aug 21, 2025 at 07:14:31PM +0000, Qing Zhao wrote: >> >> >>> On Aug 21, 2025, at 12:16, Kees Cook wrote: >>> >>> >>>>> + else if (TREE_CODE (fntype_or_

Re: [RFC PATCH 2/7] mangle: Introduce C typeinfo mangling API

> On Aug 21, 2025, at 12:16, Kees Cook wrote: > > >>> + else if (TREE_CODE (fntype_or_fndecl) == FUNCTION_DECL) >>> +{ >>> + tree fndecl = fntype_or_fndecl; >>> + tree base_fntype = TREE_TYPE (fndecl); >>> + >>> + /* For FUNCTION_DECL, build a synthetic function type using

Re: [PATCH] MAINTAINERS: Update my email address and stand down as AArch64 maintainer

Richard, I always remember your help on my first GCC securty feature. At that time, I was just a new comer to the GCC community. Without your patience and time, I cannot finish that first project. Hope everything is smooth in your new life journey. Qing > On Aug 21, 2025, at 13:52, Andrew P

Re: [RFC PATCH 3/7] kcfi: Add core Kernel Control Flow Integrity infrastructure

> On Aug 21, 2025, at 10:25, Peter Zijlstra wrote: > > On Thu, Aug 21, 2025 at 01:01:37PM +0200, Richard Biener wrote: >> On Thu, 21 Aug 2025, Peter Zijlstra wrote: >> >>> On Thu, Aug 21, 2025 at 01:16:56AM -0700, Andrew Pinski wrote: >>> > +/* Compute KCFI type ID for a function declarat

[PATCH] Regenerate common.opt.urls for -fdiagnostics-show-context

When -fdiagnostics-show-context[=DEPTH] was added, they were documented, but common.opt.urls wasn't regenerated. gcc/ChangeLog: * common.opt.urls: Regenerate. Okay for committing? Thanks. Qing --- gcc/common.opt.urls | 6 ++ 1 file changed, 6 insertions(+) diff --git a/gcc/common

Re: [PATCH] Regenerate common.opt.urls for -fdiagnostics-show-context

Pushed as obvious. thanks. Qing > On Aug 20, 2025, at 14:28, Sam James wrote: > > Qing Zhao writes: > >> When -fdiagnostics-show-context[=DEPTH] was added, they were documented, but >> common.opt.urls wasn't regenerated. >> >> gcc/ChangeLog: &g

Re: [PATCH v9 0/4] extend "counted_by" attribute to pointer fields of structures + fix PR120929

Qing > On Aug 11, 2025, at 11:01, Qing Zhao wrote: > > Hi, a status update on this patch set: > > [PATCH v9 1/4] Extend "counted_by" attribute to pointer fields of structures. > [PATCH v9 2/4] Use the counted_by attribute of pointers in > builtinin-object-size >

[PATCH v9] Provide new option -fdiagnostics-show-context=N for -Warray-bounds, -Wstringop-* warnings [PR109071, PR85788, PR88771, PR106762, PR108770, PR115274, PR117179]

.cc new file mode 100644 index 000..a1eb349c34b --- /dev/null +++ b/gcc/diagnostic-context-rich-location.cc @@ -0,0 +1,175 @@ +/* A rich_location subclass that lazily populates a diagnostic_path + with diagnostic context events, but only if the path is actually to be + used. + + Copyrigh

Re: [PATCH v8] Provide new option -fdiagnostics-show-context=N for -Warray-bounds, -Wstringop-* warnings [PR109071,PR85788,PR88771,PR106762,PR108770,PR115274,PR117179]

Hi, Richard, Please ignore my previous email sent this morning. -:) Actually, I studied more about the heuristic, and I agreed that the simplified loop as you suggested below is the correct approach to go, my current two-level nested loop is a little too complicate and confusing. > On Aug 13,

Re: [PATCH v8] Provide new option -fdiagnostics-show-context=N for -Warray-bounds, -Wstringop-* warnings [PR109071,PR85788,PR88771,PR106762,PR108770,PR115274,PR117179]

> On Aug 13, 2025, at 05:24, Richard Biener wrote: > > On Wed, Jul 30, 2025 at 4:42 PM Qing Zhao wrote: >> >> >> + /* Get the edge from the prev_cond_bb to cur_bb, to determine >> whether >> +the stmt is on the

Re: [PATCH v3] Evaluate the object size by the size of the pointee type when the type is a structure with flexible array member which is annotated with counted_by.

Ping * 2. Thanks a lot. Qing > On Jun 25, 2025, at 10:07, Qing Zhao wrote: > > Hi, > > This is the 3rd version of the patch for: > > Evaluate the object size by the size of the pointee type when the type > is a structure with flexible array member which is ann

Re: [PATCH v9 0/4] extend "counted_by" attribute to pointer fields of structures + fix PR120929

or PR120929 and written by Siddhesh, all the other test cases keep the same as the version 7 of this patch. I plan to commit the whole set this Friday if no further comments or objections. Thanks a lot for all the help. Qing > On Aug 1, 2025, at 14:11, Qing Zhao wrote: > > Hi, >

Re: [PATCH v9 3/4] Use the counted_by attribute of pointers in array bound checker.

> On Aug 8, 2025, at 16:33, Joseph Myers wrote: > > On Fri, 1 Aug 2025, Qing Zhao wrote: > >> + /* For a poiner array address as: > > "poiner" should be "pointer”. Will fix this before committing. > > OK with that fix, in the absence of

Re: [PATCH v9 1/4] Extend "counted_by" attribute to pointer fields of structures.

b, 1, 0, -1, 0B) Others keep the exactly the same. Thanks a lot. Qing > On Aug 7, 2025, at 16:30, Joseph Myers wrote: > > On Fri, 1 Aug 2025, Qing Zhao wrote: > >> gcc/c-family/ChangeLog: >> >> * c-attribs.cc (handle_counted_by_attribute): Accept counted_by &

[PATCH v9 4/4] Generate a call to a .ACCESS_WITH_SIZE for a FAM with counted_by attribute only when it's read from.

Currently, we generate a call to a .ACCESS_WITH_SIZE for a FAM with counted_by attribute for every component_ref that corresponds to such an object. Actually, such .ACCESS_WITH_SIZE calls are useless when they are generated for a written site or an address taken site. In this patch, we only genera

[PATCH v9 1/4] Extend "counted_by" attribute to pointer fields of structures.

Convert a pointer reference with counted_by attribute to .ACCESS_WITH_SIZE. Fix PR120929. For example: struct PP { size_t count2; char other1; char *array2 __attribute__ ((counted_by (count2))); int other2; } *pp; specifies that the "array2" is an array that is pointed by the pointer fie

[PATCH v9 3/4] Use the counted_by attribute of pointers in array bound checker.

Current array bound checker only instruments ARRAY_REF, and the INDEX information is the 2nd operand of the ARRAY_REF. When extending the array bound checker to pointer references with counted_by attributes, the hardest part is to get the INDEX of the corresponding array ref from the offset comput

[PATCH v9 0/4] extend "counted_by" attribute to pointer fields of structures + fix PR120929

.cc is completely deleted. no need change middle end to use the counted_by of pointers in tree-object-size.cc. except the new testing case pr120929.c, all the other testing cases are kept the same as tghe 7th version. In Patch #3, compared to the 7th version, the following is the diff: ======

[PATCH v9 2/4] Use the counted_by attribute of pointers in builtinin-object-size

No need to change anything in middle-end. Add the testing case for PR120929. gcc/testsuite/ChangeLog: * gcc.dg/pointer-counted-by-4-char.c: New test. * gcc.dg/pointer-counted-by-4-float.c: New test. * gcc.dg/pointer-counted-by-4-struct.c: New test. * gcc.dg/pointe

[PATCH v8] Provide new option -fdiagnostics-show-context=N for -Warray-bounds, -Wstringop-* warnings [PR109071, PR85788, PR88771, PR106762, PR108770, PR115274, PR117179]

but only if the path is actually to be + used. + + Copyright (C) 2025 Free Software Foundation, Inc. + Contributed by Qing Zhao + +This file is part of GCC. + +GCC is free software; you can redistribute it and/or modify it under +the terms of the GNU General Public License as published by the F

Re: [PATCH v7] Provide new option -fdiagnostics-show-context=N for -Warray-bounds, -Wstringop-* warnings [PR109071,PR85788,PR88771,PR106762,PR108770,PR115274,PR117179]

submit again when everything looks good. Thanks for all the help. Qing > On Jul 23, 2025, at 16:01, Qing Zhao wrote: > > Hi, > > This is the 7th version of the patches for fixing PR109071. > > Adding -fdiagnotics-show-context=N into GCC to provide context information

Re: [PATCH] tree-optimization/120929: Limit MEM_REF handling to .ACCESS_WITH_SIZE

> On Jul 28, 2025, at 12:48, Jakub Jelinek wrote: > > On Wed, Jul 23, 2025 at 05:59:22PM +0000, Qing Zhao wrote: >> struct S { >> int n; >> int *p __attribute__((counted_by(n))); >> } *f; >> Int *g; >> void setup (int **ptr, int count) >>

Re: [PATCH] [RFC] Delayed parsing for bounds safety attributes

> On Jul 29, 2025, at 11:52, Martin Uecker wrote: > > Am Dienstag, dem 29.07.2025 um 13:49 + schrieb Qing Zhao: >> >>> On Jul 28, 2025, at 17:39, Martin Uecker wrote: >>> >>> Am Montag, dem 28.07.2025 um 20:48 + schrieb Qing Zhao: >>&g

Re: [PATCH] [RFC] Delayed parsing for bounds safety attributes

> On Jul 28, 2025, at 17:39, Martin Uecker wrote: > > Am Montag, dem 28.07.2025 um 20:48 + schrieb Qing Zhao: >> >>> On Jul 28, 2025, at 16:09, Martin Uecker wrote: >>> >>> Am Montag, dem 28.07.2025 um 11:18 -0700 schrieb Yeoul Na: >>&g

