Member predicate DataFlow::TypeTracker::smallstep
Gets the summary that corresponds to having taken a forwards
local, heap and/or inter-procedural step from pred to succ.
Unlike TypeTracker::step, this predicate exposes all edges
in the flow graph, and not just the edges between SourceNodes.
It may therefore be less performant.
Type tracking predicates using small steps typically take the following form:
DataFlow::Node myType(DataFlow::TypeTracker t) {
t.start() and
result = < source of myType >
or
exists (DataFlow::TypeTracker t2 |
t = t2.smallstep(myType(t2), result)
)
}
DataFlow::Node myType() {
result = myType(DataFlow::TypeTracker::end())
}
TypeTracker smallstep(Node pred, Node succ)