1 // RUN: %clang_asan -O0 %s -o %t 2 // RUN: not %run %t 2>&1 | FileCheck %s 3 4 // Since ASan is built with -fomit-frame-pointer, backtrace is not able to 5 // symbolicate the trace past ASan runtime on i386. (This is fixed in 6 // latest OS X.) 7 // REQUIRES: asan-64-bits 8 9 #include <execinfo.h> 10 #include <sanitizer/common_interface_defs.h> 11 #include <stdio.h> 12 #include <stdlib.h> 13 14 void death_function() { 15 fprintf(stderr, "DEATH CALLBACK\n"); 16 17 void* callstack[128]; 18 int i, frames = backtrace(callstack, 128); 19 char** strs = backtrace_symbols(callstack, frames); 20 for (i = 0; i < frames; ++i) { 21 fprintf(stderr, "%s\n", strs[i]); 22 } 23 free(strs); 24 25 fprintf(stderr, "END OF BACKTRACE\n"); 26 } 27 28 int fault_function() { 29 char *x = (char*)malloc(10 * sizeof(char)); 30 free(x); 31 return x[5]; // BOOM 32 } 33 34 int main() { 35 __sanitizer_set_death_callback(death_function); 36 fault_function(); 37 return 0; 38 } 39 40 // CHECK: {{.*ERROR: AddressSanitizer: heap-use-after-free on address}} 41 // CHECK: {{READ of size 1 at 0x.* thread T0}} 42 // CHECK: {{ #0 0x.* in fault_function}} 43 44 // CHECK: DEATH CALLBACK 45 // CHECK: death_function 46 // CHECK: fault_function 47 // CHECK: main 48 // CHECK: END OF BACKTRACE 49