Print this page
12724 update smatch to 0.6.1-rc1-il-5
@@ -21,10 +21,11 @@
* nice thing about this is that we just one pointer to the allocated memory
* so what we can do is we can generate a mtag alias for it in the caller.
*/
#include "smatch.h"
+#include "smatch_extra.h"
#include "smatch_slist.h"
static int my_id;
STATE(fresh);
@@ -63,10 +64,20 @@
{"memdup", 1},
{"realloc", 1},
{},
};
+static void pre_merge_hook(struct sm_state *cur, struct sm_state *other)
+{
+ struct smatch_state *state;
+ sval_t sval;
+
+ state = get_state(SMATCH_EXTRA, cur->name, cur->sym);
+ if (estate_get_single_value(state, &sval) && sval.value == 0)
+ set_state(my_id, cur->name, cur->sym, &undefined);
+}
+
static int fresh_callback(void *fresh, int argc, char **argv, char **azColName)
{
*(int *)fresh = 1;
return 0;
}
@@ -148,16 +159,27 @@
FOR_EACH_PTR(expr->args, arg) {
set_unfresh(arg);
} END_FOR_EACH_PTR(arg);
}
+static struct expression *handled;
static void set_fresh(struct expression *expr)
{
+ struct range_list *rl;
+
expr = strip_expr(expr);
if (expr->type != EXPR_SYMBOL)
return;
+ if (expr == handled)
+ return;
+
+ get_absolute_rl(expr, &rl);
+ rl = rl_intersection(rl, valid_ptr_rl);
+ if (!rl)
+ return;
set_state_expr(my_id, expr, &fresh);
+ handled = expr;
}
static void returns_fresh_alloc(struct expression *expr, int param, char *key, char *value)
{
if (param != -1 || !key || strcmp(key, "$") != 0)
@@ -190,6 +212,8 @@
add_split_return_callback(&record_alloc_func);
select_return_states_hook(FRESH_ALLOC, &returns_fresh_alloc);
add_hook(&match_assign, ASSIGNMENT_HOOK);
add_hook(&match_call, FUNCTION_CALL_HOOK);
+
+ add_pre_merge_hook(my_id, &pre_merge_hook);
}