1 // Copyright 2005, Google Inc.
2 // All rights reserved.
3 //
4 // Redistribution and use in source and binary forms, with or without
5 // modification, are permitted provided that the following conditions are
6 // met:
7 //
8 //     * Redistributions of source code must retain the above copyright
9 // notice, this list of conditions and the following disclaimer.
10 //     * Redistributions in binary form must reproduce the above
11 // copyright notice, this list of conditions and the following disclaimer
12 // in the documentation and/or other materials provided with the
13 // distribution.
14 //     * Neither the name of Google Inc. nor the names of its
15 // contributors may be used to endorse or promote products derived from
16 // this software without specific prior written permission.
17 //
18 // THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19 // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20 // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21 // A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
22 // OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
23 // SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
24 // LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 // DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
26 // THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
27 // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
28 // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 //
30 // Author: wan@google.com (Zhanyong Wan), vladl@google.com (Vlad Losev)
31 //
32 // This file implements death tests.
33 
34 #include "gtest/gtest-death-test.h"
35 #include "gtest/internal/gtest-port.h"
36 
37 #if GTEST_HAS_DEATH_TEST
38 
39 # if GTEST_OS_MAC
40 #  include <crt_externs.h>
41 # endif  // GTEST_OS_MAC
42 
43 # include <errno.h>
44 # include <fcntl.h>
45 # include <limits.h>
46 
47 # if GTEST_OS_LINUX
48 #  include <signal.h>
49 # endif  // GTEST_OS_LINUX
50 
51 # include <stdarg.h>
52 
53 # if GTEST_OS_WINDOWS
54 #  include <windows.h>
55 # else
56 #  include <sys/mman.h>
57 #  include <sys/wait.h>
58 # endif  // GTEST_OS_WINDOWS
59 
60 # if GTEST_OS_QNX
61 #  include <spawn.h>
62 # endif  // GTEST_OS_QNX
63 
64 #endif  // GTEST_HAS_DEATH_TEST
65 
66 #include "gtest/gtest-message.h"
67 #include "gtest/internal/gtest-string.h"
68 
69 // Indicates that this translation unit is part of Google Test's
70 // implementation.  It must come before gtest-internal-inl.h is
71 // included, or there will be a compiler error.  This trick is to
72 // prevent a user from accidentally including gtest-internal-inl.h in
73 // his code.
74 #define GTEST_IMPLEMENTATION_ 1
75 #include "src/gtest-internal-inl.h"
76 #undef GTEST_IMPLEMENTATION_
77 
78 namespace testing {
79 
80 // Constants.
81 
82 // The default death test style.
83 static const char kDefaultDeathTestStyle[] = "fast";
84 
85 GTEST_DEFINE_string_(
86     death_test_style,
87     internal::StringFromGTestEnv("death_test_style", kDefaultDeathTestStyle),
88     "Indicates how to run a death test in a forked child process: "
89     "\"threadsafe\" (child process re-executes the test binary "
90     "from the beginning, running only the specific death test) or "
91     "\"fast\" (child process runs the death test immediately "
92     "after forking).");
93 
94 GTEST_DEFINE_bool_(
95     death_test_use_fork,
96     internal::BoolFromGTestEnv("death_test_use_fork", false),
97     "Instructs to use fork()/_exit() instead of clone() in death tests. "
98     "Ignored and always uses fork() on POSIX systems where clone() is not "
99     "implemented. Useful when running under valgrind or similar tools if "
100     "those do not support clone(). Valgrind 3.3.1 will just fail if "
101     "it sees an unsupported combination of clone() flags. "
102     "It is not recommended to use this flag w/o valgrind though it will "
103     "work in 99% of the cases. Once valgrind is fixed, this flag will "
104     "most likely be removed.");
105 
106 namespace internal {
107 GTEST_DEFINE_string_(
108     internal_run_death_test, "",
109     "Indicates the file, line number, temporal index of "
110     "the single death test to run, and a file descriptor to "
111     "which a success code may be sent, all separated by "
112     "the '|' characters.  This flag is specified if and only if the current "
113     "process is a sub-process launched for running a thread-safe "
114     "death test.  FOR INTERNAL USE ONLY.");
115 }  // namespace internal
116 
117 #if GTEST_HAS_DEATH_TEST
118 
119 namespace internal {
120 
121 // Valid only for fast death tests. Indicates the code is running in the
122 // child process of a fast style death test.
123 static bool g_in_fast_death_test_child = false;
124 
125 // Returns a Boolean value indicating whether the caller is currently
126 // executing in the context of the death test child process.  Tools such as
127 // Valgrind heap checkers may need this to modify their behavior in death
128 // tests.  IMPORTANT: This is an internal utility.  Using it may break the
129 // implementation of death tests.  User code MUST NOT use it.
InDeathTestChild()130 bool InDeathTestChild() {
131 # if GTEST_OS_WINDOWS
132 
133   // On Windows, death tests are thread-safe regardless of the value of the
134   // death_test_style flag.
135   return !GTEST_FLAG(internal_run_death_test).empty();
136 
137 # else
138 
139   if (GTEST_FLAG(death_test_style) == "threadsafe")
140     return !GTEST_FLAG(internal_run_death_test).empty();
141   else
142     return g_in_fast_death_test_child;
143 #endif
144 }
145 
146 }  // namespace internal
147 
148 // ExitedWithCode constructor.
ExitedWithCode(int exit_code)149 ExitedWithCode::ExitedWithCode(int exit_code) : exit_code_(exit_code) {
150 }
151 
152 // ExitedWithCode function-call operator.
operator ()(int exit_status) const153 bool ExitedWithCode::operator()(int exit_status) const {
154 # if GTEST_OS_WINDOWS
155 
156   return exit_status == exit_code_;
157 
158 # else
159 
160   return WIFEXITED(exit_status) && WEXITSTATUS(exit_status) == exit_code_;
161 
162 # endif  // GTEST_OS_WINDOWS
163 }
164 
165 # if !GTEST_OS_WINDOWS
166 // KilledBySignal constructor.
KilledBySignal(int signum)167 KilledBySignal::KilledBySignal(int signum) : signum_(signum) {
168 }
169 
170 // KilledBySignal function-call operator.
operator ()(int exit_status) const171 bool KilledBySignal::operator()(int exit_status) const {
172   return WIFSIGNALED(exit_status) && WTERMSIG(exit_status) == signum_;
173 }
174 # endif  // !GTEST_OS_WINDOWS
175 
176 namespace internal {
177 
178 // Utilities needed for death tests.
179 
180 // Generates a textual description of a given exit code, in the format
181 // specified by wait(2).
