I'm a silly billy. I've made the early-out-at-end action target paths on which the In_loop flag is active. This is not the same as 'innermost block is loop'; it is, in fact, 'any block in the path is a loop', and as such it results in things like
while (A) {
if (B) {
C;
// TARGET HERE
}
D;
}
Clearly this isn't right; if we insert a continue at the given position, the semantics will be wrong.
This is a fuzzer bug, but, again, it's one where the solution will need some creative thinking. We need a way of doing one of the following:
being able to cancel observed flags (this would have weird semantics, as it would only work well with flags in positive positions);
being able to specify (positive-only) flag checks on the inmost block inside a path filter (bit convoluted);
attaching block requirements to anchors (a bit strange);
I'm a silly billy. I've made the early-out-at-end action target paths on which the
In_loopflag is active. This is not the same as 'innermost block is loop'; it is, in fact, 'any block in the path is a loop', and as such it results in things likeClearly this isn't right; if we insert a
continueat the given position, the semantics will be wrong.This is a fuzzer bug, but, again, it's one where the solution will need some creative thinking. We need a way of doing one of the following: