================ @@ -485,20 +499,83 @@ Pointer types in a ``typedef`` can still have explicit annotations, e.g., ``typedef int *__single``, in which case the bounds annotation ``__single`` will apply to every use of the ``typedef``. -Array to pointer promotion --------------------------- - -In C, when an array is referenced, it is automatically promoted (or “decayed”) -to a pointer to its first element (e.g., ``&arr[0]``). Similarly, in -``-fbounds-safety``, arrays are also promoted to pointers, but with the addition -of an implicit bounds annotation. Arrays on function parameters are promoted to -corresponding ``__counted_by`` pointers. Consequently, incomplete arrays (or -arrays without size) will cause a compiler error unless it has ``__counted_by`` -annotation in its bracket. All other arrays are promoted to ``__bidi_indexable`` -pointers, with the equivalent of ``&arr[0]`` serving as the lower bound and -``&arr[array_size]`` (or one past the last element) serving as the upper bound. -This way, all array accesses are subject to bounds checking, just as their -corresponding pointers are. +Array to pointer promotion to secure arrays (including VLAs) ---------------- rapidsna wrote:
@AaronBallman I extended this section to explicitly mention VLAs and added some examples to describe the semantics. https://github.com/llvm/llvm-project/pull/70749 _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
