[cfe-dev] avoid loops in the exploded graph?

Lou Wynn via cfe-dev cfe-dev at lists.llvm.org
Mon Oct 8 18:42:25 PDT 2018


I read the comment "avoid loops in the exploded graph" in the following 
snippet of code which is on page 32 of the workbook 

LocationContext *LC = C. getLocationContext ();
ProgramStateRef State = C. getState ();
const Expr *E = /* Obtain an expression value of which is untrusted */;
ProgramStateRef NewState = State -> addTaint (E, LC );
if ( NewState != State ) // avoid loops in the exploded graph
   C. addTransition ( NewState );

My question is why the new tainted state requires the if statement to 
prevent loops, while other new states in the book do not have the if 
statement when C.addTransition(State) is used? Do other states which are 
not tainted not need to prevent loops? For example, on page 30, when a 
new state is added, it reads:

ProgramStateRef State = C. getState ();
State = modifyState ( State ); // do stuff
C. addTransition ( State );

There is no if state to prevent a loop.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20181008/41a28ce8/attachment.html>

More information about the cfe-dev mailing list