Re: [PATCH] [RFC] Delayed parsing for bounds safety attributes

> On Jul 28, 2025, at 16:09, Martin Uecker wrote: > > Am Montag, dem 28.07.2025 um 11:18 -0700 schrieb Yeoul Na: >> >> >>> On Jul 28, 2025, at 10:27 AM, Qing Zhao wrote: >>> >>> >>> >>>> On Jul 26, 2025, at 12:43, Yeoul

Re: [PATCH] tree-optimization/120929: Limit MEM_REF handling to .ACCESS_WITH_SIZE

> On Jul 28, 2025, at 12:48, Jakub Jelinek wrote: > > On Wed, Jul 23, 2025 at 05:59:22PM +0000, Qing Zhao wrote: >> struct S { >> int n; >> int *p __attribute__((counted_by(n))); >> } *f; >> Int *g; >> void setup (int **ptr, int count) >>

Re: [PATCH] [RFC] Delayed parsing for bounds safety attributes

> On Jul 26, 2025, at 12:43, Yeoul Na wrote: > > > >> On Jul 24, 2025, at 3:52 PM, Kees Cook wrote: >> >> On Thu, Jul 24, 2025 at 04:26:12PM +, Aaron Ballman wrote: >>> Ah, apologies, I wasn't clear. My thinking is: we're (Clang folks) >>> going to want it to work in C++ mode because of

Re: [PATCH v7] Provide new option -fdiagnostics-show-context=N for -Warray-bounds, -Wstringop-* warnings [PR109071,PR85788,PR88771,PR106762,PR108770,PR115274,PR117179]

Hi, David, > On Jul 25, 2025, at 16:16, David Malcolm wrote: > > On Wed, 2025-07-23 at 20:01 +0000, Qing Zhao wrote: >> Hi, >> >> This is the 7th version of the patches for fixing PR109071. > > I just pushed a big reorganization of GCC's diagno

Re: [GCC15][PATCH 1/2] C: Flex array in the middle via type alias is not reported [PR120353]

Based on Joseph’s review comments on May 30, 2025. https://gcc.gnu.org/pipermail/gcc-patches/2025-May/685211.html I will push this patch to GCC15 if no further concern in a day. Qing > On Jul 24, 2025, at 09:36, Qing Zhao wrote: > > Ping. > > The patch has been committed to

Re: [GCC15][PATCH 2/2] C: Flex array in union followed by a structure field is not reported [PR120354]

Based on Joseph’s review comment on May 30, 2025: https://gcc.gnu.org/pipermail/gcc-patches/2025-May/685211.html I will push this patch to GCC15. Qing > On Jul 24, 2025, at 09:36, Qing Zhao wrote: > > Ping. > > The patch has been committed to trunk 2 months ago. > > O

Re: [PATCH v3] Evaluate the object size by the size of the pointee type when the type is a structure with flexible array member which is annotated with counted_by.

Ping on this patch. Thanks. Qing > On Jun 25, 2025, at 10:07, Qing Zhao wrote: > > Hi, > > This is the 3rd version of the patch for: > > Evaluate the object size by the size of the pointee type when the type > is a structure with flexible array member which is ann

Re: [PATCH] [RFC] Delayed parsing for bounds safety attributes

> On Jul 24, 2025, at 11:03, Martin Uecker wrote: __counted_by(M)); ``` It's kind of gross to need two attributes to do the same notional thing, but it does solve the vast majority of the usages seen in the wild if you're willing to accept some awkwardness around things

Re: [GCC15][PATCH 2/2] C: Flex array in union followed by a structure field is not reported [PR120354]

Ping. The patch has been committed to trunk 2 months ago. Okay for committing to GCC15 now? thanks. Qing > On Jul 17, 2025, at 17:26, Qing Zhao wrote: > > There is only one last_field for a structure type, but there might > be multiple last_fields for a union type, therefore we

Re: [GCC15][PATCH 1/2] C: Flex array in the middle via type alias is not reported [PR120353]

Ping. The patch has been committed to trunk 2 months ago. Okay for committing to GCC15 now? thanks. Qing > On Jul 17, 2025, at 17:26, Qing Zhao wrote: > > The root cause of the bug is: the TYPE_INCLUDES_FLEXARRAY marking of the > structure type is not copied to its aliased typ

[PATCH v7] Provide new option -fdiagnostics-show-context=N for -Warray-bounds, -Wstringop-* warnings [PR109071, PR85788, PR88771, PR106762, PR108770, PR115274, PR117179]

-- /dev/null +++ b/gcc/diagnostic-context-rich-location.cc @@ -0,0 +1,178 @@ +/* A rich_location subclass that lazily populates a diagnostic_path + with diagnostic context events, but only if the path is actually to be + used. + + Copyright (C) 2025 Free Software Foundation, Inc. + Contributed by Qing

Re: [PATCH] tree-optimization/120929: Limit MEM_REF handling to .ACCESS_WITH_SIZE

Jakub, Richard and Joseph, Could you please help on the question below: Whether it’s able to distinguish a reference “p->f” is a read from or a write to in C FE? Please see the following example: > On Jul 23, 2025, at 13:19, Siddhesh Poyarekar wrote: > > On 2025-07-23 13:1