ExitSummary(int exit_code)182 static std::string ExitSummary(int exit_code) {
183   Message m;
184 
185 # if GTEST_OS_WINDOWS
186 
187   m << "Exited with exit status " << exit_code;
188 
189 # else
190 
191   if (WIFEXITED(exit_code)) {
192     m << "Exited with exit status " << WEXITSTATUS(exit_code);
193   } else if (WIFSIGNALED(exit_code)) {
194     m << "Terminated by signal " << WTERMSIG(exit_code);
195   }
196 #  ifdef WCOREDUMP
197   if (WCOREDUMP(exit_code)) {
198     m << " (core dumped)";
199   }
200 #  endif
201 # endif  // GTEST_OS_WINDOWS
202 
203   return m.GetString();
204 }
205 
206 // Returns true if exit_status describes a process that was terminated
207 // by a signal, or exited normally with a nonzero exit code.
ExitedUnsuccessfully(int exit_status)208 bool ExitedUnsuccessfully(int exit_status) {
209   return !ExitedWithCode(0)(exit_status);
210 }
211 
212 # if !GTEST_OS_WINDOWS
213 // Generates a textual failure message when a death test finds more than
214 // one thread running, or cannot determine the number of threads, prior
215 // to executing the given statement.  It is the responsibility of the
216 // caller not to pass a thread_count of 1.
DeathTestThreadWarning(size_t thread_count)217 static std::string DeathTestThreadWarning(size_t thread_count) {
218   Message msg;
219   msg << "Death tests use fork(), which is unsafe particularly"
220       << " in a threaded context. For this test, " << GTEST_NAME_ << " ";
221   if (thread_count == 0)
222     msg << "couldn't detect the number of threads.";
223   else
224     msg << "detected " << thread_count << " threads.";
225   return msg.GetString();
226 }
227 # endif  // !GTEST_OS_WINDOWS
228 
229 // Flag characters for reporting a death test that did not die.
230 static const char kDeathTestLived = 'L';
231 static const char kDeathTestReturned = 'R';
232 static const char kDeathTestThrew = 'T';
233 static const char kDeathTestInternalError = 'I';
234 
235 // An enumeration describing all of the possible ways that a death test can
236 // conclude.  DIED means that the process died while executing the test
237 // code; LIVED means that process lived beyond the end of the test code;
238 // RETURNED means that the test statement attempted to execute a return
239 // statement, which is not allowed; THREW means that the test statement
240 // returned control by throwing an exception.  IN_PROGRESS means the test
241 // has not yet concluded.
242 // TODO(vladl@google.com): Unify names and possibly values for
243 // AbortReason, DeathTestOutcome, and flag characters above.
244 enum DeathTestOutcome { IN_PROGRESS, DIED, LIVED, RETURNED, THREW };
245 
246 // Routine for aborting the program which is safe to call from an
247 // exec-style death test child process, in which case the error
248 // message is propagated back to the parent process.  Otherwise, the
249 // message is simply printed to stderr.  In either case, the program
250 // then exits with status 1.
DeathTestAbort(const std::string & message)251 void DeathTestAbort(const std::string& message) {
252   // On a POSIX system, this function may be called from a threadsafe-style
253   // death test child process, which operates on a very small stack.  Use
254   // the heap for any additional non-minuscule memory requirements.
255   const InternalRunDeathTestFlag* const flag =
256       GetUnitTestImpl()->internal_run_death_test_flag();
257   if (flag != NULL) {
258     FILE* parent = posix::FDOpen(flag->write_fd(), "w");
259     fputc(kDeathTestInternalError, parent);
260     fprintf(parent, "%s", message.c_str());
261     fflush(parent);
262     _exit(1);
263   } else {
264     fprintf(stderr, "%s", message.c_str());
265     fflush(stderr);
266     posix::Abort();
267   }
268 }
269 
270 // A replacement for CHECK that calls DeathTestAbort if the assertion
271 // fails.
272 # define GTEST_DEATH_TEST_CHECK_(expression) \
273   do { \
274     if (!::testing::internal::IsTrue(expression)) { \
275       DeathTestAbort( \
276           ::std::string("CHECK failed: File ") + __FILE__ +  ", line " \
277           + ::testing::internal::StreamableToString(__LINE__) + ": " \
278           + #expression); \
279     } \
280   } while (::testing::internal::AlwaysFalse())
281 
282 // This macro is similar to GTEST_DEATH_TEST_CHECK_, but it is meant for
283 // evaluating any system call that fulfills two conditions: it must return
284 // -1 on failure, and set errno to EINTR when it is interrupted and
285 // should be tried again.  The macro expands to a loop that repeatedly
286 // evaluates the expression as long as it evaluates to -1 and sets
287 // errno to EINTR.  If the expression evaluates to -1 but errno is
288 // something other than EINTR, DeathTestAbort is called.
289 # define GTEST_DEATH_TEST_CHECK_SYSCALL_(expression) \
290   do { \
291     int gtest_retval; \
292     do { \
293       gtest_retval = (expression); \
294     } while (gtest_retval == -1 && errno == EINTR); \
295     if (gtest_retval == -1) { \
296       DeathTestAbort( \
297           ::std::string("CHECK failed: File ") + __FILE__ + ", line " \
298           + ::testing::internal::StreamableToString(__LINE__) + ": " \
299           + #expression + " != -1"); \
300     } \
301   } while (::testing::internal::AlwaysFalse())
302 
303 // Returns the message describing the last system error in errno.
GetLastErrnoDescription()304 std::string GetLastErrnoDescription() {
305     return errno == 0 ? "" : posix::StrError(errno);
306 }
307 
308 // This is called from a death test parent process to read a failure
309 // message from the death test child process and log it with the FATAL
310 // severity. On Windows, the message is read from a pipe handle. On other
311 // platforms, it is read from a file descriptor.
FailFromInternalError(int fd)312 static void FailFromInternalError(int fd) {
313   Message error;
314   char buffer[256];
315   int num_read;
316 
317   do {
318     while ((num_read = posix::Read(fd, buffer, 255)) > 0) {
319       buffer[num_read] = '\0';
320       error << buffer;
321     }
322   } while (num_read == -1 && errno == EINTR);
323 
324   if (num_read == 0) {
325     GTEST_LOG_(FATAL) << error.GetString();
326   } else {
327     const int last_error = errno;
328     GTEST_LOG_(FATAL) << "Error while reading death test internal: "
329                       << GetLastErrnoDescription() << " [" << last_error << "]";
330   }
331 }
332 
333 // Death test constructor.  Increments the running death test count
334 // for the current test.
