1 /*
2 * Copyright (C) 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <gtest/gtest.h>
18
19 #include <setjmp.h>
20 #include <stdlib.h>
21 #include <sys/syscall.h>
22 #include <unistd.h>
23
24 #include <android-base/silent_death_test.h>
25 #include <android-base/test_utils.h>
26
27 #include "SignalUtils.h"
28
29 using setjmp_DeathTest = SilentDeathTest;
30
TEST(setjmp,setjmp_smoke)31 TEST(setjmp, setjmp_smoke) {
32 int value;
33 jmp_buf jb;
34 if ((value = setjmp(jb)) == 0) {
35 longjmp(jb, 123);
36 FAIL(); // Unreachable.
37 } else {
38 ASSERT_EQ(123, value);
39 }
40 }
41
TEST(setjmp,_setjmp_smoke)42 TEST(setjmp, _setjmp_smoke) {
43 int value;
44 jmp_buf jb;
45 if ((value = _setjmp(jb)) == 0) {
46 _longjmp(jb, 456);
47 FAIL(); // Unreachable.
48 } else {
49 ASSERT_EQ(456, value);
50 }
51 }
52
TEST(setjmp,sigsetjmp_0_smoke)53 TEST(setjmp, sigsetjmp_0_smoke) {
54 int value;
55 sigjmp_buf jb;
56 if ((value = sigsetjmp(jb, 0)) == 0) {
57 siglongjmp(jb, 789);
58 FAIL(); // Unreachable.
59 } else {
60 ASSERT_EQ(789, value);
61 }
62 }
63
TEST(setjmp,sigsetjmp_1_smoke)64 TEST(setjmp, sigsetjmp_1_smoke) {
65 int value;
66 sigjmp_buf jb;
67 if ((value = sigsetjmp(jb, 0)) == 0) {
68 siglongjmp(jb, 0xabc);
69 FAIL(); // Unreachable.
70 } else {
71 ASSERT_EQ(0xabc, value);
72 }
73 }
74
75 // Two distinct signal sets.
76 struct SigSets {
SigSetsSigSets77 SigSets() : one(MakeSigSet(0)), two(MakeSigSet(1)) {
78 }
79
MakeSigSetSigSets80 static sigset64_t MakeSigSet(int offset) {
81 sigset64_t ss;
82 sigemptyset64(&ss);
83 sigaddset64(&ss, SIGUSR1 + offset);
84 #if defined(__BIONIC__)
85 // TIMER_SIGNAL.
86 sigaddset64(&ss, __SIGRTMIN);
87 #endif
88 sigaddset64(&ss, SIGRTMIN + offset);
89 return ss;
90 }
91
92 sigset64_t one;
93 sigset64_t two;
94 };
95
AssertSigmaskEquals(const sigset64_t & expected)96 void AssertSigmaskEquals(const sigset64_t& expected) {
97 sigset64_t actual;
98 sigprocmask64(SIG_SETMASK, nullptr, &actual);
99 size_t end = sizeof(expected) * 8;
100 for (size_t i = 1; i <= end; ++i) {
101 EXPECT_EQ(sigismember64(&expected, i), sigismember64(&actual, i)) << i;
102 }
103 }
104
TEST(setjmp,_setjmp_signal_mask)105 TEST(setjmp, _setjmp_signal_mask) {
106 SignalMaskRestorer smr;
107
108 // _setjmp/_longjmp do not save/restore the signal mask.
109 SigSets ss;
110 sigprocmask64(SIG_SETMASK, &ss.one, nullptr);
111 jmp_buf jb;
112 if (_setjmp(jb) == 0) {
113 sigprocmask64(SIG_SETMASK, &ss.two, nullptr);
114 _longjmp(jb, 1);
115 FAIL(); // Unreachable.
116 } else {
117 AssertSigmaskEquals(ss.two);
118 }
119 }
120
TEST(setjmp,setjmp_signal_mask)121 TEST(setjmp, setjmp_signal_mask) {
122 SignalMaskRestorer smr;
123
124 // setjmp/longjmp do save/restore the signal mask on bionic, but not on glibc.
125 // This is a BSD versus System V historical accident. POSIX leaves the
126 // behavior unspecified, so any code that cares needs to use sigsetjmp.
