asan_noinst_test.cc revision d39a34ee33aae73fdde065f784bdc19f67b91ae2
17da8503a90c7f84787aa1ba978e2223893fa7727Alexey Samsonov//===-- asan_noinst_test.cc -----------------------------------------------===// 21e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// 31e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// The LLVM Compiler Infrastructure 41e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// 51e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// This file is distributed under the University of Illinois Open Source 61e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// License. See LICENSE.TXT for details. 71e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// 81e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany//===----------------------------------------------------------------------===// 91e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// 101e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// This file is a part of AddressSanitizer, an address sanity checker. 111e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// 121e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// This test file should be compiled w/o asan instrumentation. 131e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany//===----------------------------------------------------------------------===// 14d865fecddccebf898ceed24d096fc58fb29a6e57Chandler Carruth 151e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany#include "asan_allocator.h" 161e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany#include "asan_internal.h" 171e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany#include "asan_mapping.h" 181e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany#include "asan_stack.h" 191e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany#include "asan_test_utils.h" 201e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 211e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany#include <assert.h> 221e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany#include <stdio.h> 231e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany#include <stdlib.h> 2479d12e87fbcc1b2342d76367b99b83adf9cbf499Alexander Potapenko#include <string.h> // for memset() 251e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany#include <algorithm> 2679d12e87fbcc1b2342d76367b99b83adf9cbf499Alexander Potapenko#include <vector> 2765199f1b253c4bfb225805629217acb8f0b1e185Kostya Serebryany#include <limits> 281e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 291e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 301e172b4bdec57329bf904f063a29f99cddf2d85fKostya SerebryanyTEST(AddressSanitizer, InternalSimpleDeathTest) { 311e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany EXPECT_DEATH(exit(1), ""); 321e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 331e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 341e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanystatic void MallocStress(size_t n) { 3548ddbef1d051875b2d0b204e8d78300b58d80a85Evgeniy Stepanov u32 seed = my_rand(); 36c3390df6670cb166119b961eb27a033fb9073496Kostya Serebryany __asan::StackTrace stack1; 371e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany stack1.trace[0] = 0xa123; 381e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany stack1.trace[1] = 0xa456; 391e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany stack1.size = 2; 401e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 41c3390df6670cb166119b961eb27a033fb9073496Kostya Serebryany __asan::StackTrace stack2; 421e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany stack2.trace[0] = 0xb123; 431e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany stack2.trace[1] = 0xb456; 441e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany stack2.size = 2; 451e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 46c3390df6670cb166119b961eb27a033fb9073496Kostya Serebryany __asan::StackTrace stack3; 471e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany stack3.trace[0] = 0xc123; 481e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany stack3.trace[1] = 0xc456; 491e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany stack3.size = 2; 501e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 511e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany std::vector<void *> vec; 521e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany for (size_t i = 0; i < n; i++) { 531e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany if ((i % 3) == 0) { 541e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany if (vec.empty()) continue; 5548ddbef1d051875b2d0b204e8d78300b58d80a85Evgeniy Stepanov size_t idx = my_rand_r(&seed) % vec.size(); 561e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany void *ptr = vec[idx]; 571e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany vec[idx] = vec.back(); 581e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany vec.pop_back(); 59fe6d91684bcda766593800f6307233f1a33d31f6Kostya Serebryany __asan::asan_free(ptr, &stack1, __asan::FROM_MALLOC); 601e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } else { 6148ddbef1d051875b2d0b204e8d78300b58d80a85Evgeniy Stepanov size_t size = my_rand_r(&seed) % 1000 + 1; 6248ddbef1d051875b2d0b204e8d78300b58d80a85Evgeniy Stepanov switch ((my_rand_r(&seed) % 128)) { 631e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany case 0: size += 1024; break; 641e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany case 1: size += 2048; break; 651e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany case 2: size += 4096; break; 661e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 6748ddbef1d051875b2d0b204e8d78300b58d80a85Evgeniy Stepanov size_t alignment = 1 << (my_rand_r(&seed) % 10 + 1); 68fe6d91684bcda766593800f6307233f1a33d31f6Kostya Serebryany char *ptr = (char*)__asan::asan_memalign(alignment, size, 69fe6d91684bcda766593800f6307233f1a33d31f6Kostya Serebryany &stack2, __asan::FROM_MALLOC); 701e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany vec.push_back(ptr); 711e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany ptr[0] = 0; 721e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany ptr[size-1] = 0; 731e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany ptr[size/2] = 0; 741e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 751e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 761e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany for (size_t i = 0; i < vec.size(); i++) 77fe6d91684bcda766593800f6307233f1a33d31f6Kostya Serebryany __asan::asan_free(vec[i], &stack3, __asan::FROM_MALLOC); 781e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 791e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 801e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 811e172b4bdec57329bf904f063a29f99cddf2d85fKostya SerebryanyTEST(AddressSanitizer, NoInstMallocTest) { 82d39a34ee33aae73fdde065f784bdc19f67b91ae2Kostya Serebryany MallocStress(ASAN_LOW_MEMORY ? 300000 : 1000000); 83d39a34ee33aae73fdde065f784bdc19f67b91ae2Kostya Serebryany} 84d39a34ee33aae73fdde065f784bdc19f67b91ae2Kostya Serebryany 85d39a34ee33aae73fdde065f784bdc19f67b91ae2Kostya SerebryanyTEST(AddressSanitizer, ThreadedMallocStressTest) { 86d39a34ee33aae73fdde065f784bdc19f67b91ae2Kostya Serebryany const int kNumThreads = 4; 87d39a34ee33aae73fdde065f784bdc19f67b91ae2Kostya Serebryany const int kNumIterations = (ASAN_LOW_MEMORY) ? 10000 : 100000; 88d39a34ee33aae73fdde065f784bdc19f67b91ae2Kostya Serebryany pthread_t t[kNumThreads]; 89d39a34ee33aae73fdde065f784bdc19f67b91ae2Kostya Serebryany for (int i = 0; i < kNumThreads; i++) { 90d39a34ee33aae73fdde065f784bdc19f67b91ae2Kostya Serebryany PTHREAD_CREATE(&t[i], 0, (void* (*)(void *x))MallocStress, 91d39a34ee33aae73fdde065f784bdc19f67b91ae2Kostya Serebryany (void*)kNumIterations); 92d39a34ee33aae73fdde065f784bdc19f67b91ae2Kostya Serebryany } 93d39a34ee33aae73fdde065f784bdc19f67b91ae2Kostya Serebryany for (int i = 0; i < kNumThreads; i++) { 94d39a34ee33aae73fdde065f784bdc19f67b91ae2Kostya Serebryany PTHREAD_JOIN(t[i], 0); 95d39a34ee33aae73fdde065f784bdc19f67b91ae2Kostya Serebryany } 961e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 971e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 983f4c3875c42078e22c7e5356c5746fd18756d958Kostya Serebryanystatic void PrintShadow(const char *tag, uptr ptr, size_t size) { 991e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany fprintf(stderr, "%s shadow: %lx size % 3ld: ", tag, (long)ptr, (long)size); 1003f4c3875c42078e22c7e5356c5746fd18756d958Kostya Serebryany uptr prev_shadow = 0; 101ee3925515e4c7966f3ef489f687aa7e5692806a9Kostya Serebryany for (sptr i = -32; i < (sptr)size + 32; i++) { 1023f4c3875c42078e22c7e5356c5746fd18756d958Kostya Serebryany uptr shadow = __asan::MemToShadow(ptr + i); 103ee3925515e4c7966f3ef489f687aa7e5692806a9Kostya Serebryany if (i == 0 || i == (sptr)size) 1041e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany fprintf(stderr, "."); 1051e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany if (shadow != prev_shadow) { 1061e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany prev_shadow = shadow; 107ee3925515e4c7966f3ef489f687aa7e5692806a9Kostya Serebryany fprintf(stderr, "%02x", (int)*(u8*)shadow); 1081e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 1091e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 1101e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany fprintf(stderr, "\n"); 1111e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 1121e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 1131e172b4bdec57329bf904f063a29f99cddf2d85fKostya SerebryanyTEST(AddressSanitizer, DISABLED_InternalPrintShadow) { 1141e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany for (size_t size = 1; size <= 513; size++) { 