1 // Copyright 2005, Google Inc.
2 // All rights reserved.
3 //
4 // Redistribution and use in source and binary forms, with or without
5 // modification, are permitted provided that the following conditions are
6 // met:
7 //
8 // * Redistributions of source code must retain the above copyright
9 // notice, this list of conditions and the following disclaimer.
10 // * Redistributions in binary form must reproduce the above
11 // copyright notice, this list of conditions and the following disclaimer
12 // in the documentation and/or other materials provided with the
13 // distribution.
14 // * Neither the name of Google Inc. nor the names of its
15 // contributors may be used to endorse or promote products derived from
16 // this software without specific prior written permission.
17 //
18 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19 // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20 // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21 // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
22 // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
24 // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26 // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
28 // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29
30 //
31 // This file implements death tests.
32
33 #include "gtest/gtest-death-test.h"
34
35 #include <functional>
36 #include <utility>
37
38 #include "gtest/internal/gtest-port.h"
39 #include "gtest/internal/custom/gtest.h"
40
41 #if GTEST_HAS_DEATH_TEST
42
43 # if GTEST_OS_MAC
44 # include <crt_externs.h>
45 # endif // GTEST_OS_MAC
46
47 # include <errno.h>
48 # include <fcntl.h>
49 # include <limits.h>
50
51 # if GTEST_OS_LINUX
52 # include <signal.h>
53 # endif // GTEST_OS_LINUX
54
55 # include <stdarg.h>
56
57 # if GTEST_OS_WINDOWS
58 # include <windows.h>
59 # else
60 # include <sys/mman.h>
61 # include <sys/wait.h>
62 # endif // GTEST_OS_WINDOWS
63
64 # if GTEST_OS_QNX
65 # include <spawn.h>
66 # endif // GTEST_OS_QNX
67
68 # if GTEST_OS_FUCHSIA
69 # include <lib/fdio/fd.h>
70 # include <lib/fdio/io.h>
71 # include <lib/fdio/spawn.h>
72 # include <lib/zx/channel.h>
73 # include <lib/zx/port.h>
74 # include <lib/zx/process.h>
75 # include <lib/zx/socket.h>
76 # include <zircon/processargs.h>
77 # include <zircon/syscalls.h>
78 # include <zircon/syscalls/policy.h>
79 # include <zircon/syscalls/port.h>
80 # endif // GTEST_OS_FUCHSIA
81
82 #endif // GTEST_HAS_DEATH_TEST
83
84 #include "gtest/gtest-message.h"
85 #include "gtest/internal/gtest-string.h"
86 #include "src/gtest-internal-inl.h"
87
88 namespace testing {
89
90 // Constants.
91
92 // The default death test style.
93 //
94 // This is defined in internal/gtest-port.h as "fast", but can be overridden by
95 // a definition in internal/custom/gtest-port.h. The recommended value, which is
96 // used internally at Google, is "threadsafe".
97 static const char kDefaultDeathTestStyle[] = GTEST_DEFAULT_DEATH_TEST_STYLE;
98
99 GTEST_DEFINE_string_(
100 death_test_style,
101 internal::StringFromGTestEnv("death_test_style", kDefaultDeathTestStyle),
102 "Indicates how to run a death test in a forked child process: "
103 "\"threadsafe\" (child process re-executes the test binary "
104 "from the beginning, running only the specific death test) or "
105 "\"fast\" (child process runs the death test immediately "
106 "after forking).");
107
108 GTEST_DEFINE_bool_(
109 death_test_use_fork,
110 internal::BoolFromGTestEnv("death_test_use_fork", false),
111 "Instructs to use fork()/_exit() instead of clone() in death tests. "
112 "Ignored and always uses fork() on POSIX systems where clone() is not "
113 "implemented. Useful when running under valgrind or similar tools if "
114 "those do not support clone(). Valgrind 3.3.1 will just fail if "
115 "it sees an unsupported combination of clone() flags. "
116 "It is not recommended to use this flag w/o valgrind though it will "
117 "work in 99% of the cases. Once valgrind is fixed, this flag will "
118 "most likely be removed.");
119
120 namespace internal {
121 GTEST_DEFINE_string_(
122 internal_run_death_test, "",
123 "Indicates the file, line number, temporal index of "
124 "the single death test to run, and a file descriptor to "
125 "which a success code may be sent, all separated by "
126 "the '|' characters. This flag is specified if and only if the "
127 "current process is a sub-process launched for running a thread-safe "
128 "death test. FOR INTERNAL USE ONLY.");
129 } // namespace internal
130
131 #if GTEST_HAS_DEATH_TEST
132
133 namespace internal {
134
135 // Valid only for fast death tests. Indicates the code is running in the
136 // child process of a fast style death test.
137 # if !GTEST_OS_WINDOWS && !GTEST_OS_FUCHSIA
138 static bool g_in_fast_death_test_child = false;
139 # endif
140
141 // Returns a Boolean value indicating whether the caller is currently
142 // executing in the context of the death test child process. Tools such as
143 // Valgrind heap checkers may need this to modify their behavior in death
144 // tests. IMPORTANT: This is an internal utility. Using it may break the
145 // implementation of death tests. User code MUST NOT use it.
InDeathTestChild()146 bool InDeathTestChild() {
147 # if GTEST_OS_WINDOWS || GTEST_OS_FUCHSIA
148
149 // On Windows and Fuchsia, death tests are thread-safe regardless of the value
150 // of the death_test_style flag.
151 return !GTEST_FLAG(internal_run_death_test).empty();
152
153 # else
154
155 if (GTEST_FLAG(death_test_style) == "threadsafe")
156 return !GTEST_FLAG(internal_run_death_test).empty();
157 else
158 return g_in_fast_death_test_child;
159 #endif
160 }
161
162 } // namespace internal
163
164 // ExitedWithCode constructor.
ExitedWithCode(int exit_code)165 ExitedWithCode::ExitedWithCode(int exit_code) : exit_code_(exit_code) {
166 }
167
168 // ExitedWithCode function-call operator.
operator ()(int exit_status) const169 bool ExitedWithCode::operator()(int exit_status) const {
170 # if GTEST_OS_WINDOWS || GTEST_OS_FUCHSIA
171
172 return exit_status == exit_code_;
173
174 # else
175
176 return WIFEXITED(exit_status) && WEXITSTATUS(exit_status) == exit_code_;
177
178 # endif // GTEST_OS_WINDOWS || GTEST_OS_FUCHSIA
179 }
180
181 # if !GTEST_OS_WINDOWS && !GTEST_OS_FUCHSIA
182 // KilledBySignal constructor.
KilledBySignal(int signum)183 KilledBySignal::KilledBySignal(int signum) : signum_(signum) {
184 }
185
186 // KilledBySignal function-call operator.
operator ()(int exit_status) const187 bool KilledBySignal::operator()(int exit_status) const {
188 # if defined(GTEST_KILLED_BY_SIGNAL_OVERRIDE_)
189 {
190 bool result;
191 if (GTEST_KILLED_BY_SIGNAL_OVERRIDE_(signum_, exit_status, &result)) {
192 return result;
193 }
194 }
195 # endif // defined(GTEST_KILLED_BY_SIGNAL_OVERRIDE_)
196 return WIFSIGNALED(exit_status) && WTERMSIG(exit_status) == signum_;
197 }
198 # endif // !GTEST_OS_WINDOWS && !GTEST_OS_FUCHSIA
199
200 namespace internal {
201
202 // Utilities needed for death tests.
203
204 // Generates a textual description of a given exit code, in the format
205 // specified by wait(2).
ExitSummary(int exit_code)206 static std::string ExitSummary(int exit_code) {
207 Message m;
208
209 # if GTEST_OS_WINDOWS || GTEST_OS_FUCHSIA
210
211 m << "Exited with exit status " << exit_code;
212
213 # else
214
215 if (WIFEXITED(exit_code)) {
216 m << "Exited with exit status " << WEXITSTATUS(exit_code);
217 } else if (WIFSIGNALED(exit_code)) {
218 m << "Terminated by signal " << WTERMSIG(exit_code);
219 }
220 # ifdef WCOREDUMP
221 if (WCOREDUMP(exit_code)) {
222 m << " (core dumped)";
223 }
224 # endif
225 # endif // GTEST_OS_WINDOWS || GTEST_OS_FUCHSIA
226
227 return m.GetString();
228 }
229
230 // Returns true if exit_status describes a process that was terminated
231 // by a signal, or exited normally with a nonzero exit code.
ExitedUnsuccessfully(int exit_status)232 bool ExitedUnsuccessfully(int exit_status) {
233 return !ExitedWithCode(0)(exit_status);
234 }
235
236 # if !GTEST_OS_WINDOWS && !GTEST_OS_FUCHSIA
237 // Generates a textual failure message when a death test finds more than
238 // one thread running, or cannot determine the number of threads, prior
239 // to executing the given statement. It is the responsibility of the
240 // caller not to pass a thread_count of 1.
DeathTestThreadWarning(size_t thread_count)241 static std::string DeathTestThreadWarning(size_t thread_count) {
242 Message msg;
243 msg << "Death tests use fork(), which is unsafe particularly"
244 << " in a threaded context. For this test, " << GTEST_NAME_ << " ";
245 if (thread_count == 0) {
246 msg << "couldn't detect the number of threads.";
247 } else {
248 msg << "detected " << thread_count << " threads.";
249 }
250 msg << " See "
251 "https://github.com/google/googletest/blob/master/googletest/docs/"
252 "advanced.md#death-tests-and-threads"
253 << " for more explanation and suggested solutions, especially if"
254 << " this is the last message you see before your test times out.";
255 return msg.GetString();
256 }
257 # endif // !GTEST_OS_WINDOWS && !GTEST_OS_FUCHSIA
258
259 // Flag characters for reporting a death test that did not die.
260 static const char kDeathTestLived = 'L';
261 static const char kDeathTestReturned = 'R';
262 static const char kDeathTestThrew = 'T';
263 static const char kDeathTestInternalError = 'I';
264
265 #if GTEST_OS_FUCHSIA
266
267 // File descriptor used for the pipe in the child process.
268 static const int kFuchsiaReadPipeFd = 3;
269
270 #endif
271
272 // An enumeration describing all of the possible ways that a death test can
273 // conclude. DIED means that the process died while executing the test
274 // code; LIVED means that process lived beyond the end of the test code;
275 // RETURNED means that the test statement attempted to execute a return
276 // statement, which is not allowed; THREW means that the test statement
277 // returned control by throwing an exception. IN_PROGRESS means the test
278 // has not yet concluded.
279 enum DeathTestOutcome { IN_PROGRESS, DIED, LIVED, RETURNED, THREW };
280
281 // Routine for aborting the program which is safe to call from an
282 // exec-style death test child process, in which case the error
283 // message is propagated back to the parent process. Otherwise, the
284 // message is simply printed to stderr. In either case, the program
285 // then exits with status 1.
DeathTestAbort(const std::string & message)286 static void DeathTestAbort(const std::string& message) {
287 // On a POSIX system, this function may be called from a threadsafe-style
288 // death test child process, which operates on a very small stack. Use
289 // the heap for any additional non-minuscule memory requirements.
290 const InternalRunDeathTestFlag* const flag =
291 GetUnitTestImpl()->internal_run_death_test_flag();
292 if (flag != nullptr) {
293 FILE* parent = posix::FDOpen(flag->write_fd(), "w");
294 fputc(kDeathTestInternalError, parent);
295 fprintf(parent, "%s", message.c_str());
296 fflush(parent);
297 _exit(1);
298 } else {
299 fprintf(stderr, "%s", message.c_str());
300 fflush(stderr);
301 posix::Abort();
302 }
303 }
304
305 // A replacement for CHECK that calls DeathTestAbort if the assertion
306 // fails.
307 # define GTEST_DEATH_TEST_CHECK_(expression) \
308 do { \
309 if (!::testing::internal::IsTrue(expression)) { \
310 DeathTestAbort( \
311 ::std::string("CHECK failed: File ") + __FILE__ + ", line " \
312 + ::testing::internal::StreamableToString(__LINE__) + ": " \
313 + #expression); \
314 } \
315 } while (::testing::internal::AlwaysFalse())
316
317 // This macro is similar to GTEST_DEATH_TEST_CHECK_, but it is meant for
318 // evaluating any system call that fulfills two conditions: it must return
319 // -1 on failure, and set errno to EINTR when it is interrupted and
320 // should be tried again. The macro expands to a loop that repeatedly
321 // evaluates the expression as long as it evaluates to -1 and sets
322 // errno to EINTR. If the expression evaluates to -1 but errno is
323 // something other than EINTR, DeathTestAbort is called.
324 # define GTEST_DEATH_TEST_CHECK_SYSCALL_(expression) \
325 do { \
326 int gtest_retval; \
327 do { \
328 gtest_retval = (expression); \
329 } while (gtest_retval == -1 && errno == EINTR); \
330 if (gtest_retval == -1) { \
331 DeathTestAbort( \
332 ::std::string("CHECK failed: File ") + __FILE__ + ", line " \
333 + ::testing::internal::StreamableToString(__LINE__) + ": " \
334 + #expression + " != -1"); \
335 } \
336 } while (::testing::internal::AlwaysFalse())
337
338 // Returns the message describing the last system error in errno.
GetLastErrnoDescription()339 std::string GetLastErrnoDescription() {
340 return errno == 0 ? "" : posix::StrError(errno);
341 }
342
343 // This is called from a death test parent process to read a failure
344 // message from the death test child process and log it with the FATAL
345 // severity. On Windows, the message is read from a pipe handle. On other
346 // platforms, it is read from a file descriptor.
FailFromInternalError(int fd)347 static void FailFromInternalError(int fd) {
348 Message error;
349 char buffer[256];
350 int num_read;
351
352 do {
353 while ((num_read = posix::Read(fd, buffer, 255)) > 0) {
354 buffer[num_read] = '\0';
355 error << buffer;
356 }
357 } while (num_read == -1 && errno == EINTR);
358
359 if (num_read == 0) {
360 GTEST_LOG_(FATAL) << error.GetString();
361 } else {
362 const int last_error = errno;
363 GTEST_LOG_(FATAL) << "Error while reading death test internal: "
364 << GetLastErrnoDescription() << " [" << last_error << "]";
365 }
366 }
367
368 // Death test constructor. Increments the running death test count
369 // for the current test.
DeathTest()370 DeathTest::DeathTest() {
371 TestInfo* const info = GetUnitTestImpl()->current_test_info();
372 if (info == nullptr) {
373 DeathTestAbort("Cannot run a death test outside of a TEST or "
374 "TEST_F construct");
375 }
376 }
377
378 // Creates and returns a death test by dispatching to the current
379 // death test factory.
Create(const char * statement,Matcher<const std::string &> matcher,const char * file,int line,DeathTest ** test)380 bool DeathTest::Create(const char* statement,
381 Matcher<const std::string&> matcher, const char* file,
382 int line, DeathTest** test) {
383 return GetUnitTestImpl()->death_test_factory()->Create(
384 statement, std::move(matcher), file, line, test);
385 }
386
LastMessage()387 const char* DeathTest::LastMessage() {
388 return last_death_test_message_.c_str();
389 }
390
set_last_death_test_message(const std::string & message)391 void DeathTest::set_last_death_test_message(const std::string& message) {
392 last_death_test_message_ = message;
393 }
394
395 std::string DeathTest::last_death_test_message_;
396
397 // Provides cross platform implementation for some death functionality.
398 class DeathTestImpl : public DeathTest {
399 protected:
DeathTestImpl(const char * a_statement,Matcher<const std::string &> matcher)400 DeathTestImpl(const char* a_statement, Matcher<const std::string&> matcher)
401 : statement_(a_statement),
402 matcher_(std::move(matcher)),
403 spawned_(false),
404 status_(-1),
405 outcome_(IN_PROGRESS),
406 read_fd_(-1),
407 write_fd_(-1) {}
408
409 // read_fd_ is expected to be closed and cleared by a derived class.
~DeathTestImpl()410 ~DeathTestImpl() override { GTEST_DEATH_TEST_CHECK_(read_fd_ == -1); }
411
412 void Abort(AbortReason reason) override;
413 bool Passed(bool status_ok) override;
414
statement() const415 const char* statement() const { return statement_; }
spawned() const416 bool spawned() const { return spawned_; }
set_spawned(bool is_spawned)417 void set_spawned(bool is_spawned) { spawned_ = is_spawned; }
status() const418 int status() const { return status_; }
set_status(int a_status)419 void set_status(int a_status) { status_ = a_status; }
outcome() const420 DeathTestOutcome outcome() const { return outcome_; }
set_outcome(DeathTestOutcome an_outcome)421 void set_outcome(DeathTestOutcome an_outcome) { outcome_ = an_outcome; }
read_fd() const422 int read_fd() const { return read_fd_; }
set_read_fd(int fd)423 void set_read_fd(int fd) { read_fd_ = fd; }
write_fd() const424 int write_fd() const { return write_fd_; }
set_write_fd(int fd)425 void set_write_fd(int fd) { write_fd_ = fd; }
426
427 // Called in the parent process only. Reads the result code of the death
428 // test child process via a pipe, interprets it to set the outcome_
429 // member, and closes read_fd_. Outputs diagnostics and terminates in
430 // case of unexpected codes.
431 void ReadAndInterpretStatusByte();
432
433 // Returns stderr output from the child process.
434 virtual std::string GetErrorLogs();
435
436 private:
437 // The textual content of the code this object is testing. This class
438 // doesn't own this string and should not attempt to delete it.
439 const char* const statement_;
440 // A matcher that's expected to match the stderr output by the child process.
441 Matcher<const std::string&> matcher_;
442 // True if the death test child process has been successfully spawned.
443 bool spawned_;
444 // The exit status of the child process.
445 int status_;
446 // How the death test concluded.
447 DeathTestOutcome outcome_;
448 // Descriptor to the read end of the pipe to the child process. It is
449 // always -1 in the child process. The child keeps its write end of the
450 // pipe in write_fd_.
451 int read_fd_;
452 // Descriptor to the child's write end of the pipe to the parent process.
