Vendor import of clang release_32 branch r168974 (effectively, 3.2 RC2):

http://llvm.org/svn/llvm-project/cfe/branches/release_32@168974

1 files changed, 63 insertions, 19 deletions

diff --git a/docs/UsersManual.html b/docs/UsersManual.html
index 69f916c..35fc5dc 100644
--- a/docs/UsersManual.html
+++ b/docs/UsersManual.html
@@ -874,33 +874,77 @@ likely to affect PCH files that reference a large number of headers.</p>
 
 <!-- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -->
 <dl>
-<dt id="opt_fcatch-undefined-behavior"><b>-fcatch-undefined-behavior</b>: Turn
-on runtime code generation to check for undefined behavior.</dt>
+<dt id="opt_fsanitize"><b>-fsanitize=check1,check2</b>: Turn on runtime checks
+for various forms of undefined behavior.</dt>
+
+<dd>This option controls whether Clang adds runtime checks for various forms of
+undefined behavior, and is disabled by default. If a check fails, a diagnostic
+message is produced at runtime explaining the problem. The main checks are:
 
-<dd>This option, which defaults to off, controls whether or not Clang
-adds runtime checks for undefined runtime behavior.  If a check fails,
-<tt>__builtin_trap()</tt> is used to indicate failure.
-The checks are:
 <ul>
-<li>Subscripting where the static type of one operand is a variable
-    which is decayed from an array type and the other operand is
-    greater than the size of the array or less than zero.</li>
-<li>Shift operators where the amount shifted is greater or equal to the
-    promoted bit-width of the left-hand-side or less than zero.</li>
-<li>If control flow reaches __builtin_unreachable.
-<li>When llvm implements more __builtin_object_size support, reads and
-    writes for objects that __builtin_object_size indicates we aren't
-    accessing valid memory.  Bit-fields and vectors are not yet checked.
+<li id="opt_fsanitize_address"><tt>-fsanitize=address</tt>:
+    <a href="AddressSanitizer.html">AddressSanitizer</a>, a memory error
+    detector.</li>
+<li id="opt_fsanitize_thread"><tt>-fsanitize=thread</tt>:
+    <a href="ThreadSanitizer.html">ThreadSanitizer</a>, an <em>experimental</em>
+    data race detector.  Not ready for widespread use.</li>
+<li id="opt_fsanitize_undefined"><tt>-fsanitize=undefined</tt>:
+    Enables all the checks listed below.</li>
 </ul>
+
+The following more fine-grained checks are also available:
+
+<ul>
+<li id="opt_fsanitize_alignment"><tt>-fsanitize=alignment</tt>:
+    Use of a misaligned pointer or creation of a misaligned reference.</li>
+<li id="opt_fsanitize_divide-by-zero"><tt>-fsanitize=divide-by-zero</tt>:
+    Division by zero.</li>
+<li id="opt_fsanitize_float-cast-overflow"><tt>-fsanitize=float-cast-overflow</tt>:
+    Conversion to, from, or between floating-point types which would overflow
+    the destination.</li>
+<li id="opt_fsanitize_null"><tt>-fsanitize=null</tt>:
+    Use of a null pointer or creation of a null reference.</li>
+<li id="opt_fsanitize_object-size"><tt>-fsanitize=object-size</tt>:
+    An attempt to use bytes which the optimizer can determine are not part of
+    the object being accessed.
+    The sizes of objects are determined using <tt>__builtin_object_size</tt>, and
+    consequently may be able to detect more problems at higher optimization
+    levels.</li>
+<li id="opt_fsanitize_return"><tt>-fsanitize=return</tt>:
+    In C++, reaching the end of a value-returning function without returning a
+    value.</li>
+<li id="opt_fsanitize_shift"><tt>-fsanitize=shift</tt>:
+    Shift operators where the amount shifted is greater or equal to the
+    promoted bit-width of the left hand side or less than zero, or where
+    the left hand side is negative. For a signed left shift, also checks
+    for signed overflow in C, and for unsigned overflow in C++.</li>
+<li id="opt_fsanitize_signed-integer-overflow"><tt>-fsanitize=signed-integer-overflow</tt>:
+    Signed integer overflow, including all the checks added by <tt>-ftrapv</tt>,
+    and checking for overflow in signed division (<tt>INT_MIN / -1</tt>).</li>
+<li id="opt_fsanitize_unreachable"><tt>-fsanitize=unreachable</tt>:
+    If control flow reaches __builtin_unreachable.</li>
+<li id="opt_fsanitize_vla-bound"><tt>-fsanitize=vla-bound</tt>:
+    A variable-length array whose bound does not evaluate to a positive value.</li>
+<li id="opt_fsanitize_vptr"><tt>-fsanitize=vptr</tt>:
+    Use of an object whose vptr indicates that it is of the wrong dynamic type,
+    or that its lifetime has not begun or has ended. Incompatible with
+    <tt>-fno-rtti</tt>.</li>
+</ul>
+
+The <tt>-fsanitize=</tt> argument must also be provided when linking, in order
+to link to the appropriate runtime library. It is not possible to combine the
+<tt>-fsanitize=address</tt> and <tt>-fsanitize=thread</tt> checkers in the same
+program.
 </dd>
 
 <dt id="opt_faddress-sanitizer"><b>-f[no-]address-sanitizer</b>:
-Turn on <a href="AddressSanitizer.html">AddressSanitizer</a>,
-a memory error detector.
+Deprecated synonym for <a href="#opt_fsanitize_address"><tt>-f[no-]sanitize=address</tt></a>.
 
 <dt id="opt_fthread-sanitizer"><b>-f[no-]thread-sanitizer</b>:
-Turn on ThreadSanitizer, an <em>experimental</em> data race detector.
-Not ready for widespread use.
+Deprecated synonym for <a href="#opt_fsanitize_address"><tt>-f[no-]sanitize=thread</tt></a>.
+
+<dt id="opt_fcatch-undefined-behavior"><b>-fcatch-undefined-behavior</b>:
+Deprecated synonym for <a href="#opt_fsanitize_undefined"><tt>-fsanitize=undefined</tt></a>.
 
 <dt id="opt_fno-assume-sane-operator-new"><b>-fno-assume-sane-operator-new</b>:
 Don't assume that the C++'s new operator is sane.</dt>