Initial KLEE checkin.

- Lots more tweaks, documentation, and web page content is needed, but this should compile & work on OS X & Linux. git-svn-id: https://llvm.org/svn/llvm-project/klee/trunk@72205 91177308-0d34-0410-b5e6-96231b3b80d8
author: Daniel Dunbar <daniel@zuster.org> 2009-05-21 04:36:41 +0000
committer: Daniel Dunbar <daniel@zuster.org> 2009-05-21 04:36:41 +0000
commit: 6f290d8f9e9d7faac295cb51fc96884a18f4ded4 (patch)
tree: 46e7d426abc0c9f06ac472ac6f7f9e661b5d78cb /test/regression/2007-08-06-access-after-free.c
parent: a55960edd4dcd7535526de8d2277642522aa0209 (diff)
download: klee-6f290d8f9e9d7faac295cb51fc96884a18f4ded4.tar.gz
1 files changed, 29 insertions, 0 deletions
diff --git a/test/regression/2007-08-06-access-after-free.c b/test/regression/2007-08-06-access-after-free.c
new file mode 100644
index 00000000..a1812062
--- /dev/null
+++ b/test/regression/2007-08-06-access-after-free.c
@@ -0,0 +1,29 @@
+// RUN: %llvmgcc %s -emit-llvm -O0 -c -o %t1.bc
+// RUN: %klee %t1.bc
+
+#include <assert.h>
+
+int main() {
+  int a;
+  unsigned char *p = malloc(4);
+
+  klee_make_symbolic(&a, sizeof a);
+  klee_make_symbolic(p, sizeof p);
+
+  p[0] |= 16;
+
+  if (a) {
+    free(p);
+
+    // this should give an error instead of
+    // pulling the state from the parent, where
+    // it is not free
+    assert(p[0] > 10);
+   
+    return 0;
+  }
+  
+  assert(p[0] > 10);
+
+  return 0;
+}
author	Daniel Dunbar <daniel@zuster.org>	2009-05-21 04:36:41 +0000
committer	Daniel Dunbar <daniel@zuster.org>	2009-05-21 04:36:41 +0000
commit	6f290d8f9e9d7faac295cb51fc96884a18f4ded4 (patch)
tree	46e7d426abc0c9f06ac472ac6f7f9e661b5d78cb /test/regression/2007-08-06-access-after-free.c
parent	a55960edd4dcd7535526de8d2277642522aa0209 (diff)
download	klee-6f290d8f9e9d7faac295cb51fc96884a18f4ded4.tar.gz