Re: [PATCH] tree-optimization/120929: Limit MEM_REF handling to .ACCESS_WITH_SIZE

> On Jul 23, 2025, at 12:55, Siddhesh Poyarekar wrote: > > On 2025-07-23 11:08, Qing Zhao wrote: >> We always generate a call to .ACCESS_WITH_SIZE for every f->p whatever it’s >> a reference >> or a definition in C FE parser. (This is the case for FAM) > >

Re: [PATCH] [RFC] Delayed parsing for bounds safety attributes

> On Jul 23, 2025, at 03:30, Kees Cook wrote: > > > How would GCC want to define the syntax for expressions here? I still > think it should be possible to wire up something that matches it in > Clang, even if it is a "redundant" syntax within Clang (i.e. Clang can > support 2 way to handle exp

Re: [PATCH] tree-optimization/120929: Limit MEM_REF handling to .ACCESS_WITH_SIZE

> On Jul 23, 2025, at 10:12, Siddhesh Poyarekar wrote: > > On 2025-07-23 10:00, Qing Zhao wrote: >>> I can't see how this could happen, do you have an example test case? >> The example used in my previous writeup show this: >> https://gcc.gnu.org/pipermai

Re: [PATCH] tree-optimization/120929: Limit MEM_REF handling to .ACCESS_WITH_SIZE

> On Jul 22, 2025, at 20:12, Siddhesh Poyarekar wrote: > > [Apologies if I've missed some context in my reading since I'm coming back to > this after a big break] > > On 2025-07-22 12:33, Qing Zhao wrote: >> Why it's wrong to pass the VALUE of the ori

Re: [PATCH] [RFC] Delayed parsing for bounds safety attributes

> 'verify_counted_by_attribute ()' call, which performs the actual parse and >>>>> reports any semantic errors. (The actual parse is done simply by creating >>>>> a new >>>>> 'c_parser' object and filling it with the delayed tokens.) >&

Re: [PATCH] tree-optimization/120929: Limit MEM_REF handling to .ACCESS_WITH_SIZE

ion are: 1. It's not safe in general to pass the VALUE of the pointer f->p to the call to .ACCESS_WITH_SIZE. 2. We should use the other approach: pass the ADDRESS of the pointer f->p to the call to .ACCESS_WITH_SIZE for pointers with counted_by. Let me know if I miss anything.

Re: [PATCH v6 1/3][Middle-end] Provide more contexts for -Warray-bounds, -Wstringop-*warning messages due to code movements from compiler transformation (Part 1) [PR109071,PR85788,PR88771,PR106762,PR1

of" } */ | || |(3) warning happens here /home/opc/Work/GCC/latest-gcc-write/gcc/testsuite/gcc.dg/pr109071_11.c:7:5: note: while referencing ‘a’ 7 | int a[MAX_LENGTH]; | ^ I am doing regression testing on this vers

[GCC15][PATCH 1/2] C: Flex array in the middle via type alias is not reported [PR120353]

The root cause of the bug is: the TYPE_INCLUDES_FLEXARRAY marking of the structure type is not copied to its aliased type. The fix is to copy this marking to all the variant types of the current structure type. PR c/120353 gcc/c/ChangeLog: * c-decl.cc (finish_struct): Copy TYPE_I

[GCC15][PATCH 2/2] C: Flex array in union followed by a structure field is not reported [PR120354]

There is only one last_field for a structure type, but there might be multiple last_fields for a union type, therefore we should ORed the result of TYPE_INCLUDES_FLEXARRAY for multiple last_fields of a union type. PR c/120354 gcc/c/ChangeLog: * c-decl.cc (finish_struct): Or the r

Re: [PATCH] tree-optimization/120929: Limit MEM_REF handling to .ACCESS_WITH_SIZE

Hi, Jakub, (I am CCing Joseph and Martin for their inputs on how to _selectively_ generate call to .ACCESS_WITH_SIZE for x->p depending on its context in C FE). > On Jul 17, 2025, at 11:40, Jakub Jelinek wrote: > > So say for > struct S { int s; int *p __attribute__((counted_by (s))); }; > >

Re: [PATCH] tree-optimization/120929: Limit MEM_REF handling to .ACCESS_WITH_SIZE

> On Jul 17, 2025, at 11:40, Jakub Jelinek wrote: > > On Thu, Jul 17, 2025 at 03:26:05PM +0000, Qing Zhao wrote: >> How about add a new flag to distinguish these two cases, and put it to the >> 3th argument: >> >> ACCESS_W

Re: [PATCH] tree-optimization/120929: Limit MEM_REF handling to .ACCESS_WITH_SIZE

Hi, Jakub, I re-read your other email sent last week (see below) in order to understand the email you sent yesterday. -:) And I think that I fully understand your point this time (hopefully -:), see below: > On Jul 7, 2025, at 08:48, Jakub Jelinek wrote: > > The original use of .ACCESS_WIT

