InfiniteLoop.ql

/**
 * @name Infinite loop
 * @description Updating a loop index with a compound assignment
 *              could cause non-termination.
 * @kind problem
 * @problem.severity warning
 * @id apple-xnu/cpp/infinite-loop
 */

import cpp
import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis

// Find loops like this:
// while (x) { ...; x -= n; }
from Loop loop, Variable v, AssignArithmeticOperation assign
where (loop.getCondition() = v.getAnAccess() or
       loop.getCondition().(ComparisonOperation).getAnOperand() = v.getAnAccess())
  and assign.getLValue() = v.getAnAccess()
  // Compound assignment is in the body of the loop:
  and assign = loop.getStmt().getAChild*()
  and lowerBound(assign.getRValue()) <= 0
  and upperBound(assign.getRValue()) >= 0
select loop, "Loop might not terminate due to this $@.", assign, "assignment"