2017-03-28 12:21:43 -04:00
|
|
|
|
// Copyright 2017 The Crashpad Authors. All rights reserved.
|
|
|
|
|
|
//
|
|
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
|
|
//
|
|
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
|
//
|
|
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
|
|
// limitations under the License.
|
|
|
|
|
|
|
|
|
|
|
|
#include "util/posix/scoped_mmap.h"
|
|
|
|
|
|
|
|
|
|
|
|
#include <stdint.h>
|
|
|
|
|
|
#include <sys/types.h>
|
|
|
|
|
|
#include <unistd.h>
|
|
|
|
|
|
|
|
|
|
|
|
#include "base/numerics/safe_conversions.h"
|
|
|
|
|
|
#include "base/rand_util.h"
|
2017-03-30 22:39:39 -04:00
|
|
|
|
#include "base/strings/stringprintf.h"
|
2017-03-28 12:21:43 -04:00
|
|
|
|
#include "gtest/gtest.h"
|
|
|
|
|
|
|
|
|
|
|
|
namespace crashpad {
|
|
|
|
|
|
namespace test {
|
|
|
|
|
|
namespace {
|
|
|
|
|
|
|
|
|
|
|
|
bool ScopedMmapResetMmap(ScopedMmap* mapping, size_t len) {
|
|
|
|
|
|
return mapping->ResetMmap(
|
|
|
|
|
|
nullptr, len, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANON, -1, 0);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-30 22:39:39 -04:00
|
|
|
|
void* BareMmap(size_t len) {
|
|
|
|
|
|
return mmap(
|
|
|
|
|
|
nullptr, len, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANON, -1, 0);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-28 12:21:43 -04:00
|
|
|
|
// A weird class. This is used to test that memory-mapped regions are freed
|
|
|
|
|
|
// as expected by calling munmap(). This is difficult to test well because once
|
|
|
|
|
|
// a region has been unmapped, the address space it formerly occupied becomes
|
|
|
|
|
|
// eligible for reuse.
|
|
|
|
|
|
//
|
2017-03-30 22:39:39 -04:00
|
|
|
|
// The strategy taken here is that a random 64-bit cookie value is written into
|
|
|
|
|
|
// a mapped region by SetUp(). While the mapping is active, Check() should not
|
|
|
|
|
|
// crash, or for a gtest expectation, Expected() and Observed() should not crash
|
|
|
|
|
|
// and should be equal. After the region is unmapped, Check() should crash,
|
|
|
|
|
|
// either because the region has been unmapped and the address not reused, the
|
|
|
|
|
|
// address has been reused but is protected against reading (unlikely), or
|
|
|
|
|
|
// because the address has been reused but the cookie value is no longer present
|
|
|
|
|
|
// there.
|
2017-03-28 12:21:43 -04:00
|
|
|
|
class TestCookie {
|
|
|
|
|
|
public:
|
|
|
|
|
|
// A weird constructor for a weird class. The member variable initialization
|
|
|
|
|
|
// assures that Check() won’t crash if called on an object that hasn’t had
|
|
|
|
|
|
// SetUp() called on it.
