r267447 - [Docs] Clarify what the object-size sanitizer does.

George Burgess IV via cfe-commits cfe-commits at lists.llvm.org
Mon Apr 25 12:21:46 PDT 2016


Author: gbiv
Date: Mon Apr 25 14:21:45 2016
New Revision: 267447

URL: http://llvm.org/viewvc/llvm-project?rev=267447&view=rev
Log:
[Docs] Clarify what the object-size sanitizer does.

Currently, the UBSan docs make it sound like the object-size sanitizer
will only detect out-of-bounds reads/writes. It also catches some
operations that don't necessarily access memory (invalid downcasts,
calls of methods on invalid pointers, ...). This patch adds a note
about this behavior in the docs.


Modified:
    cfe/trunk/docs/UndefinedBehaviorSanitizer.rst

Modified: cfe/trunk/docs/UndefinedBehaviorSanitizer.rst
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/docs/UndefinedBehaviorSanitizer.rst?rev=267447&r1=267446&r2=267447&view=diff
==============================================================================
--- cfe/trunk/docs/UndefinedBehaviorSanitizer.rst (original)
+++ cfe/trunk/docs/UndefinedBehaviorSanitizer.rst Mon Apr 25 14:21:45 2016
@@ -92,11 +92,14 @@ Available checks are:
      parameter which is declared to never be null.
   -  ``-fsanitize=null``: Use of a null pointer or creation of a null
      reference.
-  -  ``-fsanitize=object-size``: An attempt to use bytes which the
-     optimizer can determine are not part of the object being
-     accessed. The sizes of objects are determined using
-     ``__builtin_object_size``, and consequently may be able to detect
-     more problems at higher optimization levels.
+  -  ``-fsanitize=object-size``: An attempt to potentially use bytes which
+    the optimizer can determine are not part of the object being accessed.
+    This will also detect some types of undefined behavior that may not
+    directly access memory, but are provably incorrect given the size of
+    the objects involved, such as invalid downcasts and calling methods on
+    invalid pointers. These checks are made in terms of
+    ``__builtin_object_size``, and consequently may be able to detect more
+    problems at higher optimization levels.
   -  ``-fsanitize=return``: In C++, reaching the end of a
      value-returning function without returning a value.
   -  ``-fsanitize=returns-nonnull-attribute``: Returning null pointer




More information about the cfe-commits mailing list