From 6c512830d2ff9f1d9fcf308312fdb3843f17ee59 Mon Sep 17 00:00:00 2001
From: George Burgess IV <george.burgess.iv@gmail.com>
Date: Mon, 25 Apr 2016 19:21:45 +0000
Subject: [PATCH] [Docs] Clarify what the object-size sanitizer does.

Currently, the UBSan docs make it sound like the object-size sanitizer
will only detect out-of-bounds reads/writes. It also catches some
operations that don't necessarily access memory (invalid downcasts,
calls of methods on invalid pointers, ...). This patch adds a note
about this behavior in the docs.



git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@267447 91177308-0d34-0410-b5e6-96231b3b80d8
---
 docs/UndefinedBehaviorSanitizer.rst | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/docs/UndefinedBehaviorSanitizer.rst b/docs/UndefinedBehaviorSanitizer.rst
index 2a133501dd9..1002729f05d 100644
--- a/docs/UndefinedBehaviorSanitizer.rst
+++ b/docs/UndefinedBehaviorSanitizer.rst
@@ -92,11 +92,14 @@ Available checks are:
      parameter which is declared to never be null.
   -  ``-fsanitize=null``: Use of a null pointer or creation of a null
      reference.
-  -  ``-fsanitize=object-size``: An attempt to use bytes which the
-     optimizer can determine are not part of the object being
-     accessed. The sizes of objects are determined using
-     ``__builtin_object_size``, and consequently may be able to detect
-     more problems at higher optimization levels.
+  -  ``-fsanitize=object-size``: An attempt to potentially use bytes which
+    the optimizer can determine are not part of the object being accessed.
+    This will also detect some types of undefined behavior that may not
+    directly access memory, but are provably incorrect given the size of
+    the objects involved, such as invalid downcasts and calling methods on
+    invalid pointers. These checks are made in terms of
+    ``__builtin_object_size``, and consequently may be able to detect more
+    problems at higher optimization levels.
   -  ``-fsanitize=return``: In C++, reaching the end of a
      value-returning function without returning a value.
   -  ``-fsanitize=returns-nonnull-attribute``: Returning null pointer
-- 
GitLab