Re: ACCESS_WITH_SIZE for pointers Re: [PATCH] tree-optimization/120929: Limit MEM_REF handling to .ACCESS_WITH_SIZE

> On Jul 16, 2025, at 17:47, Jakub Jelinek wrote: > > On Wed, Jul 16, 2025 at 09:22:19PM +0000, Qing Zhao wrote: >> Yes, the above solution could also resolve the undefined behavior issue. We >> can certainly go >> with this approach. > > Another option

Re: ACCESS_WITH_SIZE for pointers Re: [PATCH] tree-optimization/120929: Limit MEM_REF handling to .ACCESS_WITH_SIZE

> On Jul 16, 2025, at 16:38, Jakub Jelinek wrote: > > On Tue, Jul 15, 2025 at 06:39:42PM +0000, Qing Zhao wrote: >> I re-implemented the patch based on B to fix PR120929, however, the approach >> B brings undefined behavior into the application. >> >> (

[PATCH v8 3/3] Use the counted_by attribute of pointers in array bound checker.

Current array bound checker only instruments ARRAY_REF, and the INDEX information is the 2nd operand of the ARRAY_REF. When extending the array bound checker to pointer references with counted_by attributes, the hardest part is to get the INDEX of the corresponding array ref from the offset comput

[PATCH v8 1/3] Extend "counted_by" attribute to pointer fields of structures. Convert a pointer reference with counted_by attribute to .ACCESS_WITH_SIZE.

For example: struct PP { size_t count2; char other1; char *array2 __attribute__ ((counted_by (count2))); int other2; } *pp; specifies that the "array2" is an array that is pointed by the pointer field, and its number of elements is given by the field "count2" in the same structure. C FE

[PATCH v8 2/3] Use the counted_by attribute of pointers in builtinin-object-size.

Fix PR120929: incorrectly returned the size of *_1 for a GIMPLE_ASSIGN of type: ptr = *_1; This is only OK when _1 is set to .ACCESS_WITH_SIZE, since that builtin expresses the size of *_1 in the form of _1. gcc/ChangeLog: * tree-object-size.cc (is_ptr_access_with_size): New routine.

[PATCH v8 0/3] extend "counted_by" attribute to pointer fields of structures + fix PR120929

Hi, This is the 8th version of the patch set to extend "counted_by" attribute to pointer fields of structures, which fixes PR120929: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=120929 The 8th version of the patch has the following difference compared to the 7th version: 1. Add the fix for PR1

ACCESS_WITH_SIZE for pointers Re: [PATCH] tree-optimization/120929: Limit MEM_REF handling to .ACCESS_WITH_SIZE

Hi, I wrote a small writeup to summarize the two approaches to generate .ACCESS_WITH_SIZE for pointers with counted_by, In this writeup, I described the major issue for the approach we agreed on last week to fix PR120929, due to the problem, the previous implementation in the committed (and rev

Re: ACCESS_WITH_SIZE for pointers Re: [PATCH] tree-optimization/120929: Limit MEM_REF handling to .ACCESS_WITH_SIZE

> On Jul 15, 2025, at 02:32, Richard Biener wrote: > > On Mon, Jul 14, 2025 at 10:58 PM Qing Zhao wrote: >> >> >>> On Jul 7, 2025, at 13:07, Qing Zhao wrote: >>> >>> As I mentioned in the latest email I replied to the thread, the original

ACCESS_WITH_SIZE for pointers Re: [PATCH] tree-optimization/120929: Limit MEM_REF handling to .ACCESS_WITH_SIZE

> On Jul 7, 2025, at 13:07, Qing Zhao wrote: > > As I mentioned in the latest email I replied to the thread, the original > implementation of the counted_by for pointer was implemented without the > additional indirection. > But that implementation has a fundamental bug dur

Re: [PATCH 2/2] Reduce the # of arguments of .ACCESS_WITH_SIZE from 6 to 4.

> On Jul 10, 2025, at 13:53, Jakub Jelinek wrote: > > On Thu, Jul 10, 2025 at 05:49:53PM +0000, Qing Zhao wrote: >> One more note here, previously, ACCESS_MODE has 5 values: >> -1: Unknown access semantics >> 0: none >> 1: read_only >>

[To-commit][PATCH v2 1/2] Passing TYPE_SIZE_UNIT of the element as the 6th argument to .ACCESS_WITH_SIZE (PR121000)

This is the 2nd version based on Jacub's comments: a. Update the changelog; b. Update the testing case; bootstrapped and tested. I will commit this version soon. thanks. Qing. === The size of the element of the FAM _cannot_ reliably depends on the original

[To-commit][PATCH v2 2/2] Reduce the # of arguments of .ACCESS_WITH_SIZE from 6 to 4.

This is the 2nd version of the patch. update the changelog per Jacub's comments. I will commit this version soon. thanks. Qing This is an improvement to the design of internal function .ACCESS_WITH_SIZE. Currently, the .ACCESS_WITH_SIZE is designed as: ACCESS_WI

Re: [PATCH 2/2] Reduce the # of arguments of .ACCESS_WITH_SIZE from 6 to 4.