DeathTest()335 DeathTest::DeathTest() {
336   TestInfo* const info = GetUnitTestImpl()->current_test_info();
337   if (info == NULL) {
338     DeathTestAbort("Cannot run a death test outside of a TEST or "
339                    "TEST_F construct");
340   }
341 }
342 
343 // Creates and returns a death test by dispatching to the current
344 // death test factory.
Create(const char * statement,const RE * regex,const char * file,int line,DeathTest ** test)345 bool DeathTest::Create(const char* statement, const RE* regex,
346                        const char* file, int line, DeathTest** test) {
347   return GetUnitTestImpl()->death_test_factory()->Create(
348       statement, regex, file, line, test);
349 }
350 
LastMessage()351 const char* DeathTest::LastMessage() {
352   return last_death_test_message_.c_str();
353 }
354 
set_last_death_test_message(const std::string & message)355 void DeathTest::set_last_death_test_message(const std::string& message) {
356   last_death_test_message_ = message;
357 }
358 
359 std::string DeathTest::last_death_test_message_;
360 
361 // Provides cross platform implementation for some death functionality.
362 class DeathTestImpl : public DeathTest {
363  protected:
DeathTestImpl(const char * a_statement,const RE * a_regex)364   DeathTestImpl(const char* a_statement, const RE* a_regex)
365       : statement_(a_statement),
366         regex_(a_regex),
367         spawned_(false),
368         status_(-1),
369         outcome_(IN_PROGRESS),
370         read_fd_(-1),
371         write_fd_(-1) {}
372 
373   // read_fd_ is expected to be closed and cleared by a derived class.
~DeathTestImpl()374   ~DeathTestImpl() { GTEST_DEATH_TEST_CHECK_(read_fd_ == -1); }
375 
376   void Abort(AbortReason reason);
377   virtual bool Passed(bool status_ok);
378 
statement() const379   const char* statement() const { return statement_; }
regex() const380   const RE* regex() const { return regex_; }
spawned() const381   bool spawned() const { return spawned_; }
set_spawned(bool is_spawned)382   void set_spawned(bool is_spawned) { spawned_ = is_spawned; }
status() const383   int status() const { return status_; }
set_status(int a_status)384   void set_status(int a_status) { status_ = a_status; }
outcome() const385   DeathTestOutcome outcome() const { return outcome_; }
set_outcome(DeathTestOutcome an_outcome)386   void set_outcome(DeathTestOutcome an_outcome) { outcome_ = an_outcome; }
read_fd() const387   int read_fd() const { return read_fd_; }
set_read_fd(int fd)388   void set_read_fd(int fd) { read_fd_ = fd; }
write_fd() const389   int write_fd() const { return write_fd_; }
set_write_fd(int fd)390   void set_write_fd(int fd) { write_fd_ = fd; }
391 
392   // Called in the parent process only. Reads the result code of the death
393   // test child process via a pipe, interprets it to set the outcome_
394   // member, and closes read_fd_.  Outputs diagnostics and terminates in
395   // case of unexpected codes.
396   void ReadAndInterpretStatusByte();
397 
398  private:
399   // The textual content of the code this object is testing.  This class
400   // doesn't own this string and should not attempt to delete it.
401   const char* const statement_;
402   // The regular expression which test output must match.  DeathTestImpl
403   // doesn't own this object and should not attempt to delete it.
404   const RE* const regex_;
405   // True if the death test child process has been successfully spawned.
406   bool spawned_;
407   // The exit status of the child process.
408   int status_;
409   // How the death test concluded.
410   DeathTestOutcome outcome_;
411   // Descriptor to the read end of the pipe to the child process.  It is
412   // always -1 in the child process.  The child keeps its write end of the
413   // pipe in write_fd_.
414   int read_fd_;
415   // Descriptor to the child's write end of the pipe to the parent process.
416   // It is always -1 in the parent process.  The parent keeps its end of the
417   // pipe in read_fd_.
418   int write_fd_;
419 };
420 
421 // Called in the parent process only. Reads the result code of the death
422 // test child process via a pipe, interprets it to set the outcome_
423 // member, and closes read_fd_.  Outputs diagnostics and terminates in
424 // case of unexpected codes.
ReadAndInterpretStatusByte()425 void DeathTestImpl::ReadAndInterpretStatusByte() {
426   char flag;
427   int bytes_read;
428 
429   // The read() here blocks until data is available (signifying the
430   // failure of the death test) or until the pipe is closed (signifying
431   // its success), so it's okay to call this in the parent before
432   // the child process has exited.
433   do {
434     bytes_read = posix::Read(read_fd(), &flag, 1);
435   } while (bytes_read == -1 && errno == EINTR);
436 
437   if (bytes_read == 0) {
438     set_outcome(DIED);
439   } else if (bytes_read == 1) {
440     switch (flag) {
441       case kDeathTestReturned:
442         set_outcome(RETURNED);
443         break;
444       case kDeathTestThrew:
445         set_outcome(THREW);
446         break;
447       case kDeathTestLived:
448         set_outcome(LIVED);
449         break;
450       case kDeathTestInternalError:
451         FailFromInternalError(read_fd());  // Does not return.
452         break;
453       default:
454         GTEST_LOG_(FATAL) << "Death test child process reported "
455                           << "unexpected status byte ("
456                           << static_cast<unsigned int>(flag) << ")";
457     }
458   } else {
459     GTEST_LOG_(FATAL) << "Read from death test child process failed: "
460                       << GetLastErrnoDescription();
461   }
462   GTEST_DEATH_TEST_CHECK_SYSCALL_(posix::Close(read_fd()));
463   set_read_fd(-1);
464 }
465 
466 // Signals that the death test code which should have exited, didn't.
467 // Should be called only in a death test child process.
468 // Writes a status byte to the child's status file descriptor, then
469 // calls _exit(1).
Abort(AbortReason reason)470 void DeathTestImpl::Abort(AbortReason reason) {
471   // The parent process considers the death test to be a failure if
472   // it finds any data in our pipe.  So, here we write a single flag byte
473   // to the pipe, then exit.
474   const char status_ch =
475       reason == TEST_DID_NOT_DIE ? kDeathTestLived :
476       reason == TEST_THREW_EXCEPTION ? kDeathTestThrew : kDeathTestReturned;
477 
478   GTEST_DEATH_TEST_CHECK_SYSCALL_(posix::Write(write_fd(), &status_ch, 1));
479   // We are leaking the descriptor here because on some platforms (i.e.,
480   // when built as Windows DLL), destructors of global objects will still
481   // run after calling _exit(). On such systems, write_fd_ will be
482   // indirectly closed from the destructor of UnitTestImpl, causing double
483   // close if it is also closed here. On debug configurations, double close
484   // may assert. As there are no in-process buffers to flush here, we are
485   // relying on the OS to close the descriptor after the process terminates
486   // when the destructors are not run.