|
|
|
|
|
|
explicit TestCookie() : address_(&cookie_), cookie_(0) {}
|
|
|
|
|
|
|
|
|
|
|
|
~TestCookie() {}
|
|
|
|
|
|
|
|
|
|
|
|
void SetUp(uint64_t* address) {
|
|
|
|
|
|
address_ = address, cookie_ = base::RandUint64();
|
|
|
|
|
|
*address_ = cookie_;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-30 22:39:39 -04:00
|
|
|
|
uint64_t Expected() const { return cookie_; }
|
|
|
|
|
|
uint64_t Observed() const { return *address_; }
|
|
|
|
|
|
|
|
|
|
|
|
void Check() const {
|
|
|
|
|
|
if (Observed() != Expected()) {
|
2017-03-28 12:21:43 -04:00
|
|
|
|
__builtin_trap();
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
private:
|
|
|
|
|
|
uint64_t* address_;
|
|
|
|
|
|
uint64_t cookie_;
|
|
|
|
|
|
|
|
|
|
|
|
DISALLOW_COPY_AND_ASSIGN(TestCookie);
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
TEST(ScopedMmap, Mmap) {
|
|
|
|
|
|
TestCookie cookie;
|
|
|
|
|
|
|
|
|
|
|
|
ScopedMmap mapping;
|
|
|
|
|
|
EXPECT_FALSE(mapping.is_valid());
|
|
|
|
|
|
EXPECT_EQ(MAP_FAILED, mapping.addr());
|
|
|
|
|
|
EXPECT_EQ(0u, mapping.len());
|
|
|
|
|
|
|
2017-03-30 22:39:39 -04:00
|
|
|
|
ASSERT_TRUE(mapping.Reset());
|
2017-03-28 12:21:43 -04:00
|
|
|
|
EXPECT_FALSE(mapping.is_valid());
|
|
|
|
|
|
|
|
|
|
|
|
const size_t kPageSize = base::checked_cast<size_t>(getpagesize());
|
|
|
|
|
|
ASSERT_TRUE(ScopedMmapResetMmap(&mapping, kPageSize));
|
|
|
|
|
|
EXPECT_TRUE(mapping.is_valid());
|
|
|
|
|
|
EXPECT_NE(MAP_FAILED, mapping.addr());
|
|
|
|
|
|
EXPECT_EQ(kPageSize, mapping.len());
|
|
|
|
|
|
|
|
|
|
|
|
cookie.SetUp(mapping.addr_as<uint64_t*>());
|
2017-03-30 22:39:39 -04:00
|
|
|
|
EXPECT_EQ(cookie.Expected(), cookie.Observed());
|
2017-03-28 12:21:43 -04:00
|
|
|
|
|
2017-03-30 22:39:39 -04:00
|
|
|
|
ASSERT_TRUE(mapping.Reset());
|
2017-03-28 12:21:43 -04:00
|
|
|
|
EXPECT_FALSE(mapping.is_valid());
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
TEST(ScopedMmapDeathTest, Destructor) {
|
|
|
|
|
|
TestCookie cookie;
|
|
|
|
|
|
{
|
|
|
|
|
|
ScopedMmap mapping;
|
|
|
|
|
|
|
|
|
|
|
|
const size_t kPageSize = base::checked_cast<size_t>(getpagesize());
|
|
|
|
|
|
ASSERT_TRUE(ScopedMmapResetMmap(&mapping, kPageSize));
|
|
|
|
|
|
EXPECT_TRUE(mapping.is_valid());
|
|
|
|
|
|
EXPECT_NE(MAP_FAILED, mapping.addr());
|
|
|
|
|
|
EXPECT_EQ(kPageSize, mapping.len());
|
|
|
|
|
|
|
|
|
|
|
|
cookie.SetUp(mapping.addr_as<uint64_t*>());
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
EXPECT_DEATH(cookie.Check(), "");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
TEST(ScopedMmapDeathTest, Reset) {
|
|
|
|
|
|
ScopedMmap mapping;
|
|
|
|
|
|
|
|
|
|
|
|
const size_t kPageSize = base::checked_cast<size_t>(getpagesize());
|
|
|
|
|
|
ASSERT_TRUE(ScopedMmapResetMmap(&mapping, kPageSize));
|
|
|
|
|
|
EXPECT_TRUE(mapping.is_valid());
|
|
|
|
|
|
EXPECT_NE(MAP_FAILED, mapping.addr());
|
|
|
|
|
|
EXPECT_EQ(kPageSize, mapping.len());
|
|
|
|
|
|
|
|
|
|
|
|
TestCookie cookie;
|
|
|
|
|
|
cookie.SetUp(mapping.addr_as<uint64_t*>());
|
|
|
|
|
|
|
2017-03-30 22:39:39 -04:00
|
|
|
|
ASSERT_TRUE(mapping.Reset());
|
2017-03-28 12:21:43 -04:00
|
|
|
|
|
|
|
|
|
|
EXPECT_DEATH(cookie.Check(), "");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-30 22:39:39 -04:00
|
|
|
|
TEST(ScopedMmapDeathTest, ResetAddrLen_Shrink) {
|
|
|
|
|
|
ScopedMmap mapping;
|
|
|
|
|
|
|
|
|
|
|
|
// Start with three pages mapped.
