[cfe-commits] r138937 - in /cfe/trunk: lib/StaticAnalyzer/Checkers/MallocChecker.cpp test/Analysis/malloc.c

Wed Aug 31 21:53:59 PDT 2011

Author: zhongxingxu
Date: Wed Aug 31 23:53:59 2011
New Revision: 138937

URL: http://llvm.org/viewvc/llvm-project?rev=138937&view=rev
Log:
If size was equal to 0, either NULL or a pointer suitable to be passed to 
free() is returned by realloc(). Most code expect NULL.

And we only need to transfer one final ProgramState.

Modified:
    cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp
    cfe/trunk/test/Analysis/malloc.c

Modified: cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp?rev=138937&r1=138936&r2=138937&view=diff
==============================================================================

--- cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp (original)
+++ cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp Wed Aug 31 23:53:59 2011
@@ -538,11 +538,8 @@
       if (const ProgramState *stateFree = 
           FreeMemAux(C, CE, stateSizeZero, 0, false)) {
 
-        // Add the state transition to set input pointer argument to be free.
-        C.addTransition(stateFree);
-
-        // Bind the return value to UndefinedVal because it is now free.
-        C.addTransition(stateFree->BindExpr(CE, UndefinedVal(), true));
+        // Bind the return value to NULL because it is now free.
+        C.addTransition(stateFree->BindExpr(CE, svalBuilder.makeNull(), true));
       }
     if (const ProgramState *stateSizeNotZero = stateNotEqual->assume(SizeZero,false))
       if (const ProgramState *stateFree = FreeMemAux(C, CE, stateSizeNotZero,

Modified: cfe/trunk/test/Analysis/malloc.c
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/malloc.c?rev=138937&r1=138936&r2=138937&view=diff
==============================================================================
--- cfe/trunk/test/Analysis/malloc.c (original)
+++ cfe/trunk/test/Analysis/malloc.c Wed Aug 31 23:53:59 2011
@@ -41,7 +41,7 @@
 
 void f2_realloc_1() {
   int *p = malloc(12);
-  int *q = realloc(p,0); // expected-warning{{Assigned value is garbage or undefined}}
+  int *q = realloc(p,0); // no-warning
 }
 
 // ownership attributes tests



