Added read_after_free regression test.

git-svn-id: svn://svn.valgrind.org/valgrind/trunk@11300

diff --git a/drd/tests/Makefile.am b/drd/tests/Makefile.am
index 857d2275e0a2c4d93bfad077c8b383ec371d189a..26a3b63205302cc293727323ea9e617fb4c73107 100644 (file)
--- a/drd/tests/Makefile.am
+++ b/drd/tests/Makefile.am
@@ -170,6 +170,8 @@ EXTRA_DIST =                                        \
        qt4_rwlock.vgtest                           \
        qt4_semaphore.stderr.exp                    \
        qt4_semaphore.vgtest                        \
+       read_after_free.stderr.exp                  \
+       read_after_free.vgtest                      \
        recursive_mutex.stderr.exp-linux            \
        recursive_mutex.stderr.exp-darwin           \
        recursive_mutex.vgtest                      \
@@ -307,6 +309,7 @@ check_PROGRAMS +=        \
   annotate_smart_pointer \
   atomic_var             \
   circular_buffer        \
+  read_after_free        \
   tsan_unittest
 endif
 

diff --git a/drd/tests/read_after_free.c b/drd/tests/read_after_free.c
new file mode 100644 (file)
index 0000000..1319cb2
--- /dev/null
+++ b/drd/tests/read_after_free.c
@@ -0,0 +1,45 @@
+#define _GNU_SOURCE 1
+
+#include <assert.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <pthread.h>
+
+static char* s_mem;
+static volatile int s_freed;
+
+static void* thread_func(void* arg)
+{
+    // Busy-wait until pthread_create() has finished.
+    while (s_freed == 0)
+        pthread_yield();
+    free(s_mem);
+    __sync_add_and_fetch(&s_freed, 1);
+    return NULL;
+}
+
+int main(int argc, char** argv)
+{
+    pthread_t tid;
+    int quiet;
+    char result;
+
+    quiet = argc > 1;
+
+    s_mem = malloc(10);
+    if (!quiet)
+        fprintf(stderr, "Pointer to allocated memory: %p\n", s_mem);
+    assert(s_mem);
+    pthread_create(&tid, NULL, thread_func, NULL);
+    __sync_add_and_fetch(&s_freed, 1);
+    // Busy-wait until the memory has been freed.
+    while (s_freed == 1)
+        pthread_yield();
+    // Read-after-free.
+    result = s_mem[0];
+    if (!quiet)
+        fprintf(stderr, "Read-after-free result: %d\n", result);
+    pthread_join(tid, NULL);
+    fprintf(stderr, "Done.\n");
+    return 0;
+}

diff --git a/drd/tests/read_after_free.stderr.exp b/drd/tests/read_after_free.stderr.exp
new file mode 100644 (file)
index 0000000..7463c72
--- /dev/null
+++ b/drd/tests/read_after_free.stderr.exp
@@ -0,0 +1,8 @@
+
+Conflicting load by thread 1 at 0x........ size 1
+   at 0x........: main (read_after_free.c:?)
+Allocation context: unknown.
+
+Done.
+
+ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)

diff --git a/drd/tests/read_after_free.vgtest b/drd/tests/read_after_free.vgtest
new file mode 100644 (file)
index 0000000..c8b1c2b
--- /dev/null
+++ b/drd/tests/read_after_free.vgtest
@@ -0,0 +1,4 @@
+prereq: test -e read_after_free && ./supported_libpthread
+vgopts: --read-var-info=yes --check-stack-var=yes --free-is-write=yes --show-confl-seg=no
+prog: read_after_free
+args: -q