Gitiles
Code Review Sign In
gerrit-public.fairphone.software / toolchain / llvm-project / 83af86a6bc10178a2cbbb137914abd2abf9dcfdb / . / clang / lib / Checker / GRCoreEngine.cpp
blob: d54b0777eda75f9a56542f10e21af37d445d3845 [file] [log] [blame]
Ted Kremenek17810802008-11-12 19:24:17 +0000[diff] [blame]1//==- GRCoreEngine.cpp - Path-Sensitive Dataflow Engine ------------*- C++ -*-//
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]2//
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]3// The LLVM Compiler Infrastructure
4//
5// This file is distributed under the University of Illinois Open Source
6// License. See LICENSE.TXT for details.
7//
8//===----------------------------------------------------------------------===//
9//
10// This file defines a generic engine for intraprocedural, path-sensitive,
11// dataflow analysis via graph reachability engine.
12//
13//===----------------------------------------------------------------------===//
14
Ted Kremenekd6b87082010-01-25 04:41:41 +0000[diff] [blame]15#include "clang/Checker/PathSensitive/GRCoreEngine.h"
16#include "clang/Checker/PathSensitive/GRExprEngine.h"
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]17#include "clang/AST/Expr.h"
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]18#include "llvm/Support/Casting.h"
19#include "llvm/ADT/DenseMap.h"
20#include <vector>
Ted Kremenekd9de9f12008-12-16 22:13:33 +0000[diff] [blame]21#include <queue>
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]22
23using llvm::cast;
24using llvm::isa;
25using namespace clang;
26
Ted Kremenekd9de9f12008-12-16 22:13:33 +0000[diff] [blame]27//===----------------------------------------------------------------------===//
28// Worklist classes for exploration of reachable states.
29//===----------------------------------------------------------------------===//
30
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]31namespace {
Kovarththanan Rajaratnam65c65662009-11-28 06:07:30 +0000[diff] [blame]32class DFS : public GRWorkList {
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]33 llvm::SmallVector<GRWorkListUnit,20> Stack;
34public:
35 virtual bool hasWork() const {
36 return !Stack.empty();
37 }
38
39 virtual void Enqueue(const GRWorkListUnit& U) {
40 Stack.push_back(U);
41 }
42
43 virtual GRWorkListUnit Dequeue() {
44 assert (!Stack.empty());
45 const GRWorkListUnit& U = Stack.back();
46 Stack.pop_back(); // This technically "invalidates" U, but we are fine.
47 return U;
48 }
49};
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]50
Kovarththanan Rajaratnam65c65662009-11-28 06:07:30 +0000[diff] [blame]51class BFS : public GRWorkList {
Ted Kremenek2c327732009-05-01 22:18:46 +0000[diff] [blame]52 std::queue<GRWorkListUnit> Queue;
53public:
54 virtual bool hasWork() const {
55 return !Queue.empty();
56 }
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]57
Ted Kremenek2c327732009-05-01 22:18:46 +0000[diff] [blame]58 virtual void Enqueue(const GRWorkListUnit& U) {
59 Queue.push(U);
60 }
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]61
Ted Kremenek2c327732009-05-01 22:18:46 +0000[diff] [blame]62 virtual GRWorkListUnit Dequeue() {
63 // Don't use const reference. The subsequent pop_back() might make it
64 // unsafe.
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]65 GRWorkListUnit U = Queue.front();
Ted Kremenek2c327732009-05-01 22:18:46 +0000[diff] [blame]66 Queue.pop();
67 return U;
68 }
69};
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]70
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]71} // end anonymous namespace
72
Ted Kremenek2e12c2e2008-01-16 18:18:48 +0000[diff] [blame]73// Place the dstor for GRWorkList here because it contains virtual member
74// functions, and we the code for the dstor generated in one compilation unit.
75GRWorkList::~GRWorkList() {}
76
Ted Kremenek2c327732009-05-01 22:18:46 +0000[diff] [blame]77GRWorkList *GRWorkList::MakeDFS() { return new DFS(); }
78GRWorkList *GRWorkList::MakeBFS() { return new BFS(); }
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]79
Ted Kremenekd9de9f12008-12-16 22:13:33 +0000[diff] [blame]80namespace {
Kovarththanan Rajaratnam65c65662009-11-28 06:07:30 +0000[diff] [blame]81 class BFSBlockDFSContents : public GRWorkList {
Ted Kremenekd9de9f12008-12-16 22:13:33 +0000[diff] [blame]82 std::queue<GRWorkListUnit> Queue;
83 llvm::SmallVector<GRWorkListUnit,20> Stack;
84 public:
85 virtual bool hasWork() const {
86 return !Queue.empty() || !Stack.empty();
87 }
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]88
Ted Kremenekd9de9f12008-12-16 22:13:33 +0000[diff] [blame]89 virtual void Enqueue(const GRWorkListUnit& U) {
90 if (isa<BlockEntrance>(U.getNode()->getLocation()))
91 Queue.push(U);
92 else
93 Stack.push_back(U);
94 }
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]95
Ted Kremenekd9de9f12008-12-16 22:13:33 +0000[diff] [blame]96 virtual GRWorkListUnit Dequeue() {
97 // Process all basic blocks to completion.
98 if (!Stack.empty()) {
99 const GRWorkListUnit& U = Stack.back();
100 Stack.pop_back(); // This technically "invalidates" U, but we are fine.
101 return U;
102 }
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]103
Ted Kremenekd9de9f12008-12-16 22:13:33 +0000[diff] [blame]104 assert(!Queue.empty());
105 // Don't use const reference. The subsequent pop_back() might make it
106 // unsafe.
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]107 GRWorkListUnit U = Queue.front();
Ted Kremenekd9de9f12008-12-16 22:13:33 +0000[diff] [blame]108 Queue.pop();
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]109 return U;
Ted Kremenekd9de9f12008-12-16 22:13:33 +0000[diff] [blame]110 }
111 };
112} // end anonymous namespace
113
114GRWorkList* GRWorkList::MakeBFSBlockDFSContents() {
115 return new BFSBlockDFSContents();
116}
117
118//===----------------------------------------------------------------------===//
119// Core analysis engine.
120//===----------------------------------------------------------------------===//
Zhongxing Xu107f7592009-08-06 12:48:26 +0000[diff] [blame]121void GRCoreEngine::ProcessEndPath(GREndPathNodeBuilder& Builder) {
Zhongxing Xu82003da2009-08-06 10:00:15 +0000[diff] [blame]122 SubEngine.ProcessEndPath(Builder);
123}
Ted Kremenekd9de9f12008-12-16 22:13:33 +0000[diff] [blame]124
Ted Kremenek4cad5fc2009-12-16 03:18:58 +0000[diff] [blame]125void GRCoreEngine::ProcessStmt(CFGElement E, GRStmtNodeBuilder& Builder) {
126 SubEngine.ProcessStmt(E, Builder);
Zhongxing Xu82003da2009-08-06 10:00:15 +0000[diff] [blame]127}
128
129bool GRCoreEngine::ProcessBlockEntrance(CFGBlock* Blk, const GRState* State,
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]130 GRBlockCounter BC) {
Zhongxing Xu82003da2009-08-06 10:00:15 +0000[diff] [blame]131 return SubEngine.ProcessBlockEntrance(Blk, State, BC);
132}
133
134void GRCoreEngine::ProcessBranch(Stmt* Condition, Stmt* Terminator,
Zhongxing Xu107f7592009-08-06 12:48:26 +0000[diff] [blame]135 GRBranchNodeBuilder& Builder) {
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]136 SubEngine.ProcessBranch(Condition, Terminator, Builder);
Zhongxing Xu82003da2009-08-06 10:00:15 +0000[diff] [blame]137}
138
Zhongxing Xu107f7592009-08-06 12:48:26 +0000[diff] [blame]139void GRCoreEngine::ProcessIndirectGoto(GRIndirectGotoNodeBuilder& Builder) {
Zhongxing Xu82003da2009-08-06 10:00:15 +0000[diff] [blame]140 SubEngine.ProcessIndirectGoto(Builder);
141}
142
Zhongxing Xu107f7592009-08-06 12:48:26 +0000[diff] [blame]143void GRCoreEngine::ProcessSwitch(GRSwitchNodeBuilder& Builder) {
Zhongxing Xu82003da2009-08-06 10:00:15 +0000[diff] [blame]144 SubEngine.ProcessSwitch(Builder);
145}
Zhongxing Xu107f7592009-08-06 12:48:26 +0000[diff] [blame]146
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]147/// ExecuteWorkList - Run the worklist algorithm for a maximum number of steps.
Zhongxing Xue1190f72009-08-15 03:17:38 +0000[diff] [blame]148bool GRCoreEngine::ExecuteWorkList(const LocationContext *L, unsigned Steps) {
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]149
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]150 if (G->num_roots() == 0) { // Initialize the analysis by constructing
151 // the root if none exists.
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]152
Zhongxing Xu94ec6492009-08-25 03:33:41 +0000[diff] [blame]153 CFGBlock* Entry = &(L->getCFG()->getEntry());
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]154
155 assert (Entry->empty() &&
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]156 "Entry block must be empty.");
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]157
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]158 assert (Entry->succ_size() == 1 &&
159 "Entry block must have 1 successor.");
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]160
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]161 // Get the solitary successor.
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]162 CFGBlock* Succ = *(Entry->succ_begin());
163
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]164 // Construct an edge representing the
165 // starting location in the function.
Zhongxing Xue1190f72009-08-15 03:17:38 +0000[diff] [blame]166 BlockEdge StartLoc(Entry, Succ, L);
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]167
Ted Kremenek90ae68f2008-02-12 18:08:17 +0000[diff] [blame]168 // Set the current block counter to being empty.
169 WList->setBlockCounter(BCounterFactory.GetEmptyCounter());
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]170
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]171 // Generate the root.
Zhongxing Xu5f078cb2009-08-17 06:19:58 +0000[diff] [blame]172 GenerateNode(StartLoc, getInitialState(L), 0);
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]173 }
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]174
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]175 while (Steps && WList->hasWork()) {
176 --Steps;
177 const GRWorkListUnit& WU = WList->Dequeue();
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]178
Ted Kremenek90ae68f2008-02-12 18:08:17 +0000[diff] [blame]179 // Set the current block counter.
180 WList->setBlockCounter(WU.getBlockCounter());
181
182 // Retrieve the node.
Zhongxing Xu20227f72009-08-06 01:32:16 +0000[diff] [blame]183 ExplodedNode* Node = WU.getNode();
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]184
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]185 // Dispatch on the location type.
186 switch (Node->getLocation().getKind()) {
Ted Kremenekd9de9f12008-12-16 22:13:33 +0000[diff] [blame]187 case ProgramPoint::BlockEdgeKind:
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]188 HandleBlockEdge(cast<BlockEdge>(Node->getLocation()), Node);
189 break;
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]190
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]191 case ProgramPoint::BlockEntranceKind:
192 HandleBlockEntrance(cast<BlockEntrance>(Node->getLocation()), Node);
193 break;
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]194
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]195 case ProgramPoint::BlockExitKind:
Ted Kremeneke5843592008-01-15 00:24:08 +0000[diff] [blame]196 assert (false && "BlockExit location never occur in forward analysis.");
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]197 break;
Ted Kremenekd9de9f12008-12-16 22:13:33 +0000[diff] [blame]198
199 default:
200 assert(isa<PostStmt>(Node->getLocation()));
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]201 HandlePostStmt(cast<PostStmt>(Node->getLocation()), WU.getBlock(),
202 WU.getIndex(), Node);
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]203 break;
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]204 }
205 }
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]206
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]207 return WList->hasWork();
208}
209
Zhongxing Xu82003da2009-08-06 10:00:15 +0000[diff] [blame]210
211void GRCoreEngine::HandleBlockEdge(const BlockEdge& L, ExplodedNode* Pred) {
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]212
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]213 CFGBlock* Blk = L.getDst();
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]214
215 // Check if we are entering the EXIT block.
Zhongxing Xud2ab38e2009-12-23 08:54:57 +0000[diff] [blame]216 if (Blk == &(L.getLocationContext()->getCFG()->getExit())) {
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]217
Zhongxing Xud2ab38e2009-12-23 08:54:57 +0000[diff] [blame]218 assert (L.getLocationContext()->getCFG()->getExit().size() == 0
Ted Kremenek997d8722008-01-29 00:33:40 +0000[diff] [blame]219 && "EXIT block cannot contain Stmts.");
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]220
Ted Kremenek811c2b42008-04-11 22:03:04 +0000[diff] [blame]221 // Process the final state transition.
Zhongxing Xu107f7592009-08-06 12:48:26 +0000[diff] [blame]222 GREndPathNodeBuilder Builder(Blk, Pred, this);
Ted Kremenek811c2b42008-04-11 22:03:04 +0000[diff] [blame]223 ProcessEndPath(Builder);
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]224
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]225 // This path is done. Don't enqueue any more nodes.
226 return;
227 }
Ted Kremenek17f4dbd2008-02-29 20:27:50 +0000[diff] [blame]228
229 // FIXME: Should we allow ProcessBlockEntrance to also manipulate state?
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]230
Ted Kremenek17f4dbd2008-02-29 20:27:50 +0000[diff] [blame]231 if (ProcessBlockEntrance(Blk, Pred->State, WList->getBlockCounter()))
Zhongxing Xue1190f72009-08-15 03:17:38 +0000[diff] [blame]232 GenerateNode(BlockEntrance(Blk, Pred->getLocationContext()), Pred->State, Pred);
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]233}
234
Zhongxing Xu82003da2009-08-06 10:00:15 +0000[diff] [blame]235void GRCoreEngine::HandleBlockEntrance(const BlockEntrance& L,
Zhongxing Xu107f7592009-08-06 12:48:26 +0000[diff] [blame]236 ExplodedNode* Pred) {
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]237
Ted Kremenek90ae68f2008-02-12 18:08:17 +0000[diff] [blame]238 // Increment the block counter.
239 GRBlockCounter Counter = WList->getBlockCounter();
240 Counter = BCounterFactory.IncrementCount(Counter, L.getBlock()->getBlockID());
241 WList->setBlockCounter(Counter);
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]242
243 // Process the entrance of the block.