453 // It is always -1 in the parent process. The parent keeps its end of the
454 // pipe in read_fd_.
455 int write_fd_;
456 };
457
458 // Called in the parent process only. Reads the result code of the death
459 // test child process via a pipe, interprets it to set the outcome_
460 // member, and closes read_fd_. Outputs diagnostics and terminates in
461 // case of unexpected codes.
ReadAndInterpretStatusByte()462 void DeathTestImpl::ReadAndInterpretStatusByte() {
463 char flag;
464 int bytes_read;
465
466 // The read() here blocks until data is available (signifying the
467 // failure of the death test) or until the pipe is closed (signifying
468 // its success), so it's okay to call this in the parent before
469 // the child process has exited.
470 do {
471 bytes_read = posix::Read(read_fd(), &flag, 1);
472 } while (bytes_read == -1 && errno == EINTR);
473
474 if (bytes_read == 0) {
475 set_outcome(DIED);
476 } else if (bytes_read == 1) {
477 switch (flag) {
478 case kDeathTestReturned:
479 set_outcome(RETURNED);
480 break;
481 case kDeathTestThrew:
482 set_outcome(THREW);
483 break;
484 case kDeathTestLived:
485 set_outcome(LIVED);
486 break;
487 case kDeathTestInternalError:
488 FailFromInternalError(read_fd()); // Does not return.
489 break;
490 default:
491 GTEST_LOG_(FATAL) << "Death test child process reported "
492 << "unexpected status byte ("
493 << static_cast<unsigned int>(flag) << ")";
494 }
495 } else {
496 GTEST_LOG_(FATAL) << "Read from death test child process failed: "
497 << GetLastErrnoDescription();
498 }
499 GTEST_DEATH_TEST_CHECK_SYSCALL_(posix::Close(read_fd()));
500 set_read_fd(-1);
501 }
502
GetErrorLogs()503 std::string DeathTestImpl::GetErrorLogs() {
504 return GetCapturedStderr();
505 }
506
507 // Signals that the death test code which should have exited, didn't.
508 // Should be called only in a death test child process.
509 // Writes a status byte to the child's status file descriptor, then
510 // calls _exit(1).
Abort(AbortReason reason)511 void DeathTestImpl::Abort(AbortReason reason) {
512 // The parent process considers the death test to be a failure if
513 // it finds any data in our pipe. So, here we write a single flag byte
514 // to the pipe, then exit.
515 const char status_ch =
516 reason == TEST_DID_NOT_DIE ? kDeathTestLived :
517 reason == TEST_THREW_EXCEPTION ? kDeathTestThrew : kDeathTestReturned;
518
519 GTEST_DEATH_TEST_CHECK_SYSCALL_(posix::Write(write_fd(), &status_ch, 1));
520 // We are leaking the descriptor here because on some platforms (i.e.,
521 // when built as Windows DLL), destructors of global objects will still
522 // run after calling _exit(). On such systems, write_fd_ will be
523 // indirectly closed from the destructor of UnitTestImpl, causing double
524 // close if it is also closed here. On debug configurations, double close
525 // may assert. As there are no in-process buffers to flush here, we are
526 // relying on the OS to close the descriptor after the process terminates
527 // when the destructors are not run.
528 _exit(1); // Exits w/o any normal exit hooks (we were supposed to crash)
529 }
530
531 // Returns an indented copy of stderr output for a death test.
532 // This makes distinguishing death test output lines from regular log lines
533 // much easier.
FormatDeathTestOutput(const::std::string & output)534 static ::std::string FormatDeathTestOutput(const ::std::string& output) {
535 ::std::string ret;
536 for (size_t at = 0; ; ) {
537 const size_t line_end = output.find('\n', at);
538 ret += "[ DEATH ] ";
539 if (line_end == ::std::string::npos) {
540 ret += output.substr(at);
541 break;
542 }
543 ret += output.substr(at, line_end + 1 - at);
544 at = line_end + 1;
545 }
546 return ret;
547 }
548
549 // Assesses the success or failure of a death test, using both private
550 // members which have previously been set, and one argument:
551 //
552 // Private data members:
553 // outcome: An enumeration describing how the death test
554 // concluded: DIED, LIVED, THREW, or RETURNED. The death test
555 // fails in the latter three cases.
556 // status: The exit status of the child process. On *nix, it is in the
557 // in the format specified by wait(2). On Windows, this is the
558 // value supplied to the ExitProcess() API or a numeric code
559 // of the exception that terminated the program.
560 // matcher_: A matcher that's expected to match the stderr output by the child
561 // process.
562 //
563 // Argument:
564 // status_ok: true if exit_status is acceptable in the context of
565 // this particular death test, which fails if it is false
566 //
567 // Returns true if and only if all of the above conditions are met. Otherwise,
568 // the first failing condition, in the order given above, is the one that is
569 // reported. Also sets the last death test message string.
Passed(bool status_ok)570 bool DeathTestImpl::Passed(bool status_ok) {
571 if (!spawned())
572 return false;
573
574 const std::string error_message = GetErrorLogs();
575
576 bool success = false;
577 Message buffer;
578
579 buffer << "Death test: " << statement() << "\n";
580 switch (outcome()) {
581 case LIVED:
582 buffer << " Result: failed to die.\n"
583 << " Error msg:\n" << FormatDeathTestOutput(error_message);
584 break;
585 case THREW:
586 buffer << " Result: threw an exception.\n"
587 << " Error msg:\n" << FormatDeathTestOutput(error_message);
588 break;
589 case RETURNED:
590 buffer << " Result: illegal return in test statement.\n"
591 << " Error msg:\n" << FormatDeathTestOutput(error_message);
592 break;
593 case DIED:
594 if (status_ok) {
595 if (matcher_.Matches(error_message)) {
596 success = true;
597 } else {
598 std::ostringstream stream;
599 matcher_.DescribeTo(&stream);
600 buffer << " Result: died but not with expected error.\n"
601 << " Expected: " << stream.str() << "\n"
602 << "Actual msg:\n"
603 << FormatDeathTestOutput(error_message);
604 }
605 } else {
606 buffer << " Result: died but not with expected exit code:\n"
607 << " " << ExitSummary(status()) << "\n"
608 << "Actual msg:\n" << FormatDeathTestOutput(error_message);
609 }
610 break;
611 case IN_PROGRESS:
612 default:
613 GTEST_LOG_(FATAL)
614 << "DeathTest::Passed somehow called before conclusion of test";
615 }
616
617 DeathTest::set_last_death_test_message(buffer.GetString());
618 return success;
619 }
620
621 # if GTEST_OS_WINDOWS
622 // WindowsDeathTest implements death tests on Windows. Due to the
623 // specifics of starting new processes on Windows, death tests there are
624 // always threadsafe, and Google Test considers the
625 // --gtest_death_test_style=fast setting to be equivalent to
626 // --gtest_death_test_style=threadsafe there.
627 //
628 // A few implementation notes: Like the Linux version, the Windows
629 // implementation uses pipes for child-to-parent communication. But due to
630 // the specifics of pipes on Windows, some extra steps are required:
631 //
632 // 1. The parent creates a communication pipe and stores handles to both
633 // ends of it.
634 // 2. The parent starts the child and provides it with the information
635 // necessary to acquire the handle to the write end of the pipe.
636 // 3. The child acquires the write end of the pipe and signals the parent
637 // using a Windows event.
638 // 4. Now the parent can release the write end of the pipe on its side. If
639 // this is done before step 3, the object's reference count goes down to
640 // 0 and it is destroyed, preventing the child from acquiring it. The
641 // parent now has to release it, or read operations on the read end of
642 // the pipe will not return when the child terminates.
643 // 5. The parent reads child's output through the pipe (outcome code and
644 // any possible error messages) from the pipe, and its stderr and then
645 // determines whether to fail the test.
646 //
647 // Note: to distinguish Win32 API calls from the local method and function
648 // calls, the former are explicitly resolved in the global namespace.
649 //
650 class WindowsDeathTest : public DeathTestImpl {
651 public:
WindowsDeathTest(const char * a_statement,Matcher<const std::string &> matcher,const char * file,int line)652 WindowsDeathTest(const char* a_statement, Matcher<const std::string&> matcher,
653 const char* file, int line)
654 : DeathTestImpl(a_statement, std::move(matcher)),
655 file_(file),
656 line_(line) {}
657
658 // All of these virtual functions are inherited from DeathTest.
659 virtual int Wait();
660 virtual TestRole AssumeRole();
661
662 private:
663 // The name of the file in which the death test is located.
664 const char* const file_;
665 // The line number on which the death test is located.
666 const int line_;
667 // Handle to the write end of the pipe to the child process.
668 AutoHandle write_handle_;
669 // Child process handle.
670 AutoHandle child_handle_;
671 // Event the child process uses to signal the parent that it has
672 // acquired the handle to the write end of the pipe. After seeing this
673 // event the parent can release its own handles to make sure its
674 // ReadFile() calls return when the child terminates.
675 AutoHandle event_handle_;
676 };
677
678 // Waits for the child in a death test to exit, returning its exit
679 // status, or 0 if no child process exists. As a side effect, sets the
680 // outcome data member.