> On Jul 10, 2025, at 13:27, Qing Zhao wrote: > > > >> On Jul 10, 2025, at 12:56, Jakub Jelinek wrote: >> >> On Thu, Jul 10, 2025 at 04:03:30PM +, Qing Zhao wrote: >>> gcc/c-family/ChangeLog: >>> >>> * c-ubsan.cc (get_bou

Re: [PATCH 2/2] Reduce the # of arguments of .ACCESS_WITH_SIZE from 6 to 4.

> On Jul 10, 2025, at 12:56, Jakub Jelinek wrote: > > On Thu, Jul 10, 2025 at 04:03:30PM +0000, Qing Zhao wrote: >> gcc/c-family/ChangeLog: >> >> * c-ubsan.cc (get_bound_from_access_with_size): Adjust the position >> of the arguments per the new design. &

Re: [PATCH 1/2] Passing TYPE_SIZE_UNIT of the element as the 6th argument to .ACCESS_WITH_SIZE (PR121000)

> On Jul 10, 2025, at 12:34, Jakub Jelinek wrote: > > On Thu, Jul 10, 2025 at 04:03:29PM +0000, Qing Zhao wrote: >> The size of the element of the FAM _cannot_ reliably depends on the original >> TYPE of the FAM that we passed as the 6th parameter to

[PATCH 1/2] Passing TYPE_SIZE_UNIT of the element as the 6th argument to .ACCESS_WITH_SIZE (PR121000)

The size of the element of the FAM _cannot_ reliably depends on the original TYPE of the FAM that we passed as the 6th parameter to the .ACCESS_WITH_SIZE: TYPE_SIZE_UNIT (TREE_TYPE (TREE_TYPE (gimple_call_arg (call, 5 when the element of the FAM has a variable length type. Since the vari

[PATCH 2/2] Reduce the # of arguments of .ACCESS_WITH_SIZE from 6 to 4.

This is an improvement to the design of internal function .ACCESS_WITH_SIZE. Currently, the .ACCESS_WITH_SIZE is designed as: ACCESS_WITH_SIZE (REF_TO_OBJ, REF_TO_SIZE, CLASS_OF_SIZE, TYPE_OF_SIZE, ACCESS_MODE, TYPE_SIZE_UNIT for element) which returns the REF_TO_OBJ sa

Re: [PATCH] tree-optimization/120929: Limit MEM_REF handling to .ACCESS_WITH_SIZE

> On Jul 8, 2025, at 17:46, Siddhesh Poyarekar wrote: > > On 2025-07-08 17:17, Qing Zhao wrote: >> Are the above the correct and efficient updates to the .ACCESS_WITH_SIZE to >> resolve both PR121000 and the issue >> we have with counted_by for pointers? > >

Re: [PATCH] tree-optimization/120929: Limit MEM_REF handling to .ACCESS_WITH_SIZE

Hi, Jakub, Thanks a lot for your comments and suggestions. Please see my questions below: > On Jul 7, 2025, at 17:47, Jakub Jelinek wrote: > > On Mon, Jul 07, 2025 at 09:18:53PM +0000, Qing Zhao wrote: >> From OLD: >> >> _2 = &a->c; >> _3 = &a->

Re: [PATCH] tree-optimization/120929: Limit MEM_REF handling to .ACCESS_WITH_SIZE

some expression computation around just because it is referenced in TYPE_SIZE_UNIT of some type somewhere. “ Thanks. Qing > On Jul 8, 2025, at 10:30, Qing Zhao wrote: > > Hi, > >> On Jul 8, 2025, at 01:18, Jakub Jelinek wrote: >>> >>>> 5th argu

Re: [PATCH] tree-optimization/120929: Limit MEM_REF handling to .ACCESS_WITH_SIZE

Hi, > On Jul 8, 2025, at 01:18, Jakub Jelinek wrote: >> >>>5th argument ACCESS_MODE: >>> -1: Unknown access semantics >>> 0: none >>> 1: read_only >>> 2: write_only >>> 3: read_write >>>6th argument: A constant 0 with the pointer TYPE to the original flexible >>>

Re: [PATCH] tree-optimization/120929: Limit MEM_REF handling to .ACCESS_WITH_SIZE

Hi, thanks a lot for all the discussion so far on this issue. An update on this: 1. I have reverted the 3 patches to support counted_by for pointers I have committed last week from master. 2. At the same time: On the C FE code generation to .ACCESS_WITH_SIZE for pointers with counted_by att

Re: [PATCH] tree-optimization/120929: Limit MEM_REF handling to .ACCESS_WITH_SIZE

> On Jul 7, 2025, at 11:58, Siddhesh Poyarekar wrote: > > On 2025-07-07 09:33, Siddhesh Poyarekar wrote: >>> The only difference between &a->fam[0] and &a->fam is not the value (that is >>> the same), just the type in one case say int *, in the other int [0:] *. >>> At least in GIMPLE pointer

Re: [PATCH] tree-optimization/120929: Limit MEM_REF handling to .ACCESS_WITH_SIZE

