================
@@ -0,0 +1,198 @@
+// RUN: %clang_analyze_cc1 -analyzer-checker=core,debug.ExprInspection
-verify=expected,default %s
+// RUN: %clang_analyze_cc1 -analyzer-checker=core,debug.ExprInspection
-analyzer-config legacy-inlining-prevention=false -verify=expected,disabled %s
+
+int getNum(void); // Get an opaque number.
+
+void clang_analyzer_numTimesReached(void);
+void clang_analyzer_dump(int arg);
+
+//-----------------------------------------------------------------------------
+// Simple case: inlined function never reaches `analyzer-max-loop`.
+
+int inner_simple(void) {
+ clang_analyzer_numTimesReached(); // expected-warning {{2}}
+ return 42;
+}
+
+int outer_simple(void) {
+ int x = inner_simple();
+ int y = inner_simple();
+ return 53 / (x - y); // expected-warning {{Division by zero}}
+}
+
+//-----------------------------------------------------------------------------
+// Inlined function always reaches `analyzer-max-loop`.
+
+int inner_fixed_loop_1(void) {
+ int i;
+ clang_analyzer_numTimesReached(); // expected-warning {{1}}
+ for (i = 0; i < 10; i++);
+ clang_analyzer_numTimesReached(); // no-warning
----------------
NagyDonat wrote:
IMO the situation is complex because:
- from the POV of the users this "analysis is stopped by long loops" behavior
is obviously a bug that needs to be fixed;
- but from the POV of the inlining prevention heuristic (which is tested here)
this is a known feature (or at least "property") of the analyzer engine which
is important for the correct delineation of the scope.
You're right that these deserve a FIXME, but I'll probably write a longer FIXME
block that explains the full situation instead of short inline FIXME notes.
https://github.com/llvm/llvm-project/pull/136720
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
