#29 ExceptionPrunedCFG assumes exit is reachable from entry
PrunedCFG in release 1.1.2, revision 2490, assumes that the exit node for the input CFG has a path from the entry node. This need not be the case. Consider:
public void run() {
for(;;) {
}
}
The SSACFG produced for the run() method using the JavaSourceAnalysisEngine will have an edge from the basic block of the conditional test to the exit block of the for-loop. However, no such edge is present if analyzing the method's bytecode (using javac 1.6.9_04 debian etch unstable).
If cfg is the SSACFG describing the run() method above, then the following will raise an IllegalArgumentException:
PrunedCFG p = ExceptionPrunedCFG.make(cfg);
p.getSuccNodes(p.entry());
The problem is in PrunedCFG.java on line 280. It takes the intersection of the forward and backward reachable set of basic blocks from the entry and exit block, respectively. This breaks the (assumed) invariant that each CFG has an entry and exit basic block.
One fix is to change this from "reachable.retainAll(back)" to "reachable.addAll(back)", and rely on missing edges to convey the fact that not all blocks are reachable.
Actual program that caused the exception to be raised.