<table border="1" cellspacing="0" cellpadding="8">
    <tr>
        <th>Issue</th>
        <td>
            <a href=https://github.com/llvm/llvm-project/issues/64796>64796</a>
        </td>
    </tr>

    <tr>
        <th>Summary</th>
        <td>
            llvm.objectsize cannot compute a trivial bound
        </td>
    </tr>

    <tr>
      <th>Labels</th>
      <td>
            llvm
      </td>
    </tr>

    <tr>
      <th>Assignees</th>
      <td>
      </td>
    </tr>

    <tr>
      <th>Reporter</th>
      <td>
          bevin-hansson
      </td>
    </tr>
</table>

<pre>
    The following example results in a return value of 0, but it should be possible to figure out that there's at minimum 10 bytes left in the object:
```
int cond;

long long bos() {
    char arr[20];
 void *p = cond ? &arr[0] : &arr[10];
    return __builtin_object_size(p, 2);
}
```
See Godbolt: https://godbolt.org/z/vhfWv69Tv

Looking at ObjectSizeOffsetVisitor shows two things that seem odd.

The first is that it will give up on visiting instructions that have already been visited:
```
  if (Instruction *I = dyn_cast<Instruction>(V)) {
    // If we have already seen this instruction, bail out. Cycles can happen in
    // unreachable code after constant propagation.
    if (!SeenInsts.insert(I).second)
 return unknown();

    return visit(*I);
  }
```
So it won't end up visiting the `alloca` again, and just considers it to have unknown size on the second visit.

Even without this, the analysis still fails. If `MustSucceed` is false, it resorts to finding an exact size instead of a reasonable conservative estimate:
```
  // Unless we have to fold this to something, try to be as accurate as
  // possible.
  if (MustSucceed)
    EvalOptions.EvalMode =
        MaxVal ? ObjectSizeOpts::Mode::Max : ObjectSizeOpts::Mode::Min;
  else
 EvalOptions.EvalMode = ObjectSizeOpts::Mode::ExactSizeFromOffset;
```
But the result then is that it cannot find an exact size (because it doesn't know if it's 10 or 20), so it produces the most conservative estimate 0 instead.
</pre>
<img width="1px" height="1px" alt="" src="http://email.email.llvm.org/o/eJyEVk1v2zgQ_TX0ZVBDoeIPHXzIlxcBtugh3e4xGIkjiy1NChxKqfvrF0MpiZNu0CCQKXM4HL735tHIbA-eaKdW12p1u8AhdSHuahqt_9ShZw5-UQdz2n3tCNrgXHiy_gD0E4-9I4jEg0sM1gNCpDREDyO6gSC0UCh9A_WQwCbgLgzOQE3QB2ZbO4IUoLWHIRKEIUHqUB4USekNAyY4Wm-PwxEuCqhPiRgctUl2Sh1BqL9Tk1R5pYpbVVypdTH_51frEzTBG1Vez_P56YI_QH7UgZXeKl2B2swhAABNhxEwRrW61oVa3b6shzFYA0pf9aDK25wbVLkHpddTuESDKq9ev7l4mwDgGZ_Hx3qwLln_OB3ike0vUnrbC1xa6eq16s3t_x7vgQj-CqYOThCALqWeBQq9V3p_mCaWIR6U3v9Sej927b_juvo6nmPxdwg_hElM8CWX8WB_0Ze2ZUrfLNsUonD2xJCeAqTO-gNPHDHREYIxy_NsWR02cgI7h9kET9Y5ONiRYOgheBglr-xpPac4NMkGP0d3OBKgi4TmBDXRHEzmI4YBbAtKb-9fUwk995kec_KPDXJS5c3ZvCrvlN5-E4Df8z4hB_ctPNHbWlhqSZ3l86KzrtE6Ee4Sbk6NI4YGPXTY9-TB-t9SDz4SNh2K8JtgCLBNFEVInNAn6GPo8YCSffm6eDqj0hcPRF6OwkvrmWKSkytdLZmyzHU1r5klNvgfPjz5SeLvmuBMiRnjHHR1fx4I8KHyQiZWINgkIG-E2hdepTHVukDnQoNqXQAe0Ga00Bv4PnDuSraGIkueFCaw53JBGkGEInmmk02530jtbiQPTzZ1k2tYlvyyAj26E1sGTiK8Fq3jpXCq1sXngdPD0DRERuqyDC06Jllqk7hYiIknR_Imt4UXj2vSVJNwT2jE1MTmkIOfmRQ2RkwicuJkj5joY8nOWvjHO2J-kZrsGpyZVJYCcDhSbrh8sHiS72oCZMCmGSImGb9L-Wyqy7fdcX7sF40AwN2I7kuf-28p48-iSFXevkbI32f8-Q1d9rkzi-hT9pryShbNI_yZve8PUdafKYwE_mn8UTV_yHcn_MjkPobj5FyvUn8L_XWWyvN1JUN_blQNeh9S5v4d8Upva2pwYJI4E4gn5YteBWNpnw3LFRUi6CJ7yw1w7pI-BjM0xHnnY5jF_5tcoHiW13JhdqWpygoXtLtYV7pcrbd6s-h2q0vcrArEymz1ZVvp-lJTuymb1WWBpW7XC7vThS6L7cX24qLYFJul2dK2Mk3VGlM1JVXqsqAjWrd0bjzK3bCwzAPt1pebar1wWJPj_CNAa4lQWsvPgbiTl0_1cGB1WTgrBvSSINnkaDe9ZqIyYjOWTTj2gygVUrSjRQd1GLxZDNHt3t1XNnVDvWzCUen9tHf--NTHkO94vc-lstL7XO1_AQAA__-oMb-o">