From a00814f3cd70d7d04831b36a206497fd5f3db9b7 Mon Sep 17 00:00:00 2001
From: Stanimir Bozhilov <stanimir.bozhilov.1998@gmail.com>
Date: Sat, 1 Jul 2023 14:52:11 +0200
Subject: [PATCH] Add test for UAF in multi-threaded context

---
 .../71-use_after_free/12-multi-threaded-uaf.c | 30 +++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 tests/regression/71-use_after_free/12-multi-threaded-uaf.c

diff --git a/tests/regression/71-use_after_free/12-multi-threaded-uaf.c b/tests/regression/71-use_after_free/12-multi-threaded-uaf.c
new file mode 100644
index 0000000000..0c647eff76
--- /dev/null
+++ b/tests/regression/71-use_after_free/12-multi-threaded-uaf.c
@@ -0,0 +1,30 @@
+//PARAM: --set ana.activated[+] useAfterFree
+#include <stdlib.h>
+#include <stdio.h>
+#include <pthread.h>
+
+int* gptr;
+
+// Mutex to ensure we don't get race warnings, but the UAF warnings we actually care about
+pthread_mutex_t mtx = PTHREAD_MUTEX_INITIALIZER;
+
+void *t_other(void* p) {
+    pthread_mutex_lock(&mtx);
+    free(gptr); //WARN
+    pthread_mutex_unlock(&mtx);
+}
+
+int main() {
+    gptr = malloc(sizeof(int));
+    *gptr = 42;
+
+    pthread_t thread;
+    pthread_create(&thread, NULL, t_other, NULL);
+
+    pthread_mutex_lock(&mtx);
+    *gptr = 43; //WARN
+    free(gptr); //WARN
+    pthread_mutex_unlock(&mtx);
+
+    return 0;
+}
\ No newline at end of file