Wait()681 int WindowsDeathTest::Wait() {
682 if (!spawned())
683 return 0;
684
685 // Wait until the child either signals that it has acquired the write end
686 // of the pipe or it dies.
687 const HANDLE wait_handles[2] = { child_handle_.Get(), event_handle_.Get() };
688 switch (::WaitForMultipleObjects(2,
689 wait_handles,
690 FALSE, // Waits for any of the handles.
691 INFINITE)) {
692 case WAIT_OBJECT_0:
693 case WAIT_OBJECT_0 + 1:
694 break;
695 default:
696 GTEST_DEATH_TEST_CHECK_(false); // Should not get here.
697 }
698
699 // The child has acquired the write end of the pipe or exited.
700 // We release the handle on our side and continue.
701 write_handle_.Reset();
702 event_handle_.Reset();
703
704 ReadAndInterpretStatusByte();
705
706 // Waits for the child process to exit if it haven't already. This
707 // returns immediately if the child has already exited, regardless of
708 // whether previous calls to WaitForMultipleObjects synchronized on this
709 // handle or not.
710 GTEST_DEATH_TEST_CHECK_(
711 WAIT_OBJECT_0 == ::WaitForSingleObject(child_handle_.Get(),
712 INFINITE));
713 DWORD status_code;
714 GTEST_DEATH_TEST_CHECK_(
715 ::GetExitCodeProcess(child_handle_.Get(), &status_code) != FALSE);
716 child_handle_.Reset();
717 set_status(static_cast<int>(status_code));
718 return status();
719 }
720
721 // The AssumeRole process for a Windows death test. It creates a child
722 // process with the same executable as the current process to run the
723 // death test. The child process is given the --gtest_filter and
724 // --gtest_internal_run_death_test flags such that it knows to run the
725 // current death test only.
AssumeRole()726 DeathTest::TestRole WindowsDeathTest::AssumeRole() {
727 const UnitTestImpl* const impl = GetUnitTestImpl();
728 const InternalRunDeathTestFlag* const flag =
729 impl->internal_run_death_test_flag();
730 const TestInfo* const info = impl->current_test_info();
731 const int death_test_index = info->result()->death_test_count();
732
733 if (flag != nullptr) {
734 // ParseInternalRunDeathTestFlag() has performed all the necessary
735 // processing.
736 set_write_fd(flag->write_fd());
737 return EXECUTE_TEST;
738 }
739
740 // WindowsDeathTest uses an anonymous pipe to communicate results of
741 // a death test.
742 SECURITY_ATTRIBUTES handles_are_inheritable = {sizeof(SECURITY_ATTRIBUTES),
743 nullptr, TRUE};
744 HANDLE read_handle, write_handle;
745 GTEST_DEATH_TEST_CHECK_(
746 ::CreatePipe(&read_handle, &write_handle, &handles_are_inheritable,
747 0) // Default buffer size.
748 != FALSE);
749 set_read_fd(::_open_osfhandle(reinterpret_cast<intptr_t>(read_handle),
750 O_RDONLY));
751 write_handle_.Reset(write_handle);
752 event_handle_.Reset(::CreateEvent(
753 &handles_are_inheritable,
754 TRUE, // The event will automatically reset to non-signaled state.
755 FALSE, // The initial state is non-signalled.
756 nullptr)); // The even is unnamed.
757 GTEST_DEATH_TEST_CHECK_(event_handle_.Get() != nullptr);
758 const std::string filter_flag = std::string("--") + GTEST_FLAG_PREFIX_ +
759 kFilterFlag + "=" + info->test_suite_name() +
760 "." + info->name();
761 const std::string internal_flag =
762 std::string("--") + GTEST_FLAG_PREFIX_ + kInternalRunDeathTestFlag +
763 "=" + file_ + "|" + StreamableToString(line_) + "|" +
764 StreamableToString(death_test_index) + "|" +
765 StreamableToString(static_cast<unsigned int>(::GetCurrentProcessId())) +
766 // size_t has the same width as pointers on both 32-bit and 64-bit
767 // Windows platforms.
768 // See http://msdn.microsoft.com/en-us/library/tcxf1dw6.aspx.
769 "|" + StreamableToString(reinterpret_cast<size_t>(write_handle)) +
770 "|" + StreamableToString(reinterpret_cast<size_t>(event_handle_.Get()));
771
772 char executable_path[_MAX_PATH + 1]; // NOLINT
773 GTEST_DEATH_TEST_CHECK_(_MAX_PATH + 1 != ::GetModuleFileNameA(nullptr,
774 executable_path,
775 _MAX_PATH));
776
777 std::string command_line =
778 std::string(::GetCommandLineA()) + " " + filter_flag + " \"" +
779 internal_flag + "\"";
780
781 DeathTest::set_last_death_test_message("");
782
783 CaptureStderr();
784 // Flush the log buffers since the log streams are shared with the child.
785 FlushInfoLog();
786
787 // The child process will share the standard handles with the parent.
788 STARTUPINFOA startup_info;
789 memset(&startup_info, 0, sizeof(STARTUPINFO));
790 startup_info.dwFlags = STARTF_USESTDHANDLES;
791 startup_info.hStdInput = ::GetStdHandle(STD_INPUT_HANDLE);
792 startup_info.hStdOutput = ::GetStdHandle(STD_OUTPUT_HANDLE);
793 startup_info.hStdError = ::GetStdHandle(STD_ERROR_HANDLE);
794
795 PROCESS_INFORMATION process_info;
796 GTEST_DEATH_TEST_CHECK_(
797 ::CreateProcessA(
798 executable_path, const_cast<char*>(command_line.c_str()),
799 nullptr, // Retuned process handle is not inheritable.
800 nullptr, // Retuned thread handle is not inheritable.
801 TRUE, // Child inherits all inheritable handles (for write_handle_).
802 0x0, // Default creation flags.
803 nullptr, // Inherit the parent's environment.
804 UnitTest::GetInstance()->original_working_dir(), &startup_info,
805 &process_info) != FALSE);
806 child_handle_.Reset(process_info.hProcess);
807 ::CloseHandle(process_info.hThread);
808 set_spawned(true);
809 return OVERSEE_TEST;
810 }
811
812 # elif GTEST_OS_FUCHSIA
813
814 class FuchsiaDeathTest : public DeathTestImpl {
815 public:
FuchsiaDeathTest(const char * a_statement,Matcher<const std::string &> matcher,const char * file,int line)816 FuchsiaDeathTest(const char* a_statement, Matcher<const std::string&> matcher,
817 const char* file, int line)
818 : DeathTestImpl(a_statement, std::move(matcher)),
819 file_(file),
820 line_(line) {}
821
822 // All of these virtual functions are inherited from DeathTest.
823 int Wait() override;
824 TestRole AssumeRole() override;
825 std::string GetErrorLogs() override;
826
827 private:
828 // The name of the file in which the death test is located.
829 const char* const file_;
830 // The line number on which the death test is located.
831 const int line_;
832 // The stderr data captured by the child process.
833 std::string captured_stderr_;
834
835 zx::process child_process_;
836 zx::channel exception_channel_;
837 zx::socket stderr_socket_;
838 };
839
840 // Utility class for accumulating command-line arguments.
841 class Arguments {
842 public:
Arguments()843 Arguments() { args_.push_back(nullptr); }
844
~Arguments()845 ~Arguments() {
846 for (std::vector<char*>::iterator i = args_.begin(); i != args_.end();
847 ++i) {
848 free(*i);
849 }
850 }
AddArgument(const char * argument)851 void AddArgument(const char* argument) {
852 args_.insert(args_.end() - 1, posix::StrDup(argument));
853 }
854
855 template <typename Str>
AddArguments(const::std::vector<Str> & arguments)856 void AddArguments(const ::std::vector<Str>& arguments) {
857 for (typename ::std::vector<Str>::const_iterator i = arguments.begin();
858 i != arguments.end();
859 ++i) {
860 args_.insert(args_.end() - 1, posix::StrDup(i->c_str()));
861 }
862 }
Argv()863 char* const* Argv() {
864 return &args_[0];
865 }
866
size()867 int size() {
868 return args_.size() - 1;
869 }
870
871 private:
872 std::vector<char*> args_;
873 };
874
875 // Waits for the child in a death test to exit, returning its exit
876 // status, or 0 if no child process exists. As a side effect, sets the
877 // outcome data member.
Wait()878 int FuchsiaDeathTest::Wait() {
879 const int kProcessKey = 0;
880 const int kSocketKey = 1;
881 const int kExceptionKey = 2;
882
883 if (!spawned())
884 return 0;
885
886 // Create a port to wait for socket/task/exception events.
887 zx_status_t status_zx;
888 zx::port port;
889 status_zx = zx::port::create(0, &port);
890 GTEST_DEATH_TEST_CHECK_(status_zx == ZX_OK);
891
892 // Register to wait for the child process to terminate.
893 status_zx = child_process_.wait_async(
894 port, kProcessKey, ZX_PROCESS_TERMINATED, ZX_WAIT_ASYNC_ONCE);
895 GTEST_DEATH_TEST_CHECK_(status_zx == ZX_OK);
896
897 // Register to wait for the socket to be readable or closed.