127 SigSets ss;
128 sigprocmask64(SIG_SETMASK, &ss.one, nullptr);
129 jmp_buf jb;
130 if (setjmp(jb) == 0) {
131 sigprocmask64(SIG_SETMASK, &ss.two, nullptr);
132 longjmp(jb, 1);
133 FAIL(); // Unreachable.
134 } else {
135 #if defined(__BIONIC__)
136 // bionic behaves like BSD and does save/restore the signal mask.
137 AssertSigmaskEquals(ss.one);
138 #else
139 // glibc behaves like System V and doesn't save/restore the signal mask.
140 AssertSigmaskEquals(ss.two);
141 #endif
142 }
143 }
144
TEST(setjmp,sigsetjmp_0_signal_mask)145 TEST(setjmp, sigsetjmp_0_signal_mask) {
146 SignalMaskRestorer smr;
147
148 // sigsetjmp(0)/siglongjmp do not save/restore the signal mask.
149 SigSets ss;
150 sigprocmask64(SIG_SETMASK, &ss.one, nullptr);
151 sigjmp_buf sjb;
152 if (sigsetjmp(sjb, 0) == 0) {
153 sigprocmask64(SIG_SETMASK, &ss.two, nullptr);
154 siglongjmp(sjb, 1);
155 FAIL(); // Unreachable.
156 } else {
157 AssertSigmaskEquals(ss.two);
158 }
159 }
160
TEST(setjmp,sigsetjmp_1_signal_mask)161 TEST(setjmp, sigsetjmp_1_signal_mask) {
162 SignalMaskRestorer smr;
163
164 // sigsetjmp(1)/siglongjmp does save/restore the signal mask.
165 SigSets ss;
166 sigprocmask64(SIG_SETMASK, &ss.one, nullptr);
167 sigjmp_buf sjb;
168 if (sigsetjmp(sjb, 1) == 0) {
169 sigprocmask64(SIG_SETMASK, &ss.two, nullptr);
170 siglongjmp(sjb, 1);
171 FAIL(); // Unreachable.
172 } else {
173 AssertSigmaskEquals(ss.one);
174 }
175 }
176
177 #if defined(__arm__) || defined(__aarch64__)
178 // arm and arm64 have the same callee save fp registers (8-15),
179 // but use different instructions for accessing them.
180 #if defined(__arm__)
181 #define SET_FREG(n, v) asm volatile("vmov.f64 d"#n ", #"#v : : : "d"#n)
182 #define GET_FREG(n) ({ double _r; asm volatile("fcpyd %P0, d"#n : "=w"(_r) : :); _r;})
183 #define CLEAR_FREG(n) asm volatile("vmov.i64 d"#n ", #0x0" : : : "d"#n)
184 #elif defined(__aarch64__)
185 #define SET_FREG(n, v) asm volatile("fmov d"#n ", "#v : : : "d"#n)
186 #define GET_FREG(n) ({ double _r; asm volatile("fmov %0, d"#n : "=r"(_r) : :); _r; })
187 #define CLEAR_FREG(n) asm volatile("fmov d"#n ", xzr" : : : "d"#n)
188 #endif
189 #define SET_FREGS \
190 SET_FREG(8, 8.0); SET_FREG(9, 9.0); SET_FREG(10, 10.0); SET_FREG(11, 11.0); \
191 SET_FREG(12, 12.0); SET_FREG(13, 13.0); SET_FREG(14, 14.0); SET_FREG(15, 15.0)
192 #define CLEAR_FREGS \
193 CLEAR_FREG(8); CLEAR_FREG(9); CLEAR_FREG(10); CLEAR_FREG(11); \
194 CLEAR_FREG(12); CLEAR_FREG(13); CLEAR_FREG(14); CLEAR_FREG(15)
195 #define CHECK_FREGS \
196 EXPECT_EQ(8.0, GET_FREG(8)); EXPECT_EQ(9.0, GET_FREG(9)); \
197 EXPECT_EQ(10.0, GET_FREG(10)); EXPECT_EQ(11.0, GET_FREG(11)); \
198 EXPECT_EQ(12.0, GET_FREG(12)); EXPECT_EQ(13.0, GET_FREG(13)); \
199 EXPECT_EQ(14.0, GET_FREG(14)); EXPECT_EQ(15.0, GET_FREG(15))
200
201 #elif defined(__riscv)
202 // riscv64 has callee save registers fs0-fs11.
203 // TODO: use Zfa to get 1.0 rather than the one_p trick.
204 #define SET_FREGS \
205 double one = 1, *one_p = &one; \
206 asm volatile("fmv.d.x fs0, zero ; fld fs1, (%0) ; \
207 fadd.d fs2, fs1, fs1 ; fadd.d fs3, fs2, fs1 ; \
208 fadd.d fs4, fs3, fs1 ; fadd.d fs5, fs4, fs1 ; \
209 fadd.d fs6, fs5, fs1 ; fadd.d fs7, fs6, fs1 ; \
210 fadd.d fs8, fs7, fs1 ; fadd.d fs9, fs8, fs1 ; \
211 fadd.d fs10, fs9, fs1 ; fadd.d fs11, fs10, fs1" \
212 : \
213 : "r"(one_p) \
214 : "fs0", "fs1", "fs2", "fs3", "fs4", "fs5", \
215 "fs6", "fs7", "fs8", "fs9", "fs10", "fs11")
216 #define CLEAR_FREGS \
217 asm volatile("fmv.d.x fs0, zero ; fmv.d.x fs1, zero ; \
218 fmv.d.x fs2, zero ; fmv.d.x fs3, zero ; \
219 fmv.d.x fs4, zero ; fmv.d.x fs5, zero ; \
220 fmv.d.x fs6, zero ; fmv.d.x fs7, zero ; \
221 fmv.d.x fs8, zero ; fmv.d.x fs9, zero ; \
222 fmv.d.x fs10, zero ; fmv.d.x fs11, zero" \
223 : : : "fs0", "fs1", "fs2", "fs3", "fs4", "fs5", \
224 "fs6", "fs7", "fs8", "fs9", "fs10", "fs11")
225 #define GET_FREG(n) ({ double _r; asm volatile("fmv.d %0, fs"#n : "=f"(_r) : :); _r; })
226 #define CHECK_FREGS \
227 EXPECT_EQ(0.0, GET_FREG(0)); EXPECT_EQ(1.0, GET_FREG(1)); \
228 EXPECT_EQ(2.0, GET_FREG(2)); EXPECT_EQ(3.0, GET_FREG(3)); \
229 EXPECT_EQ(4.0, GET_FREG(4)); EXPECT_EQ(5.0, GET_FREG(5)); \
230 EXPECT_EQ(6.0, GET_FREG(6)); EXPECT_EQ(7.0, GET_FREG(7)); \
231 EXPECT_EQ(8.0, GET_FREG(8)); EXPECT_EQ(9.0, GET_FREG(9)); \
232 EXPECT_EQ(10.0, GET_FREG(10)); EXPECT_EQ(11.0, GET_FREG(11))
233
234 #else
235 // x86 and x86-64 don't save/restore fp registers.
236 #define SET_FREGS
237 #define CLEAR_FREGS
238 #define CHECK_FREGS
239 #endif
240
TEST(setjmp,setjmp_fp_registers)241 TEST(setjmp, setjmp_fp_registers) {
242 int value;
243 jmp_buf jb;
244 SET_FREGS;
245 if ((value = setjmp(jb)) == 0) {
246 CLEAR_FREGS;
247 longjmp(jb, 123);
248 FAIL(); // Unreachable.
249 } else {
250 ASSERT_EQ(123, value);
251 CHECK_FREGS;
252 }
253 }
254
255 #if defined(__arm__)
256 #define JB_SIGFLAG_OFFSET 0
257 #elif defined(__aarch64__)
258 #define JB_SIGFLAG_OFFSET 0
259 #elif defined(__i386__)
260 #define JB_SIGFLAG_OFFSET 8
261 #elif defined(__riscv)
262 #define JB_SIGFLAG_OFFSET 0
263 #elif defined(__x86_64)
264 #define JB_SIGFLAG_OFFSET 8
265 #endif
266
TEST_F(setjmp_DeathTest,setjmp_cookie)267 TEST_F(setjmp_DeathTest, setjmp_cookie) {
268 jmp_buf jb;
269 int value = setjmp(jb);
270 ASSERT_EQ(0, value);
271
272 long* sigflag = reinterpret_cast<long*>(jb) + JB_SIGFLAG_OFFSET;
273
274 // Make sure there's actually a cookie.
275 EXPECT_NE(0, *sigflag & ~1);
276
277 // Wipe it out
278 *sigflag &= 1;
279 EXPECT_DEATH(longjmp(jb, 0), "");
280 }
281
TEST_F(setjmp_DeathTest,setjmp_cookie_checksum)282 TEST_F(setjmp_DeathTest, setjmp_cookie_checksum) {
283 jmp_buf jb;
284 int value = setjmp(jb);
285
286 if (value == 0) {
287 // Flip a bit.
288 reinterpret_cast<long*>(jb)[1] ^= 1;
289
290 EXPECT_DEATH(longjmp(jb, 1), "checksum mismatch");
291 } else {
292 fprintf(stderr, "setjmp_cookie_checksum: longjmp succeeded?");
293 }
294 }
295
call_longjmp(jmp_buf buf)296 __attribute__((noinline)) void call_longjmp(jmp_buf buf) {
297 longjmp(buf, 123);
298 }
299
TEST(setjmp,setjmp_stack)300 TEST(setjmp, setjmp_stack) {
301 jmp_buf buf;
302 int value = setjmp(buf);
303 if (value == 0) call_longjmp(buf);
304 EXPECT_EQ(123, value);
305 }
306
TEST(setjmp,bug_152210274)307 TEST(setjmp, bug_152210274) {
308 // Ensure that we never have a mangled value in the stack pointer.
309 #if defined(__BIONIC__)
310 struct sigaction sa = {.sa_flags = SA_SIGINFO, .sa_sigaction = [](int, siginfo_t*, void*) {}};
311 ASSERT_EQ(0, sigaction(SIGPROF, &sa, 0));
312
313 constexpr size_t kNumThreads = 20;
314
315 // Start a bunch of threads calling setjmp/longjmp.
316 auto jumper = [](void* arg) -> void* {
317 sigset_t set;
318 sigemptyset(&set);
319 sigaddset(&set, SIGPROF);
320 pthread_sigmask(SIG_UNBLOCK, &set, nullptr);
321
322 jmp_buf buf;
323 for (size_t count = 0; count < 100000; ++count) {
324 if (setjmp(buf) != 0) {
325 perror("setjmp");
326 abort();
327 }
328 // This will never be true, but the compiler doesn't know that, so the
329 // setjmp won't be removed by DCE. With HWASan/MTE this also acts as a
330 // kind of enforcement that the threads are done before leaving the test.
331 if (*static_cast<size_t*>(arg) != 123) longjmp(buf, 1);
332 }
333 return nullptr;
334 };
335 pthread_t threads[kNumThreads];
336 pid_t tids[kNumThreads] = {};
337 size_t var = 123;
338 for (size_t i = 0; i < kNumThreads; ++i) {
339 ASSERT_EQ(0, pthread_create(&threads[i], nullptr, jumper, &var));
340 tids[i] = pthread_gettid_np(threads[i]);
341 }
342
343 // Start the interrupter thread.
344 auto interrupter = [](void* arg) -> void* {
345 pid_t* tids = static_cast<pid_t*>(arg);
346 for (size_t count = 0; count < 1000; ++count) {
347 for (size_t i = 0; i < kNumThreads; i++) {
348 if (tgkill(getpid(), tids[i], SIGPROF) == -1 && errno != ESRCH) {
349 perror("tgkill failed");
350 abort();
351 }
352 }
353 usleep(100);
354 }
355 return nullptr;
356 };
357 pthread_t t;
358 ASSERT_EQ(0, pthread_create(&t, nullptr, interrupter, tids));
359 pthread_join(t, nullptr);
360 for (size_t i = 0; i < kNumThreads; i++) {
361 pthread_join(threads[i], nullptr);
362 }
363 #else
364 GTEST_SKIP() << "tests uses functions not in glibc";
365 #endif
366 }
367