<html>
    <head>
      <base href="https://bugs.llvm.org/">
    </head>
    <body><table border="1" cellspacing="0" cellpadding="8">
        <tr>
          <th>Bug ID</th>
          <td><a class="bz_bug_link 
          bz_status_NEW "
   title="NEW - __builtin_object_size() handled inconsistently in latest git with scan-build"
   href="https://bugs.llvm.org/show_bug.cgi?id=47993">47993</a>
          </td>
        </tr>

        <tr>
          <th>Summary</th>
          <td>__builtin_object_size() handled inconsistently in latest git with scan-build
          </td>
        </tr>

        <tr>
          <th>Product</th>
          <td>clang
          </td>
        </tr>

        <tr>
          <th>Version</th>
          <td>trunk
          </td>
        </tr>

        <tr>
          <th>Hardware</th>
          <td>PC
          </td>
        </tr>

        <tr>
          <th>OS</th>
          <td>Linux
          </td>
        </tr>

        <tr>
          <th>Status</th>
          <td>NEW
          </td>
        </tr>

        <tr>
          <th>Severity</th>
          <td>normal
          </td>
        </tr>

        <tr>
          <th>Priority</th>
          <td>P
          </td>
        </tr>

        <tr>
          <th>Component</th>
          <td>Static Analyzer
          </td>
        </tr>

        <tr>
          <th>Assignee</th>
          <td>dcoughlin@apple.com
          </td>
        </tr>

        <tr>
          <th>Reporter</th>
          <td>tss@iki.fi
          </td>
        </tr>

        <tr>
          <th>CC</th>
          <td>dcoughlin@apple.com, llvm-bugs@lists.llvm.org
          </td>
        </tr></table>
      <p>
        <div>
        <pre>I upgraded to latest git version of clang yesterday:

clang version 12.0.0 (<a href="https://github.com/llvm/llvm-project.git">https://github.com/llvm/llvm-project.git</a>
5839e13910ca0d5ccd11debc0ea3f8491c8c29df)

And I started getting a bunch of warnings in my code base with scan-build (no
warnings with normal clang builds):

warning: Declared variable-length array (VLA) has negative size [core.VLASize]

This happens somewhat inconsistently. Below is the smallest test case I managed
to get to reproduce it:

#include <stdlib.h>
#  define COMPILE_ERROR_IF_TRUE(condition) \
        (sizeof(char[1 - 2 * ((condition) ? 1 : 0)]) - 1)
int extfunc(void);
static void func2(void)
{
        char *d = malloc(10);
        (void)COMPILE_ERROR_IF_TRUE(__builtin_object_size((d),1) < 10);
        free(d);
        if (extfunc() == 0)
                extfunc();
}
void func1(void)
{
        func2();
        func2();
}

# scan-build clang test.c -c -o test.o
test.c:22:8: warning: Declared variable-length array (VLA) has negative size
[core.VLASize]
        (void)COMPILE_ERROR_IF_TRUE(__builtin_object_size((d),1) < 10);
              ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
test.c:15:3: note: expanded from macro 'COMPILE_ERROR_IF_TRUE'
        (sizeof(char[1 - 2 * ((condition) ? 1 : 0)]) - 1)
         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.</pre>
        </div>
      </p>


      <hr>
      <span>You are receiving this mail because:</span>

      <ul>
          <li>You are on the CC list for the bug.</li>
      </ul>
    </body>
</html>