1 // Copyright (c) 2007, Google Inc.
2 // All rights reserved.
4 // Redistribution and use in source and binary forms, with or without
5 // modification, are permitted provided that the following conditions are
8 // * Redistributions of source code must retain the above copyright
9 // notice, this list of conditions and the following disclaimer.
10 // * Redistributions in binary form must reproduce the above
11 // copyright notice, this list of conditions and the following disclaimer
12 // in the documentation and/or other materials provided with the
14 // * Neither the name of Google Inc. nor the names of its
15 // contributors may be used to endorse or promote products derived from
16 // this software without specific prior written permission.
18 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19 // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20 // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21 // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
22 // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
24 // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26 // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
28 // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
31 // Author: Fred Akalin
36 #include "gperftools/malloc_extension.h"
37 #include "base/logging.h"
41 vector
<void (*)()> g_testlist
; // the tests to run
44 struct Test_##a##_##b { \
45 Test_##a##_##b() { g_testlist.push_back(&Run); } \
48 static Test_##a##_##b g_test_##a##_##b; \
49 void Test_##a##_##b::Run()
52 static int RUN_ALL_TESTS() {
53 vector
<void (*)()>::const_iterator it
;
54 for (it
= g_testlist
.begin(); it
!= g_testlist
.end(); ++it
) {
55 (*it
)(); // The test will error-exit if there's a problem.
57 fprintf(stderr
, "\nPassed %d tests\n\nPASS\n",
58 static_cast<int>(g_testlist
.size()));
62 // The death tests are meant to be run from a shell-script driver, which
63 // passes in an integer saying which death test to run. We store that
64 // test-to-run here, and in the macro use a counter to see when we get
65 // to that test, so we can run it.
66 static int test_to_run
= 0; // set in main() based on argv
67 static int test_counter
= 0; // incremented every time the macro is called
68 #define IF_DEBUG_EXPECT_DEATH(statement, regex) do { \
69 if (test_counter++ == test_to_run) { \
70 fprintf(stderr, "Expected regex:%s\n", regex); \
75 // This flag won't be compiled in in opt mode.
76 DECLARE_int32(max_free_queue_size
);
78 // Test match as well as mismatch rules. But do not test on OS X; on
79 // OS X the OS converts new/new[] to malloc before it gets to us, so
80 // we are unable to catch these mismatch errors.
82 TEST(DebugAllocationTest
, DeallocMismatch
) {
83 // malloc can be matched only by free
84 // new can be matched only by delete and delete(nothrow)
85 // new[] can be matched only by delete[] and delete[](nothrow)
86 // new(nothrow) can be matched only by delete and delete(nothrow)
87 // new(nothrow)[] can be matched only by delete[] and delete[](nothrow)
89 // Allocate with malloc.
91 int* x
= static_cast<int*>(malloc(sizeof(*x
)));
92 IF_DEBUG_EXPECT_DEATH(delete x
, "mismatch.*being dealloc.*delete");
93 IF_DEBUG_EXPECT_DEATH(delete [] x
, "mismatch.*being dealloc.*delete *[[]");
102 IF_DEBUG_EXPECT_DEATH(free(x
), "mismatch.*being dealloc.*free");
103 IF_DEBUG_EXPECT_DEATH(delete [] x
, "mismatch.*being dealloc.*delete *[[]");
105 ::operator delete(y
, std::nothrow
);
108 // Allocate with new[].
112 IF_DEBUG_EXPECT_DEATH(free(x
), "mismatch.*being dealloc.*free");
113 IF_DEBUG_EXPECT_DEATH(delete x
, "mismatch.*being dealloc.*delete");
115 ::operator delete[](y
, std::nothrow
);
118 // Allocate with new(nothrow).
120 int* x
= new(std::nothrow
) int;
121 int* y
= new(std::nothrow
) int;
122 IF_DEBUG_EXPECT_DEATH(free(x
), "mismatch.*being dealloc.*free");
123 IF_DEBUG_EXPECT_DEATH(delete [] x
, "mismatch.*being dealloc.*delete *[[]");
125 ::operator delete(y
, std::nothrow
);
128 // Allocate with new(nothrow)[].
130 int* x
= new(std::nothrow
) int[1];
131 int* y
= new(std::nothrow
) int[1];
132 IF_DEBUG_EXPECT_DEATH(free(x
), "mismatch.*being dealloc.*free");
133 IF_DEBUG_EXPECT_DEATH(delete x
, "mismatch.*being dealloc.*delete");
135 ::operator delete[](y
, std::nothrow
);
138 #endif // #ifdef OS_MACOSX
140 TEST(DebugAllocationTest
, DoubleFree
) {
143 IF_DEBUG_EXPECT_DEATH(delete pint
, "has been already deallocated");
146 TEST(DebugAllocationTest
, StompBefore
) {
148 #ifndef NDEBUG // don't stomp memory if we're not in a position to detect it
150 IF_DEBUG_EXPECT_DEATH(delete pint
, "a word before object");
154 TEST(DebugAllocationTest
, StompAfter
) {
156 #ifndef NDEBUG // don't stomp memory if we're not in a position to detect it
158 IF_DEBUG_EXPECT_DEATH(delete pint
, "a word after object");
162 TEST(DebugAllocationTest
, FreeQueueTest
) {
163 // Verify that the allocator doesn't return blocks that were recently freed.
