rsmith requested changes to this revision.
================
Comment at: include/clang/Basic/AttrDocs.td:2073-2079
@@ +2072,9 @@
+ let Content = [{
+Use ``overallocated`` to indicate a class or union can have extra memory
+allocated at its end. This attribute is primarily used when we want
+__builtin_object_size to return a conservative value for the distance between
+the pointer and the end of the subobject the pointer points to.
+
+For example:
+
+.. code-block:: c++
----------------
No, this approach is not reasonable. Just changing what `__builtin_object_size`
returns does not change the fact that code that tries to use bytes off the end
of the struct would have undefined behavior. Lying in the result of
`__builtin_object_size` is actively harmful.
Note that in your example below, you cannot access more than four `char`s
through `((struct S*)p)->b`, despite the attribute, because the attribute does
not affect the behaviour of the array member of `S`.
The right thing to do here would presumably be to have an attribute that makes
an array be treated as a flexible array member, *even if* its bound is
specified (and greater than 0). This would affect `__builtin_object_size`,
sanitizers, alias analysis, diagnostics for flexible array members in the
middle of a type, and so on.
http://reviews.llvm.org/D21453
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
