[PATCH] D40940: [ubsan] Use pass_object_size info in bounds checks

[Eli Friedman via Phabricator via cfe-commits]

efriedma added a comment.

> It's interesting to me that these array-bound checks don't seem to use @llvm.objectsize in some form already.

That would be a cool experiment.  That said, one of the upsides of the current ubsan is that whether it will produce a diagnostic is predictable (as long as you don't use uninitialized data); you lose that to some extent with llvm.objectsize because it depends on the optimizer.



================
Comment at: lib/CodeGen/CGExpr.cpp:833
+  // Arrays don't have pass_object_size attributes, but if they have a constant
+  // size modifier it's the array size (C99 6.5.7.2p1).
+  if (auto *DecayedArrayTy = dyn_cast<DecayedType>(ParamDecl->getType()))
----------------
"int f(int a[10])" might look like an array, but it isn't: it's just a different syntax to declare a pointer.  So it's legal to "lie" in the signature.  (If you want to actually pass a pointer to an array, you have to write "int (*a)[10]".)  And the definition of "static" says "an array with at least as many elements as specified by the size expression", which isn't a maximum, so that doesn't really help either.

Most people would consider it bad style to put a number into the array bound which doesn't reflect reality, but I think we shouldn't try to check it unless the user explicitly requests it.


https://reviews.llvm.org/D40940