about summary refs log tree commit diff homepage
path: root/test/regression/2016-11-24-bitcast-weak-alias.c
diff options
context:
space:
mode:
authorAndrea Mattavelli <andreamattavelli@users.noreply.github.com>2017-02-21 22:23:52 +0000
committerGitHub <noreply@github.com>2017-02-21 22:23:52 +0000
commit62ee2e574b9f920e6679c91da25f8941552277d9 (patch)
treeb476d2df666340ad26f63d8fd3c4e07b2a248f11 /test/regression/2016-11-24-bitcast-weak-alias.c
parent27f414cc48bf086552ee4cba7784354c162a8301 (diff)
parent70715151746a24c4c6919292956111b00fcd3a26 (diff)
downloadklee-62ee2e574b9f920e6679c91da25f8941552277d9.tar.gz
Merge pull request #514 from delcypher/fix_klee_get_direct_call_bitcast_weak_alias
Fix assertion failure when klee::getDirectCallTarget() is used on call to bitcasted weak alias
Diffstat (limited to 'test/regression/2016-11-24-bitcast-weak-alias.c')
-rw-r--r--test/regression/2016-11-24-bitcast-weak-alias.c43
1 files changed, 43 insertions, 0 deletions
diff --git a/test/regression/2016-11-24-bitcast-weak-alias.c b/test/regression/2016-11-24-bitcast-weak-alias.c
new file mode 100644
index 00000000..f115731b
--- /dev/null
+++ b/test/regression/2016-11-24-bitcast-weak-alias.c
@@ -0,0 +1,43 @@
+// RUN: %llvmgcc %s -Wall -emit-llvm -g -O0 -c -o %t.bc
+// RUN: rm -rf %t.klee-out
+// RUN: klee --output-dir=%t.klee-out -exit-on-error -search=nurs:covnew %t.bc DUMMY_ARG >%t1.log 2>&1
+// RUN: FileCheck -input-file=%t1.log %s
+
+// This test case is designed to cover code in `klee::getDirectCallTarget(CallSite)`.
+// In particular it designed to test the case where a bitcasted function call, calls
+// a weak alias.
+struct v1 {
+  int c;
+  int d;
+};
+
+int __real_function(struct v1 *unused, struct v1 *unused2, int unused3) {
+  return 0;
+}
+
+struct v2 {
+  int e;
+  int f;
+};
+
+int alias_function(struct v1 *, struct v1 *, int)
+    __attribute__((weak, alias("__real_function")));
+
+int main(int argc, char** argv) {
+  struct v2 local = { .e= 0, .f=0 };
+  int choice = (argc == 1);
+  int number = 0;
+
+  // FIXME: Drop the guard when llvm 2.9 is dropped.
+  // Prevent actually making the call at runtime due to llvm-gcc
+  // injecting an abort if the call is made. The call is guarded
+  // in such a way that the compiler cannot remove the call.
+  if (choice) {
+    // Call via a bitcasted alias.
+    number = ((int (*)(struct v2 *, struct v2 *, int))alias_function)(
+        &local, &local, 0);
+  }
+  return number % 255;
+}
+
+// CHECK: KLEE: done: completed paths = 1