898 status_zx = stderr_socket_.wait_async(
899 port, kSocketKey, ZX_SOCKET_READABLE | ZX_SOCKET_PEER_CLOSED,
900 ZX_WAIT_ASYNC_ONCE);
901 GTEST_DEATH_TEST_CHECK_(status_zx == ZX_OK);
902
903 // Register to wait for an exception.
904 status_zx = exception_channel_.wait_async(
905 port, kExceptionKey, ZX_CHANNEL_READABLE, ZX_WAIT_ASYNC_ONCE);
906 GTEST_DEATH_TEST_CHECK_(status_zx == ZX_OK);
907
908 bool process_terminated = false;
909 bool socket_closed = false;
910 do {
911 zx_port_packet_t packet = {};
912 status_zx = port.wait(zx::time::infinite(), &packet);
913 GTEST_DEATH_TEST_CHECK_(status_zx == ZX_OK);
914
915 if (packet.key == kExceptionKey) {
916 // Process encountered an exception. Kill it directly rather than
917 // letting other handlers process the event. We will get a kProcessKey
918 // event when the process actually terminates.
919 status_zx = child_process_.kill();
920 GTEST_DEATH_TEST_CHECK_(status_zx == ZX_OK);
921 } else if (packet.key == kProcessKey) {
922 // Process terminated.
923 GTEST_DEATH_TEST_CHECK_(ZX_PKT_IS_SIGNAL_ONE(packet.type));
924 GTEST_DEATH_TEST_CHECK_(packet.signal.observed & ZX_PROCESS_TERMINATED);
925 process_terminated = true;
926 } else if (packet.key == kSocketKey) {
927 GTEST_DEATH_TEST_CHECK_(ZX_PKT_IS_SIGNAL_ONE(packet.type));
928 if (packet.signal.observed & ZX_SOCKET_READABLE) {
929 // Read data from the socket.
930 constexpr size_t kBufferSize = 1024;
931 do {
932 size_t old_length = captured_stderr_.length();
933 size_t bytes_read = 0;
934 captured_stderr_.resize(old_length + kBufferSize);
935 status_zx = stderr_socket_.read(
936 0, &captured_stderr_.front() + old_length, kBufferSize,
937 &bytes_read);
938 captured_stderr_.resize(old_length + bytes_read);
939 } while (status_zx == ZX_OK);
940 if (status_zx == ZX_ERR_PEER_CLOSED) {
941 socket_closed = true;
942 } else {
943 GTEST_DEATH_TEST_CHECK_(status_zx == ZX_ERR_SHOULD_WAIT);
944 status_zx = stderr_socket_.wait_async(
945 port, kSocketKey, ZX_SOCKET_READABLE | ZX_SOCKET_PEER_CLOSED,
946 ZX_WAIT_ASYNC_ONCE);
947 GTEST_DEATH_TEST_CHECK_(status_zx == ZX_OK);
948 }
949 } else {
950 GTEST_DEATH_TEST_CHECK_(packet.signal.observed & ZX_SOCKET_PEER_CLOSED);
951 socket_closed = true;
952 }
953 }
954 } while (!process_terminated && !socket_closed);
955
956 ReadAndInterpretStatusByte();
957
958 zx_info_process_t buffer;
959 status_zx = child_process_.get_info(
960 ZX_INFO_PROCESS, &buffer, sizeof(buffer), nullptr, nullptr);
961 GTEST_DEATH_TEST_CHECK_(status_zx == ZX_OK);
962
963 GTEST_DEATH_TEST_CHECK_(buffer.exited);
964 set_status(buffer.return_code);
965 return status();
966 }
967
968 // The AssumeRole process for a Fuchsia death test. It creates a child
969 // process with the same executable as the current process to run the
970 // death test. The child process is given the --gtest_filter and
971 // --gtest_internal_run_death_test flags such that it knows to run the
972 // current death test only.
AssumeRole()973 DeathTest::TestRole FuchsiaDeathTest::AssumeRole() {
974 const UnitTestImpl* const impl = GetUnitTestImpl();
975 const InternalRunDeathTestFlag* const flag =
976 impl->internal_run_death_test_flag();
977 const TestInfo* const info = impl->current_test_info();
978 const int death_test_index = info->result()->death_test_count();
979
980 if (flag != nullptr) {
981 // ParseInternalRunDeathTestFlag() has performed all the necessary
982 // processing.
983 set_write_fd(kFuchsiaReadPipeFd);
984 return EXECUTE_TEST;
985 }
986
987 // Flush the log buffers since the log streams are shared with the child.
988 FlushInfoLog();
989
990 // Build the child process command line.
991 const std::string filter_flag = std::string("--") + GTEST_FLAG_PREFIX_ +
992 kFilterFlag + "=" + info->test_suite_name() +
993 "." + info->name();
994 const std::string internal_flag =
995 std::string("--") + GTEST_FLAG_PREFIX_ + kInternalRunDeathTestFlag + "="
996 + file_ + "|"
997 + StreamableToString(line_) + "|"
998 + StreamableToString(death_test_index);
999 Arguments args;
1000 args.AddArguments(GetInjectableArgvs());
1001 args.AddArgument(filter_flag.c_str());
1002 args.AddArgument(internal_flag.c_str());
1003
1004 // Build the pipe for communication with the child.
1005 zx_status_t status;
1006 zx_handle_t child_pipe_handle;
1007 int child_pipe_fd;
1008 status = fdio_pipe_half(&child_pipe_fd, &child_pipe_handle);
1009 GTEST_DEATH_TEST_CHECK_(status == ZX_OK);
1010 set_read_fd(child_pipe_fd);
1011
1012 // Set the pipe handle for the child.
1013 fdio_spawn_action_t spawn_actions[2] = {};
1014 fdio_spawn_action_t* add_handle_action = &spawn_actions[0];
1015 add_handle_action->action = FDIO_SPAWN_ACTION_ADD_HANDLE;
1016 add_handle_action->h.id = PA_HND(PA_FD, kFuchsiaReadPipeFd);
1017 add_handle_action->h.handle = child_pipe_handle;
1018
1019 // Create a socket pair will be used to receive the child process' stderr.
1020 zx::socket stderr_producer_socket;
1021 status =
1022 zx::socket::create(0, &stderr_producer_socket, &stderr_socket_);
1023 GTEST_DEATH_TEST_CHECK_(status >= 0);
1024 int stderr_producer_fd = -1;
1025 status =
1026 fdio_fd_create(stderr_producer_socket.release(), &stderr_producer_fd);
1027 GTEST_DEATH_TEST_CHECK_(status >= 0);
1028
1029 // Make the stderr socket nonblocking.
1030 GTEST_DEATH_TEST_CHECK_(fcntl(stderr_producer_fd, F_SETFL, 0) == 0);
1031
1032 fdio_spawn_action_t* add_stderr_action = &spawn_actions[1];
1033 add_stderr_action->action = FDIO_SPAWN_ACTION_CLONE_FD;
1034 add_stderr_action->fd.local_fd = stderr_producer_fd;
1035 add_stderr_action->fd.target_fd = STDERR_FILENO;
1036
1037 // Create a child job.
1038 zx_handle_t child_job = ZX_HANDLE_INVALID;
1039 status = zx_job_create(zx_job_default(), 0, & child_job);
1040 GTEST_DEATH_TEST_CHECK_(status == ZX_OK);
1041 zx_policy_basic_t policy;
1042 policy.condition = ZX_POL_NEW_ANY;
1043 policy.policy = ZX_POL_ACTION_ALLOW;
1044 status = zx_job_set_policy(
1045 child_job, ZX_JOB_POL_RELATIVE, ZX_JOB_POL_BASIC, &policy, 1);
1046 GTEST_DEATH_TEST_CHECK_(status == ZX_OK);
1047
1048 // Create an exception channel attached to the |child_job|, to allow
1049 // us to suppress the system default exception handler from firing.
1050 status =
1051 zx_task_create_exception_channel(
1052 child_job, 0, exception_channel_.reset_and_get_address());
1053 GTEST_DEATH_TEST_CHECK_(status == ZX_OK);
1054
1055 // Spawn the child process.
1056 status = fdio_spawn_etc(
1057 child_job, FDIO_SPAWN_CLONE_ALL, args.Argv()[0], args.Argv(), nullptr,
1058 2, spawn_actions, child_process_.reset_and_get_address(), nullptr);
1059 GTEST_DEATH_TEST_CHECK_(status == ZX_OK);
1060
1061 set_spawned(true);
1062 return OVERSEE_TEST;
1063 }
1064
GetErrorLogs()1065 std::string FuchsiaDeathTest::GetErrorLogs() {
1066 return captured_stderr_;
1067 }
1068
1069 #else // We are neither on Windows, nor on Fuchsia.
1070
1071 // ForkingDeathTest provides implementations for most of the abstract
1072 // methods of the DeathTest interface. Only the AssumeRole method is
1073 // left undefined.
1074 class ForkingDeathTest : public DeathTestImpl {
1075 public:
1076 ForkingDeathTest(const char* statement, Matcher<const std::string&> matcher);
1077
1078 // All of these virtual functions are inherited from DeathTest.
