From: Bart Van Assche <bvanassche@acm.org>
Date: Sun, 29 Aug 2010 09:15:19 +0000 (+0000)
Subject: Added read_after_free regression test.
X-Git-Tag: svn/VALGRIND_3_6_0~157
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=eac6134c19abcec5c9f98cb72b90193fc17cdb57;p=thirdparty%2Fvalgrind.git

Added read_after_free regression test.

git-svn-id: svn://svn.valgrind.org/valgrind/trunk@11300
---

diff --git a/drd/tests/Makefile.am b/drd/tests/Makefile.am
index 857d2275e0..26a3b63205 100644
--- a/drd/tests/Makefile.am
+++ b/drd/tests/Makefile.am
@@ -170,6 +170,8 @@ EXTRA_DIST =                                        \
 	qt4_rwlock.vgtest                           \
 	qt4_semaphore.stderr.exp                    \
 	qt4_semaphore.vgtest                        \
+	read_after_free.stderr.exp		    \
+	read_after_free.vgtest			    \
 	recursive_mutex.stderr.exp-linux            \
 	recursive_mutex.stderr.exp-darwin           \
 	recursive_mutex.vgtest                      \
@@ -307,6 +309,7 @@ check_PROGRAMS +=        \
   annotate_smart_pointer \
   atomic_var             \
   circular_buffer        \
+  read_after_free        \
   tsan_unittest
 endif
 
diff --git a/drd/tests/read_after_free.c b/drd/tests/read_after_free.c
new file mode 100644
index 0000000000..1319cb2a2b
--- /dev/null
+++ b/drd/tests/read_after_free.c
@@ -0,0 +1,45 @@
+#define _GNU_SOURCE 1
+
+#include <assert.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <pthread.h>
+
+static char* s_mem;
+static volatile int s_freed;
+
+static void* thread_func(void* arg)
+{
+    // Busy-wait until pthread_create() has finished.
+    while (s_freed == 0)
+        pthread_yield();
+    free(s_mem);
+    __sync_add_and_fetch(&s_freed, 1);
+    return NULL;
+}
+
+int main(int argc, char** argv)
+{
+    pthread_t tid;
+    int quiet;
+    char result;
+
+    quiet = argc > 1;
+
+    s_mem = malloc(10);
+    if (!quiet)
+        fprintf(stderr, "Pointer to allocated memory: %p\n", s_mem);
+    assert(s_mem);
+    pthread_create(&tid, NULL, thread_func, NULL);
+    __sync_add_and_fetch(&s_freed, 1);
+    // Busy-wait until the memory has been freed.
+    while (s_freed == 1)
+        pthread_yield();
+    // Read-after-free.
+    result = s_mem[0];
+    if (!quiet)
+        fprintf(stderr, "Read-after-free result: %d\n", result);
+    pthread_join(tid, NULL);
+    fprintf(stderr, "Done.\n");
+    return 0;
+}
diff --git a/drd/tests/read_after_free.stderr.exp b/drd/tests/read_after_free.stderr.exp
new file mode 100644
index 0000000000..7463c72104
--- /dev/null
+++ b/drd/tests/read_after_free.stderr.exp
@@ -0,0 +1,8 @@
+
+Conflicting load by thread 1 at 0x........ size 1
+   at 0x........: main (read_after_free.c:?)
+Allocation context: unknown.
+
+Done.
+
+ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
diff --git a/drd/tests/read_after_free.vgtest b/drd/tests/read_after_free.vgtest
new file mode 100644
index 0000000000..c8b1c2bdea
--- /dev/null
+++ b/drd/tests/read_after_free.vgtest
@@ -0,0 +1,4 @@
+prereq: test -e read_after_free && ./supported_libpthread
+vgopts: --read-var-info=yes --check-stack-var=yes --free-is-write=yes --show-confl-seg=no
+prog: read_after_free
+args: -q