|
|
|
|
|
|
const size_t kPageSize = base::checked_cast<size_t>(getpagesize());
|
|
|
|
|
|
ASSERT_TRUE(ScopedMmapResetMmap(&mapping, 3 * kPageSize));
|
|
|
|
|
|
EXPECT_TRUE(mapping.is_valid());
|
|
|
|
|
|
EXPECT_NE(MAP_FAILED, mapping.addr());
|
|
|
|
|
|
EXPECT_EQ(3 * kPageSize, mapping.len());
|
|
|
|
|
|
|
|
|
|
|
|
TestCookie cookies[3];
|
|
|
|
|
|
for (size_t index = 0; index < arraysize(cookies); ++index) {
|
|
|
|
|
|
cookies[index].SetUp(reinterpret_cast<uint64_t*>(
|
|
|
|
|
|
mapping.addr_as<uintptr_t>() + index * kPageSize));
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// Reset to the second page. The first and third pages should be unmapped.
|
|
|
|
|
|
void* const new_addr =
|
|
|
|
|
|
reinterpret_cast<void*>(mapping.addr_as<uintptr_t>() + kPageSize);
|
|
|
|
|
|
ASSERT_TRUE(mapping.ResetAddrLen(new_addr, kPageSize));
|
|
|
|
|
|
EXPECT_TRUE(mapping.is_valid());
|
|
|
|
|
|
EXPECT_EQ(new_addr, mapping.addr());
|
|
|
|
|
|
EXPECT_EQ(kPageSize, mapping.len());
|
|
|
|
|
|
|
|
|
|
|
|
EXPECT_EQ(cookies[1].Expected(), cookies[1].Observed());
|
|
|
|
|
|
|
|
|
|
|
|
EXPECT_DEATH(cookies[0].Check(), "");
|
|
|
|
|
|
EXPECT_DEATH(cookies[2].Check(), "");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
TEST(ScopedMmap, ResetAddrLen_Grow) {
|
|
|
|
|
|
// Start with three pages mapped, but ScopedMmap only aware of the the second
|
|
|
|
|
|
// page.
|
|
|
|
|
|
const size_t kPageSize = base::checked_cast<size_t>(getpagesize());
|
|
|
|
|
|
void* pages = BareMmap(3 * kPageSize);
|
|
|
|
|
|
ASSERT_NE(MAP_FAILED, pages);
|
|
|
|
|
|
|
|
|
|
|
|
ScopedMmap mapping;
|
|
|
|
|
|
void* const old_addr =
|
|
|
|
|
|
reinterpret_cast<void*>(reinterpret_cast<uintptr_t>(pages) + kPageSize);
|
|
|
|
|
|
ASSERT_TRUE(mapping.ResetAddrLen(old_addr, kPageSize));
|
|
|
|
|
|
EXPECT_TRUE(mapping.is_valid());
|
|
|
|
|
|
EXPECT_EQ(old_addr, mapping.addr());
|
|
|
|
|
|
EXPECT_EQ(kPageSize, mapping.len());
|
|
|
|
|
|
|
|
|
|
|
|
TestCookie cookies[3];
|
|
|
|
|
|
for (size_t index = 0; index < arraysize(cookies); ++index) {
|
|
|
|
|
|
cookies[index].SetUp(reinterpret_cast<uint64_t*>(
|
|
|
|
|
|
reinterpret_cast<uintptr_t>(pages) + index * kPageSize));
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// Reset to all three pages. Nothing should be unmapped until destruction.
