mirror of
https://github.com/chromium/crashpad.git
synced 2024-12-29 00:29:20 +08:00
44e32fe123
These tests: - InitializationState.InitializationState - InitializationStateDcheckDeathTest.Destroyed_NotUninitialized - InitializationStateDcheckDeathTest.Destroyed_NotValid rely on certain behavior from destroyed objects. This is undefined behavior and we know it, but the whole point of the of InitializationState and InitializationStateDcheck destructors is to try to help catch other parts of the program making use of undefined behavior. To make it impossible for the memory that formerly hosted these objects to be repurposed during tests after the objects are destroyed, these tests that attempt to work with destroyed objects are changed to use placement new, so that the lifetimes of the objects can be decoupled from the lifetimes of the buffers. Test: crashpad_util_test InitializationState* Change-Id: Ie972a54116c8b90a21a502d3ba13623583dfac06 Reviewed-on: https://chromium-review.googlesource.com/486383 Reviewed-by: Joshua Peraza <jperaza@chromium.org>
69 lines
2.4 KiB
C++
69 lines
2.4 KiB
C++
// Copyright 2014 The Crashpad Authors. All rights reserved.
|
||
//
|
||
// Licensed under the Apache License, Version 2.0 (the "License");
|
||
// you may not use this file except in compliance with the License.
|
||
// You may obtain a copy of the License at
|
||
//
|
||
// http://www.apache.org/licenses/LICENSE-2.0
|
||
//
|
||
// Unless required by applicable law or agreed to in writing, software
|
||
// distributed under the License is distributed on an "AS IS" BASIS,
|
||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||
// See the License for the specific language governing permissions and
|
||
// limitations under the License.
|
||
|
||
#include "util/misc/initialization_state.h"
|
||
|
||
#include <stdlib.h>
|
||
|
||
#include <memory>
|
||
|
||
#include "base/memory/free_deleter.h"
|
||
#include "gtest/gtest.h"
|
||
|
||
namespace crashpad {
|
||
namespace test {
|
||
namespace {
|
||
|
||
TEST(InitializationState, InitializationState) {
|
||
// Use placement new so that the buffer used to host the object remains live
|
||
// even after the object is destroyed.
|
||
std::unique_ptr<InitializationState, base::FreeDeleter>
|
||
initialization_state_buffer(
|
||
static_cast<InitializationState*>(malloc(sizeof(InitializationState))));
|
||
|
||
InitializationState* initialization_state =
|
||
new (initialization_state_buffer.get()) InitializationState();
|
||
|
||
EXPECT_TRUE(initialization_state->is_uninitialized());
|
||
EXPECT_FALSE(initialization_state->is_valid());
|
||
|
||
initialization_state->set_invalid();
|
||
|
||
EXPECT_FALSE(initialization_state->is_uninitialized());
|
||
EXPECT_FALSE(initialization_state->is_valid());
|
||
|
||
initialization_state->set_valid();
|
||
|
||
EXPECT_FALSE(initialization_state->is_uninitialized());
|
||
EXPECT_TRUE(initialization_state->is_valid());
|
||
|
||
initialization_state->~InitializationState();
|
||
|
||
// initialization_state points to something that no longer exists. This
|
||
// portion of the test is intended to check that after an InitializationState
|
||
// object is destroyed, it will not be considered valid on a use-after-free,
|
||
// assuming that nothing else was written to its former home in memory.
|
||
//
|
||
// Because initialization_state was constructed via placement new into a
|
||
// buffer that’s still valid and its destructor was called directly, this
|
||
// approximates use-after-free without risking that the memory formerly used
|
||
// for the InitializationState object has been repurposed.
|
||
EXPECT_FALSE(initialization_state->is_uninitialized());
|
||
EXPECT_FALSE(initialization_state->is_valid());
|
||
}
|
||
|
||
} // namespace
|
||
} // namespace test
|
||
} // namespace crashpad
|