1151e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany char *ptr = new char[size]; 1163f4c3875c42078e22c7e5356c5746fd18756d958Kostya Serebryany PrintShadow("m", (uptr)ptr, size); 1171e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany delete [] ptr; 1183f4c3875c42078e22c7e5356c5746fd18756d958Kostya Serebryany PrintShadow("f", (uptr)ptr, size); 1191e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 1201e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 1211e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 1223f4c3875c42078e22c7e5356c5746fd18756d958Kostya Serebryanystatic uptr pc_array[] = { 1235af39e50366f1aacbebc284f572f08ad1ad07357Kostya Serebryany#if SANITIZER_WORDSIZE == 64 1241e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effbf756068ULL, 1251e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effbf75e5abULL, 1261e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effc0625b7cULL, 1271e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effc05b8997ULL, 1281e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effbf990577ULL, 1291e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effbf990c56ULL, 1301e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effbf992f3cULL, 1311e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effbf950c22ULL, 1321e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effc036dba0ULL, 1331e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effc03638a3ULL, 1341e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effc035be4aULL, 1351e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effc0539c45ULL, 1361e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effc0539a65ULL, 1371e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effc03db9b3ULL, 1381e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effc03db100ULL, 1391e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effc037c7b8ULL, 1401e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effc037bfffULL, 1411e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effc038b777ULL, 1421e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effc038021cULL, 1431e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effc037c7d1ULL, 1441e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effc037bfffULL, 1451e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effc038b777ULL, 1461e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effc038021cULL, 1471e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effc037c7d1ULL, 1481e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effc037bfffULL, 1491e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effc038b777ULL, 1501e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effc038021cULL, 1511e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effc037c7d1ULL, 1521e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effc037bfffULL, 1531e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effc0520d26ULL, 1541e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effc009ddffULL, 1551e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effbf90bb50ULL, 1561e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effbdddfa69ULL, 1571e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effbdde1fe2ULL, 1581e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effbdde2424ULL, 1591e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effbdde27b3ULL, 1601e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effbddee53bULL, 1611e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effbdde1988ULL, 1621e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effbdde0904ULL, 1631e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effc106ce0dULL, 1641e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effbcc3fa04ULL, 1651e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effbcc3f6a4ULL, 1661e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effbcc3e726ULL, 1671e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effbcc40852ULL, 1681e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7effb681ec4dULL, 1695af39e50366f1aacbebc284f572f08ad1ad07357Kostya Serebryany#endif // SANITIZER_WORDSIZE 1701e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0xB0B5E768, 1711e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7B682EC1, 1721e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x367F9918, 1731e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0xAE34E13, 1741e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0xBA0C6C6, 1751e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x13250F46, 1761e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0xA0D6A8AB, 1771e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x2B07C1A8, 1781e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x6C844F4A, 1791e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x2321B53, 1801e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x1F3D4F8F, 1811e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x3FE2924B, 1821e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0xB7A2F568, 1831e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0xBD23950A, 1841e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x61020930, 1851e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x33E7970C, 1861e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x405998A1, 1871e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x59F3551D, 1881e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x350E3028, 1891e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0xBC55A28D, 1901e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x361F3AED, 1911e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0xBEAD0F73, 1921e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0xAEF28479, 1931e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x757E971F, 1941e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0xAEBA450, 1951e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x43AD22F5, 1961e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x8C2C50C4, 1971e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7AD8A2E1, 1981e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x69EE4EE8, 1991e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0xC08DFF, 2001e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x4BA6538, 2011e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x3708AB2, 2021e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0xC24B6475, 2031e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x7C8890D7, 2041e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x6662495F, 2051e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x9B641689, 2061e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0xD3596B, 2071e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0xA1049569, 2081e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x44CBC16, 2091e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 0x4D39C39F 2101e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany}; 2111e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 2121e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanyvoid CompressStackTraceTest(size_t n_iter) { 21348ddbef1d051875b2d0b204e8d78300b58d80a85Evgeniy Stepanov u32 seed = my_rand(); 214c3390df6670cb166119b961eb27a033fb9073496Kostya Serebryany const size_t kNumPcs = ARRAY_SIZE(pc_array); 215ee3925515e4c7966f3ef489f687aa7e5692806a9Kostya Serebryany u32 compressed[2 * kNumPcs]; 2161e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 2171e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany for (size_t iter = 0; iter < n_iter; iter++) { 2181e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany std::random_shuffle(pc_array, pc_array + kNumPcs); 219c3390df6670cb166119b961eb27a033fb9073496Kostya Serebryany __asan::StackTrace stack0, stack1; 2201e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany stack0.CopyFrom(pc_array, kNumPcs); 22148ddbef1d051875b2d0b204e8d78300b58d80a85Evgeniy Stepanov stack0.size = std::max((size_t)1, (size_t)(my_rand_r(&seed) % stack0.size)); 2221e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany size_t compress_size = 22348ddbef1d051875b2d0b204e8d78300b58d80a85Evgeniy Stepanov std::max((size_t)2, (size_t)my_rand_r(&seed) % (2 * kNumPcs)); 2241e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany size_t n_frames = 225c3390df6670cb166119b961eb27a033fb9073496Kostya Serebryany __asan::StackTrace::CompressStack(&stack0, compressed, compress_size); 2261a7741b4e3c50a986502507fa8055475dd0fa0d0Alexey Samsonov Ident(n_frames); 2271e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany assert(n_frames <= stack0.size); 228c3390df6670cb166119b961eb27a033fb9073496Kostya Serebryany __asan::StackTrace::UncompressStack(&stack1, compressed, compress_size); 2291e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany assert(stack1.size == n_frames); 2301e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany for (size_t i = 0; i < stack1.size; i++) { 2311e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany assert(stack0.trace[i] == stack1.trace[i]); 2321e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 2331e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 2341e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 2351e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 2361e172b4bdec57329bf904f063a29f99cddf2d85fKostya SerebryanyTEST(AddressSanitizer, CompressStackTraceTest) { 2371e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany CompressStackTraceTest(10000); 2381e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 2391e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 2401e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanyvoid CompressStackTraceBenchmark(size_t n_iter) { 241c3390df6670cb166119b961eb27a033fb9073496Kostya Serebryany const size_t kNumPcs = ARRAY_SIZE(pc_array); 242ee3925515e4c7966f3ef489f687aa7e5692806a9Kostya Serebryany u32 compressed[2 * kNumPcs]; 2431e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany std::random_shuffle(pc_array, pc_array + kNumPcs); 2441e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 245c3390df6670cb166119b961eb27a033fb9073496Kostya Serebryany __asan::StackTrace stack0; 2461e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany stack0.CopyFrom(pc_array, kNumPcs); 2471e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany stack0.size = kNumPcs; 2481e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany for (size_t iter = 0; iter < n_iter; iter++) { 2491e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany size_t compress_size = kNumPcs; 2501e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany size_t n_frames = 251c3390df6670cb166119b961eb27a033fb9073496Kostya Serebryany __asan::StackTrace::CompressStack(&stack0, compressed, compress_size); 2521e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany Ident(n_frames); 2531e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 2541e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 2551e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 2561e172b4bdec57329bf904f063a29f99cddf2d85fKostya SerebryanyTEST(AddressSanitizer, CompressStackTraceBenchmark) { 2571e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany CompressStackTraceBenchmark(1 << 24); 2581e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 2591e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 2601e172b4bdec57329bf904f063a29f99cddf2d85fKostya SerebryanyTEST(AddressSanitizer, QuarantineTest) { 261c3390df6670cb166119b961eb27a033fb9073496Kostya Serebryany __asan::StackTrace stack; 2621e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany stack.trace[0] = 0x890; 2631e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany stack.size = 1; 2641e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 265d39a34ee33aae73fdde065f784bdc19f67b91ae2Kostya Serebryany const int size = 1024; 2661e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany void *p = __asan::asan_malloc(size, &stack); 267fe6d91684bcda766593800f6307233f1a33d31f6Kostya Serebryany __asan::asan_free(p, &stack, __asan::FROM_MALLOC); 2681e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany size_t i; 2691e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany size_t max_i = 1 << 30; 2701e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany for (i = 0; i < max_i; i++) { 2711e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany void *p1 = __asan::asan_malloc(size, &stack); 272fe6d91684bcda766593800f6307233f1a33d31f6Kostya Serebryany __asan::asan_free(p1, &stack, __asan::FROM_MALLOC); 2731e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany if (p1 == p) break; 2741e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 275d39a34ee33aae73fdde065f784bdc19f67b91ae2Kostya Serebryany EXPECT_GE(i, 10000U); 2761e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany EXPECT_LT(i, max_i); 2771e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 2781e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 2791e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanyvoid *ThreadedQuarantineTestWorker(void *unused) { 2801a7741b4e3c50a986502507fa8055475dd0fa0d0Alexey Samsonov (void)unused; 28148ddbef1d051875b2d0b204e8d78300b58d80a85Evgeniy Stepanov u32 seed = my_rand(); 282c3390df6670cb166119b961eb27a033fb9073496Kostya Serebryany __asan::StackTrace stack; 2831e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany stack.trace[0] = 0x890; 2841e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany stack.size = 1; 2851e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 2861e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany for (size_t i = 0; i < 1000; i++) { 28748ddbef1d051875b2d0b204e8d78300b58d80a85Evgeniy Stepanov void *p = __asan::asan_malloc(1 + (my_rand_r(&seed) % 4000), &stack); 288fe6d91684bcda766593800f6307233f1a33d31f6Kostya Serebryany __asan::asan_free(p, &stack, __asan::FROM_MALLOC); 2891e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 2901e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany return NULL; 2911e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 2921e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 2931e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// Check that the thread local allocators are flushed when threads are 2941e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany// destroyed. 2951e172b4bdec57329bf904f063a29f99cddf2d85fKostya SerebryanyTEST(AddressSanitizer, ThreadedQuarantineTest) { 2961e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany const int n_threads = 3000; 2971e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany size_t mmaped1 = __asan_get_heap_size(); 2981e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany for (int i = 0; i < n_threads; i++) { 2991e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany pthread_t t; 3002697687059e64a4f1319dc23a0a3ca59982d53f6Kostya Serebryany PTHREAD_CREATE(&t, NULL, ThreadedQuarantineTestWorker, 0); 3012697687059e64a4f1319dc23a0a3ca59982d53f6Kostya Serebryany PTHREAD_JOIN(t, 0); 3021e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany size_t mmaped2 = __asan_get_heap_size(); 3031e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany EXPECT_LT(mmaped2 - mmaped1, 320U * (1 << 20)); 3041e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 3051e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 3061e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 3071e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryanyvoid *ThreadedOneSizeMallocStress(void *unused) { 3081a7741b4e3c50a986502507fa8055475dd0fa0d0Alexey Samsonov (void)unused; 309c3390df6670cb166119b961eb27a033fb9073496Kostya Serebryany __asan::StackTrace stack; 3101e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany stack.trace[0] = 0x890; 3111e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany stack.size = 1; 3121e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany const size_t kNumMallocs = 1000; 3131e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany for (int iter = 0; iter < 1000; iter++) { 3141e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany void *p[kNumMallocs]; 3151e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany for (size_t i = 0; i < kNumMallocs; i++) { 3161e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany p[i] = __asan::asan_malloc(32, &stack); 3171e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 3181e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany for (size_t i = 0; i < kNumMallocs; i++) { 319fe6d91684bcda766593800f6307233f1a33d31f6Kostya Serebryany __asan::asan_free(p[i], &stack, __asan::FROM_MALLOC); 3201e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 3211e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 3221e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany return NULL; 3231e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 3241e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany 3251e172b4bdec57329bf904f063a29f99cddf2d85fKostya SerebryanyTEST(AddressSanitizer, ThreadedOneSizeMallocStressTest) { 3261e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany const int kNumThreads = 4; 3271e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany pthread_t t[kNumThreads]; 3281e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany for (int i = 0; i < kNumThreads; i++) { 3292697687059e64a4f1319dc23a0a3ca59982d53f6Kostya Serebryany PTHREAD_CREATE(&t[i], 0, ThreadedOneSizeMallocStress, 0); 3301e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 3311e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany for (int i = 0; i < kNumThreads; i++) { 3322697687059e64a4f1319dc23a0a3ca59982d53f6Kostya Serebryany PTHREAD_JOIN(t[i], 0); 3331e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany } 3341e172b4bdec57329bf904f063a29f99cddf2d85fKostya Serebryany} 335bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 33679d12e87fbcc1b2342d76367b99b83adf9cbf499Alexander PotapenkoTEST(AddressSanitizer, MemsetWildAddressTest) { 337e5ab9688b623a5a0150c7eae1ec1caaf06d44758Kostya Serebryany using __asan::kHighMemEnd; 33879d12e87fbcc1b2342d76367b99b83adf9cbf499Alexander Potapenko typedef void*(*memset_p)(void*, int, size_t); 33979d12e87fbcc1b2342d76367b99b83adf9cbf499Alexander Potapenko // Prevent inlining of memset(). 34079d12e87fbcc1b2342d76367b99b83adf9cbf499Alexander Potapenko volatile memset_p libc_memset = (memset_p)memset; 341bdec26d50b27e082d109acf99f7d713abc51435eKostya Serebryany EXPECT_DEATH(libc_memset((void*)(kLowShadowBeg + 200), 0, 100), 34287b52b910037447eccb92546b24b5e06181a1545Alexey Samsonov (kLowShadowEnd == 0) ? "unknown-crash.*shadow gap" 34387b52b910037447eccb92546b24b5e06181a1545Alexey Samsonov : "unknown-crash.*low shadow"); 344bdec26d50b27e082d109acf99f7d713abc51435eKostya Serebryany EXPECT_DEATH(libc_memset((void*)(kShadowGapBeg + 200), 0, 100), 34579d12e87fbcc1b2342d76367b99b83adf9cbf499Alexander Potapenko "unknown-crash.*shadow gap"); 346bdec26d50b27e082d109acf99f7d713abc51435eKostya Serebryany EXPECT_DEATH(libc_memset((void*)(kHighShadowBeg + 200), 0, 100), 34779d12e87fbcc1b2342d76367b99b83adf9cbf499Alexander Potapenko "unknown-crash.