Inconsistent argument number between function decl and callee site causes Clang crash

Zhenbo_Xu · January 14, 2011, 2:47pm

Hi everybody,
Clang Static Analyzer crashes when the argument number of function’s callee site is greater than function decl.
The following is a simple test case:

//Run %clang_cc1 -analyze -analyzer-check-objc-mem -analyzer-store=region -analyzer-inline-call

#include <stdlib.h>
void f1() {
}

void f() {
int *p = malloc(32);
f1(p);
}

Attachment is the patch.

RegionStore.patch (2.16 KB)

Ted_Kremenek · January 14, 2011, 11:54pm

Thanks Zhenbo. I've applied your fix here (with a few formatting tweaks):

http://llvm.org/viewvc/llvm-project?view=rev&revision=123458