1// RUN: export ASAN_OPTIONS=detect_stack_use_after_return=1 2// RUN: %clangxx_asan -O0 %s -o %t && \ 3// RUN: not %run %t 2>&1 | FileCheck %s 4// RUN: %clangxx_asan -O2 %s -o %t && \ 5// RUN: not %run %t 2>&1 | FileCheck %s 6// XFAIL: arm-linux-gnueabi 7 8// FIXME: Fix this test under GCC. 9// REQUIRES: Clang 10 11#include <stdio.h> 12#include <string.h> 13#include <stdlib.h> 14 15__attribute__((noinline)) 16char *pretend_to_do_something(char *x) { 17 __asm__ __volatile__("" : : "r" (x) : "memory"); 18 return x; 19} 20 21__attribute__((noinline)) 22char *LeakStack() { 23 char x[1024]; 24 memset(x, 0, sizeof(x)); 25 return pretend_to_do_something(x); 26} 27 28template<size_t kFrameSize> 29__attribute__((noinline)) 30void RecuriveFunctionWithStackFrame(int depth) { 31 if (depth <= 0) return; 32 char x[kFrameSize]; 33 x[0] = depth; 34 pretend_to_do_something(x); 35 RecuriveFunctionWithStackFrame<kFrameSize>(depth - 1); 36} 37 38int main(int argc, char **argv) { 39 int n_iter = argc >= 2 ? atoi(argv[1]) : 1000; 40 int depth = argc >= 3 ? atoi(argv[2]) : 500; 41 for (int i = 0; i < n_iter; i++) { 42 RecuriveFunctionWithStackFrame<10>(depth); 43 RecuriveFunctionWithStackFrame<100>(depth); 44 RecuriveFunctionWithStackFrame<500>(depth); 45 RecuriveFunctionWithStackFrame<1024>(depth); 46 RecuriveFunctionWithStackFrame<2000>(depth); 47 RecuriveFunctionWithStackFrame<5000>(depth); 48 RecuriveFunctionWithStackFrame<10000>(depth); 49 } 50 char *stale_stack = LeakStack(); 51 RecuriveFunctionWithStackFrame<1024>(10); 52 stale_stack[100]++; 53 // CHECK: ERROR: AddressSanitizer: stack-use-after-return on address 54 // CHECK: is located in stack of thread T0 at offset {{116|132}} in frame 55 // CHECK: in LeakStack(){{.*}}heavy_uar_test.cc: 56 // CHECK: [{{16|32}}, {{1040|1056}}) 'x' 57 return 0; 58} 59