1079 int Wait() override;
1080
1081 protected:
set_child_pid(pid_t child_pid)1082 void set_child_pid(pid_t child_pid) { child_pid_ = child_pid; }
1083
1084 private:
1085 // PID of child process during death test; 0 in the child process itself.
1086 pid_t child_pid_;
1087 };
1088
1089 // Constructs a ForkingDeathTest.
ForkingDeathTest(const char * a_statement,Matcher<const std::string &> matcher)1090 ForkingDeathTest::ForkingDeathTest(const char* a_statement,
1091 Matcher<const std::string&> matcher)
1092 : DeathTestImpl(a_statement, std::move(matcher)), child_pid_(-1) {}
1093
1094 // Waits for the child in a death test to exit, returning its exit
1095 // status, or 0 if no child process exists. As a side effect, sets the
1096 // outcome data member.
Wait()1097 int ForkingDeathTest::Wait() {
1098 if (!spawned())
1099 return 0;
1100
1101 ReadAndInterpretStatusByte();
1102
1103 int status_value;
1104 GTEST_DEATH_TEST_CHECK_SYSCALL_(waitpid(child_pid_, &status_value, 0));
1105 set_status(status_value);
1106 return status_value;
1107 }
1108
1109 // A concrete death test class that forks, then immediately runs the test
1110 // in the child process.
1111 class NoExecDeathTest : public ForkingDeathTest {
1112 public:
NoExecDeathTest(const char * a_statement,Matcher<const std::string &> matcher)1113 NoExecDeathTest(const char* a_statement, Matcher<const std::string&> matcher)
1114 : ForkingDeathTest(a_statement, std::move(matcher)) {}
1115 TestRole AssumeRole() override;
1116 };
1117
1118 // The AssumeRole process for a fork-and-run death test. It implements a
1119 // straightforward fork, with a simple pipe to transmit the status byte.
AssumeRole()1120 DeathTest::TestRole NoExecDeathTest::AssumeRole() {
1121 const size_t thread_count = GetThreadCount();
1122 if (thread_count != 1) {
1123 GTEST_LOG_(WARNING) << DeathTestThreadWarning(thread_count);
1124 }
1125
1126 int pipe_fd[2];
1127 GTEST_DEATH_TEST_CHECK_(pipe(pipe_fd) != -1);
1128
1129 DeathTest::set_last_death_test_message("");
1130 CaptureStderr();
1131 // When we fork the process below, the log file buffers are copied, but the
1132 // file descriptors are shared. We flush all log files here so that closing
1133 // the file descriptors in the child process doesn't throw off the
1134 // synchronization between descriptors and buffers in the parent process.
1135 // This is as close to the fork as possible to avoid a race condition in case
1136 // there are multiple threads running before the death test, and another
1137 // thread writes to the log file.
1138 FlushInfoLog();
1139
1140 const pid_t child_pid = fork();
1141 GTEST_DEATH_TEST_CHECK_(child_pid != -1);
1142 set_child_pid(child_pid);
1143 if (child_pid == 0) {
1144 GTEST_DEATH_TEST_CHECK_SYSCALL_(close(pipe_fd[0]));
1145 set_write_fd(pipe_fd[1]);
1146 // Redirects all logging to stderr in the child process to prevent
1147 // concurrent writes to the log files. We capture stderr in the parent
1148 // process and append the child process' output to a log.
1149 LogToStderr();
1150 // Event forwarding to the listeners of event listener API mush be shut
1151 // down in death test subprocesses.
1152 GetUnitTestImpl()->listeners()->SuppressEventForwarding();
1153 g_in_fast_death_test_child = true;
1154 return EXECUTE_TEST;
1155 } else {
1156 GTEST_DEATH_TEST_CHECK_SYSCALL_(close(pipe_fd[1]));
1157 set_read_fd(pipe_fd[0]);
1158 set_spawned(true);
1159 return OVERSEE_TEST;
1160 }
1161 }
1162
1163 // A concrete death test class that forks and re-executes the main
1164 // program from the beginning, with command-line flags set that cause
1165 // only this specific death test to be run.
1166 class ExecDeathTest : public ForkingDeathTest {
1167 public:
ExecDeathTest(const char * a_statement,Matcher<const std::string &> matcher,const char * file,int line)1168 ExecDeathTest(const char* a_statement, Matcher<const std::string&> matcher,
1169 const char* file, int line)
1170 : ForkingDeathTest(a_statement, std::move(matcher)),
1171 file_(file),
1172 line_(line) {}
1173 TestRole AssumeRole() override;
1174
1175 private:
GetArgvsForDeathTestChildProcess()1176 static ::std::vector<std::string> GetArgvsForDeathTestChildProcess() {
1177 ::std::vector<std::string> args = GetInjectableArgvs();
1178 # if defined(GTEST_EXTRA_DEATH_TEST_COMMAND_LINE_ARGS_)
1179 ::std::vector<std::string> extra_args =
1180 GTEST_EXTRA_DEATH_TEST_COMMAND_LINE_ARGS_();
1181 args.insert(args.end(), extra_args.begin(), extra_args.end());
1182 # endif // defined(GTEST_EXTRA_DEATH_TEST_COMMAND_LINE_ARGS_)
1183 return args;
1184 }
1185 // The name of the file in which the death test is located.
1186 const char* const file_;
1187 // The line number on which the death test is located.
1188 const int line_;
1189 };
1190
1191 // Utility class for accumulating command-line arguments.
1192 class Arguments {
1193 public:
Arguments()1194 Arguments() { args_.push_back(nullptr); }
1195
~Arguments()1196 ~Arguments() {
1197 for (std::vector<char*>::iterator i = args_.begin(); i != args_.end();
1198 ++i) {
1199 free(*i);
1200 }
1201 }
AddArgument(const char * argument)1202 void AddArgument(const char* argument) {
1203 args_.insert(args_.end() - 1, posix::StrDup(argument));
1204 }
1205
1206 template <typename Str>
AddArguments(const::std::vector<Str> & arguments)1207 void AddArguments(const ::std::vector<Str>& arguments) {
1208 for (typename ::std::vector<Str>::const_iterator i = arguments.begin();
1209 i != arguments.end();
1210 ++i) {
1211 args_.insert(args_.end() - 1, posix::StrDup(i->c_str()));
1212 }
1213 }
Argv()1214 char* const* Argv() {
1215 return &args_[0];
1216 }
1217
1218 private:
1219 std::vector<char*> args_;
1220 };
1221
1222 // A struct that encompasses the arguments to the child process of a
1223 // threadsafe-style death test process.
1224 struct ExecDeathTestArgs {
1225 char* const* argv; // Command-line arguments for the child's call to exec
1226 int close_fd; // File descriptor to close; the read end of a pipe
1227 };
1228
1229 # if GTEST_OS_QNX
1230 extern "C" char** environ;
1231 # else // GTEST_OS_QNX
1232 // The main function for a threadsafe-style death test child process.
1233 // This function is called in a clone()-ed process and thus must avoid
1234 // any potentially unsafe operations like malloc or libc functions.
ExecDeathTestChildMain(void * child_arg)1235 static int ExecDeathTestChildMain(void* child_arg) {
1236 ExecDeathTestArgs* const args = static_cast<ExecDeathTestArgs*>(child_arg);
1237 GTEST_DEATH_TEST_CHECK_SYSCALL_(close(args->close_fd));
1238
1239 // We need to execute the test program in the same environment where
1240 // it was originally invoked. Therefore we change to the original
1241 // working directory first.
1242 const char* const original_dir =
1243 UnitTest::GetInstance()->original_working_dir();
1244 // We can safely call chdir() as it's a direct system call.
1245 if (chdir(original_dir) != 0) {
1246 DeathTestAbort(std::string("chdir(\"") + original_dir + "\") failed: " +
1247 GetLastErrnoDescription());
1248 return EXIT_FAILURE;
1249 }
1250
1251 // We can safely call execv() as it's almost a direct system call. We
1252 // cannot use execvp() as it's a libc function and thus potentially
1253 // unsafe. Since execv() doesn't search the PATH, the user must
1254 // invoke the test program via a valid path that contains at least
1255 // one path separator.
1256 execv(args->argv[0], args->argv);
1257 DeathTestAbort(std::string("execv(") + args->argv[0] + ", ...) in " +
1258 original_dir + " failed: " +
1259 GetLastErrnoDescription());
1260 return EXIT_FAILURE;
1261 }
1262 # endif // GTEST_OS_QNX
1263
1264 # if GTEST_HAS_CLONE
1265 // Two utility routines that together determine the direction the stack
1266 // grows.
1267 // This could be accomplished more elegantly by a single recursive
1268 // function, but we want to guard against the unlikely possibility of
1269 // a smart compiler optimizing the recursion away.
1270 //
1271 // GTEST_NO_INLINE_ is required to prevent GCC 4.6 from inlining
1272 // StackLowerThanAddress into StackGrowsDown, which then doesn't give
1273 // correct answer.