Ted Kremenek4cad5fc2009-12-16 03:18:58 +0000[diff] [blame]244 if (CFGElement E = L.getFirstElement()) {
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]245 GRStmtNodeBuilder Builder(L.getBlock(), 0, Pred, this,
Zhongxing Xu107f7592009-08-06 12:48:26 +0000[diff] [blame]246 SubEngine.getStateManager());
Ted Kremenek4cad5fc2009-12-16 03:18:58 +0000[diff] [blame]247 ProcessStmt(E, Builder);
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]248 }
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]249 else
Ted Kremeneke5843592008-01-15 00:24:08 +0000[diff] [blame]250 HandleBlockExit(L.getBlock(), Pred);
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]251}
252
Zhongxing Xu82003da2009-08-06 10:00:15 +0000[diff] [blame]253void GRCoreEngine::HandleBlockExit(CFGBlock * B, ExplodedNode* Pred) {
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]254
Ted Kremenek9b4211d2008-01-29 22:56:11 +0000[diff] [blame]255 if (Stmt* Term = B->getTerminator()) {
256 switch (Term->getStmtClass()) {
257 default:
258 assert(false && "Analysis for this terminator not implemented.");
259 break;
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]260
Ted Kremenek822f7372008-02-12 21:51:20 +0000[diff] [blame]261 case Stmt::BinaryOperatorClass: // '&&' and '||'
262 HandleBranch(cast<BinaryOperator>(Term)->getLHS(), Term, B, Pred);
263 return;
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]264
Ted Kremenek3f2f1ad2008-02-05 00:26:40 +0000[diff] [blame]265 case Stmt::ConditionalOperatorClass:
266 HandleBranch(cast<ConditionalOperator>(Term)->getCond(), Term, B, Pred);
Ted Kremenek822f7372008-02-12 21:51:20 +0000[diff] [blame]267 return;
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]268
Ted Kremenek822f7372008-02-12 21:51:20 +0000[diff] [blame]269 // FIXME: Use constant-folding in CFG construction to simplify this
270 // case.
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]271
Ted Kremenek3f2f1ad2008-02-05 00:26:40 +0000[diff] [blame]272 case Stmt::ChooseExprClass:
273 HandleBranch(cast<ChooseExpr>(Term)->getCond(), Term, B, Pred);
Ted Kremenek822f7372008-02-12 21:51:20 +0000[diff] [blame]274 return;
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]275
Ted Kremenek822f7372008-02-12 21:51:20 +0000[diff] [blame]276 case Stmt::DoStmtClass:
277 HandleBranch(cast<DoStmt>(Term)->getCond(), Term, B, Pred);
278 return;
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]279
Ted Kremenek822f7372008-02-12 21:51:20 +0000[diff] [blame]280 case Stmt::ForStmtClass:
281 HandleBranch(cast<ForStmt>(Term)->getCond(), Term, B, Pred);
282 return;
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]283
Ted Kremenek632bcb82008-02-13 16:56:51 +0000[diff] [blame]284 case Stmt::ContinueStmtClass:
285 case Stmt::BreakStmtClass:
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]286 case Stmt::GotoStmtClass:
Ted Kremenek3f2f1ad2008-02-05 00:26:40 +0000[diff] [blame]287 break;
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]288
Ted Kremenek9b4211d2008-01-29 22:56:11 +0000[diff] [blame]289 case Stmt::IfStmtClass:
290 HandleBranch(cast<IfStmt>(Term)->getCond(), Term, B, Pred);
Ted Kremenek822f7372008-02-12 21:51:20 +0000[diff] [blame]291 return;
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]292
Ted Kremenek7022efb2008-02-13 00:24:44 +0000[diff] [blame]293 case Stmt::IndirectGotoStmtClass: {
294 // Only 1 successor: the indirect goto dispatch block.
295 assert (B->succ_size() == 1);
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]296
Zhongxing Xu107f7592009-08-06 12:48:26 +0000[diff] [blame]297 GRIndirectGotoNodeBuilder
Ted Kremenek7022efb2008-02-13 00:24:44 +0000[diff] [blame]298 builder(Pred, B, cast<IndirectGotoStmt>(Term)->getTarget(),
299 *(B->succ_begin()), this);
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]300
Ted Kremenek7022efb2008-02-13 00:24:44 +0000[diff] [blame]301 ProcessIndirectGoto(builder);
302 return;
303 }
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]304
Ted Kremenek17810802008-11-12 19:24:17 +0000[diff] [blame]305 case Stmt::ObjCForCollectionStmtClass: {
306 // In the case of ObjCForCollectionStmt, it appears twice in a CFG:
307 //
308 // (1) inside a basic block, which represents the binding of the
309 // 'element' variable to a value.
310 // (2) in a terminator, which represents the branch.
311 //
312 // For (1), subengines will bind a value (i.e., 0 or 1) indicating
313 // whether or not collection contains any more elements. We cannot
314 // just test to see if the element is nil because a container can
315 // contain nil elements.