*high shadow"); 34879d12e87fbcc1b2342d76367b99b83adf9cbf499Alexander Potapenko} 34979d12e87fbcc1b2342d76367b99b83adf9cbf499Alexander Potapenko 350bff533684731c89bd5e99d0cf950a86c21a342e8Kostya SerebryanyTEST(AddressSanitizerInterface, GetEstimatedAllocatedSize) { 351376bab8add6be88f649ef1a9127c7d39e76e5f7bKostya Serebryany#if ASAN_ALLOCATOR_VERSION == 1 352d00ecb64892dcb03c5ae93a654da669b96753b01Alexey Samsonov EXPECT_EQ(1U, __asan_get_estimated_allocated_size(0)); 353376bab8add6be88f649ef1a9127c7d39e76e5f7bKostya Serebryany#elif ASAN_ALLOCATOR_VERSION == 2 354376bab8add6be88f649ef1a9127c7d39e76e5f7bKostya Serebryany EXPECT_EQ(0U, __asan_get_estimated_allocated_size(0)); 355376bab8add6be88f649ef1a9127c7d39e76e5f7bKostya Serebryany#endif 356bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany const size_t sizes[] = { 1, 30, 1<<30 }; 357bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany for (size_t i = 0; i < 3; i++) { 358bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_EQ(sizes[i], __asan_get_estimated_allocated_size(sizes[i])); 359bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany } 360bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany} 361bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 362bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryanystatic const char* kGetAllocatedSizeErrorMsg = 363bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany "attempting to call __asan_get_allocated_size()"; 364bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 365bff533684731c89bd5e99d0cf950a86c21a342e8Kostya SerebryanyTEST(AddressSanitizerInterface, GetAllocatedSizeAndOwnershipTest) { 366bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany const size_t kArraySize = 100; 367bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany char *array = Ident((char*)malloc(kArraySize)); 368bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany int *int_ptr = Ident(new int); 369bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 370bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // Allocated memory is owned by allocator. Allocated size should be 371bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // equal to requested size. 372bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_EQ(true, __asan_get_ownership(array)); 373bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_EQ(kArraySize, __asan_get_allocated_size(array)); 374bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_EQ(true, __asan_get_ownership(int_ptr)); 375bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_EQ(sizeof(int), __asan_get_allocated_size(int_ptr)); 376bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 377bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // We cannot call GetAllocatedSize from the memory we didn't map, 378bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // and from the interior pointers (not returned by previous malloc). 379bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany void *wild_addr = (void*)0x1; 380de55be3899b994731ba2d9e168281d608dab3048Alexey Samsonov EXPECT_FALSE(__asan_get_ownership(wild_addr)); 381bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_DEATH(__asan_get_allocated_size(wild_addr), kGetAllocatedSizeErrorMsg); 38268e8acab81a43ccf849add9272a761dc6b73ee8dKostya Serebryany EXPECT_FALSE(__asan_get_ownership(array + kArraySize / 2)); 383bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_DEATH(__asan_get_allocated_size(array + kArraySize / 2), 384bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany kGetAllocatedSizeErrorMsg); 385bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 386bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // NULL is not owned, but is a valid argument for __asan_get_allocated_size(). 38768e8acab81a43ccf849add9272a761dc6b73ee8dKostya Serebryany EXPECT_FALSE(__asan_get_ownership(NULL)); 388d00ecb64892dcb03c5ae93a654da669b96753b01Alexey Samsonov EXPECT_EQ(0U, __asan_get_allocated_size(NULL)); 389bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 390bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // When memory is freed, it's not owned, and call to GetAllocatedSize 391bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // is forbidden. 392bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany free(array); 393de55be3899b994731ba2d9e168281d608dab3048Alexey Samsonov EXPECT_FALSE(__asan_get_ownership(array)); 394bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_DEATH(__asan_get_allocated_size(array), kGetAllocatedSizeErrorMsg); 395bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany delete int_ptr; 396220ba2f6f98d44e1e8a88b4dee8ed456cf54ff33Alexey Samsonov 397220ba2f6f98d44e1e8a88b4dee8ed456cf54ff33Alexey Samsonov void *zero_alloc = Ident(malloc(0)); 398220ba2f6f98d44e1e8a88b4dee8ed456cf54ff33Alexey Samsonov if (zero_alloc != 0) { 399220ba2f6f98d44e1e8a88b4dee8ed456cf54ff33Alexey Samsonov // If malloc(0) is not null, this pointer is owned and should have valid 400220ba2f6f98d44e1e8a88b4dee8ed456cf54ff33Alexey Samsonov // allocated size. 401220ba2f6f98d44e1e8a88b4dee8ed456cf54ff33Alexey Samsonov EXPECT_TRUE(__asan_get_ownership(zero_alloc)); 4020fc2f6935568db9252272bd9c00895255d7f78b9Alexey Samsonov // Allocated size is 0 or 1 depending on the allocator used. 403ca2849c2819b5c7a8771a1e8bc449cf8f5ef6527Alexey Samsonov EXPECT_LT(__asan_get_allocated_size(zero_alloc), 2U); 404220ba2f6f98d44e1e8a88b4dee8ed456cf54ff33Alexey Samsonov } 405220ba2f6f98d44e1e8a88b4dee8ed456cf54ff33Alexey Samsonov free(zero_alloc); 406bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany} 407bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 408bff533684731c89bd5e99d0cf950a86c21a342e8Kostya SerebryanyTEST(AddressSanitizerInterface, GetCurrentAllocatedBytesTest) { 409bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany size_t before_malloc, after_malloc, after_free; 410bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany char *array; 411bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany const size_t kMallocSize = 100; 412bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany before_malloc = __asan_get_current_allocated_bytes(); 413bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 414bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany array = Ident((char*)malloc(kMallocSize)); 415bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany after_malloc = __asan_get_current_allocated_bytes(); 416bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_EQ(before_malloc + kMallocSize, after_malloc); 417bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 418bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany free(array); 419bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany after_free = __asan_get_current_allocated_bytes(); 420bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_EQ(before_malloc, after_free); 421bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany} 422bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 423bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryanystatic void DoDoubleFree() { 424bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany int *x = Ident(new int); 425bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany delete Ident(x); 426bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany delete Ident(x); 427bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany} 428bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 429376bab8add6be88f649ef1a9127c7d39e76e5f7bKostya Serebryany#if ASAN_ALLOCATOR_VERSION == 1 430bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany// This test is run in a separate process, so that large malloced 431bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany// chunk won't remain in the free lists after the test. 432bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany// Note: use ASSERT_* instead of EXPECT_* here. 433bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryanystatic void RunGetHeapSizeTestAndDie() { 434bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany size_t old_heap_size, new_heap_size, heap_growth; 435bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // We unlikely have have chunk of this size in free list. 436bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany static const size_t kLargeMallocSize = 1 << 29; // 512M 437bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany old_heap_size = __asan_get_heap_size(); 438bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany fprintf(stderr, "allocating %zu bytes:\n", kLargeMallocSize); 439bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany free(Ident(malloc(kLargeMallocSize))); 440bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany new_heap_size = __asan_get_heap_size(); 441bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany heap_growth = new_heap_size - old_heap_size; 442bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany fprintf(stderr, "heap growth after first malloc: %zu\n", heap_growth); 443bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany ASSERT_GE(heap_growth, kLargeMallocSize); 444bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany ASSERT_LE(heap_growth, 2 * kLargeMallocSize); 445bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 446bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // Now large chunk should fall into free list, and can be 447bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // allocated without increasing heap size. 448bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany old_heap_size = new_heap_size; 449bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany free(Ident(malloc(kLargeMallocSize))); 450bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany heap_growth = __asan_get_heap_size() - old_heap_size; 451bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany fprintf(stderr, "heap growth after second malloc: %zu\n", heap_growth); 452bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany ASSERT_LT(heap_growth, kLargeMallocSize); 453bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 454bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // Test passed. Now die with expected double-free. 455bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany DoDoubleFree(); 456bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany} 457bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 458bff533684731c89bd5e99d0cf950a86c21a342e8Kostya SerebryanyTEST(AddressSanitizerInterface, GetHeapSizeTest) { 459bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_DEATH(RunGetHeapSizeTestAndDie(), "double-free"); 460bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany} 461376bab8add6be88f649ef1a9127c7d39e76e5f7bKostya Serebryany#elif ASAN_ALLOCATOR_VERSION == 2 462376bab8add6be88f649ef1a9127c7d39e76e5f7bKostya SerebryanyTEST(AddressSanitizerInterface, GetHeapSizeTest) { 463376bab8add6be88f649ef1a9127c7d39e76e5f7bKostya Serebryany // asan_allocator2 does not keep huge chunks in free list, but unmaps them. 464376bab8add6be88f649ef1a9127c7d39e76e5f7bKostya Serebryany // The chunk should be greater than the quarantine size, 465376bab8add6be88f649ef1a9127c7d39e76e5f7bKostya Serebryany // otherwise it will be stuck in quarantine instead of being unmaped. 