1274 static void StackLowerThanAddress(const void* ptr,
1275 bool* result) GTEST_NO_INLINE_;
1276 // Make sure sanitizers do not tamper with the stack here.
1277 // Ideally, we want to use `__builtin_frame_address` instead of a local variable
1278 // address with sanitizer disabled, but it does not work when the
1279 // compiler optimizes the stack frame out, which happens on PowerPC targets.
1280 // HWAddressSanitizer add a random tag to the MSB of the local variable address,
1281 // making comparison result unpredictable.
1282 GTEST_ATTRIBUTE_NO_SANITIZE_ADDRESS_
1283 GTEST_ATTRIBUTE_NO_SANITIZE_HWADDRESS_
StackLowerThanAddress(const void * ptr,bool * result)1284 static void StackLowerThanAddress(const void* ptr, bool* result) {
1285 int dummy = 0;
1286 *result = std::less<const void*>()(&dummy, ptr);
1287 }
1288
1289 // Make sure AddressSanitizer does not tamper with the stack here.
1290 GTEST_ATTRIBUTE_NO_SANITIZE_ADDRESS_
1291 GTEST_ATTRIBUTE_NO_SANITIZE_HWADDRESS_
StackGrowsDown()1292 static bool StackGrowsDown() {
1293 int dummy = 0;
1294 bool result;
1295 StackLowerThanAddress(&dummy, &result);
1296 return result;
1297 }
1298 # endif // GTEST_HAS_CLONE
1299
1300 // Spawns a child process with the same executable as the current process in
1301 // a thread-safe manner and instructs it to run the death test. The
1302 // implementation uses fork(2) + exec. On systems where clone(2) is
1303 // available, it is used instead, being slightly more thread-safe. On QNX,
1304 // fork supports only single-threaded environments, so this function uses
1305 // spawn(2) there instead. The function dies with an error message if
1306 // anything goes wrong.
ExecDeathTestSpawnChild(char * const * argv,int close_fd)1307 static pid_t ExecDeathTestSpawnChild(char* const* argv, int close_fd) {
1308 ExecDeathTestArgs args = { argv, close_fd };
1309 pid_t child_pid = -1;
1310
1311 # if GTEST_OS_QNX
1312 // Obtains the current directory and sets it to be closed in the child
1313 // process.
1314 const int cwd_fd = open(".", O_RDONLY);
1315 GTEST_DEATH_TEST_CHECK_(cwd_fd != -1);
1316 GTEST_DEATH_TEST_CHECK_SYSCALL_(fcntl(cwd_fd, F_SETFD, FD_CLOEXEC));
1317 // We need to execute the test program in the same environment where
1318 // it was originally invoked. Therefore we change to the original
1319 // working directory first.
1320 const char* const original_dir =
1321 UnitTest::GetInstance()->original_working_dir();
1322 // We can safely call chdir() as it's a direct system call.
1323 if (chdir(original_dir) != 0) {
1324 DeathTestAbort(std::string("chdir(\"") + original_dir + "\") failed: " +
1325 GetLastErrnoDescription());
1326 return EXIT_FAILURE;
1327 }
1328
1329 int fd_flags;
1330 // Set close_fd to be closed after spawn.
1331 GTEST_DEATH_TEST_CHECK_SYSCALL_(fd_flags = fcntl(close_fd, F_GETFD));
1332 GTEST_DEATH_TEST_CHECK_SYSCALL_(fcntl(close_fd, F_SETFD,
1333 fd_flags | FD_CLOEXEC));
1334 struct inheritance inherit = {0};
1335 // spawn is a system call.
1336 child_pid = spawn(args.argv[0], 0, nullptr, &inherit, args.argv, environ);
1337 // Restores the current working directory.
1338 GTEST_DEATH_TEST_CHECK_(fchdir(cwd_fd) != -1);
1339 GTEST_DEATH_TEST_CHECK_SYSCALL_(close(cwd_fd));
1340
1341 # else // GTEST_OS_QNX
1342 # if GTEST_OS_LINUX
1343 // When a SIGPROF signal is received while fork() or clone() are executing,
1344 // the process may hang. To avoid this, we ignore SIGPROF here and re-enable
1345 // it after the call to fork()/clone() is complete.
1346 struct sigaction saved_sigprof_action;
1347 struct sigaction ignore_sigprof_action;
1348 memset(&ignore_sigprof_action, 0, sizeof(ignore_sigprof_action));
1349 sigemptyset(&ignore_sigprof_action.sa_mask);
1350 ignore_sigprof_action.sa_handler = SIG_IGN;
1351 GTEST_DEATH_TEST_CHECK_SYSCALL_(sigaction(
1352 SIGPROF, &ignore_sigprof_action, &saved_sigprof_action));
1353 # endif // GTEST_OS_LINUX
1354
1355 # if GTEST_HAS_CLONE
1356 const bool use_fork = GTEST_FLAG(death_test_use_fork);
1357
1358 if (!use_fork) {
1359 static const bool stack_grows_down = StackGrowsDown();
1360 const auto stack_size = static_cast<size_t>(getpagesize() * 2);
1361 // MMAP_ANONYMOUS is not defined on Mac, so we use MAP_ANON instead.
1362 void* const stack = mmap(nullptr, stack_size, PROT_READ | PROT_WRITE,
1363 MAP_ANON | MAP_PRIVATE, -1, 0);
1364 GTEST_DEATH_TEST_CHECK_(stack != MAP_FAILED);
1365
1366 // Maximum stack alignment in bytes: For a downward-growing stack, this
1367 // amount is subtracted from size of the stack space to get an address
1368 // that is within the stack space and is aligned on all systems we care
1369 // about. As far as I know there is no ABI with stack alignment greater
1370 // than 64. We assume stack and stack_size already have alignment of
1371 // kMaxStackAlignment.
1372 const size_t kMaxStackAlignment = 64;
1373 void* const stack_top =
1374 static_cast<char*>(stack) +
1375 (stack_grows_down ? stack_size - kMaxStackAlignment : 0);
1376 GTEST_DEATH_TEST_CHECK_(
1377 static_cast<size_t>(stack_size) > kMaxStackAlignment &&
1378 reinterpret_cast<uintptr_t>(stack_top) % kMaxStackAlignment == 0);
1379
1380 child_pid = clone(&ExecDeathTestChildMain, stack_top, SIGCHLD, &args);
1381
1382 GTEST_DEATH_TEST_CHECK_(munmap(stack, stack_size) != -1);
1383 }
1384 # else
1385 const bool use_fork = true;
1386 # endif // GTEST_HAS_CLONE
1387
1388 if (use_fork && (child_pid = fork()) == 0) {
1389 ExecDeathTestChildMain(&args);
1390 _exit(0);
1391 }
1392 # endif // GTEST_OS_QNX
1393 # if GTEST_OS_LINUX
1394 GTEST_DEATH_TEST_CHECK_SYSCALL_(
1395 sigaction(SIGPROF, &saved_sigprof_action, nullptr));
1396 # endif // GTEST_OS_LINUX
1397
1398 GTEST_DEATH_TEST_CHECK_(child_pid != -1);
1399 return child_pid;
1400 }
1401
1402 // The AssumeRole process for a fork-and-exec death test. It re-executes the
1403 // main program from the beginning, setting the --gtest_filter
1404 // and --gtest_internal_run_death_test flags to cause only the current
1405 // death test to be re-run.
AssumeRole()1406 DeathTest::TestRole ExecDeathTest::AssumeRole() {
1407 const UnitTestImpl* const impl = GetUnitTestImpl();
1408 const InternalRunDeathTestFlag* const flag =
1409 impl->internal_run_death_test_flag();
1410 const TestInfo* const info = impl->current_test_info();
1411 const int death_test_index = info->result()->death_test_count();
1412
1413 if (flag != nullptr) {
1414 set_write_fd(flag->write_fd());
1415 return EXECUTE_TEST;
1416 }
1417
1418 int pipe_fd[2];
1419 GTEST_DEATH_TEST_CHECK_(pipe(pipe_fd) != -1);
1420 // Clear the close-on-exec flag on the write end of the pipe, lest
1421 // it be closed when the child process does an exec:
1422 GTEST_DEATH_TEST_CHECK_(fcntl(pipe_fd[1], F_SETFD, 0) != -1);
1423
1424 const std::string filter_flag = std::string("--") + GTEST_FLAG_PREFIX_ +
1425 kFilterFlag + "=" + info->test_suite_name() +
1426 "." + info->name();
1427 const std::string internal_flag =
1428 std::string("--") + GTEST_FLAG_PREFIX_ + kInternalRunDeathTestFlag + "="
1429 + file_ + "|" + StreamableToString(line_) + "|"
1430 + StreamableToString(death_test_index) + "|"
1431 + StreamableToString(pipe_fd[1]);
1432 Arguments args;
1433 args.AddArguments(GetArgvsForDeathTestChildProcess());
1434 args.AddArgument(filter_flag.c_str());
1435 args.AddArgument(internal_flag.c_str());
1436
1437 DeathTest::set_last_death_test_message("");
1438
1439 CaptureStderr();
1440 // See the comment in NoExecDeathTest::AssumeRole for why the next line
1441 // is necessary.