316 HandleBranch(Term, Term, B, Pred);
317 return;
318 }
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]319
Ted Kremenek80ebc1d2008-02-13 23:08:21 +0000[diff] [blame]320 case Stmt::SwitchStmtClass: {
Zhongxing Xu107f7592009-08-06 12:48:26 +0000[diff] [blame]321 GRSwitchNodeBuilder builder(Pred, B, cast<SwitchStmt>(Term)->getCond(),
322 this);
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]323
Ted Kremenek80ebc1d2008-02-13 23:08:21 +0000[diff] [blame]324 ProcessSwitch(builder);
325 return;
326 }
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]327
Ted Kremenek9b4211d2008-01-29 22:56:11 +0000[diff] [blame]328 case Stmt::WhileStmtClass:
329 HandleBranch(cast<WhileStmt>(Term)->getCond(), Term, B, Pred);
Ted Kremenek822f7372008-02-12 21:51:20 +0000[diff] [blame]330 return;
Ted Kremenek9b4211d2008-01-29 22:56:11 +0000[diff] [blame]331 }
332 }
Ted Kremenek822f7372008-02-12 21:51:20 +0000[diff] [blame]333
334 assert (B->succ_size() == 1 &&
335 "Blocks with no terminator should have at most 1 successor.");
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]336
337 GenerateNode(BlockEdge(B, *(B->succ_begin()), Pred->getLocationContext()),
Zhongxing Xue1190f72009-08-15 03:17:38 +0000[diff] [blame]338 Pred->State, Pred);
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]339}
340
Zhongxing Xu82003da2009-08-06 10:00:15 +0000[diff] [blame]341void GRCoreEngine::HandleBranch(Stmt* Cond, Stmt* Term, CFGBlock * B,
342 ExplodedNode* Pred) {
Ted Kremenek9b4211d2008-01-29 22:56:11 +0000[diff] [blame]343 assert (B->succ_size() == 2);
344
Zhongxing Xu107f7592009-08-06 12:48:26 +0000[diff] [blame]345 GRBranchNodeBuilder Builder(B, *(B->succ_begin()), *(B->succ_begin()+1),
346 Pred, this);
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]347
Ted Kremenek9b4211d2008-01-29 22:56:11 +0000[diff] [blame]348 ProcessBranch(Cond, Term, Builder);
349}
350
Zhongxing Xu82003da2009-08-06 10:00:15 +0000[diff] [blame]351void GRCoreEngine::HandlePostStmt(const PostStmt& L, CFGBlock* B,
Zhongxing Xu20227f72009-08-06 01:32:16 +0000[diff] [blame]352 unsigned StmtIdx, ExplodedNode* Pred) {
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]353
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]354 assert (!B->empty());
355
Ted Kremeneke5843592008-01-15 00:24:08 +0000[diff] [blame]356 if (StmtIdx == B->size())
357 HandleBlockExit(B, Pred);
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]358 else {
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]359 GRStmtNodeBuilder Builder(B, StmtIdx, Pred, this,
Zhongxing Xu107f7592009-08-06 12:48:26 +0000[diff] [blame]360 SubEngine.getStateManager());
Ted Kremeneke914bb82008-01-16 22:13:19 +0000[diff] [blame]361 ProcessStmt((*B)[StmtIdx], Builder);
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]362 }
363}
364
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]365/// GenerateNode - Utility method to generate nodes, hook up successors,
366/// and add nodes to the worklist.
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]367void GRCoreEngine::GenerateNode(const ProgramPoint& Loc,
Zhongxing Xu82003da2009-08-06 10:00:15 +0000[diff] [blame]368 const GRState* State, ExplodedNode* Pred) {
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]369
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]370 bool IsNew;
Zhongxing Xuc90a0c22009-08-06 06:28:40 +0000[diff] [blame]371 ExplodedNode* Node = G->getNode(Loc, State, &IsNew);
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]372
373 if (Pred)
Ted Kremenekc3661de2009-10-07 00:42:52 +0000[diff] [blame]374 Node->addPredecessor(Pred, *G); // Link 'Node' with its predecessor.
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]375 else {
376 assert (IsNew);
377 G->addRoot(Node); // 'Node' has no predecessor. Make it a root.
378 }
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]379
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]380 // Only add 'Node' to the worklist if it was freshly generated.
Ted Kremenek90ae68f2008-02-12 18:08:17 +0000[diff] [blame]381 if (IsNew) WList->Enqueue(Node);
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]382}
383
Zhongxing Xu107f7592009-08-06 12:48:26 +0000[diff] [blame]384GRStmtNodeBuilder::GRStmtNodeBuilder(CFGBlock* b, unsigned idx,
385 ExplodedNode* N, GRCoreEngine* e,
386 GRStateManager &mgr)
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]387 : Eng(*e), B(*b), Idx(idx), Pred(N), LastNode(N), Mgr(mgr), Auditor(0),
Zhongxing Xu107f7592009-08-06 12:48:26 +0000[diff] [blame]388 PurgingDeadSymbols(false), BuildSinks(false), HasGeneratedNode(false),
389 PointKind(ProgramPoint::PostStmtKind), Tag(0) {
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]390 Deferred.insert(N);
Zhongxing Xu107f7592009-08-06 12:48:26 +0000[diff] [blame]391 CleanedState = getLastNode()->getState();
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]392}
393
Zhongxing Xu107f7592009-08-06 12:48:26 +0000[diff] [blame]394GRStmtNodeBuilder::~GRStmtNodeBuilder() {
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]395 for (DeferredTy::iterator I=Deferred.begin(), E=Deferred.end(); I!=E; ++I)
Ted Kremeneka50d9852008-01-30 23:03:39 +0000[diff] [blame]396 if (!(*I)->isSink())
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]397 GenerateAutoTransition(*I);
398}
399
Zhongxing Xu107f7592009-08-06 12:48:26 +0000[diff] [blame]400void GRStmtNodeBuilder::GenerateAutoTransition(ExplodedNode* N) {
Ted Kremeneka50d9852008-01-30 23:03:39 +0000[diff] [blame]401 assert (!N->isSink());
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]402
Zhongxing Xue1190f72009-08-15 03:17:38 +0000[diff] [blame]403 PostStmt Loc(getStmt(), N->getLocationContext());
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]404
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]405 if (Loc == N->getLocation()) {
406 // Note: 'N' should be a fresh node because otherwise it shouldn't be
407 // a member of Deferred.
