// RUN: %clang_hwasan %s -o %t && not %env_hwasan_opts=verbose_threads=1 %run %t 2>&1 | FileCheck %s
// REQUIRES: stable-runtime

#include <pthread.h>
#include <stdlib.h>
#include <stdio.h>

#include <sanitizer/hwasan_interface.h>

#include "utils.h"

void *BoringThread(void *arg) {
  char * volatile x = (char*)malloc(10);
  x[5] = 0;
  free(x);
  return NULL;
}

// CHECK: Creating  : T0
// CHECK: Creating  : T1
// CHECK: Destroying: T1
// CHECK: Creating  : T1100
// CHECK: Destroying: T1100
// CHECK: Creating  : T1101

void *UAFThread(void *arg) {
  char * volatile x = (char*)malloc(10);
  untag_fprintf(stderr, "ZZZ %p\n", x);
  free(x);
  x[5] = 42;
  // CHECK: ERROR: HWAddressSanitizer: tag-mismatch on address
  // CHECK: WRITE of size 1
  // CHECK: many-threads-uaf.c:[[@LINE-3]]
  // CHECK: Thread: T1101
  return NULL;
}

int main() {
  __hwasan_enable_allocator_tagging();
  pthread_t t;
  for (int i = 0; i < 1100; i++) {
    pthread_create(&t, NULL, BoringThread, NULL);
    pthread_join(t, NULL);
  }
  pthread_create(&t, NULL, UAFThread, NULL);
  pthread_join(t, NULL);
}