https://github.com/AaronBallman commented:
Thank you for the documentation! In general, it's looking great. I did have some specific questions or ideas on the more user-facing documentation. I've not yet thoroughly reviewed the implementation plans docs. One thing that's not clear from this is how bounds safety annotations interact with variable-length arrays or variably-modified types. e.g., ``` void func(int n, int vla[n]) { // Within the function, is vla treated as-if it was __counted_by(n)? } ``` or ``` void func(int n) { int vla[n]; int *ptr = vla; // Does this calculate the correct upper bounds based on n? } ``` We should probably have explicit mention given that VLAs are a source of security issues related to bounds. (In fact, we might even want to add specific bounds checks for VLAs such as "will the VLA fit comfortably within the stack frame?" or "these VLA bounds are user-controllable which is a Very Bad Idea™".) https://github.com/llvm/llvm-project/pull/70749 _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits