commit f8769c8c1b3710ea86a7376916e16c115bb4e99d
author Ted Kremenek <kremenek@apple.com> Thu Apr 09 06:02:06 2009 +0000
committer Ted Kremenek <kremenek@apple.com> Thu Apr 09 06:02:06 2009 +0000
tree 0875e8a48114ade44e3d243ede5beed644eeb5bc
parent 867418fdb53b351f7c88cb0255c4a250ea283c3a

Fix a null pointer dereference error due to state caching in a loop involving
sending a message to a nil receiver.


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@68686 91177308-0d34-0410-b5e6-96231b3b80d8

lib/Analysis/GRExprEngine.cpp

diff --git a/lib/Analysis/GRExprEngine.cpp b/lib/Analysis/GRExprEngine.cpp
index 1fb7e5d..7c928f3 100644
--- a/lib/Analysis/GRExprEngine.cpp
+++ b/lib/Analysis/GRExprEngine.cpp
@@ -1704,10 +1704,8 @@
             N->markAsSink();
             if (isFeasibleNotNull)
               NilReceiverStructRetImplicit.insert(N);
-            else {
+            else
               NilReceiverStructRetExplicit.insert(N);            
-              return;
-            }
           }
         }
       }
@@ -1725,10 +1723,8 @@
                 N->markAsSink();
                 if(isFeasibleNotNull)
                   NilReceiverLargerThanVoidPtrRetImplicit.insert(N);
-                else {
+                else
                   NilReceiverLargerThanVoidPtrRetExplicit.insert(N);            
-                  return;
-                }
               }
             }
             else if (!isFeasibleNotNull) {
@@ -1753,7 +1749,10 @@
         }
       }
       // We have handled the cases where the receiver is nil.  The remainder
-      // of this method should assume that the receiver is not nil.      
+      // of this method should assume that the receiver is not nil.
+      if (!StNotNull)
+        return;
+       
       state = StNotNull;
     }