[cfe-dev] avoid loops in the exploded graph?
Lou Wynn via cfe-dev
cfe-dev at lists.llvm.org
Mon Oct 8 18:42:25 PDT 2018
Hi,
I read the comment "avoid loops in the exploded graph" in the following
snippet of code which is on page 32 of the workbook
<https://github.com/haoNoQ/clang-analyzer-guide/releases/download/v0.1/clang-analyzer-guide-v0.1.pdf>.
LocationContext *LC = C. getLocationContext ();
ProgramStateRef State = C. getState ();
const Expr *E = /* Obtain an expression value of which is untrusted */;
ProgramStateRef NewState = State -> addTaint (E, LC );
if ( NewState != State ) // avoid loops in the exploded graph
C. addTransition ( NewState );
My question is why the new tainted state requires the if statement to
prevent loops, while other new states in the book do not have the if
statement when C.addTransition(State) is used? Do other states which are
not tainted not need to prevent loops? For example, on page 30, when a
new state is added, it reads:
ProgramStateRef State = C. getState ();
State = modifyState ( State ); // do stuff
C. addTransition ( State );
There is no if state to prevent a loop.
--
Love,
Lou
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20181008/41a28ce8/attachment.html>
More information about the cfe-dev
mailing list