[cfe-dev] clang static analyzer checker for unreachable code
Stefan Ciobaca via cfe-dev
cfe-dev at lists.llvm.org
Wed Jul 19 02:54:38 PDT 2017
Dear cfe-dev,
I am testing out the alpha.deadcode.UnreachableCode checker and I have
found an interesting case where it fails to find an unreachable block. Here
is the minified version of the code:
void f()
{
int *i = new int;
if (!i) {
return; // this code is unreachable ("new" throws an exception if not
enough memory)
}
for (int j = 0; j < 4; ++j) {
}
}
I'm running the analyzer with "clang -cc1 -analyze
-analyzer-checker=alpha.deadcode.UnreachableCode f.cpp".
If I decrease the loop boundary as follows:
void f()
{
int *i = new int;
if (!i) {
return;
}
for (int j = 0; j < 3; ++j) { // NOTE: changed 4 to 3
}
}
then the CSA reports the unreachable code correctly:
f.cpp:5:5: warning: This statement is never executed
return;
^~~~~~
1 warning generated.
I suspect that the problem is due to the default unrolling depth of loops
during analysis, but I don't understand how exactly this unrolling
interacts with the unreachable code checker.
Could anyone confirm if this is the expected behavior (known limitation) of
the checker or if this is a bug?
Best,
Stefan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20170719/d3203a85/attachment.html>
More information about the cfe-dev
mailing list