466d39a34ee33aae73fdde065f784bdc19f67b91ae2Kostya Serebryany static const size_t kLargeMallocSize = (1 << 28) + 1; // 256M 467376bab8add6be88f649ef1a9127c7d39e76e5f7bKostya Serebryany uptr old_heap_size = __asan_get_heap_size(); 468376bab8add6be88f649ef1a9127c7d39e76e5f7bKostya Serebryany for (int i = 0; i < 3; i++) { 469376bab8add6be88f649ef1a9127c7d39e76e5f7bKostya Serebryany // fprintf(stderr, "allocating %zu bytes:\n", kLargeMallocSize); 470376bab8add6be88f649ef1a9127c7d39e76e5f7bKostya Serebryany free(Ident(malloc(kLargeMallocSize))); 471376bab8add6be88f649ef1a9127c7d39e76e5f7bKostya Serebryany EXPECT_EQ(old_heap_size, __asan_get_heap_size()); 472376bab8add6be88f649ef1a9127c7d39e76e5f7bKostya Serebryany } 473376bab8add6be88f649ef1a9127c7d39e76e5f7bKostya Serebryany} 474376bab8add6be88f649ef1a9127c7d39e76e5f7bKostya Serebryany#endif 475bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 476bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany// Note: use ASSERT_* instead of EXPECT_* here. 477bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryanystatic void DoLargeMallocForGetFreeBytesTestAndDie() { 478376bab8add6be88f649ef1a9127c7d39e76e5f7bKostya Serebryany#if ASAN_ALLOCATOR_VERSION == 1 479376bab8add6be88f649ef1a9127c7d39e76e5f7bKostya Serebryany // asan_allocator2 does not keep large chunks in free_lists, so this test 480376bab8add6be88f649ef1a9127c7d39e76e5f7bKostya Serebryany // will not work. 481bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany size_t old_free_bytes, new_free_bytes; 482bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany static const size_t kLargeMallocSize = 1 << 29; // 512M 483bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // If we malloc and free a large memory chunk, it will not fall 484bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // into quarantine and will be available for future requests. 485bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany old_free_bytes = __asan_get_free_bytes(); 486bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany fprintf(stderr, "allocating %zu bytes:\n", kLargeMallocSize); 487bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany fprintf(stderr, "free bytes before malloc: %zu\n", old_free_bytes); 488bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany free(Ident(malloc(kLargeMallocSize))); 489bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany new_free_bytes = __asan_get_free_bytes(); 490bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany fprintf(stderr, "free bytes after malloc and free: %zu\n", new_free_bytes); 491bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany ASSERT_GE(new_free_bytes, old_free_bytes + kLargeMallocSize); 492376bab8add6be88f649ef1a9127c7d39e76e5f7bKostya Serebryany#endif // ASAN_ALLOCATOR_VERSION 493bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // Test passed. 494bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany DoDoubleFree(); 495bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany} 496bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 497bff533684731c89bd5e99d0cf950a86c21a342e8Kostya SerebryanyTEST(AddressSanitizerInterface, GetFreeBytesTest) { 498f1877cf0a314f407ac535ab1606fdac4f9b05026Kostya Serebryany#if ASAN_ALLOCATOR_VERSION == 1 499bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // Allocate a small chunk. Now allocator probably has a lot of these 500bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // chunks to fulfill future requests. So, future requests will decrease 501f70848decb000cc0e4c05a27eed78865d2f38555Alexey Samsonov // the number of free bytes. Do this only on systems where there 502f70848decb000cc0e4c05a27eed78865d2f38555Alexey Samsonov // is enough memory for such assumptions. 5035af39e50366f1aacbebc284f572f08ad1ad07357Kostya Serebryany if (SANITIZER_WORDSIZE == 64 && !ASAN_LOW_MEMORY) { 504f70848decb000cc0e4c05a27eed78865d2f38555Alexey Samsonov static const size_t kNumOfChunks = 100; 505f70848decb000cc0e4c05a27eed78865d2f38555Alexey Samsonov static const size_t kChunkSize = 100; 506f70848decb000cc0e4c05a27eed78865d2f38555Alexey Samsonov char *chunks[kNumOfChunks]; 507f70848decb000cc0e4c05a27eed78865d2f38555Alexey Samsonov size_t i; 508f70848decb000cc0e4c05a27eed78865d2f38555Alexey Samsonov size_t old_free_bytes, new_free_bytes; 509f70848decb000cc0e4c05a27eed78865d2f38555Alexey Samsonov chunks[0] = Ident((char*)malloc(kChunkSize)); 510f70848decb000cc0e4c05a27eed78865d2f38555Alexey Samsonov old_free_bytes = __asan_get_free_bytes(); 511f70848decb000cc0e4c05a27eed78865d2f38555Alexey Samsonov for (i = 1; i < kNumOfChunks; i++) { 512f70848decb000cc0e4c05a27eed78865d2f38555Alexey Samsonov chunks[i] = Ident((char*)malloc(kChunkSize)); 513f70848decb000cc0e4c05a27eed78865d2f38555Alexey Samsonov new_free_bytes = __asan_get_free_bytes(); 514f70848decb000cc0e4c05a27eed78865d2f38555Alexey Samsonov EXPECT_LT(new_free_bytes, old_free_bytes); 515f70848decb000cc0e4c05a27eed78865d2f38555Alexey Samsonov old_free_bytes = new_free_bytes; 516f70848decb000cc0e4c05a27eed78865d2f38555Alexey Samsonov } 517f70848decb000cc0e4c05a27eed78865d2f38555Alexey Samsonov for (i = 0; i < kNumOfChunks; i++) 518f70848decb000cc0e4c05a27eed78865d2f38555Alexey Samsonov free(chunks[i]); 519bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany } 520f1877cf0a314f407ac535ab1606fdac4f9b05026Kostya Serebryany#endif 521bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_DEATH(DoLargeMallocForGetFreeBytesTestAndDie(), "double-free"); 522bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany} 523bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 524e52810d7144ca35bbaeca0b28d138b386ab90243Kostya Serebryanystatic const size_t kManyThreadsMallocSizes[] = {5, 1UL<<10, 1UL<<14, 357}; 525bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryanystatic const size_t kManyThreadsIterations = 250; 5265af39e50366f1aacbebc284f572f08ad1ad07357Kostya Serebryanystatic const size_t kManyThreadsNumThreads = 5275af39e50366f1aacbebc284f572f08ad1ad07357Kostya Serebryany (SANITIZER_WORDSIZE == 32) ? 40 : 200; 528bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 529bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryanyvoid *ManyThreadsWithStatsWorker(void *arg) { 5301a7741b4e3c50a986502507fa8055475dd0fa0d0Alexey Samsonov (void)arg; 531bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany for (size_t iter = 0; iter < kManyThreadsIterations; iter++) { 532bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany for (size_t size_index = 0; size_index < 4; size_index++) { 533bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany free(Ident(malloc(kManyThreadsMallocSizes[size_index]))); 534bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany } 535bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany } 536e52810d7144ca35bbaeca0b28d138b386ab90243Kostya Serebryany // Just one large allocation. 537e52810d7144ca35bbaeca0b28d138b386ab90243Kostya Serebryany free(Ident(malloc(1 << 20))); 538bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany return 0; 539bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany} 540bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 541bff533684731c89bd5e99d0cf950a86c21a342e8Kostya SerebryanyTEST(AddressSanitizerInterface, ManyThreadsWithStatsStressTest) { 542bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany size_t before_test, after_test, i; 543bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany pthread_t threads[kManyThreadsNumThreads]; 544bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany before_test = __asan_get_current_allocated_bytes(); 545bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany for (i = 0; i < kManyThreadsNumThreads; i++) { 5462697687059e64a4f1319dc23a0a3ca59982d53f6Kostya Serebryany PTHREAD_CREATE(&threads[i], 0, 547bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany (void* (*)(void *x))ManyThreadsWithStatsWorker, (void*)i); 548bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany } 549bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany for (i = 0; i < kManyThreadsNumThreads; i++) { 5502697687059e64a4f1319dc23a0a3ca59982d53f6Kostya Serebryany PTHREAD_JOIN(threads[i], 0); 551bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany } 552bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany after_test = __asan_get_current_allocated_bytes(); 553bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // ASan stats also reflect memory usage of internal ASan RTL structs, 554bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // so we can't check for equality here. 555bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_LT(after_test, before_test + (1UL<<20)); 556bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany} 557bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 558bff533684731c89bd5e99d0cf950a86c21a342e8Kostya SerebryanyTEST(AddressSanitizerInterface, ExitCode) { 559bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany int original_exit_code = __asan_set_error_exit_code(7); 560bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_EXIT(DoDoubleFree(), ::testing::ExitedWithCode(7), ""); 561bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_EQ(7, __asan_set_error_exit_code(8)); 562bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_EXIT(DoDoubleFree(), ::testing::ExitedWithCode(8), ""); 563bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_EQ(8, __asan_set_error_exit_code(original_exit_code)); 564bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_EXIT(DoDoubleFree(), 565bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany ::testing::ExitedWithCode(original_exit_code), ""); 566bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany} 567bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 568bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryanystatic void MyDeathCallback() { 569bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany fprintf(stderr, "MyDeathCallback\n"); 570bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany} 571bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 572bff533684731c89bd5e99d0cf950a86c21a342e8Kostya SerebryanyTEST(AddressSanitizerInterface, DeathCallbackTest) { 573bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany __asan_set_death_callback(MyDeathCallback); 574bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_DEATH(DoDoubleFree(), "MyDeathCallback"); 575bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany __asan_set_death_callback(NULL); 576bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany} 577bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 578bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryanystatic const char* kUseAfterPoisonErrorMessage = "use-after-poison"; 579bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 580bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany#define GOOD_ACCESS(ptr, offset) \ 581bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_FALSE(__asan::AddressIsPoisoned((uptr)(ptr + offset))) 582bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 583bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany#define BAD_ACCESS(ptr, offset) \ 584bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_TRUE(__asan::AddressIsPoisoned((uptr)(ptr + offset))) 585bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 586bff533684731c89bd5e99d0cf950a86c21a342e8Kostya SerebryanyTEST(AddressSanitizerInterface, SimplePoisonMemoryRegionTest) { 587bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany char *array = Ident((char*)malloc(120)); 588bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // poison array[40..80) 589bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany __asan_poison_memory_region(array + 40, 40); 590bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany GOOD_ACCESS(array, 39); 591bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany GOOD_ACCESS(array, 80); 592bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany BAD_ACCESS(array, 40); 593bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany BAD_ACCESS(array, 60); 594bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany BAD_ACCESS(array, 79); 595bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_DEATH(__asan_report_error(0, 0, 0, (uptr)(array + 40), true, 1), 596bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany kUseAfterPoisonErrorMessage); 597bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany __asan_unpoison_memory_region(array + 40, 40); 598bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // access previously poisoned memory. 599bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany GOOD_ACCESS(array, 40); 600bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany GOOD_ACCESS(array, 79); 601bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany free(array); 602bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany} 603bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 604bff533684731c89bd5e99d0cf950a86c21a342e8Kostya SerebryanyTEST(AddressSanitizerInterface, OverlappingPoisonMemoryRegionTest) { 605bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany char *array = Ident((char*)malloc(120)); 606bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // Poison [0..40) and [80..120) 607bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany __asan_poison_memory_region(array, 40); 608bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany __asan_poison_memory_region(array + 80, 40); 609bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany BAD_ACCESS(array, 20); 610bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany GOOD_ACCESS(array, 60); 611bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany BAD_ACCESS(array, 100); 612bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // Poison whole array - [0..120) 613bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany __asan_poison_memory_region(array, 120); 614bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany BAD_ACCESS(array, 60); 615bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // Unpoison [24..96) 616bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany __asan_unpoison_memory_region(array + 24, 72); 617bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany BAD_ACCESS(array, 23); 618bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany GOOD_ACCESS(array, 24); 619bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany GOOD_ACCESS(array, 60); 620bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany GOOD_ACCESS(array, 95); 621bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany BAD_ACCESS(array, 96); 622bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany free(array); 623bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany} 624bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 625bff533684731c89bd5e99d0cf950a86c21a342e8Kostya SerebryanyTEST(AddressSanitizerInterface, PushAndPopWithPoisoningTest) { 626bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // Vector of capacity 20 627bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany char *vec = Ident((char*)malloc(20)); 628bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany __asan_poison_memory_region(vec, 20); 629bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany for (size_t i = 0; i < 7; i++) { 630bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // Simulate push_back. 631bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany __asan_unpoison_memory_region(vec + i, 1); 632bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany GOOD_ACCESS(vec, i); 633bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany BAD_ACCESS(vec, i + 1); 634bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany } 635bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany for (size_t i = 7; i > 0; i--) { 636bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // Simulate pop_back. 637bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany __asan_poison_memory_region(vec + i - 1, 1); 638bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany BAD_ACCESS(vec, i - 1); 639bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany if (i > 1) GOOD_ACCESS(vec, i - 2); 640bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany } 641bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany free(vec); 642bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany} 643bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 644a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya SerebryanyTEST(AddressSanitizerInterface, GlobalRedzones) { 645a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany GOOD_ACCESS(glob1, 1 - 1); 646a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany GOOD_ACCESS(glob2, 2 - 1); 647a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany GOOD_ACCESS(glob3, 3 - 1); 648a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany GOOD_ACCESS(glob4, 4 - 1); 649a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany GOOD_ACCESS(glob5, 5 - 1); 650a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany GOOD_ACCESS(glob6, 6 - 1); 651a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany GOOD_ACCESS(glob7, 7 - 1); 652a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany GOOD_ACCESS(glob8, 8 - 1); 653a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany GOOD_ACCESS(glob9, 9 - 1); 654a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany GOOD_ACCESS(glob10, 10 - 1); 655a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany GOOD_ACCESS(glob11, 11 - 1); 656a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany GOOD_ACCESS(glob12, 12 - 1); 657a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany GOOD_ACCESS(glob13, 13 - 1); 658a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany GOOD_ACCESS(glob14, 14 - 1); 659a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany GOOD_ACCESS(glob15, 15 - 1); 660a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany GOOD_ACCESS(glob16, 16 - 1); 661a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany GOOD_ACCESS(glob17, 17 - 1); 662af5bd2ee59a9f7bea74f43fccc6ea48979b7a4b0Kostya Serebryany GOOD_ACCESS(glob1000, 1000 - 1); 663af5bd2ee59a9f7bea74f43fccc6ea48979b7a4b0Kostya Serebryany GOOD_ACCESS(glob10000, 10000 - 1); 664af5bd2ee59a9f7bea74f43fccc6ea48979b7a4b0Kostya Serebryany GOOD_ACCESS(glob100000, 100000 - 1); 665a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany 666a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany BAD_ACCESS(glob1, 1); 667a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany BAD_ACCESS(glob2, 2); 668a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany BAD_ACCESS(glob3, 3); 669a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany BAD_ACCESS(glob4, 4); 670a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany BAD_ACCESS(glob5, 5); 671a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany BAD_ACCESS(glob6, 6); 672a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany BAD_ACCESS(glob7, 7); 673a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany BAD_ACCESS(glob8, 8); 674a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany BAD_ACCESS(glob9, 9); 675a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany BAD_ACCESS(glob10, 10); 676a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany BAD_ACCESS(glob11, 11); 677a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany BAD_ACCESS(glob12, 12); 678a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany BAD_ACCESS(glob13, 13); 679a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany BAD_ACCESS(glob14, 14); 680a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany BAD_ACCESS(glob15, 15); 681a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany BAD_ACCESS(glob16, 16); 682a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany BAD_ACCESS(glob17, 17); 683af5bd2ee59a9f7bea74f43fccc6ea48979b7a4b0Kostya Serebryany BAD_ACCESS(glob1000, 1000); 684af5bd2ee59a9f7bea74f43fccc6ea48979b7a4b0Kostya Serebryany BAD_ACCESS(glob1000, 1100); // Redzone is at least 101 bytes. 