408 Eng.WList->Enqueue(N, B, Idx+1);
409 return;
410 }
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]411
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]412 bool IsNew;
Zhongxing Xuc90a0c22009-08-06 06:28:40 +0000[diff] [blame]413 ExplodedNode* Succ = Eng.G->getNode(Loc, N->State, &IsNew);
Ted Kremenekc3661de2009-10-07 00:42:52 +0000[diff] [blame]414 Succ->addPredecessor(N, *Eng.G);
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]415
416 if (IsNew)
417 Eng.WList->Enqueue(Succ, B, Idx+1);
418}
419
Ted Kremenek5e1f78a2009-11-11 03:26:34 +0000[diff] [blame]420static ProgramPoint GetProgramPoint(const Stmt *S, ProgramPoint::Kind K,
421 const LocationContext *LC, const void *tag){
Ted Kremenek9a935fb2008-06-18 05:34:07 +0000[diff] [blame]422 switch (K) {
423 default:
Ted Kremenek5e1f78a2009-11-11 03:26:34 +0000[diff] [blame]424 assert(false && "Unhandled ProgramPoint kind");
425 case ProgramPoint::PreStmtKind:
426 return PreStmt(S, LC, tag);
Ted Kremenek9a935fb2008-06-18 05:34:07 +0000[diff] [blame]427 case ProgramPoint::PostStmtKind:
Ted Kremenek5e1f78a2009-11-11 03:26:34 +0000[diff] [blame]428 return PostStmt(S, LC, tag);
429 case ProgramPoint::PreLoadKind:
430 return PreLoad(S, LC, tag);
Ted Kremenek9a935fb2008-06-18 05:34:07 +0000[diff] [blame]431 case ProgramPoint::PostLoadKind:
Ted Kremenek5e1f78a2009-11-11 03:26:34 +0000[diff] [blame]432 return PostLoad(S, LC, tag);
433 case ProgramPoint::PreStoreKind:
434 return PreStore(S, LC, tag);
Ted Kremeneka1966182008-10-17 20:49:23 +0000[diff] [blame]435 case ProgramPoint::PostStoreKind:
Ted Kremenek5e1f78a2009-11-11 03:26:34 +0000[diff] [blame]436 return PostStore(S, LC, tag);
Ted Kremeneka6e08322009-05-07 18:27:16 +0000[diff] [blame]437 case ProgramPoint::PostLValueKind:
Ted Kremenek5e1f78a2009-11-11 03:26:34 +0000[diff] [blame]438 return PostLValue(S, LC, tag);
Ted Kremenek9a935fb2008-06-18 05:34:07 +0000[diff] [blame]439 case ProgramPoint::PostPurgeDeadSymbolsKind:
Ted Kremenek5e1f78a2009-11-11 03:26:34 +0000[diff] [blame]440 return PostPurgeDeadSymbols(S, LC, tag);
Ted Kremenek9a935fb2008-06-18 05:34:07 +0000[diff] [blame]441 }
442}
443
Zhongxing Xu20227f72009-08-06 01:32:16 +0000[diff] [blame]444ExplodedNode*
Ted Kremenek5e1f78a2009-11-11 03:26:34 +0000[diff] [blame]445GRStmtNodeBuilder::generateNodeInternal(const Stmt* S, const GRState* state,
Zhongxing Xu20227f72009-08-06 01:32:16 +0000[diff] [blame]446 ExplodedNode* Pred,
Ted Kremenekdf240002009-04-11 00:11:10 +0000[diff] [blame]447 ProgramPoint::Kind K,
448 const void *tag) {
Ted Kremenek5e1f78a2009-11-11 03:26:34 +0000[diff] [blame]449
Zhongxing Xud2ab38e2009-12-23 08:54:57 +0000[diff] [blame]450 const ProgramPoint &L = GetProgramPoint(S, K, Pred->getLocationContext(),tag);
Ted Kremenek5e1f78a2009-11-11 03:26:34 +0000[diff] [blame]451 return generateNodeInternal(L, state, Pred);
Ted Kremenek513f0b12009-02-19 23:45:28 +0000[diff] [blame]452}
453
Zhongxing Xu20227f72009-08-06 01:32:16 +0000[diff] [blame]454ExplodedNode*
Zhongxing Xu107f7592009-08-06 12:48:26 +0000[diff] [blame]455GRStmtNodeBuilder::generateNodeInternal(const ProgramPoint &Loc,
Zhongxing Xuc90a0c22009-08-06 06:28:40 +0000[diff] [blame]456 const GRState* State,
Zhongxing Xu20227f72009-08-06 01:32:16 +0000[diff] [blame]457 ExplodedNode* Pred) {
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]458 bool IsNew;
Zhongxing Xuc90a0c22009-08-06 06:28:40 +0000[diff] [blame]459 ExplodedNode* N = Eng.G->getNode(Loc, State, &IsNew);
Ted Kremenekc3661de2009-10-07 00:42:52 +0000[diff] [blame]460 N->addPredecessor(Pred, *Eng.G);
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]461 Deferred.erase(Pred);
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]462
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]463 if (IsNew) {
464 Deferred.insert(N);
465 LastNode = N;
466 return N;
467 }
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]468
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]469 LastNode = NULL;
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]470 return NULL;
Ted Kremenek3e743662008-01-14 23:24:37 +0000[diff] [blame]471}
Ted Kremenek9b4211d2008-01-29 22:56:11 +0000[diff] [blame]472
Zhongxing Xu107f7592009-08-06 12:48:26 +0000[diff] [blame]473ExplodedNode* GRBranchNodeBuilder::generateNode(const GRState* State,
474 bool branch) {
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]475
Ted Kremenekaf9f3622009-07-20 18:44:36 +0000[diff] [blame]476 // If the branch has been marked infeasible we should not generate a node.