169 // This check should not be read as a universal guarantee of behavior. If
170 // other threads are executing, it would be theoretically possible for this
171 // check to fail despite the efforts of debugallocation.cc to the contrary.
172 // It should always hold under the controlled conditions of this unittest,
174 EXPECT_NE(x
, old_x
); // Allocator shouldn't return recently freed blocks
176 // The below check passes, but since it isn't *required* to pass, I've left
178 // EXPECT_EQ(x, old_x);
180 old_x
= NULL
; // avoid breaking opt build with an unused variable warning.
184 TEST(DebugAllocationTest
, DanglingPointerWriteTest
) {
185 // This test can only be run if debugging.
187 // If not debugging, the 'new' following the dangling write might not be
188 // safe. When debugging, we expect the (trashed) deleted block to be on the
189 // list of recently-freed blocks, so the following 'new' will be safe.
193 int poisoned_x_value
= *x
;
194 *x
= 1; // a dangling write.
196 char* s
= new char[FLAGS_max_free_queue_size
];
197 // When we delete s, we push the storage that was previously allocated to x
198 // off the end of the free queue. At that point, the write to that memory
200 IF_DEBUG_EXPECT_DEATH(delete [] s
, "Memory was written to after being freed.");
202 // restore the poisoned value of x so that we can delete s without causing a
204 *x
= poisoned_x_value
;
209 TEST(DebugAllocationTest
, DanglingWriteAtExitTest
) {
212 int old_x_value
= *x
;
214 // verify that dangling writes are caught at program termination if the
215 // corrupted block never got pushed off of the end of the free queue.
216 IF_DEBUG_EXPECT_DEATH(exit(0), "Memory was written to after being freed.");
217 *x
= old_x_value
; // restore x so that the test can exit successfully.
220 TEST(DebugAllocationTest
, StackTraceWithDanglingWriteAtExitTest
) {
223 int old_x_value
= *x
;
225 // verify that we also get a stack trace when we have a dangling write.
226 // The " @ " is part of the stack trace output.
227 IF_DEBUG_EXPECT_DEATH(exit(0), " @ .*main");
228 *x
= old_x_value
; // restore x so that the test can exit successfully.
231 static size_t CurrentlyAllocatedBytes() {
233 CHECK(MallocExtension::instance()->GetNumericProperty(
234 "generic.current_allocated_bytes", &value
));
238 TEST(DebugAllocationTest
, CurrentlyAllocated
) {
239 // Clear the free queue
241 FLAGS_max_free_queue_size
= 0;
242 // Force a round-trip through the queue management code so that the
243 // new size is seen and the queue of recently-freed blocks is flushed.
245 FLAGS_max_free_queue_size
= 1048576;
248 // Free something and check that it disappears from allocated bytes
250 char* p
= new char[1000];
251 size_t after_malloc
= CurrentlyAllocatedBytes();
253 size_t after_free
= CurrentlyAllocatedBytes();
254 EXPECT_LE(after_free
, after_malloc
- 1000);
257 TEST(DebugAllocationTest
, GetAllocatedSizeTest
) {
259 // When debug_allocation is in effect, GetAllocatedSize should return
260 // exactly requested size, since debug_allocation doesn't allow users
261 // to write more than that.
262 for (int i
= 0; i
< 10; ++i
) {
264 EXPECT_EQ(i
, MallocExtension::instance()->GetAllocatedSize(p
));
268 void* a
= malloc(1000);
269 EXPECT_GE(MallocExtension::instance()->GetAllocatedSize(a
), 1000);
270 // This is just a sanity check. If we allocated too much, alloc is broken
271 EXPECT_LE(MallocExtension::instance()->GetAllocatedSize(a
), 5000);
272 EXPECT_GE(MallocExtension::instance()->GetEstimatedAllocatedSize(1000), 1000);
276 TEST(DebugAllocationTest
, HugeAlloc
) {
277 // This must not be a const variable so it doesn't form an
278 // integral-constant-expression which can be *statically* rejected by the
279 // compiler as too large for the allocation.
280 size_t kTooBig
= ~static_cast<size_t>(0);
288 // kAlsoTooBig is small enough not to get caught by debugallocation's check,
289 // but will still fall through to tcmalloc's check. This must also be
290 // a non-const variable. See kTooBig for more details.
291 size_t kAlsoTooBig
= kTooBig
- 1024;
293 a
= malloc(kAlsoTooBig
);
298 int main(int argc
, char** argv
) {
299 // If you run without args, we run the non-death parts of the test.
300 // Otherwise, argv[1] should be a number saying which death-test
301 // to run. We will output a regexp we expect the death-message
302 // to include, and then run the given death test (which hopefully
303 // will produce that error message). If argv[1] > the number of
304 // death tests, we will run only the non-death parts. One way to
305 // tell when you are done with all tests is when no 'expected
306 // regexp' message is printed for a given argv[1].
308 test_to_run
= -1; // will never match
310 test_to_run
= atoi(argv
[1]);
312 return RUN_ALL_TESTS();