|
|
|
|
|
|
ASSERT_TRUE(mapping.ResetAddrLen(pages, 3 * kPageSize));
|
|
|
|
|
|
EXPECT_TRUE(mapping.is_valid());
|
|
|
|
|
|
EXPECT_EQ(pages, mapping.addr());
|
|
|
|
|
|
EXPECT_EQ(3 * kPageSize, mapping.len());
|
|
|
|
|
|
|
|
|
|
|
|
for (size_t index = 0; index < arraysize(cookies); ++index) {
|
|
|
|
|
|
SCOPED_TRACE(base::StringPrintf("index %zu", index));
|
|
|
|
|
|
EXPECT_EQ(cookies[index].Expected(), cookies[index].Observed());
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
TEST(ScopedMmapDeathTest, ResetAddrLen_MoveDownAndGrow) {
|
|
|
|
|
|
// Start with three pages mapped, but ScopedMmap only aware of the third page.
|
|
|
|
|
|
const size_t kPageSize = base::checked_cast<size_t>(getpagesize());
|
|
|
|
|
|
void* pages = BareMmap(3 * kPageSize);
|
|
|
|
|
|
ASSERT_NE(MAP_FAILED, pages);
|
|
|
|
|
|
|
|
|
|
|
|
ScopedMmap mapping;
|
|
|
|
|
|
void* const old_addr = reinterpret_cast<void*>(
|
|
|
|
|
|
reinterpret_cast<uintptr_t>(pages) + 2 * kPageSize);
|
|
|
|
|
|
ASSERT_TRUE(mapping.ResetAddrLen(old_addr, kPageSize));
|
|
|
|
|
|
EXPECT_TRUE(mapping.is_valid());
|
|
|
|
|
|
EXPECT_EQ(old_addr, mapping.addr());
|
|
|
|
|
|
EXPECT_EQ(kPageSize, mapping.len());
|
|
|
|
|
|
|
|
|
|
|
|
TestCookie cookies[3];
|
|
|
|
|
|
for (size_t index = 0; index < arraysize(cookies); ++index) {
|
|
|
|
|
|
cookies[index].SetUp(reinterpret_cast<uint64_t*>(
|
|
|
|
|
|
reinterpret_cast<uintptr_t>(pages) + index * kPageSize));
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// Reset to the first two pages. The third page should be unmapped.
|
|
|
|
|
|
ASSERT_TRUE(mapping.ResetAddrLen(pages, 2 * kPageSize));
|
|
|
|
|
|
EXPECT_TRUE(mapping.is_valid());
|
|
|
|
|
|
EXPECT_EQ(pages, mapping.addr());
|
|
|
|
|
|
EXPECT_EQ(2 * kPageSize, mapping.len());
|
|
|
|
|
|
|
|
|
|
|
|
EXPECT_EQ(cookies[0].Expected(), cookies[0].Observed());
|
|
|
|
|
|
EXPECT_EQ(cookies[1].Expected(), cookies[1].Observed());
|
|
|
|
|
|
|
|
|
|
|
|
EXPECT_DEATH(cookies[2].Check(), "");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
TEST(ScopedMmapDeathTest, ResetAddrLen_MoveUpAndShrink) {
|
|
|
|
|
|
// Start with three pages mapped, but ScopedMmap only aware of the first two
|
|
|
|
|
|
// pages.
|
|
|
|
|
|
const size_t kPageSize = base::checked_cast<size_t>(getpagesize());
|
|
|
|
|
|
void* pages = BareMmap(3 * kPageSize);
|
|
|
|
|
|
ASSERT_NE(MAP_FAILED, pages);
|
|
|
|
|
|
|
|
|
|
|
|
ScopedMmap mapping;
|
|
|
|
|
|
ASSERT_TRUE(mapping.ResetAddrLen(pages, 2 * kPageSize));
|
|
|
|
|
|
EXPECT_TRUE(mapping.is_valid());
|
|
|
|
|
|
EXPECT_EQ(pages, mapping.addr());
|
|
|
|
|
|
EXPECT_EQ(2 * kPageSize, mapping.len());
|
|
|
|
|
|
|
|
|
|
|
|
TestCookie cookies[3];
|
|
|
|
|
|
for (size_t index = 0; index < arraysize(cookies); ++index) {
|
|
|
|
|
|
cookies[index].SetUp(reinterpret_cast<uint64_t*>(
|
|
|
|
|
|
reinterpret_cast<uintptr_t>(pages) + index * kPageSize));
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// Reset to the third page. The first two pages should be unmapped.
