[clang-tidy] overflow builtins always write their output operand

[resistor]

Consider the following code:

int test(int elementSize, int elementCount)
{
	int bufferSize;
	int allocSize;
	bool overflow = __builtin_mul_overflow(elementCount, elementSize, &bufferSize);
	overflow |= __builtin_add_overflow(4, bufferSize, &allocSize);
	if (overflow)
		return -1;
	return allocSize;
}

clang-tidy-20 produces the following false-positive warning:

foo.cpp:6:14: warning: 2nd function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage]
    6 |         overflow |= __builtin_add_overflow(4, bufferSize, &allocSize);

This seems to be because it does not understand that the prior call to __builtin_mul_overflow will always write to bufferSize.

[llvmbot]

@llvm/issue-subscribers-clang-tidy

Author: Owen Anderson (resistor)

Consider the following code:

int test(int elementSize, int elementCount)
{
	int bufferSize;
	int allocSize;
	bool overflow = __builtin_mul_overflow(elementCount, elementSize, &bufferSize);
	overflow |= __builtin_add_overflow(4, bufferSize, &allocSize);
	if (overflow)
		return -1;
	return allocSize;
}

clang-tidy-20 produces the following false-positive warning:

foo.cpp:6:14: warning: 2nd function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage]
    6 |         overflow |= __builtin_add_overflow(4, bufferSize, &allocSize);

This seems to be because it does not understand that the prior call to __builtin_mul_overflow will always write to bufferSize.