Print this page
12724 update smatch to 0.6.1-rc1-il-5

@@ -21,10 +21,11 @@
  * nice thing about this is that we just one pointer to the allocated memory
  * so what we can do is we can generate a mtag alias for it in the caller.
  */
 
 #include "smatch.h"
+#include "smatch_extra.h"
 #include "smatch_slist.h"
 
 static int my_id;
 
 STATE(fresh);

@@ -63,10 +64,20 @@
         {"memdup", 1},
         {"realloc", 1},
         {},
 };
 
+static void pre_merge_hook(struct sm_state *cur, struct sm_state *other)
+{
+        struct smatch_state *state;
+        sval_t sval;
+
+        state = get_state(SMATCH_EXTRA, cur->name, cur->sym);
+        if (estate_get_single_value(state, &sval) && sval.value == 0)
+                set_state(my_id, cur->name, cur->sym, &undefined);
+}
+
 static int fresh_callback(void *fresh, int argc, char **argv, char **azColName)
 {
         *(int *)fresh = 1;
         return 0;
 }

@@ -148,16 +159,27 @@
         FOR_EACH_PTR(expr->args, arg) {
                 set_unfresh(arg);
         } END_FOR_EACH_PTR(arg);
 }
 
+static struct expression *handled;
 static void set_fresh(struct expression *expr)
 {
+        struct range_list *rl;
+
         expr = strip_expr(expr);
         if (expr->type != EXPR_SYMBOL)
                 return;
+        if (expr == handled)
+                return;
+
+        get_absolute_rl(expr, &rl);
+        rl = rl_intersection(rl, valid_ptr_rl);
+        if (!rl)
+                return;
         set_state_expr(my_id, expr, &fresh);
+        handled = expr;
 }
 
 static void returns_fresh_alloc(struct expression *expr, int param, char *key, char *value)
 {
         if (param != -1 || !key || strcmp(key, "$") != 0)

@@ -190,6 +212,8 @@
 
         add_split_return_callback(&record_alloc_func);
         select_return_states_hook(FRESH_ALLOC, &returns_fresh_alloc);
         add_hook(&match_assign, ASSIGNMENT_HOOK);
         add_hook(&match_call, FUNCTION_CALL_HOOK);
+
+        add_pre_merge_hook(my_id, &pre_merge_hook);
 }