> On Jul 7, 2025, at 02:05, Richard Biener wrote: > > On Sat, Jul 5, 2025 at 2:10 PM Siddhesh Poyarekar wrote: >> >> On 2025-07-05 07:23, Richard Biener wrote: OK, should I revert right away or can we wait till Qing returns on Monday? >>> >>> Monday is OK with me. >>> >> >> Thanks, so

Re: [PATCH] tree-optimization/120929: Limit MEM_REF handling to .ACCESS_WITH_SIZE

Hi, Sorry for the late reply. And thanks a lot for all the help so far. For the documantion of the .ACCESS_WITH_SIZE for pointers, please see the following in c/c-typeck.cc : /* Given a COMPONENT_REF REF with the location LOC, the corresponding COUNTED_BY_REF, and the

Re: [PATCH v6 1/3][Middle-end] Provide more contexts for -Warray-bounds, -Wstringop-*warning messages due to code movements from compiler transformation (Part 1) [PR109071,PR85788,PR88771,PR106762,PR1

Another update on this: > On Jun 30, 2025, at 11:51, Qing Zhao wrote: >> >>> For each single predecessor block, locate the conditional statement >>> in the end of the block. determine whether the STMT is on the taken >>> path of the condition. Add th

Re: [PATCH v6 1/3][Middle-end] Provide more contexts for -Warray-bounds, -Wstringop-*warning messages due to code movements from compiler transformation (Part 1) [PR109071,PR85788,PR88771,PR106762,PR1

> On Jul 1, 2025, at 03:14, Richard Biener wrote: > > On Mon, Jun 30, 2025 at 10:37 PM Qing Zhao wrote: >> >> Hi, David, >> >> Thank you for the info. >> >> Yes, this does sound like a general issue in this area. >> >> Is there

Re: [PATCH v7 2/3] Use the counted_by attribute of pointers in builtinin-object-size.

Thanks a lot for the review. I will push the patch set. Qing > On Jul 1, 2025, at 02:34, Richard Biener wrote: > > On Tue, Jun 24, 2025 at 10:30 PM Qing Zhao wrote: >> >> gcc/ChangeLog: >> >>* tree-object-size.cc (access_with_size_object_size): Updat

Re: [PATCH v6 1/3][Middle-end] Provide more contexts for -Warray-bounds, -Wstringop-*warning messages due to code movements from compiler transformation (Part 1) [PR109071,PR85788,PR88771,PR106762,PR1

? Is doing this very expensive? > On Jun 30, 2025, at 12:23, David Malcolm wrote: > > On Mon, 2025-06-30 at 16:47 +0000, Qing Zhao wrote: > > [...snip...] > >> The output with -fdiagnostics-show-context=1 is: >> >> /home/opc/Work/GCC/latest-gcc- >> w

Re: [PATCH v6 1/3][Middle-end] Provide more contexts for -Warray-bounds, -Wstringop-*warning messages due to code movements from compiler transformation (Part 1) [PR109071,PR85788,PR88771,PR106762,PR1

> On Jun 30, 2025, at 07:33, Richard Biener wrote: > > On Fri, Jun 27, 2025 at 3:39 PM Qing Zhao wrote: >> >> Hi, >> >> A status update on this patch: (Actually a good news!) >> >>> On Jun 10, 2025, at 11:32, Qing Zhao wrote: >>>

Re: [PATCH v6 1/3][Middle-end] Provide more contexts for -Warray-bounds, -Wstringop-*warning messages due to code movements from compiler transformation (Part 1) [PR109071,PR85788,PR88771,PR106762,PR1

> On Jun 30, 2025, at 07:27, Richard Biener wrote: > > On Tue, Jun 10, 2025 at 5:28 PM Qing Zhao wrote: >> >> >> >>> On Jun 10, 2025, at 09:37, Richard Biener >>> wrote: >>> >>> On Mon, Jun 9, 2025 at 8:06 PM Qing Zhao w

Re: [PATCH v6 1/3][Middle-end] Provide more contexts for -Warray-bounds, -Wstringop-*warning messages due to code movements from compiler transformation (Part 1) [PR109071,PR85788,PR88771,PR106762,PR1

> On Jun 27, 2025, at 15:24, Kees Cook wrote: > > On Fri, Jun 27, 2025 at 01:38:51PM +0000, Qing Zhao wrote: >> The good news is: With the above simple heuristic and a simple back tracing >> of the CFG, all the >> current testing cases for the following P

Re: [PATCH v7 0/3] extend "counted_by" attribute to pointer fields of structures

on their comments in this version.) Thanks a lot. Qing > On Jun 24, 2025, at 15:29, Qing Zhao wrote: > > This is the 7th version of the patch set to extend "counted_by" attribute > to pointer fields of structures. > > The C FE parts (patch #1 and #3) of the 5th ver

Re: [PATCH v6 1/3][Middle-end] Provide more contexts for -Warray-bounds, -Wstringop-*warning messages due to code movements from compiler transformation (Part 1) [PR109071,PR85788,PR88771,PR106762,PR1

Hi, A status update on this patch: (Actually a good news!) > On Jun 10, 2025, at 11:32, Qing Zhao wrote: > > > >>>> >>> >>> It's difficult to do any meaningful pruning I think. Consider >>> >>> if (i == -1) >>

