OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 // | 4 // |
5 // This file contains intentional memory errors, some of which may lead to | 5 // This file contains intentional memory errors, some of which may lead to |
6 // crashes if the test is ran without special memory testing tools. We use these | 6 // crashes if the test is ran without special memory testing tools. We use these |
7 // errors to verify the sanity of the tools. | 7 // errors to verify the sanity of the tools. |
8 | 8 |
9 #include "base/atomicops.h" | 9 #include "base/atomicops.h" |
10 #include "base/message_loop/message_loop.h" | 10 #include "base/message_loop/message_loop.h" |
(...skipping 82 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
93 int* volatile leak = new int[256]; // Leak some memory intentionally. | 93 int* volatile leak = new int[256]; // Leak some memory intentionally. |
94 leak[4] = 1; // Make sure the allocated memory is used. | 94 leak[4] = 1; // Make sure the allocated memory is used. |
95 } | 95 } |
96 | 96 |
97 #if (defined(ADDRESS_SANITIZER) && defined(OS_IOS)) || defined(SYZYASAN) | 97 #if (defined(ADDRESS_SANITIZER) && defined(OS_IOS)) || defined(SYZYASAN) |
98 // Because iOS doesn't support death tests, each of the following tests will | 98 // Because iOS doesn't support death tests, each of the following tests will |
99 // crash the whole program under Asan. On Windows Asan is based on SyzyAsan; the | 99 // crash the whole program under Asan. On Windows Asan is based on SyzyAsan; the |
100 // error report mechanism is different than with Asan so these tests will fail. | 100 // error report mechanism is different than with Asan so these tests will fail. |
101 #define MAYBE_AccessesToNewMemory DISABLED_AccessesToNewMemory | 101 #define MAYBE_AccessesToNewMemory DISABLED_AccessesToNewMemory |
102 #define MAYBE_AccessesToMallocMemory DISABLED_AccessesToMallocMemory | 102 #define MAYBE_AccessesToMallocMemory DISABLED_AccessesToMallocMemory |
| 103 #define MAYBE_SingleElementDeletedWithBraces \ |
| 104 DISABLED_SingleElementDeletedWithBraces |
| 105 #define MAYBE_ArrayDeletedWithoutBraces DISABLED_ArrayDeletedWithoutBraces |
103 #else | 106 #else |
104 #define MAYBE_AccessesToNewMemory AccessesToNewMemory | 107 #define MAYBE_AccessesToNewMemory AccessesToNewMemory |
105 #define MAYBE_AccessesToMallocMemory AccessesToMallocMemory | 108 #define MAYBE_AccessesToMallocMemory AccessesToMallocMemory |
| 109 |
| 110 #if !defined(OS_MACOSX) |
| 111 // AddressSanitizer for OSX doesn't support alloc-dealloc mismatch checks. |
106 #define MAYBE_ArrayDeletedWithoutBraces ArrayDeletedWithoutBraces | 112 #define MAYBE_ArrayDeletedWithoutBraces ArrayDeletedWithoutBraces |
107 #define MAYBE_SingleElementDeletedWithBraces SingleElementDeletedWithBraces | 113 #define MAYBE_SingleElementDeletedWithBraces SingleElementDeletedWithBraces |
| 114 #else |
| 115 #define MAYBE_ArrayDeletedWithoutBraces DISABLED_ArrayDeletedWithoutBraces |
| 116 #define MAYBE_SingleElementDeletedWithBraces \ |
| 117 DISABLED_SingleElementDeletedWithBraces |
108 #endif | 118 #endif |
109 | 119 |
110 // The following tests pass with Clang r170392, but not r172454, which | |
111 // makes AddressSanitizer detect errors in them. We disable these tests under | |
112 // AddressSanitizer until we fully switch to Clang r172454. After that the | |
113 // tests should be put back under the (defined(OS_IOS) || defined(OS_WIN)) | |
114 // clause above. | |
115 // See also http://crbug.com/172614. | |
116 #if defined(ADDRESS_SANITIZER) || defined(SYZYASAN) | |
117 #define MAYBE_SingleElementDeletedWithBraces \ | |
118 DISABLED_SingleElementDeletedWithBraces | |
119 #define MAYBE_ArrayDeletedWithoutBraces DISABLED_ArrayDeletedWithoutBraces | |
120 #endif | 120 #endif |
| 121 |
121 TEST(ToolsSanityTest, MAYBE_AccessesToNewMemory) { | 122 TEST(ToolsSanityTest, MAYBE_AccessesToNewMemory) { |
122 char *foo = new char[10]; | 123 char *foo = new char[10]; |
123 MakeSomeErrors(foo, 10); | 124 MakeSomeErrors(foo, 10); |
124 delete [] foo; | 125 delete [] foo; |
125 // Use after delete. | 126 // Use after delete. |
