Fixed crash on zero size arrays

2 files changed, 25 insertions, 0 deletions

diff --git a/lib/Core/ExecutorUtil.cpp b/lib/Core/ExecutorUtil.cpp
index daea189a..c80354e2 100644
--- a/lib/Core/ExecutorUtil.cpp
+++ b/lib/Core/ExecutorUtil.cpp
@@ -59,6 +59,12 @@ namespace klee {
       } else if (isa<ConstantPointerNull>(c)) {
         return Expr::createPointer(0);
       } else if (isa<UndefValue>(c) || isa<ConstantAggregateZero>(c)) {
+        if (getWidthForLLVMType(c->getType()) == 0) {
+          if (isa<llvm::LandingPadInst>(ki->inst)) {
+            klee_warning_once(0, "Using zero size array fix for landingpad instruction filter");
+            return ConstantExpr::create(0, 1);
+          }
+        }
         return ConstantExpr::create(0, getWidthForLLVMType(c->getType()));
       } else if (const ConstantDataSequential *cds =
                  dyn_cast<ConstantDataSequential>(c)) {
diff --git a/test/CXX/LandingPad.cpp b/test/CXX/LandingPad.cpp
new file mode 100644
index 00000000..1b0c0f30
--- /dev/null
+++ b/test/CXX/LandingPad.cpp
@@ -0,0 +1,19 @@
+// RUN: %llvmgxx %s -emit-llvm -c -o %t1.bc
+// RUN: rm -rf %t.klee-out
+// RUN: klee --output-dir=%t.klee-out %t1.bc 2>&1 | FileCheck %s
+
+// CHECK: Using zero size array fix for landingpad instruction filter
+
+// Check that the zero size array in the landing pad filter does not crash KLEE
+int p() throw() { throw 'a'; }
+int main(int argc, char **) {
+  if (argc < 3) {
+    return 0;
+  }
+
+  try {
+    return p();
+  } catch (...) {
+    return 1;
+  }
+}