487   _exit(1);  // Exits w/o any normal exit hooks (we were supposed to crash)
488 }
489 
490 // Returns an indented copy of stderr output for a death test.
491 // This makes distinguishing death test output lines from regular log lines
492 // much easier.
FormatDeathTestOutput(const::std::string & output)493 static ::std::string FormatDeathTestOutput(const ::std::string& output) {
494   ::std::string ret;
495   for (size_t at = 0; ; ) {
496     const size_t line_end = output.find('\n', at);
497     ret += "[  DEATH   ] ";
498     if (line_end == ::std::string::npos) {
499       ret += output.substr(at);
500       break;
501     }
502     ret += output.substr(at, line_end + 1 - at);
503     at = line_end + 1;
504   }
505   return ret;
506 }
507 
508 // Assesses the success or failure of a death test, using both private
509 // members which have previously been set, and one argument:
510 //
511 // Private data members:
512 //   outcome:  An enumeration describing how the death test
513 //             concluded: DIED, LIVED, THREW, or RETURNED.  The death test
514 //             fails in the latter three cases.
515 //   status:   The exit status of the child process. On *nix, it is in the
516 //             in the format specified by wait(2). On Windows, this is the
517 //             value supplied to the ExitProcess() API or a numeric code
518 //             of the exception that terminated the program.
519 //   regex:    A regular expression object to be applied to
520 //             the test's captured standard error output; the death test
521 //             fails if it does not match.
522 //
523 // Argument:
524 //   status_ok: true if exit_status is acceptable in the context of
525 //              this particular death test, which fails if it is false
526 //
527 // Returns true iff all of the above conditions are met.  Otherwise, the
528 // first failing condition, in the order given above, is the one that is
529 // reported. Also sets the last death test message string.
Passed(bool status_ok)530 bool DeathTestImpl::Passed(bool status_ok) {
531   if (!spawned())
532     return false;
533 
534   const std::string error_message = GetCapturedStderr();
535 
536   bool success = false;
537   Message buffer;
538 
539   buffer << "Death test: " << statement() << "\n";
540   switch (outcome()) {
541     case LIVED:
542       buffer << "    Result: failed to die.\n"
543              << " Error msg:\n" << FormatDeathTestOutput(error_message);
544       break;
545     case THREW:
546       buffer << "    Result: threw an exception.\n"
547              << " Error msg:\n" << FormatDeathTestOutput(error_message);
548       break;
549     case RETURNED:
550       buffer << "    Result: illegal return in test statement.\n"
551              << " Error msg:\n" << FormatDeathTestOutput(error_message);
552       break;
553     case DIED:
554       if (status_ok) {
555         const bool matched = RE::PartialMatch(error_message.c_str(), *regex());
556         if (matched) {
557           success = true;
558         } else {
559           buffer << "    Result: died but not with expected error.\n"
560                  << "  Expected: " << regex()->pattern() << "\n"
561                  << "Actual msg:\n" << FormatDeathTestOutput(error_message);
562         }
563       } else {
564         buffer << "    Result: died but not with expected exit code:\n"
565                << "            " << ExitSummary(status()) << "\n"
566                << "Actual msg:\n" << FormatDeathTestOutput(error_message);
567       }
568       break;
569     case IN_PROGRESS:
570     default:
571       GTEST_LOG_(FATAL)
572           << "DeathTest::Passed somehow called before conclusion of test";
573   }
574 
575   DeathTest::set_last_death_test_message(buffer.GetString());
576   return success;
577 }
578 
579 # if GTEST_OS_WINDOWS
580 // WindowsDeathTest implements death tests on Windows. Due to the
581 // specifics of starting new processes on Windows, death tests there are
582 // always threadsafe, and Google Test considers the
583 // --gtest_death_test_style=fast setting to be equivalent to
584 // --gtest_death_test_style=threadsafe there.
585 //
586 // A few implementation notes:  Like the Linux version, the Windows
587 // implementation uses pipes for child-to-parent communication. But due to
588 // the specifics of pipes on Windows, some extra steps are required:
589 //
590 // 1. The parent creates a communication pipe and stores handles to both
591 //    ends of it.
592 // 2. The parent starts the child and provides it with the information
593 //    necessary to acquire the handle to the write end of the pipe.
594 // 3. The child acquires the write end of the pipe and signals the parent
595 //    using a Windows event.
596 // 4. Now the parent can release the write end of the pipe on its side. If
597 //    this is done before step 3, the object's reference count goes down to
598 //    0 and it is destroyed, preventing the child from acquiring it. The
599 //    parent now has to release it, or read operations on the read end of
600 //    the pipe will not return when the child terminates.
601 // 5. The parent reads child's output through the pipe (outcome code and
602 //    any possible error messages) from the pipe, and its stderr and then
603 //    determines whether to fail the test.
604 //
605 // Note: to distinguish Win32 API calls from the local method and function
606 // calls, the former are explicitly resolved in the global namespace.
607 //
608 class WindowsDeathTest : public DeathTestImpl {
609  public:
WindowsDeathTest(const char * a_statement,const RE * a_regex,const char * file,int line)610   WindowsDeathTest(const char* a_statement,
611                    const RE* a_regex,
612                    const char* file,
613                    int line)
614       : DeathTestImpl(a_statement, a_regex), file_(file), line_(line) {}
615 
616   // All of these virtual functions are inherited from DeathTest.
617   virtual int Wait();
618   virtual TestRole AssumeRole();
619 
620  private:
621   // The name of the file in which the death test is located.
622   const char* const file_;
623   // The line number on which the death test is located.
624   const int line_;
625   // Handle to the write end of the pipe to the child process.
626   AutoHandle write_handle_;
627   // Child process handle.
628   AutoHandle child_handle_;
629   // Event the child process uses to signal the parent that it has
630   // acquired the handle to the write end of the pipe. After seeing this
631   // event the parent can release its own handles to make sure its
632   // ReadFile() calls return when the child terminates.
633   AutoHandle event_handle_;
634 };
635 
636 // Waits for the child in a death test to exit, returning its exit
637 // status, or 0 if no child process exists.  As a side effect, sets the
638 // outcome data member.
Wait()639 int WindowsDeathTest::Wait() {
640   if (!spawned())
641     return 0;
642 
643   // Wait until the child either signals that it has acquired the write end
644   // of the pipe or it dies.
