1*673dc3d4SNico Weber // RUN: %clangxx_asan -O0 %s -pthread -o %t && not %run %t 2>&1 | FileCheck %s
2*673dc3d4SNico Weber // RUN: %clangxx_asan -O1 %s -pthread -o %t && not %run %t 2>&1 | FileCheck %s
3*673dc3d4SNico Weber // RUN: %clangxx_asan -O2 %s -pthread -o %t && not %run %t 2>&1 | FileCheck %s
4*673dc3d4SNico Weber // RUN: %clangxx_asan -O3 %s -pthread -o %t && not %run %t 2>&1 | FileCheck %s
5*673dc3d4SNico Weber // REQUIRES: stable-runtime
6*673dc3d4SNico Weber
7*673dc3d4SNico Weber #include <pthread.h>
8*673dc3d4SNico Weber
9*673dc3d4SNico Weber int *x;
10*673dc3d4SNico Weber
AllocThread(void * arg)11*673dc3d4SNico Weber void *AllocThread(void *arg) {
12*673dc3d4SNico Weber x = new int;
13*673dc3d4SNico Weber *x = 42;
14*673dc3d4SNico Weber return NULL;
15*673dc3d4SNico Weber }
16*673dc3d4SNico Weber
FreeThread(void * arg)17*673dc3d4SNico Weber void *FreeThread(void *arg) {
18*673dc3d4SNico Weber delete x;
19*673dc3d4SNico Weber return NULL;
20*673dc3d4SNico Weber }
21*673dc3d4SNico Weber
AccessThread(void * arg)22*673dc3d4SNico Weber void *AccessThread(void *arg) {
23*673dc3d4SNico Weber *x = 43; // BOOM
24*673dc3d4SNico Weber return NULL;
25*673dc3d4SNico Weber }
26*673dc3d4SNico Weber
27*673dc3d4SNico Weber typedef void* (*callback_type)(void* arg);
28*673dc3d4SNico Weber
RunnerThread(void * function)29*673dc3d4SNico Weber void *RunnerThread(void *function) {
30*673dc3d4SNico Weber pthread_t thread;
31*673dc3d4SNico Weber pthread_create(&thread, NULL, (callback_type)function, NULL);
32*673dc3d4SNico Weber pthread_join(thread, NULL);
33*673dc3d4SNico Weber return NULL;
34*673dc3d4SNico Weber }
35*673dc3d4SNico Weber
RunThread(callback_type function)36*673dc3d4SNico Weber void RunThread(callback_type function) {
37*673dc3d4SNico Weber pthread_t runner;
38*673dc3d4SNico Weber pthread_create(&runner, NULL, RunnerThread, (void*)function);
39*673dc3d4SNico Weber pthread_join(runner, NULL);
40*673dc3d4SNico Weber }
41*673dc3d4SNico Weber
main(int argc,char * argv[])42*673dc3d4SNico Weber int main(int argc, char *argv[]) {
43*673dc3d4SNico Weber RunThread(AllocThread);
44*673dc3d4SNico Weber RunThread(FreeThread);
45*673dc3d4SNico Weber RunThread(AccessThread);
46*673dc3d4SNico Weber return (x != 0);
47*673dc3d4SNico Weber }
48*673dc3d4SNico Weber
49*673dc3d4SNico Weber // CHECK: AddressSanitizer: heap-use-after-free
50*673dc3d4SNico Weber // CHECK: WRITE of size 4 at 0x{{.*}} thread T[[ACCESS_THREAD:[0-9]+]]
51*673dc3d4SNico Weber // CHECK: freed by thread T[[FREE_THREAD:[0-9]+]] here:
52*673dc3d4SNico Weber // CHECK: previously allocated by thread T[[ALLOC_THREAD:[0-9]+]] here:
53*673dc3d4SNico Weber // CHECK: Thread T[[ACCESS_THREAD]] created by T[[ACCESS_RUNNER:[0-9]+]] here:
54*673dc3d4SNico Weber // CHECK: Thread T[[ACCESS_RUNNER]] created by T0 here:
55*673dc3d4SNico Weber // CHECK: Thread T[[FREE_THREAD]] created by T[[FREE_RUNNER:[0-9]+]] here:
56*673dc3d4SNico Weber // CHECK: Thread T[[FREE_RUNNER]] created by T0 here:
57*673dc3d4SNico Weber // CHECK: Thread T[[ALLOC_THREAD]] created by T[[ALLOC_RUNNER:[0-9]+]] here:
58*673dc3d4SNico Weber // CHECK: Thread T[[ALLOC_RUNNER]] created by T0 here:
59