685af5bd2ee59a9f7bea74f43fccc6ea48979b7a4b0Kostya Serebryany BAD_ACCESS(glob10000, 10000); 686af5bd2ee59a9f7bea74f43fccc6ea48979b7a4b0Kostya Serebryany BAD_ACCESS(glob10000, 11000); // Redzone is at least 1001 bytes. 687af5bd2ee59a9f7bea74f43fccc6ea48979b7a4b0Kostya Serebryany BAD_ACCESS(glob100000, 100000); 688af5bd2ee59a9f7bea74f43fccc6ea48979b7a4b0Kostya Serebryany BAD_ACCESS(glob100000, 110000); // Redzone is at least 10001 bytes. 689a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany} 690a3b0e5e4f9f48b2ed0baee10c0236eda7c21c660Kostya Serebryany 691bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany// Make sure that each aligned block of size "2^granularity" doesn't have 692bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany// "true" value before "false" value. 693bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryanystatic void MakeShadowValid(bool *shadow, int length, int granularity) { 694bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany bool can_be_poisoned = true; 695bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany for (int i = length - 1; i >= 0; i--) { 69663201b127e21d6fbfb6de62d0e44a5de01288153Alexey Samsonov if (!shadow[i]) 69763201b127e21d6fbfb6de62d0e44a5de01288153Alexey Samsonov can_be_poisoned = false; 69863201b127e21d6fbfb6de62d0e44a5de01288153Alexey Samsonov if (!can_be_poisoned) 69963201b127e21d6fbfb6de62d0e44a5de01288153Alexey Samsonov shadow[i] = false; 700bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany if (i % (1 << granularity) == 0) { 701bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany can_be_poisoned = true; 702bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany } 703bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany } 704bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany} 705bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 706bff533684731c89bd5e99d0cf950a86c21a342e8Kostya SerebryanyTEST(AddressSanitizerInterface, PoisoningStressTest) { 707bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany const size_t kSize = 24; 708bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany bool expected[kSize]; 709bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany char *arr = Ident((char*)malloc(kSize)); 710bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany for (size_t l1 = 0; l1 < kSize; l1++) { 711bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany for (size_t s1 = 1; l1 + s1 <= kSize; s1++) { 712bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany for (size_t l2 = 0; l2 < kSize; l2++) { 713bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany for (size_t s2 = 1; l2 + s2 <= kSize; s2++) { 714bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // Poison [l1, l1+s1), [l2, l2+s2) and check result. 715bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany __asan_unpoison_memory_region(arr, kSize); 716bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany __asan_poison_memory_region(arr + l1, s1); 717bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany __asan_poison_memory_region(arr + l2, s2); 718bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany memset(expected, false, kSize); 719bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany memset(expected + l1, true, s1); 72063201b127e21d6fbfb6de62d0e44a5de01288153Alexey Samsonov MakeShadowValid(expected, kSize, /*granularity*/ 3); 721bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany memset(expected + l2, true, s2); 72263201b127e21d6fbfb6de62d0e44a5de01288153Alexey Samsonov MakeShadowValid(expected, kSize, /*granularity*/ 3); 723bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany for (size_t i = 0; i < kSize; i++) { 724bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany ASSERT_EQ(expected[i], __asan_address_is_poisoned(arr + i)); 725bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany } 726bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // Unpoison [l1, l1+s1) and [l2, l2+s2) and check result. 727bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany __asan_poison_memory_region(arr, kSize); 728bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany __asan_unpoison_memory_region(arr + l1, s1); 729bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany __asan_unpoison_memory_region(arr + l2, s2); 730bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany memset(expected, true, kSize); 731bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany memset(expected + l1, false, s1); 73263201b127e21d6fbfb6de62d0e44a5de01288153Alexey Samsonov MakeShadowValid(expected, kSize, /*granularity*/ 3); 733bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany memset(expected + l2, false, s2); 73463201b127e21d6fbfb6de62d0e44a5de01288153Alexey Samsonov MakeShadowValid(expected, kSize, /*granularity*/ 3); 735bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany for (size_t i = 0; i < kSize; i++) { 736bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany ASSERT_EQ(expected[i], __asan_address_is_poisoned(arr + i)); 737bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany } 738bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany } 739bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany } 740bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany } 741bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany } 742bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany} 743bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 744eb2809311c94b73c269ccef8d68ae368642e5754Kostya SerebryanyTEST(AddressSanitizerInterface, PoisonedRegion) { 745eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany size_t rz = 16; 746eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany for (size_t size = 1; size <= 64; size++) { 747eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany char *p = new char[size]; 748eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany uptr x = reinterpret_cast<uptr>(p); 749eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany for (size_t beg = 0; beg < size + rz; beg++) { 750eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany for (size_t end = beg; end < size + rz; end++) { 751eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany uptr first_poisoned = __asan_region_is_poisoned(x + beg, end - beg); 752eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany if (beg == end) { 753eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany EXPECT_FALSE(first_poisoned); 754eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany } else if (beg < size && end <= size) { 755eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany EXPECT_FALSE(first_poisoned); 756eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany } else if (beg >= size) { 757eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany EXPECT_EQ(x + beg, first_poisoned); 758eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany } else { 759eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany EXPECT_GT(end, size); 760eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany EXPECT_EQ(x + size, first_poisoned); 761eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany } 762eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany } 763eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany } 764eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany delete [] p; 765eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany } 766eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany} 767eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany 768eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany// This is a performance benchmark for manual runs. 769eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany// asan's memset interceptor calls mem_is_zero for the entire shadow region. 770eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany// the profile should look like this: 771eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany// 89.10% [.] __memset_sse2 772eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany// 10.50% [.] __sanitizer::mem_is_zero 773eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany// I.e. mem_is_zero should consume ~ SHADOW_GRANULARITY less CPU cycles 774eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany// than memset itself. 