645   const HANDLE wait_handles[2] = { child_handle_.Get(), event_handle_.Get() };
646   switch (::WaitForMultipleObjects(2,
647                                    wait_handles,
648                                    FALSE,  // Waits for any of the handles.
649                                    INFINITE)) {
650     case WAIT_OBJECT_0:
651     case WAIT_OBJECT_0 + 1:
652       break;
653     default:
654       GTEST_DEATH_TEST_CHECK_(false);  // Should not get here.
655   }
656 
657   // The child has acquired the write end of the pipe or exited.
658   // We release the handle on our side and continue.
659   write_handle_.Reset();
660   event_handle_.Reset();
661 
662   ReadAndInterpretStatusByte();
663 
664   // Waits for the child process to exit if it haven't already. This
665   // returns immediately if the child has already exited, regardless of
666   // whether previous calls to WaitForMultipleObjects synchronized on this
667   // handle or not.
668   GTEST_DEATH_TEST_CHECK_(
669       WAIT_OBJECT_0 == ::WaitForSingleObject(child_handle_.Get(),
670                                              INFINITE));
671   DWORD status_code;
672   GTEST_DEATH_TEST_CHECK_(
673       ::GetExitCodeProcess(child_handle_.Get(), &status_code) != FALSE);
674   child_handle_.Reset();
675   set_status(static_cast<int>(status_code));
676   return status();
677 }
678 
679 // The AssumeRole process for a Windows death test.  It creates a child
680 // process with the same executable as the current process to run the
681 // death test.  The child process is given the --gtest_filter and
682 // --gtest_internal_run_death_test flags such that it knows to run the
683 // current death test only.
AssumeRole()684 DeathTest::TestRole WindowsDeathTest::AssumeRole() {
685   const UnitTestImpl* const impl = GetUnitTestImpl();
686   const InternalRunDeathTestFlag* const flag =
687       impl->internal_run_death_test_flag();
688   const TestInfo* const info = impl->current_test_info();
689   const int death_test_index = info->result()->death_test_count();
690 
691   if (flag != NULL) {
692     // ParseInternalRunDeathTestFlag() has performed all the necessary
693     // processing.
694     set_write_fd(flag->write_fd());
695     return EXECUTE_TEST;
696   }
697 
698   // WindowsDeathTest uses an anonymous pipe to communicate results of
699   // a death test.
700   SECURITY_ATTRIBUTES handles_are_inheritable = {
701     sizeof(SECURITY_ATTRIBUTES), NULL, TRUE };
702   HANDLE read_handle, write_handle;
703   GTEST_DEATH_TEST_CHECK_(
704       ::CreatePipe(&read_handle, &write_handle, &handles_are_inheritable,
705                    0)  // Default buffer size.
706       != FALSE);
707   set_read_fd(::_open_osfhandle(reinterpret_cast<intptr_t>(read_handle),
708                                 O_RDONLY));
709   write_handle_.Reset(write_handle);
710   event_handle_.Reset(::CreateEvent(
711       &handles_are_inheritable,
712       TRUE,    // The event will automatically reset to non-signaled state.
713       FALSE,   // The initial state is non-signalled.
714       NULL));  // The even is unnamed.
715   GTEST_DEATH_TEST_CHECK_(event_handle_.Get() != NULL);
716   const std::string filter_flag =
717       std::string("--") + GTEST_FLAG_PREFIX_ + kFilterFlag + "=" +
718       info->test_case_name() + "." + info->name();
719   const std::string internal_flag =
720       std::string("--") + GTEST_FLAG_PREFIX_ + kInternalRunDeathTestFlag +
721       "=" + file_ + "|" + StreamableToString(line_) + "|" +
722       StreamableToString(death_test_index) + "|" +
723       StreamableToString(static_cast<unsigned int>(::GetCurrentProcessId())) +
724       // size_t has the same width as pointers on both 32-bit and 64-bit
725       // Windows platforms.
726       // See http://msdn.microsoft.com/en-us/library/tcxf1dw6.aspx.
727       "|" + StreamableToString(reinterpret_cast<size_t>(write_handle)) +
728       "|" + StreamableToString(reinterpret_cast<size_t>(event_handle_.Get()));
729 
730   char executable_path[_MAX_PATH + 1];  // NOLINT
731   GTEST_DEATH_TEST_CHECK_(
732       _MAX_PATH + 1 != ::GetModuleFileNameA(NULL,
733                                             executable_path,
734                                             _MAX_PATH));
735 
736   std::string command_line =
737       std::string(::GetCommandLineA()) + " " + filter_flag + " \"" +
738       internal_flag + "\"";
739 
740   DeathTest::set_last_death_test_message("");
741 
742   CaptureStderr();
743   // Flush the log buffers since the log streams are shared with the child.
744   FlushInfoLog();
745 
746   // The child process will share the standard handles with the parent.
747   STARTUPINFOA startup_info;
748   memset(&startup_info, 0, sizeof(STARTUPINFO));
749   startup_info.dwFlags = STARTF_USESTDHANDLES;
750   startup_info.hStdInput = ::GetStdHandle(STD_INPUT_HANDLE);
751   startup_info.hStdOutput = ::GetStdHandle(STD_OUTPUT_HANDLE);
752   startup_info.hStdError = ::GetStdHandle(STD_ERROR_HANDLE);
753 
754   PROCESS_INFORMATION process_info;
755   GTEST_DEATH_TEST_CHECK_(::CreateProcessA(
756       executable_path,
757       const_cast<char*>(command_line.c_str()),
758       NULL,   // Retuned process handle is not inheritable.
759       NULL,   // Retuned thread handle is not inheritable.
760       TRUE,   // Child inherits all inheritable handles (for write_handle_).
761       0x0,    // Default creation flags.
762       NULL,   // Inherit the parent's environment.
763       UnitTest::GetInstance()->original_working_dir(),
764       &startup_info,
765       &process_info) != FALSE);
766   child_handle_.Reset(process_info.hProcess);
767   ::CloseHandle(process_info.hThread);
768   set_spawned(true);
769   return OVERSEE_TEST;
770 }
771 # else  // We are not on Windows.
772 
773 // ForkingDeathTest provides implementations for most of the abstract
774 // methods of the DeathTest interface.  Only the AssumeRole method is
775 // left undefined.
776 class ForkingDeathTest : public DeathTestImpl {
777  public:
778   ForkingDeathTest(const char* statement, const RE* regex);
779 
780   // All of these virtual functions are inherited from DeathTest.
781   virtual int Wait();
782 
783  protected:
set_child_pid(pid_t child_pid)784   void set_child_pid(pid_t child_pid) { child_pid_ = child_pid; }
785 
786  private:
787   // PID of child process during death test; 0 in the child process itself.
788   pid_t child_pid_;
789 };
790 
791 // Constructs a ForkingDeathTest.