|
|
|
|
|
|
void* const new_addr =
|
|
|
|
|
|
reinterpret_cast<void*>(mapping.addr_as<uintptr_t>() + 2 * kPageSize);
|
|
|
|
|
|
ASSERT_TRUE(mapping.ResetAddrLen(new_addr, kPageSize));
|
|
|
|
|
|
EXPECT_TRUE(mapping.is_valid());
|
|
|
|
|
|
EXPECT_EQ(new_addr, mapping.addr());
|
|
|
|
|
|
EXPECT_EQ(kPageSize, mapping.len());
|
|
|
|
|
|
|
|
|
|
|
|
EXPECT_EQ(cookies[2].Expected(), cookies[2].Observed());
|
|
|
|
|
|
|
|
|
|
|
|
EXPECT_DEATH(cookies[0].Check(), "");
|
|
|
|
|
|
EXPECT_DEATH(cookies[1].Check(), "");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2017-03-28 12:21:43 -04:00
|
|
|
|
TEST(ScopedMmapDeathTest, ResetMmap) {
|
|
|
|
|
|
ScopedMmap mapping;
|
|
|
|
|
|
|
|
|
|
|
|
// Calling ScopedMmap::ResetMmap() frees the existing mapping before
|
|
|
|
|
|
// establishing the new one, so the new one may wind up at the same address as
|
|
|
|
|
|
// the old. In fact, this is likely. Create a two-page mapping and replace it
|
|
|
|
|
|
// with a single-page mapping, so that the test can assure that the second
|
|
|
|
|
|
// page isn’t mapped after establishing the second mapping.
|
|
|
|
|
|
const size_t kPageSize = base::checked_cast<size_t>(getpagesize());
|
|
|
|
|
|
ASSERT_TRUE(ScopedMmapResetMmap(&mapping, 2 * kPageSize));
|
|
|
|
|
|
EXPECT_TRUE(mapping.is_valid());
|
|
|
|
|
|
EXPECT_NE(MAP_FAILED, mapping.addr());
|
|
|
|
|
|
EXPECT_EQ(2 * kPageSize, mapping.len());
|
|
|
|
|
|
|
|
|
|
|
|
TestCookie cookie;
|
|
|
|
|
|
cookie.SetUp(
|
|
|
|
|
|
reinterpret_cast<uint64_t*>(mapping.addr_as<char*>() + kPageSize));
|
|
|
|
|
|
|
|
|
|
|
|
ASSERT_TRUE(ScopedMmapResetMmap(&mapping, kPageSize));
|
|
|
|
|
|
EXPECT_TRUE(mapping.is_valid());
|
|
|
|
|
|
EXPECT_NE(MAP_FAILED, mapping.addr());
|
|
|
|
|
|
EXPECT_EQ(kPageSize, mapping.len());
|
|
|
|
|
|
|
|
|
|
|
|
EXPECT_DEATH(cookie.Check(), "");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
TEST(ScopedMmapDeathTest, Mprotect) {
|
|
|
|
|
|
ScopedMmap mapping;
|
|
|
|
|
|
|
|
|
|
|
|
const size_t kPageSize = base::checked_cast<size_t>(getpagesize());
|
|
|
|
|
|
ASSERT_TRUE(ScopedMmapResetMmap(&mapping, kPageSize));
|
|
|
|
|
|
EXPECT_TRUE(mapping.is_valid());
|
|
|
|
|
|
EXPECT_NE(MAP_FAILED, mapping.addr());
|
|
|
|
|
|
EXPECT_EQ(kPageSize, mapping.len());
|
|
|
|
|
|
|
|
|
|
|
|
char* addr = mapping.addr_as<char*>();
|
|
|
|
|
|
*addr = 0;
|
|
|
|
|
|
|
|
|
|
|
|
ASSERT_TRUE(mapping.Mprotect(PROT_READ));
|
|
|
|
|
|
|
|
|
|
|
|
EXPECT_DEATH(*addr = 0, "");
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
} // namespace
|
|
|
|
|
|
} // namespace test
|
|
|
|
|
|
} // namespace crashpad
|