775a84805f1ccb2b7d4b6c0ba384bd3541fa4eaf808Kostya SerebryanyTEST(AddressSanitizerInterface, DISABLED_StressLargeMemset) { 776eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany size_t size = 1 << 20; 777eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany char *x = new char[size]; 778eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany for (int i = 0; i < 100000; i++) 779eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany Ident(memset)(x, 0, size); 780eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany delete [] x; 781eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany} 782eb2809311c94b73c269ccef8d68ae368642e5754Kostya Serebryany 783a84805f1ccb2b7d4b6c0ba384bd3541fa4eaf808Kostya Serebryany// Same here, but we run memset with small sizes. 784a84805f1ccb2b7d4b6c0ba384bd3541fa4eaf808Kostya SerebryanyTEST(AddressSanitizerInterface, DISABLED_StressSmallMemset) { 785a84805f1ccb2b7d4b6c0ba384bd3541fa4eaf808Kostya Serebryany size_t size = 32; 786a84805f1ccb2b7d4b6c0ba384bd3541fa4eaf808Kostya Serebryany char *x = new char[size]; 787a84805f1ccb2b7d4b6c0ba384bd3541fa4eaf808Kostya Serebryany for (int i = 0; i < 100000000; i++) 788a84805f1ccb2b7d4b6c0ba384bd3541fa4eaf808Kostya Serebryany Ident(memset)(x, 0, size); 789a84805f1ccb2b7d4b6c0ba384bd3541fa4eaf808Kostya Serebryany delete [] x; 790a84805f1ccb2b7d4b6c0ba384bd3541fa4eaf808Kostya Serebryany} 791a84805f1ccb2b7d4b6c0ba384bd3541fa4eaf808Kostya Serebryany 792bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryanystatic const char *kInvalidPoisonMessage = "invalid-poison-memory-range"; 793bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryanystatic const char *kInvalidUnpoisonMessage = "invalid-unpoison-memory-range"; 794bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 795bff533684731c89bd5e99d0cf950a86c21a342e8Kostya SerebryanyTEST(AddressSanitizerInterface, DISABLED_InvalidPoisonAndUnpoisonCallsTest) { 796bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany char *array = Ident((char*)malloc(120)); 797bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany __asan_unpoison_memory_region(array, 120); 798bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // Try to unpoison not owned memory 799bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_DEATH(__asan_unpoison_memory_region(array, 121), 800bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany kInvalidUnpoisonMessage); 801bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_DEATH(__asan_unpoison_memory_region(array - 1, 120), 802bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany kInvalidUnpoisonMessage); 803bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 804bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany __asan_poison_memory_region(array, 120); 805bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany // Try to poison not owned memory. 806bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_DEATH(__asan_poison_memory_region(array, 121), kInvalidPoisonMessage); 807bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_DEATH(__asan_poison_memory_region(array - 1, 120), 808bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany kInvalidPoisonMessage); 809bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany free(array); 810bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany} 811bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 812bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryanystatic void ErrorReportCallbackOneToZ(const char *report) { 813b43d6a8ca10b9af8a903e8726003ae7767f9e823Alexey Samsonov int report_len = strlen(report); 814b43d6a8ca10b9af8a903e8726003ae7767f9e823Alexey Samsonov ASSERT_EQ(6, write(2, "ABCDEF", 6)); 815b43d6a8ca10b9af8a903e8726003ae7767f9e823Alexey Samsonov ASSERT_EQ(report_len, write(2, report, report_len)); 816b43d6a8ca10b9af8a903e8726003ae7767f9e823Alexey Samsonov ASSERT_EQ(6, write(2, "ABCDEF", 6)); 8172c29212c42d457ade0bbd1d01de92195dd9ce925Kostya Serebryany _exit(1); 818bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany} 819bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 820bff533684731c89bd5e99d0cf950a86c21a342e8Kostya SerebryanyTEST(AddressSanitizerInterface, SetErrorReportCallbackTest) { 821bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany __asan_set_error_report_callback(ErrorReportCallbackOneToZ); 8222c29212c42d457ade0bbd1d01de92195dd9ce925Kostya Serebryany EXPECT_DEATH(__asan_report_error(0, 0, 0, 0, true, 1), 8232c29212c42d457ade0bbd1d01de92195dd9ce925Kostya Serebryany ASAN_PCRE_DOTALL "ABCDEF.*AddressSanitizer.*WRITE.*ABCDEF"); 824bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany __asan_set_error_report_callback(NULL); 825bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany} 826bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany 827bff533684731c89bd5e99d0cf950a86c21a342e8Kostya SerebryanyTEST(AddressSanitizerInterface, GetOwnershipStressTest) { 828bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany std::vector<char *> pointers; 829bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany std::vector<size_t> sizes; 830f1877cf0a314f407ac535ab1606fdac4f9b05026Kostya Serebryany#if ASAN_ALLOCATOR_VERSION == 1 831bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany const size_t kNumMallocs = 8325af39e50366f1aacbebc284f572f08ad1ad07357Kostya Serebryany (SANITIZER_WORDSIZE <= 32 || ASAN_LOW_MEMORY) ? 1 << 10 : 1 << 14; 833f1877cf0a314f407ac535ab1606fdac4f9b05026Kostya Serebryany#elif ASAN_ALLOCATOR_VERSION == 2 // too slow with asan_allocator2. :( 834f1877cf0a314f407ac535ab1606fdac4f9b05026Kostya Serebryany const size_t kNumMallocs = 1 << 9; 835f1877cf0a314f407ac535ab1606fdac4f9b05026Kostya Serebryany#endif 836bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany for (size_t i = 0; i < kNumMallocs; i++) { 837bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany size_t size = i * 100 + 1; 838bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany pointers.push_back((char*)malloc(size)); 839bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany sizes.push_back(size); 840bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany } 841bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany for (size_t i = 0; i < 4000000; i++) { 842bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_FALSE(__asan_get_ownership(&pointers)); 843bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_FALSE(__asan_get_ownership((void*)0x1234)); 844bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany size_t idx = i % kNumMallocs; 845bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_TRUE(__asan_get_ownership(pointers[idx])); 846bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany EXPECT_EQ(sizes[idx], __asan_get_allocated_size(pointers[idx])); 847bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany } 848bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany for (size_t i = 0, n = pointers.size(); i < n; i++) 849bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany free(pointers[i]); 850bff533684731c89bd5e99d0cf950a86c21a342e8Kostya Serebryany} 85165199f1b253c4bfb225805629217acb8f0b1e185Kostya Serebryany 85265199f1b253c4bfb225805629217acb8f0b1e185Kostya SerebryanyTEST(AddressSanitizerInterface, CallocOverflow) { 85365199f1b253c4bfb225805629217acb8f0b1e185Kostya Serebryany size_t kArraySize = 4096; 85465199f1b253c4bfb225805629217acb8f0b1e185Kostya Serebryany volatile size_t kMaxSizeT = std::numeric_limits<size_t>::max(); 85565199f1b253c4bfb225805629217acb8f0b1e185Kostya Serebryany volatile size_t kArraySize2 = kMaxSizeT / kArraySize + 10; 85665199f1b253c4bfb225805629217acb8f0b1e185Kostya Serebryany void *p = calloc(kArraySize, kArraySize2); // Should return 0. 85765199f1b253c4bfb225805629217acb8f0b1e185Kostya Serebryany EXPECT_EQ(0L, Ident(p)); 85865199f1b253c4bfb225805629217acb8f0b1e185Kostya Serebryany} 859b2efe13f3a0fb9af55cce39a497d951567e78816Kostya Serebryany 860b2efe13f3a0fb9af55cce39a497d951567e78816Kostya SerebryanyTEST(AddressSanitizerInterface, CallocOverflow2) { 861b2efe13f3a0fb9af55cce39a497d951567e78816Kostya Serebryany#if SANITIZER_WORDSIZE == 32 862b2efe13f3a0fb9af55cce39a497d951567e78816Kostya Serebryany size_t kArraySize = 112; 863b2efe13f3a0fb9af55cce39a497d951567e78816Kostya Serebryany volatile size_t kArraySize2 = 43878406; 864b2efe13f3a0fb9af55cce39a497d951567e78816Kostya Serebryany void *p = calloc(kArraySize, kArraySize2); // Should return 0. 865b2efe13f3a0fb9af55cce39a497d951567e78816Kostya Serebryany EXPECT_EQ(0L, Ident(p)); 866b2efe13f3a0fb9af55cce39a497d951567e78816Kostya Serebryany#endif 867b2efe13f3a0fb9af55cce39a497d951567e78816Kostya Serebryany} 868b9e1319f97a9d9c2d13090e162e66ebdfbb419ddKostya Serebryany 869b9e1319f97a9d9c2d13090e162e66ebdfbb419ddKostya SerebryanyTEST(AddressSanitizerInterface, CallocReturnsZeroMem) { 870b9e1319f97a9d9c2d13090e162e66ebdfbb419ddKostya Serebryany size_t sizes[] = {16, 1000, 10000, 100000, 2100000}; 871b9e1319f97a9d9c2d13090e162e66ebdfbb419ddKostya Serebryany for (size_t s = 0; s < ARRAY_SIZE(sizes); s++) { 872b9e1319f97a9d9c2d13090e162e66ebdfbb419ddKostya Serebryany size_t size = sizes[s]; 873b9e1319f97a9d9c2d13090e162e66ebdfbb419ddKostya Serebryany for (size_t iter = 0; iter < 5; iter++) { 874b9e1319f97a9d9c2d13090e162e66ebdfbb419ddKostya Serebryany char *x = Ident((char*)calloc(1, size)); 875b9e1319f97a9d9c2d13090e162e66ebdfbb419ddKostya Serebryany EXPECT_EQ(x[0], 0); 876b9e1319f97a9d9c2d13090e162e66ebdfbb419ddKostya Serebryany EXPECT_EQ(x[size - 1], 0); 877b9e1319f97a9d9c2d13090e162e66ebdfbb419ddKostya Serebryany EXPECT_EQ(x[size / 2], 0); 878b9e1319f97a9d9c2d13090e162e66ebdfbb419ddKostya Serebryany EXPECT_EQ(x[size / 3], 0); 879b9e1319f97a9d9c2d13090e162e66ebdfbb419ddKostya Serebryany EXPECT_EQ(x[size / 4], 0); 880b9e1319f97a9d9c2d13090e162e66ebdfbb419ddKostya Serebryany memset(x, 0x42, size); 881b9e1319f97a9d9c2d13090e162e66ebdfbb419ddKostya Serebryany free(Ident(x)); 882b9e1319f97a9d9c2d13090e162e66ebdfbb419ddKostya Serebryany free(Ident(malloc(Ident(1 << 27)))); // Try to drain the quarantine. 883b9e1319f97a9d9c2d13090e162e66ebdfbb419ddKostya Serebryany } 884b9e1319f97a9d9c2d13090e162e66ebdfbb419ddKostya Serebryany } 885b9e1319f97a9d9c2d13090e162e66ebdfbb419ddKostya Serebryany} 886