ForkingDeathTest(const char * a_statement,const RE * a_regex)792 ForkingDeathTest::ForkingDeathTest(const char* a_statement, const RE* a_regex)
793     : DeathTestImpl(a_statement, a_regex),
794       child_pid_(-1) {}
795 
796 // Waits for the child in a death test to exit, returning its exit
797 // status, or 0 if no child process exists.  As a side effect, sets the
798 // outcome data member.
Wait()799 int ForkingDeathTest::Wait() {
800   if (!spawned())
801     return 0;
802 
803   ReadAndInterpretStatusByte();
804 
805   int status_value;
806   GTEST_DEATH_TEST_CHECK_SYSCALL_(waitpid(child_pid_, &status_value, 0));
807   set_status(status_value);
808   return status_value;
809 }
810 
811 // A concrete death test class that forks, then immediately runs the test
812 // in the child process.
813 class NoExecDeathTest : public ForkingDeathTest {
814  public:
NoExecDeathTest(const char * a_statement,const RE * a_regex)815   NoExecDeathTest(const char* a_statement, const RE* a_regex) :
816       ForkingDeathTest(a_statement, a_regex) { }
817   virtual TestRole AssumeRole();
818 };
819 
820 // The AssumeRole process for a fork-and-run death test.  It implements a
821 // straightforward fork, with a simple pipe to transmit the status byte.
AssumeRole()822 DeathTest::TestRole NoExecDeathTest::AssumeRole() {
823   const size_t thread_count = GetThreadCount();
824   if (thread_count != 1) {
825     GTEST_LOG_(WARNING) << DeathTestThreadWarning(thread_count);
826   }
827 
828   int pipe_fd[2];
829   GTEST_DEATH_TEST_CHECK_(pipe(pipe_fd) != -1);
830 
831   DeathTest::set_last_death_test_message("");
832   CaptureStderr();
833   // When we fork the process below, the log file buffers are copied, but the
834   // file descriptors are shared.  We flush all log files here so that closing
835   // the file descriptors in the child process doesn't throw off the
836   // synchronization between descriptors and buffers in the parent process.
837   // This is as close to the fork as possible to avoid a race condition in case
838   // there are multiple threads running before the death test, and another
839   // thread writes to the log file.
840   FlushInfoLog();
841 
842   const pid_t child_pid = fork();
843   GTEST_DEATH_TEST_CHECK_(child_pid != -1);
844   set_child_pid(child_pid);
845   if (child_pid == 0) {
846     GTEST_DEATH_TEST_CHECK_SYSCALL_(close(pipe_fd[0]));
847     set_write_fd(pipe_fd[1]);
848     // Redirects all logging to stderr in the child process to prevent
849     // concurrent writes to the log files.  We capture stderr in the parent
850     // process and append the child process' output to a log.
851     LogToStderr();
852     // Event forwarding to the listeners of event listener API mush be shut
853     // down in death test subprocesses.
854     GetUnitTestImpl()->listeners()->SuppressEventForwarding();
855     g_in_fast_death_test_child = true;
856     return EXECUTE_TEST;
857   } else {
858     GTEST_DEATH_TEST_CHECK_SYSCALL_(close(pipe_fd[1]));
859     set_read_fd(pipe_fd[0]);
860     set_spawned(true);
861     return OVERSEE_TEST;
862   }
863 }
864 
865 // A concrete death test class that forks and re-executes the main
866 // program from the beginning, with command-line flags set that cause
867 // only this specific death test to be run.
868 class ExecDeathTest : public ForkingDeathTest {
869  public:
ExecDeathTest(const char * a_statement,const RE * a_regex,const char * file,int line)870   ExecDeathTest(const char* a_statement, const RE* a_regex,
871                 const char* file, int line) :
872       ForkingDeathTest(a_statement, a_regex), file_(file), line_(line) { }
873   virtual TestRole AssumeRole();
874  private:
875   static ::std::vector<testing::internal::string>
GetArgvsForDeathTestChildProcess()876   GetArgvsForDeathTestChildProcess() {
877     ::std::vector<testing::internal::string> args = GetInjectableArgvs();
878     return args;
879   }
880   // The name of the file in which the death test is located.
881   const char* const file_;
882   // The line number on which the death test is located.
883   const int line_;
884 };
885 
886 // Utility class for accumulating command-line arguments.
887 class Arguments {
888  public:
Arguments()889   Arguments() {
890     args_.push_back(NULL);
891   }
892 
~Arguments()893   ~Arguments() {
894     for (std::vector<char*>::iterator i = args_.begin(); i != args_.end();
895          ++i) {
896       free(*i);
897     }
898   }
AddArgument(const char * argument)899   void AddArgument(const char* argument) {
900     args_.insert(args_.end() - 1, posix::StrDup(argument));
901   }
902 
903   template <typename Str>
AddArguments(const::std::vector<Str> & arguments)904   void AddArguments(const ::std::vector<Str>& arguments) {
905     for (typename ::std::vector<Str>::const_iterator i = arguments.begin();
906          i != arguments.end();
907          ++i) {
908       args_.insert(args_.end() - 1, posix::StrDup(i->c_str()));
909     }
910   }
Argv()911   char* const* Argv() {
912     return &args_[0];
913   }
914 
915  private:
916   std::vector<char*> args_;
917 };
918 
919 // A struct that encompasses the arguments to the child process of a
920 // threadsafe-style death test process.
921 struct ExecDeathTestArgs {
922   char* const* argv;  // Command-line arguments for the child's call to exec
923   int close_fd;       // File descriptor to close; the read end of a pipe
924 };
925 
926 #  if GTEST_OS_MAC
GetEnviron()927 inline char** GetEnviron() {
928   // When Google Test is built as a framework on MacOS X, the environ variable
929   // is unavailable. Apple's documentation (man environ) recommends using
930   // _NSGetEnviron() instead.
931   return *_NSGetEnviron();
932 }
933 #  else
934 // Some POSIX platforms expect you to declare environ. extern "C" makes
935 // it reside in the global namespace.
936 extern "C" char** environ;
GetEnviron()937 inline char** GetEnviron() { return environ; }
938 #  endif  // GTEST_OS_MAC
939 
940 #  if !GTEST_OS_QNX
941 // The main function for a threadsafe-style death test child process.
942 // This function is called in a clone()-ed process and thus must avoid
943 // any potentially unsafe operations like malloc or libc functions.
ExecDeathTestChildMain(void * child_arg)944 static int ExecDeathTestChildMain(void* child_arg) {
945   ExecDeathTestArgs* const args = static_cast<ExecDeathTestArgs*>(child_arg);
946   GTEST_DEATH_TEST_CHECK_SYSCALL_(close(args->close_fd));
947 
948   // We need to execute the test program in the same environment where
949   // it was originally invoked.  Therefore we change to the original
950   // working directory first.
