Skip to content

goto-analyzer: fix reachable-functions analysis for inline functions#8788

Open
tautschnig wants to merge 1 commit intodiffblue:developfrom
tautschnig:fix-5173-goto-analyzer
Open

goto-analyzer: fix reachable-functions analysis for inline functions#8788
tautschnig wants to merge 1 commit intodiffblue:developfrom
tautschnig:fix-5173-goto-analyzer

Conversation

@tautschnig
Copy link
Copy Markdown
Collaborator

@tautschnig tautschnig commented Nov 30, 2025

We now only consider functions reachable when they are actually called, and don't automatically consider inline functions reachable.

Fixes: #5173

  • Each commit message has a non-empty body, explaining why the change was made.
  • n/a Methods or procedures I have added are documented, following the guidelines provided in CODING_STANDARD.md.
  • n/a The feature or user visible behaviour I have added or modified has been documented in the User Guide in doc/cprover-manual/
  • Regression or unit tests are included, or existing tests cover the modified code (in this case I have detailed which ones those are in the commit message).
  • n/a My commit message includes data points confirming performance improvements (if claimed).
  • My PR is restricted to a single feature or bugfix.
  • n/a White-space or formatting changes outside the feature-related changed lines are in commits of their own.

@tautschnig
goto-analyzer: fix reachable-functions analysis for inline functions
491d307 
We now only consider functions reachable when they are actually called,
and don't automatically consider `inline` functions reachable.

Fixes: diffblue#5173
@tautschnig tautschnig force-pushed the fix-5173-goto-analyzer branch from c4dafa2 to 491d307 Compare November 30, 2025 22:01
@codecov
Copy link
Copy Markdown

codecov Bot commented Nov 30, 2025

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 79.93%. Comparing base (4fe3ade) to head (491d307).

Additional details and impacted files 
@@             Coverage Diff             @@
##           develop    #8788      +/-   ##
===========================================
- Coverage    79.93%   79.93%   -0.01%     
===========================================
  Files         1698     1698              
  Lines       187698   187694       -4     
  Branches        73       73              
===========================================
- Hits        150034   150030       -4     
  Misses       37664    37664

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@tautschnig tautschnig self-assigned this Feb 24, 2026
@tautschnig tautschnig marked this pull request as ready for review March 18, 2026 12:24
Copilot AI review requested due to automatic review settings March 18, 2026 12:24
Copilot AI reviewed Mar 18, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Fixes goto-analyzer --reachable-functions reporting inline functions as reachable even when not reachable from the entry point (e.g., inline helpers from macOS system headers), addressing #5173.

Changes:

  • Stop treating inline-marked functions as reachable purely due to the inline attribute; reachability is now based on the computed reachable/called set.
  • Apply the same reachability criterion in both --reachable-functions and --unreachable-instructions paths.
  • Add a regression test covering an “empty” program that includes <stdio.h> to ensure __sputc is not reported as reachable.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.

File Description
src/goto-analyzer/unreachable_instructions.cpp Updates reachability checks to ignore the inline attribute for both instruction and function reachability reporting.
regression/goto-analyzer/reachable-functions-stdio-empty/test.c Minimal reproducer including <stdio.h> with an empty main.
regression/goto-analyzer/reachable-functions-stdio-empty/test.desc Regression expectations: only main and __CPROVER_initialize are reachable; __sputc must not appear.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread src/goto-analyzer/unreachable_instructions.cpp
Comment on lines +184 to +189
// Only consider functions reachable if they're actually called.
// Previously, functions marked as "inline" were automatically treated as
// reachable, but this caused false positives on systems (like MacOS) where
// system headers contain uncalled inline functions that reference other
// functions, making those referenced functions appear reachable.
if(called.find(decl.name) != called.end())
Comment thread src/goto-analyzer/unreachable_instructions.cpp
Comment on lines +320 to +321
// Only consider functions reachable if they're actually called.
// See comment in unreachable_instructions() for rationale.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@martin-cs martin-cs Awaiting requested review from martin-cs martin-cs is a code owner

@peterschrammel peterschrammel Awaiting requested review from peterschrammel peterschrammel is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

@tautschnig tautschnig

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

goto-analyzer says __sputc is reachable in empty program

2 participants

@tautschnig