[Docs] Clarify what the object-size sanitizer does.

Currently, the UBSan docs make it sound like the object-size sanitizer will only detect out-of-bounds reads/writes. It also catches some operations that don't necessarily access memory (invalid downcasts, calls of methods on invalid pointers, ...). This patch adds a note about this behavior in the docs. llvm-svn: 267447
2016-04-25 19:21:45 +00:00 · 2016-04-25 19:21:45 +00:00 · 58ebc66e98
parent b1467d1ef0
commit 58ebc66e98
1 changed files with 8 additions and 5 deletions
--- a/clang/docs/UndefinedBehaviorSanitizer.rst
+++ b/clang/docs/UndefinedBehaviorSanitizer.rst
@ -92,11 +92,14 @@ Available checks are:
     parameter which is declared to never be null.
  -  ``-fsanitize=null``: Use of a null pointer or creation of a null
     reference.
-  -  ``-fsanitize=object-size``: An attempt to use bytes which the
-     optimizer can determine are not part of the object being
-     accessed. The sizes of objects are determined using
-     ``__builtin_object_size``, and consequently may be able to detect
-     more problems at higher optimization levels.
+  -  ``-fsanitize=object-size``: An attempt to potentially use bytes which
+    the optimizer can determine are not part of the object being accessed.
+    This will also detect some types of undefined behavior that may not
+    directly access memory, but are provably incorrect given the size of
+    the objects involved, such as invalid downcasts and calling methods on
+    invalid pointers. These checks are made in terms of
+    ``__builtin_object_size``, and consequently may be able to detect more
+    problems at higher optimization levels.
  -  ``-fsanitize=return``: In C++, reaching the end of a
     value-returning function without returning a value.
  -  ``-fsanitize=returns-nonnull-attribute``: Returning null pointer