951   const char* const original_dir =
952       UnitTest::GetInstance()->original_working_dir();
953   // We can safely call chdir() as it's a direct system call.
954   if (chdir(original_dir) != 0) {
955     DeathTestAbort(std::string("chdir(\"") + original_dir + "\") failed: " +
956                    GetLastErrnoDescription());
957     return EXIT_FAILURE;
958   }
959 
960   // We can safely call execve() as it's a direct system call.  We
961   // cannot use execvp() as it's a libc function and thus potentially
962   // unsafe.  Since execve() doesn't search the PATH, the user must
963   // invoke the test program via a valid path that contains at least
964   // one path separator.
965   execve(args->argv[0], args->argv, GetEnviron());
966   DeathTestAbort(std::string("execve(") + args->argv[0] + ", ...) in " +
967                  original_dir + " failed: " +
968                  GetLastErrnoDescription());
969   return EXIT_FAILURE;
970 }
971 #  endif  // !GTEST_OS_QNX
972 
973 // Two utility routines that together determine the direction the stack
974 // grows.
975 // This could be accomplished more elegantly by a single recursive
976 // function, but we want to guard against the unlikely possibility of
977 // a smart compiler optimizing the recursion away.
978 //
979 // GTEST_NO_INLINE_ is required to prevent GCC 4.6 from inlining
980 // StackLowerThanAddress into StackGrowsDown, which then doesn't give
981 // correct answer.
982 void StackLowerThanAddress(const void* ptr, bool* result) GTEST_NO_INLINE_;
StackLowerThanAddress(const void * ptr,bool * result)983 void StackLowerThanAddress(const void* ptr, bool* result) {
984   int dummy;
985   *result = (&dummy < ptr);
986 }
987 
StackGrowsDown()988 bool StackGrowsDown() {
989   int dummy;
990   bool result;
991   StackLowerThanAddress(&dummy, &result);
992   return result;
993 }
994 
995 // Spawns a child process with the same executable as the current process in
996 // a thread-safe manner and instructs it to run the death test.  The
997 // implementation uses fork(2) + exec.  On systems where clone(2) is
998 // available, it is used instead, being slightly more thread-safe.  On QNX,
999 // fork supports only single-threaded environments, so this function uses
1000 // spawn(2) there instead.  The function dies with an error message if
1001 // anything goes wrong.
ExecDeathTestSpawnChild(char * const * argv,int close_fd)1002 static pid_t ExecDeathTestSpawnChild(char* const* argv, int close_fd) {
1003   ExecDeathTestArgs args = { argv, close_fd };
1004   pid_t child_pid = -1;
1005 
1006 #  if GTEST_OS_QNX
1007   // Obtains the current directory and sets it to be closed in the child
1008   // process.
1009   const int cwd_fd = open(".", O_RDONLY);
1010   GTEST_DEATH_TEST_CHECK_(cwd_fd != -1);
1011   GTEST_DEATH_TEST_CHECK_SYSCALL_(fcntl(cwd_fd, F_SETFD, FD_CLOEXEC));
1012   // We need to execute the test program in the same environment where
1013   // it was originally invoked.  Therefore we change to the original
1014   // working directory first.
1015   const char* const original_dir =
1016       UnitTest::GetInstance()->original_working_dir();
1017   // We can safely call chdir() as it's a direct system call.
1018   if (chdir(original_dir) != 0) {
1019     DeathTestAbort(std::string("chdir(\"") + original_dir + "\") failed: " +
1020                    GetLastErrnoDescription());
1021     return EXIT_FAILURE;
1022   }
1023 
1024   int fd_flags;
1025   // Set close_fd to be closed after spawn.
1026   GTEST_DEATH_TEST_CHECK_SYSCALL_(fd_flags = fcntl(close_fd, F_GETFD));
1027   GTEST_DEATH_TEST_CHECK_SYSCALL_(fcntl(close_fd, F_SETFD,
1028                                         fd_flags | FD_CLOEXEC));
1029   struct inheritance inherit = {0};
1030   // spawn is a system call.
1031   child_pid = spawn(args.argv[0], 0, NULL, &inherit, args.argv, GetEnviron());
1032   // Restores the current working directory.
1033   GTEST_DEATH_TEST_CHECK_(fchdir(cwd_fd) != -1);
1034   GTEST_DEATH_TEST_CHECK_SYSCALL_(close(cwd_fd));
1035 
1036 #  else   // GTEST_OS_QNX
1037 #   if GTEST_OS_LINUX
1038   // When a SIGPROF signal is received while fork() or clone() are executing,
1039   // the process may hang. To avoid this, we ignore SIGPROF here and re-enable
1040   // it after the call to fork()/clone() is complete.
1041   struct sigaction saved_sigprof_action;
1042   struct sigaction ignore_sigprof_action;
1043   memset(&ignore_sigprof_action, 0, sizeof(ignore_sigprof_action));
1044   sigemptyset(&ignore_sigprof_action.sa_mask);
1045   ignore_sigprof_action.sa_handler = SIG_IGN;
1046   GTEST_DEATH_TEST_CHECK_SYSCALL_(sigaction(
1047       SIGPROF, &ignore_sigprof_action, &saved_sigprof_action));
1048 #   endif  // GTEST_OS_LINUX
1049 
1050 #   if GTEST_HAS_CLONE
1051   const bool use_fork = GTEST_FLAG(death_test_use_fork);
1052 
1053   if (!use_fork) {
1054     static const bool stack_grows_down = StackGrowsDown();
1055     const size_t stack_size = getpagesize();
1056     // MMAP_ANONYMOUS is not defined on Mac, so we use MAP_ANON instead.
1057     void* const stack = mmap(NULL, stack_size, PROT_READ | PROT_WRITE,
1058                              MAP_ANON | MAP_PRIVATE, -1, 0);
1059     GTEST_DEATH_TEST_CHECK_(stack != MAP_FAILED);
1060 
1061     // Maximum stack alignment in bytes:  For a downward-growing stack, this
1062     // amount is subtracted from size of the stack space to get an address
1063     // that is within the stack space and is aligned on all systems we care
1064     // about.  As far as I know there is no ABI with stack alignment greater
1065     // than 64.  We assume stack and stack_size already have alignment of
1066     // kMaxStackAlignment.