1442 FlushInfoLog();
1443
1444 const pid_t child_pid = ExecDeathTestSpawnChild(args.Argv(), pipe_fd[0]);
1445 GTEST_DEATH_TEST_CHECK_SYSCALL_(close(pipe_fd[1]));
1446 set_child_pid(child_pid);
1447 set_read_fd(pipe_fd[0]);
1448 set_spawned(true);
1449 return OVERSEE_TEST;
1450 }
1451
1452 # endif // !GTEST_OS_WINDOWS
1453
1454 // Creates a concrete DeathTest-derived class that depends on the
1455 // --gtest_death_test_style flag, and sets the pointer pointed to
1456 // by the "test" argument to its address. If the test should be
1457 // skipped, sets that pointer to NULL. Returns true, unless the
1458 // flag is set to an invalid value.
Create(const char * statement,Matcher<const std::string &> matcher,const char * file,int line,DeathTest ** test)1459 bool DefaultDeathTestFactory::Create(const char* statement,
1460 Matcher<const std::string&> matcher,
1461 const char* file, int line,
1462 DeathTest** test) {
1463 UnitTestImpl* const impl = GetUnitTestImpl();
1464 const InternalRunDeathTestFlag* const flag =
1465 impl->internal_run_death_test_flag();
1466 const int death_test_index = impl->current_test_info()
1467 ->increment_death_test_count();
1468
1469 if (flag != nullptr) {
1470 if (death_test_index > flag->index()) {
1471 DeathTest::set_last_death_test_message(
1472 "Death test count (" + StreamableToString(death_test_index)
1473 + ") somehow exceeded expected maximum ("
1474 + StreamableToString(flag->index()) + ")");
1475 return false;
1476 }
1477
1478 if (!(flag->file() == file && flag->line() == line &&
1479 flag->index() == death_test_index)) {
1480 *test = nullptr;
1481 return true;
1482 }
1483 }
1484
1485 # if GTEST_OS_WINDOWS
1486
1487 if (GTEST_FLAG(death_test_style) == "threadsafe" ||
1488 GTEST_FLAG(death_test_style) == "fast") {
1489 *test = new WindowsDeathTest(statement, std::move(matcher), file, line);
1490 }
1491
1492 # elif GTEST_OS_FUCHSIA
1493
1494 if (GTEST_FLAG(death_test_style) == "threadsafe" ||
1495 GTEST_FLAG(death_test_style) == "fast") {
1496 *test = new FuchsiaDeathTest(statement, std::move(matcher), file, line);
1497 }
1498
1499 # else
1500
1501 if (GTEST_FLAG(death_test_style) == "threadsafe") {
1502 *test = new ExecDeathTest(statement, std::move(matcher), file, line);
1503 } else if (GTEST_FLAG(death_test_style) == "fast") {
1504 *test = new NoExecDeathTest(statement, std::move(matcher));
1505 }
1506
1507 # endif // GTEST_OS_WINDOWS
1508
1509 else { // NOLINT - this is more readable than unbalanced brackets inside #if.
1510 DeathTest::set_last_death_test_message(
1511 "Unknown death test style \"" + GTEST_FLAG(death_test_style)
1512 + "\" encountered");
1513 return false;
1514 }
1515
1516 return true;
1517 }
1518
1519 # if GTEST_OS_WINDOWS
1520 // Recreates the pipe and event handles from the provided parameters,
1521 // signals the event, and returns a file descriptor wrapped around the pipe
1522 // handle. This function is called in the child process only.
GetStatusFileDescriptor(unsigned int parent_process_id,size_t write_handle_as_size_t,size_t event_handle_as_size_t)1523 static int GetStatusFileDescriptor(unsigned int parent_process_id,
1524 size_t write_handle_as_size_t,
1525 size_t event_handle_as_size_t) {
1526 AutoHandle parent_process_handle(::OpenProcess(PROCESS_DUP_HANDLE,
1527 FALSE, // Non-inheritable.
1528 parent_process_id));
1529 if (parent_process_handle.Get() == INVALID_HANDLE_VALUE) {
1530 DeathTestAbort("Unable to open parent process " +
1531 StreamableToString(parent_process_id));
1532 }
1533
1534 GTEST_CHECK_(sizeof(HANDLE) <= sizeof(size_t));
1535
1536 const HANDLE write_handle =
1537 reinterpret_cast<HANDLE>(write_handle_as_size_t);
1538 HANDLE dup_write_handle;
1539
1540 // The newly initialized handle is accessible only in the parent
1541 // process. To obtain one accessible within the child, we need to use
1542 // DuplicateHandle.
1543 if (!::DuplicateHandle(parent_process_handle.Get(), write_handle,
1544 ::GetCurrentProcess(), &dup_write_handle,
1545 0x0, // Requested privileges ignored since
1546 // DUPLICATE_SAME_ACCESS is used.
1547 FALSE, // Request non-inheritable handler.
1548 DUPLICATE_SAME_ACCESS)) {
1549 DeathTestAbort("Unable to duplicate the pipe handle " +
1550 StreamableToString(write_handle_as_size_t) +
1551 " from the parent process " +
1552 StreamableToString(parent_process_id));
1553 }
1554
1555 const HANDLE event_handle = reinterpret_cast<HANDLE>(event_handle_as_size_t);
1556 HANDLE dup_event_handle;
1557
1558 if (!::DuplicateHandle(parent_process_handle.Get(), event_handle,
1559 ::GetCurrentProcess(), &dup_event_handle,
1560 0x0,
1561 FALSE,
1562 DUPLICATE_SAME_ACCESS)) {
1563 DeathTestAbort("Unable to duplicate the event handle " +
1564 StreamableToString(event_handle_as_size_t) +
1565 " from the parent process " +
1566 StreamableToString(parent_process_id));
1567 }
1568
1569 const int write_fd =
1570 ::_open_osfhandle(reinterpret_cast<intptr_t>(dup_write_handle), O_APPEND);
1571 if (write_fd == -1) {
1572 DeathTestAbort("Unable to convert pipe handle " +
1573 StreamableToString(write_handle_as_size_t) +
1574 " to a file descriptor");
1575 }
1576
1577 // Signals the parent that the write end of the pipe has been acquired
1578 // so the parent can release its own write end.
1579 ::SetEvent(dup_event_handle);
1580
1581 return write_fd;
1582 }
1583 # endif // GTEST_OS_WINDOWS
1584
1585 // Returns a newly created InternalRunDeathTestFlag object with fields
1586 // initialized from the GTEST_FLAG(internal_run_death_test) flag if
1587 // the flag is specified; otherwise returns NULL.
ParseInternalRunDeathTestFlag()1588 InternalRunDeathTestFlag* ParseInternalRunDeathTestFlag() {
1589 if (GTEST_FLAG(internal_run_death_test) == "") return nullptr;
1590
1591 // GTEST_HAS_DEATH_TEST implies that we have ::std::string, so we
1592 // can use it here.
1593 int line = -1;
1594 int index = -1;
1595 ::std::vector< ::std::string> fields;
1596 SplitString(GTEST_FLAG(internal_run_death_test).c_str(), '|', &fields);
1597 int write_fd = -1;
1598
1599 # if GTEST_OS_WINDOWS
1600
1601 unsigned int parent_process_id = 0;
1602 size_t write_handle_as_size_t = 0;
1603 size_t event_handle_as_size_t = 0;
1604
1605 if (fields.size() != 6
1606 || !ParseNaturalNumber(fields[1], &line)
1607 || !ParseNaturalNumber(fields[2], &index)
1608 || !ParseNaturalNumber(fields[3], &parent_process_id)
1609 || !ParseNaturalNumber(fields[4], &write_handle_as_size_t)
1610 || !ParseNaturalNumber(fields[5], &event_handle_as_size_t)) {
1611 DeathTestAbort("Bad --gtest_internal_run_death_test flag: " +
1612 GTEST_FLAG(internal_run_death_test));
1613 }
1614 write_fd = GetStatusFileDescriptor(parent_process_id,
1615 write_handle_as_size_t,
1616 event_handle_as_size_t);
1617
1618 # elif GTEST_OS_FUCHSIA
1619
1620 if (fields.size() != 3
1621 || !ParseNaturalNumber(fields[1], &line)
1622 || !ParseNaturalNumber(fields[2], &index)) {
1623 DeathTestAbort("Bad --gtest_internal_run_death_test flag: "
1624 + GTEST_FLAG(internal_run_death_test));
1625 }
1626
1627 # else
1628
1629 if (fields.size() != 4
1630 || !ParseNaturalNumber(fields[1], &line)
1631 || !ParseNaturalNumber(fields[2], &index)
1632 || !ParseNaturalNumber(fields[3], &write_fd)) {
1633 DeathTestAbort("Bad --gtest_internal_run_death_test flag: "
1634 + GTEST_FLAG(internal_run_death_test));
1635 }
1636
1637 # endif // GTEST_OS_WINDOWS
1638
1639 return new InternalRunDeathTestFlag(fields[0], line, index, write_fd);
1640 }
1641
1642 } // namespace internal
1643
1644 #endif // GTEST_HAS_DEATH_TEST
1645
1646 } // namespace testing
1647