477 if (!isFeasible(branch))
478 return NULL;
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]479
Ted Kremenek9b4211d2008-01-29 22:56:11 +0000[diff] [blame]480 bool IsNew;
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]481
Zhongxing Xu20227f72009-08-06 01:32:16 +0000[diff] [blame]482 ExplodedNode* Succ =
Zhongxing Xue1190f72009-08-15 03:17:38 +0000[diff] [blame]483 Eng.G->getNode(BlockEdge(Src,branch ? DstT:DstF,Pred->getLocationContext()),
484 State, &IsNew);
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]485
Ted Kremenekc3661de2009-10-07 00:42:52 +0000[diff] [blame]486 Succ->addPredecessor(Pred, *Eng.G);
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]487
Ted Kremenekaf9f3622009-07-20 18:44:36 +0000[diff] [blame]488 if (branch)
489 GeneratedTrue = true;
490 else
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]491 GeneratedFalse = true;
492
Ted Kremeneka50d9852008-01-30 23:03:39 +0000[diff] [blame]493 if (IsNew) {
Ted Kremenek2531fce2008-01-30 23:24:39 +0000[diff] [blame]494 Deferred.push_back(Succ);
Ted Kremeneka50d9852008-01-30 23:03:39 +0000[diff] [blame]495 return Succ;
496 }
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]497
Ted Kremeneka50d9852008-01-30 23:03:39 +0000[diff] [blame]498 return NULL;
Ted Kremenek9b4211d2008-01-29 22:56:11 +0000[diff] [blame]499}
Ted Kremenek7ff18932008-01-29 23:32:35 +0000[diff] [blame]500
Zhongxing Xu107f7592009-08-06 12:48:26 +0000[diff] [blame]501GRBranchNodeBuilder::~GRBranchNodeBuilder() {
502 if (!GeneratedTrue) generateNode(Pred->State, true);
503 if (!GeneratedFalse) generateNode(Pred->State, false);
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]504
Ted Kremenek2531fce2008-01-30 23:24:39 +0000[diff] [blame]505 for (DeferredTy::iterator I=Deferred.begin(), E=Deferred.end(); I!=E; ++I)
Ted Kremenek90ae68f2008-02-12 18:08:17 +0000[diff] [blame]506 if (!(*I)->isSink()) Eng.WList->Enqueue(*I);
Ted Kremenek7ff18932008-01-29 23:32:35 +0000[diff] [blame]507}
Ted Kremenek7022efb2008-02-13 00:24:44 +0000[diff] [blame]508
Ted Kremenek7022efb2008-02-13 00:24:44 +0000[diff] [blame]509
Zhongxing Xu20227f72009-08-06 01:32:16 +0000[diff] [blame]510ExplodedNode*
Zhongxing Xu107f7592009-08-06 12:48:26 +0000[diff] [blame]511GRIndirectGotoNodeBuilder::generateNode(const iterator& I, const GRState* St,
512 bool isSink) {
Ted Kremenek7022efb2008-02-13 00:24:44 +0000[diff] [blame]513 bool IsNew;
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]514
515 ExplodedNode* Succ = Eng.G->getNode(BlockEdge(Src, I.getBlock(),
Zhongxing Xue1190f72009-08-15 03:17:38 +0000[diff] [blame]516 Pred->getLocationContext()), St, &IsNew);
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]517
Ted Kremenekc3661de2009-10-07 00:42:52 +0000[diff] [blame]518 Succ->addPredecessor(Pred, *Eng.G);
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]519
Ted Kremenek7022efb2008-02-13 00:24:44 +0000[diff] [blame]520 if (IsNew) {
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]521
Ted Kremenek7022efb2008-02-13 00:24:44 +0000[diff] [blame]522 if (isSink)
523 Succ->markAsSink();
524 else
525 Eng.WList->Enqueue(Succ);
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]526
Ted Kremenek7022efb2008-02-13 00:24:44 +0000[diff] [blame]527 return Succ;
528 }
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]529
Ted Kremenek7022efb2008-02-13 00:24:44 +0000[diff] [blame]530 return NULL;
531}
Ted Kremenek80ebc1d2008-02-13 23:08:21 +0000[diff] [blame]532
533
Zhongxing Xu20227f72009-08-06 01:32:16 +0000[diff] [blame]534ExplodedNode*
Zhongxing Xu107f7592009-08-06 12:48:26 +0000[diff] [blame]535GRSwitchNodeBuilder::generateCaseStmtNode(const iterator& I, const GRState* St){
Ted Kremenek80ebc1d2008-02-13 23:08:21 +0000[diff] [blame]536
537 bool IsNew;
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]538