[PATCH v7 2/3] Use the counted_by attribute of pointers in builtinin-object-size.

gcc/ChangeLog: * tree-object-size.cc (access_with_size_object_size): Update comments for pointers with .ACCESS_WITH_SIZE. (collect_object_sizes_for): Propagate size info through GIMPLE_ASSIGN for pointers with .ACCESS_WITH_SIZE. gcc/testsuite/ChangeLog: *

[PATCH v7 0/3] extend "counted_by" attribute to pointer fields of structures

This is the 7th version of the patch set to extend "counted_by" attribute to pointer fields of structures. The C FE parts (patch #1 and #3) of the 5th version have been approved by Joseph already (with a minor typo fix, which is included in this new version); The middle end part (patch #2) of t

[PATCH v3] Evaluate the object size by the size of the pointee type when the type is a structure with flexible array member which is annotated with counted_by.

Hi, This is the 3rd version of the patch for: Evaluate the object size by the size of the pointee type when the type is a structure with flexible array member which is annotated with counted_by. Compared to the 2nd version of the patch at: https://gcc.gnu.org/pipermail/gcc-patches/2025-May/682

Re: [PATCH v6 2/3] Use the counted_by attribute of pointers in builtinin-object-size.

> On Jun 24, 2025, at 03:26, Richard Biener wrote: > > On Mon, Jun 23, 2025 at 4:44 PM Qing Zhao wrote: >> >> gcc/ChangeLog: >> >>* tree-object-size.cc (access_with_size_object_size): Update comments >>for pointers with .ACCESS_WITH_SI

[PATCH v7 1/3] Extend "counted_by" attribute to pointer fields of structures.

And convert a pointer reference with counted_by attribute to .ACCESS_WITH_SIZE. For example: struct PP { size_t count2; char other1; char *array2 __attribute__ ((counted_by (count2))); int other2; } *pp; specifies that the "array2" is an array that is pointed by the pointer field, and

[PATCH v7 3/3] Use the counted_by attribute of pointers in array bound checker.

Current array bound checker only instruments ARRAY_REF, and the INDEX information is the 2nd operand of the ARRAY_REF. When extending the array bound checker to pointer references with counted_by attributes, the hardest part is to get the INDEX of the corresponding array ref from the offset comput

Re: [PATCH v6 2/3] Use the counted_by attribute of pointers in builtinin-object-size.

> On Jun 23, 2025, at 18:00, Siddhesh Poyarekar wrote: > > Thanks, there are some formatting nits below that need fixing, otherwise this > looks good to me. I can't approve though, so please ping a maintainer for > that. Hi, Sid, Thanks a lot for your review. I will fix the format issues

Re: [PATCH v5 2/3][__bdos]Use the counted_by attribute of pointers in builtinin-object-size.

go? (Patch #1 and #3 have been approved by Joseph with the typo fix in doc/extend.texi) thanks. Qing > On Jun 21, 2025, at 07:54, Siddhesh Poyarekar wrote: > > On 2025-06-20 11:26, Qing Zhao wrote: >> the mentioned code change: >> +else if (TREE_

Re: [PATCH v2] Evaluate the object size by the size of the pointee type when the type is a structure with flexible array member which is annotated with counted_by.

> On Jun 21, 2025, at 07:46, Siddhesh Poyarekar wrote: > > On 2025-06-20 10:22, Qing Zhao wrote: >> Okay, this is a reasonable solution to this problem. >> I will add a new —param option as suggested, and then guard the generation >>

[PATCH v6 0/3] extend "counted_by" attribute to pointer fields of structures

Hi, This is the 6th version of the patch set to extend "counted_by" attribute to pointer fields of structures. The C FE parts (patch #1 and #3) of the 5th version have been approved by Joseph already (with a minor typo fix, which is included in this new version); The middle end part (patch #2)

[PATCH v6 1/3] Extend "counted_by" attribute to pointer fields of structures.

And Convert a pointer reference with counted_by attribute to .ACCESS_WITH_SIZE. For example: struct PP { size_t count2; char other1; char *array2 __attribute__ ((counted_by (count2))); int other2; } *pp; specifies that the "array2" is an array that is pointed by the pointer field, and

[PATCH v6 3/3] Use the counted_by attribute of pointers in array bound checker.

Current array bound checker only instruments ARRAY_REF, and the INDEX information is the 2nd operand of the ARRAY_REF. When extending the array bound checker to pointer references with counted_by attributes, the hardest part is to get the INDEX of the corresponding array ref from the offset comput

[PATCH v6 2/3] Use the counted_by attribute of pointers in builtinin-object-size.

gcc/ChangeLog: * tree-object-size.cc (access_with_size_object_size): Update comments for pointers with .ACCESS_WITH_SIZE. (collect_object_sizes_for): Propagate size info through GIMPLE_ASSIGN for pointers with .ACCESS_WITH_SIZE. gcc/testsuite/ChangeLog: *

  1   2   3   4   5   6   7   8   9   10   >