126 HARMFUL_ACCESS(foo[5] = 0, "heap-use-after-free"); | 127 HARMFUL_ACCESS(foo[5] = 0, "heap-use-after-free"); |
127 } | 128 } |
128 | 129 |
129 TEST(ToolsSanityTest, MAYBE_AccessesToMallocMemory) { | 130 TEST(ToolsSanityTest, MAYBE_AccessesToMallocMemory) { |
130 char *foo = reinterpret_cast<char*>(malloc(10)); | 131 char *foo = reinterpret_cast<char*>(malloc(10)); |
131 MakeSomeErrors(foo, 10); | 132 MakeSomeErrors(foo, 10); |
132 free(foo); | 133 free(foo); |
133 // Use after free. | 134 // Use after free. |
134 HARMFUL_ACCESS(foo[5] = 0, "heap-use-after-free"); | 135 HARMFUL_ACCESS(foo[5] = 0, "heap-use-after-free"); |
135 } | 136 } |
136 | 137 |
137 TEST(ToolsSanityTest, MAYBE_ArrayDeletedWithoutBraces) { | 138 TEST(ToolsSanityTest, MAYBE_ArrayDeletedWithoutBraces) { |
138 #if !defined(ADDRESS_SANITIZER) && !defined(SYZYASAN) | 139 #if !defined(ADDRESS_SANITIZER) && !defined(SYZYASAN) |
139 // This test may corrupt memory if not run under Valgrind or compiled with | 140 // This test may corrupt memory if not run under Valgrind or compiled with |
140 // AddressSanitizer. | 141 // AddressSanitizer. |
141 if (!RunningOnValgrind()) | 142 if (!RunningOnValgrind()) |
142 return; | 143 return; |
143 #endif | 144 #endif |
144 | 145 |
145 // Without the |volatile|, clang optimizes away the next two lines. | 146 // Without the |volatile|, clang optimizes away the next two lines. |
146 int* volatile foo = new int[10]; | 147 int* volatile foo = new int[10]; |
147 delete foo; | 148 HARMFUL_ACCESS(delete foo, "alloc-dealloc-mismatch"); |
| 149 #if defined(ADDRESS_SANITIZER) |
| 150 // Under ASan the crash happens in the process spawned by HARMFUL_ACCESS, |
| 151 // need to free the memory in the parent. |
| 152 delete [] foo; |
| 153 #endif |
148 } | 154 } |
149 | 155 |
150 TEST(ToolsSanityTest, MAYBE_SingleElementDeletedWithBraces) { | 156 TEST(ToolsSanityTest, MAYBE_SingleElementDeletedWithBraces) { |
151 #if !defined(ADDRESS_SANITIZER) | 157 #if !defined(ADDRESS_SANITIZER) |
152 // This test may corrupt memory if not run under Valgrind or compiled with | 158 // This test may corrupt memory if not run under Valgrind or compiled with |
153 // AddressSanitizer. | 159 // AddressSanitizer. |
154 if (!RunningOnValgrind()) | 160 if (!RunningOnValgrind()) |
155 return; | 161 return; |
156 #endif | 162 #endif |
157 | 163 |
158 // Without the |volatile|, clang optimizes away the next two lines. | 164 // Without the |volatile|, clang optimizes away the next two lines. |
159 int* volatile foo = new int; | 165 int* volatile foo = new int; |
160 (void) foo; | 166 (void) foo; |
161 delete [] foo; | 167 HARMFUL_ACCESS(delete [] foo, "alloc-dealloc-mismatch"); |
| 168 #if defined(ADDRESS_SANITIZER) |
| 169 // Under ASan the crash happens in the child process, need to free the memory |
| 170 // in the parent. |
| 171 delete foo; |
| 172 #endif |
162 } | 173 } |
163 | 174 |
164 #if defined(ADDRESS_SANITIZER) || defined(SYZYASAN) | 175 #if defined(ADDRESS_SANITIZER) || defined(SYZYASAN) |
165 TEST(ToolsSanityTest, DISABLED_AddressSanitizerNullDerefCrashTest) { | 176 TEST(ToolsSanityTest, DISABLED_AddressSanitizerNullDerefCrashTest) { |
166 // Intentionally crash to make sure AddressSanitizer is running. | 177 // Intentionally crash to make sure AddressSanitizer is running. |
167 // This test should not be ran on bots. | 178 // This test should not be ran on bots. |
168 int* volatile zero = NULL; | 179 int* volatile zero = NULL; |
169 *zero = 0; | 180 *zero = 0; |
170 } | 181 } |
171 | 182 |
(...skipping 102 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
274 | 285 |
275 TEST(ToolsSanityTest, AtomicsAreIgnored) { | 286 TEST(ToolsSanityTest, AtomicsAreIgnored) { |
276 base::subtle::Atomic32 shared = 0; | 287 base::subtle::Atomic32 shared = 0; |
277 ReleaseStoreThread thread1(&shared); | 288 ReleaseStoreThread thread1(&shared); |
278 AcquireLoadThread thread2(&shared); | 289 AcquireLoadThread thread2(&shared); |
279 RunInParallel(&thread1, &thread2); | 290 RunInParallel(&thread1, &thread2); |
280 EXPECT_EQ(kMagicValue, shared); | 291 EXPECT_EQ(kMagicValue, shared); |
281 } | 292 } |
282 | 293 |
283 } // namespace base | 294 } // namespace base |
OLD | NEW |