Zhongxing Xue1190f72009-08-15 03:17:38 +0000[diff] [blame]539 ExplodedNode* Succ = Eng.G->getNode(BlockEdge(Src, I.getBlock(),
540 Pred->getLocationContext()), St, &IsNew);
Ted Kremenekc3661de2009-10-07 00:42:52 +0000[diff] [blame]541 Succ->addPredecessor(Pred, *Eng.G);
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]542
Ted Kremenek80ebc1d2008-02-13 23:08:21 +0000[diff] [blame]543 if (IsNew) {
544 Eng.WList->Enqueue(Succ);
545 return Succ;
546 }
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]547
Ted Kremenek80ebc1d2008-02-13 23:08:21 +0000[diff] [blame]548 return NULL;
549}
550
551
Zhongxing Xu20227f72009-08-06 01:32:16 +0000[diff] [blame]552ExplodedNode*
Zhongxing Xu107f7592009-08-06 12:48:26 +0000[diff] [blame]553GRSwitchNodeBuilder::generateDefaultCaseNode(const GRState* St, bool isSink) {
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]554
Ted Kremenek80ebc1d2008-02-13 23:08:21 +0000[diff] [blame]555 // Get the block for the default case.
556 assert (Src->succ_rbegin() != Src->succ_rend());
557 CFGBlock* DefaultBlock = *Src->succ_rbegin();
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]558
Ted Kremenek80ebc1d2008-02-13 23:08:21 +0000[diff] [blame]559 bool IsNew;
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]560
Zhongxing Xue1190f72009-08-15 03:17:38 +0000[diff] [blame]561 ExplodedNode* Succ = Eng.G->getNode(BlockEdge(Src, DefaultBlock,
562 Pred->getLocationContext()), St, &IsNew);
Ted Kremenekc3661de2009-10-07 00:42:52 +0000[diff] [blame]563 Succ->addPredecessor(Pred, *Eng.G);
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]564
Ted Kremenek80ebc1d2008-02-13 23:08:21 +0000[diff] [blame]565 if (IsNew) {
566 if (isSink)
567 Succ->markAsSink();
568 else
569 Eng.WList->Enqueue(Succ);
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]570
Ted Kremenek80ebc1d2008-02-13 23:08:21 +0000[diff] [blame]571 return Succ;
572 }
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]573
Ted Kremenek80ebc1d2008-02-13 23:08:21 +0000[diff] [blame]574 return NULL;
575}
Ted Kremenek811c2b42008-04-11 22:03:04 +0000[diff] [blame]576
Zhongxing Xu107f7592009-08-06 12:48:26 +0000[diff] [blame]577GREndPathNodeBuilder::~GREndPathNodeBuilder() {
Ted Kremenek811c2b42008-04-11 22:03:04 +0000[diff] [blame]578 // Auto-generate an EOP node if one has not been generated.
Jakob Stoklund Olesen5a8f9ac2010-02-25 15:47:53 +0000[diff] [blame]579 if (!HasGeneratedNode) generateNode(Pred->State);
Ted Kremenek811c2b42008-04-11 22:03:04 +0000[diff] [blame]580}
581
Zhongxing Xu20227f72009-08-06 01:32:16 +0000[diff] [blame]582ExplodedNode*
Zhongxing Xu107f7592009-08-06 12:48:26 +0000[diff] [blame]583GREndPathNodeBuilder::generateNode(const GRState* State, const void *tag,
584 ExplodedNode* P) {
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]585 HasGeneratedNode = true;
Ted Kremenek811c2b42008-04-11 22:03:04 +0000[diff] [blame]586 bool IsNew;
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]587
588 ExplodedNode* Node = Eng.G->getNode(BlockEntrance(&B,
Zhongxing Xue1190f72009-08-15 03:17:38 +0000[diff] [blame]589 Pred->getLocationContext(), tag), State, &IsNew);
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]590
Ted Kremenekc3661de2009-10-07 00:42:52 +0000[diff] [blame]591 Node->addPredecessor(P ? P : Pred, *Eng.G);
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]592
Ted Kremenek811c2b42008-04-11 22:03:04 +0000[diff] [blame]593 if (IsNew) {
Ted Kremenek811c2b42008-04-11 22:03:04 +0000[diff] [blame]594 Eng.G->addEndOfPath(Node);
Ted Kremenekd004c412008-04-18 16:30:14 +0000[diff] [blame]595 return Node;
Ted Kremenek811c2b42008-04-11 22:03:04 +0000[diff] [blame]596 }
Mike Stump11289f42009-09-09 15:08:12 +0000[diff] [blame]597
Ted Kremenekd004c412008-04-18 16:30:14 +0000[diff] [blame]598 return NULL;
Ted Kremenek811c2b42008-04-11 22:03:04 +0000[diff] [blame]599}