Update Fix

Author: szihs

source/slang/slang-diagnostic-defs.h

@@ -2179,6 +2179,7 @@ DIAGNOSTIC(
 DIAGNOSTIC(41000, Warning, unreachableCode, "unreachable code detected")
 DIAGNOSTIC(41001, Error, recursiveType, "type '$0' contains cyclic reference to itself.")
 
+DIAGNOSTIC(41008, Warning, potentialInfiniteLoop, "loop might execute indefinitely")
 DIAGNOSTIC(
     41009,
     Error,

source/slang/slang-ir-potential-infinite-loop.cpp

@@ -0,0 +1,157 @@
+// slang-ir-potential-infinite-loop.cpp
+#include "slang-ir-potential-infinite-loop.h"
+
+#include "core/slang-basic.h"
+#include "core/slang-dictionary.h" // For HashSet used in DFS
+#include "core/slang-io.h"
+#include "core/slang-list.h" // For List used in DFS
+#include "core/slang-type-text-util.h"
+#include "slang-compiler.h"
+#include "slang-diagnostics.h"
+#include "slang-ir-insts.h"
+#include "slang-ir.h"
+
+namespace Slang
+{
+
+/// Check if a loop body has any path that can reach the break block
+static bool canLoopExit(IRLoop* loop)
+{
+    IRBlock* targetBlock = loop->getTargetBlock();
+    IRBlock* breakBlock = loop->getBreakBlock();
+
+    // If there's no break block, the loop cannot exit
+    if (!breakBlock)
+    {
+        return false;
+    }
+
+    // Fast check: direct branch from header to break block
+    for (auto inst : targetBlock->getChildren())
+    {
+        if (auto branch = as<IRConditionalBranch>(inst))
+        {
+            if (branch->getTrueBlock() == breakBlock || branch->getFalseBlock() == breakBlock)
+                return true;
+        }
+        else if (auto unconditionalBranch = as<IRUnconditionalBranch>(inst))
+        {
+            if (unconditionalBranch->getTargetBlock() == breakBlock)
+                return true;
+        }
+    }
+
+    // Comprehensive but bounded DFS: explore blocks reachable from the loop header
+    List<IRBlock*> workList;
+    HashSet<IRBlock*> visited;
+
+    auto enqueue = [&](IRBlock* b)
+    {
+        if (b && visited.add(b))
+            workList.add(b);
+    };
+
+    enqueue(targetBlock);
+    enqueue(loop->getContinueBlock()); // Include continue block path if present
+
+    while (workList.getCount())
+    {
+        IRBlock* curr = workList.getLast();
+        workList.removeLast();
+
+        if (curr == breakBlock)
+            return true; // Found a path
+
+        IRInst* term = curr->getTerminator();
+        if (!term)
+            continue;
+
+        // If the terminator has *no* successor blocks (e.g. return, discard, unreachable, etc.)
+        // then the loop can exit via this path.
+        if (!as<IRConditionalBranch>(term) && !as<IRUnconditionalBranch>(term) &&
+            !as<IRSwitch>(term))
+        {
+            return true;
+        }
+
+        if (auto cb = as<IRConditionalBranch>(term))
+        {
+            enqueue(cb->getTrueBlock());
+            enqueue(cb->getFalseBlock());
+        }
+        else if (auto ub = as<IRUnconditionalBranch>(term))
+        {
+            enqueue(ub->getTargetBlock());
+        }
+        else if (auto sw = as<IRSwitch>(term))
+        {
+            enqueue(sw->getDefaultLabel());
+            for (UInt i = 0; i < sw->getCaseCount(); ++i)
+                enqueue(sw->getCaseLabel(i));
+        }
+        // Other terminators (return, discard, unreachable, etc.) are exits from the loop body
+    }
+
+    // If we exhaust reachable blocks without hitting the break block, assume the loop cannot exit
+    return false;
+}
+
+/// Get source location from the loop for diagnostics
+static SourceLoc getLoopSourceLocation(IRLoop* loop)
+{
+    // Try to get source location from the loop itself
+    if (loop->sourceLoc.isValid())
+        return loop->sourceLoc;
+
+    // Try to get from the target block
+    IRBlock* targetBlock = loop->getTargetBlock();
+    if (targetBlock && targetBlock->sourceLoc.isValid())
+        return targetBlock->sourceLoc;
+
+    // Try to get from instructions in the target block
+    if (targetBlock)
+    {
+        for (auto inst : targetBlock->getOrdinaryInsts())
+        {
+            if (inst->sourceLoc.isValid())
+                return inst->sourceLoc;
+        }
+    }
+
+    return SourceLoc();
+}
+
+static void checkForPotentialInfiniteLoopsInInst(
+    IRInst* inst,
+    DiagnosticSink* sink,
+    bool diagnoseWarning)
+{
+    // Check if this instruction is a loop
+    if (auto loop = as<IRLoop>(inst))
+    {
+        // Check if this loop has any path that can exit
+        bool canExit = canLoopExit(loop);
+        if (!canExit)
+        {
+            if (diagnoseWarning)
+            {
+                SourceLoc loc = getLoopSourceLocation(loop);
+                sink->diagnose(loc, Diagnostics::potentialInfiniteLoop);
+            }
+        }
+    }
+
+    // Recursively check children
+    for (auto childInst : inst->getChildren())
+    {
+        checkForPotentialInfiniteLoopsInInst(childInst, sink, diagnoseWarning);
+    }
+}
+
+void checkForPotentialInfiniteLoops(IRModule* module, DiagnosticSink* sink, bool diagnoseWarning)
+{
+    // Look for loops in the module
+    checkForPotentialInfiniteLoopsInInst(module->getModuleInst(), sink, diagnoseWarning);
+}
+
+} // namespace Slang

source/slang/slang-ir-potential-infinite-loop.h

@@ -0,0 +1,20 @@
+// slang-ir-potential-infinite-loop.h
+#pragma once
+
+namespace Slang
+{
+class DiagnosticSink;
+struct IRModule;
+struct IRInst;
+struct IRLoop;
+struct IRBlock;
+enum class CodeGenTarget;
+
+/// This IR check pass analyzes loops in the IR to detect potential infinite loops.
+/// It looks for two key indicators of infinite loops:
+/// 1. Loops with constant conditions (always evaluating to true)
+/// 2. Loops with no exit paths (no branches to the break block)
+///
+/// When both conditions are met, it warns about a potential infinite loop.
+void checkForPotentialInfiniteLoops(IRModule* module, DiagnosticSink* sink, bool diagnoseWarning);
+} // namespace Slang

source/slang/slang-lower-to-ir.cpp

@@ -26,6 +26,7 @@
 #include "slang-ir-obfuscate-loc.h"
 #include "slang-ir-operator-shift-overflow.h"
 #include "slang-ir-peephole.h"
+#include "slang-ir-potential-infinite-loop.h"
 #include "slang-ir-sccp.h"
 #include "slang-ir-simplify-cfg.h"
 #include "slang-ir-ssa.h"
@@ -11944,6 +11945,10 @@ RefPtr<IRModule> generateIRForTranslationUnit(
         // instructions remain.
 
         checkForMissingReturns(module, compileRequest->getSink(), CodeGenTarget::None, true);
+
+        // Check for potential infinite loops (loops with no break)
+        checkForPotentialInfiniteLoops(module, compileRequest->getSink(), true);
+
         // Check for invalid differentiable function body.
         checkAutoDiffUsages(module, compileRequest->getSink());
 

tests/diagnostics/for-loop-warning.slang

@@ -1,5 +1,7 @@
 //DIAGNOSTIC_TEST:SIMPLE:
-
+StructuredBuffer<float> buffer0;
+StructuredBuffer<float> buffer1;
+RWStructuredBuffer<float> result;
 
 float doSomething(int x)
 {
@@ -56,5 +58,9 @@ float doSomething(int x)
     {
         i--;
     }
+    for (int i = 1; i < 10; i+1) // warn.
+    {
+        result[i] = buffer0[i] + buffer1[i];
+    }
     return 0.0;
 }

tests/diagnostics/for-loop-warning.slang.expected

@@ -30,6 +30,9 @@ tests/diagnostics/for-loop-warning.slang(28): warning 30504: the for loop is sta
 tests/diagnostics/for-loop-warning.slang(32): warning 30504: the for loop is statically determined to terminate within 5 iterations, which is less than what [MaxIters] specifies.
     [MaxIters(6)] // warn
      ^~~~~~~~
+tests/diagnostics/for-loop-warning.slang(10): warning 41008: loop might execute indefinitely
+    for (int j = 0; j < 3; j += 0) // warn.
+    ^~~
 }
 standard output = {
 }