1067     const size_t kMaxStackAlignment = 64;
1068     void* const stack_top =
1069         static_cast<char*>(stack) +
1070             (stack_grows_down ? stack_size - kMaxStackAlignment : 0);
1071     GTEST_DEATH_TEST_CHECK_(stack_size > kMaxStackAlignment &&
1072         reinterpret_cast<intptr_t>(stack_top) % kMaxStackAlignment == 0);
1073 
1074     child_pid = clone(&ExecDeathTestChildMain, stack_top, SIGCHLD, &args);
1075 
1076     GTEST_DEATH_TEST_CHECK_(munmap(stack, stack_size) != -1);
1077   }
1078 #   else
1079   const bool use_fork = true;
1080 #   endif  // GTEST_HAS_CLONE
1081 
1082   if (use_fork && (child_pid = fork()) == 0) {
1083       ExecDeathTestChildMain(&args);
1084       _exit(0);
1085   }
1086 #  endif  // GTEST_OS_QNX
1087 #  if GTEST_OS_LINUX
1088   GTEST_DEATH_TEST_CHECK_SYSCALL_(
1089       sigaction(SIGPROF, &saved_sigprof_action, NULL));
1090 #  endif  // GTEST_OS_LINUX
1091 
1092   GTEST_DEATH_TEST_CHECK_(child_pid != -1);
1093   return child_pid;
1094 }
1095 
1096 // The AssumeRole process for a fork-and-exec death test.  It re-executes the
1097 // main program from the beginning, setting the --gtest_filter
1098 // and --gtest_internal_run_death_test flags to cause only the current
1099 // death test to be re-run.
AssumeRole()1100 DeathTest::TestRole ExecDeathTest::AssumeRole() {
1101   const UnitTestImpl* const impl = GetUnitTestImpl();
1102   const InternalRunDeathTestFlag* const flag =
1103       impl->internal_run_death_test_flag();
1104   const TestInfo* const info = impl->current_test_info();
1105   const int death_test_index = info->result()->death_test_count();
1106 
1107   if (flag != NULL) {
1108     set_write_fd(flag->write_fd());
1109     return EXECUTE_TEST;
1110   }
1111 
1112   int pipe_fd[2];
1113   GTEST_DEATH_TEST_CHECK_(pipe(pipe_fd) != -1);
1114   // Clear the close-on-exec flag on the write end of the pipe, lest
1115   // it be closed when the child process does an exec:
1116   GTEST_DEATH_TEST_CHECK_(fcntl(pipe_fd[1], F_SETFD, 0) != -1);
1117 
1118   const std::string filter_flag =
1119       std::string("--") + GTEST_FLAG_PREFIX_ + kFilterFlag + "="
1120       + info->test_case_name() + "." + info->name();
1121   const std::string internal_flag =
1122       std::string("--") + GTEST_FLAG_PREFIX_ + kInternalRunDeathTestFlag + "="
1123       + file_ + "|" + StreamableToString(line_) + "|"
1124       + StreamableToString(death_test_index) + "|"
1125       + StreamableToString(pipe_fd[1]);
1126   Arguments args;
1127   args.AddArguments(GetArgvsForDeathTestChildProcess());
1128   args.AddArgument(filter_flag.c_str());
1129   args.AddArgument(internal_flag.c_str());
1130 
1131   DeathTest::set_last_death_test_message("");
1132 
1133   CaptureStderr();
1134   // See the comment in NoExecDeathTest::AssumeRole for why the next line
1135   // is necessary.
1136   FlushInfoLog();
1137 
1138   const pid_t child_pid = ExecDeathTestSpawnChild(args.Argv(), pipe_fd[0]);
1139   GTEST_DEATH_TEST_CHECK_SYSCALL_(close(pipe_fd[1]));
1140   set_child_pid(child_pid);
1141   set_read_fd(pipe_fd[0]);
1142   set_spawned(true);
1143   return OVERSEE_TEST;
1144 }
1145 
1146 # endif  // !GTEST_OS_WINDOWS
1147 
1148 // Creates a concrete DeathTest-derived class that depends on the
1149 // --gtest_death_test_style flag, and sets the pointer pointed to
1150 // by the "test" argument to its address.  If the test should be
1151 // skipped, sets that pointer to NULL.  Returns true, unless the
1152 // flag is set to an invalid value.
Create(const char * statement,const RE * regex,const char * file,int line,DeathTest ** test)1153 bool DefaultDeathTestFactory::Create(const char* statement, const RE* regex,
1154                                      const char* file, int line,
1155                                      DeathTest** test) {
1156   UnitTestImpl* const impl = GetUnitTestImpl();
1157   const InternalRunDeathTestFlag* const flag =
1158       impl->internal_run_death_test_flag();
1159   const int death_test_index = impl->current_test_info()
1160       ->increment_death_test_count();
1161 
1162   if (flag != NULL) {
1163     if (death_test_index > flag->index()) {
1164       DeathTest::set_last_death_test_message(
1165           "Death test count (" + StreamableToString(death_test_index)
1166           + ") somehow exceeded expected maximum ("
1167           + StreamableToString(flag->index()) + ")");
1168       return false;
1169     }
1170 
1171     if (!(flag->file() == file && flag->line() == line &&
1172           flag->index() == death_test_index)) {
1173       *test = NULL;
1174       return true;
1175     }
1176   }
1177 
1178 # if GTEST_OS_WINDOWS
1179 
1180   if (GTEST_FLAG(death_test_style) == "threadsafe" ||
1181       GTEST_FLAG(death_test_style) == "fast") {
1182     *test = new WindowsDeathTest(statement, regex, file, line);
1183   }
1184 
1185 # else
1186 
1187   if (GTEST_FLAG(death_test_style) == "threadsafe") {
1188     *test = new ExecDeathTest(statement, regex, file, line);
1189   } else if (GTEST_FLAG(death_test_style) == "fast") {
1190     *test = new NoExecDeathTest(statement, regex);
1191   }
1192 
1193 # endif  // GTEST_OS_WINDOWS
1194 
1195   else {  // NOLINT - this is more readable than unbalanced brackets inside #if.
1196     DeathTest::set_last_death_test_message(
1197         "Unknown death test style \"" + GTEST_FLAG(death_test_style)
1198         + "\" encountered");
1199     return false;
1200   }
1201 
1202   return true;
1203 }
1204 
1205 // Splits a given string on a given delimiter, populating a given
1206 // vector with the fields.  GTEST_HAS_DEATH_TEST implies that we have
1207 // ::std::string, so we can use it here.
SplitString(const::std::string & str,char delimiter,::std::vector<::std::string> * dest)1208 static void SplitString(const ::std::string& str, char delimiter,
1209                         ::std::vector< ::std::string>* dest) {
1210   ::std::vector< ::std::string> parsed;
1211   ::std::string::size_type pos = 0;
1212   while (::testing::internal::AlwaysTrue()) {
1213     const ::std::string::size_type colon = str.find(delimiter, pos);
1214     if (colon == ::std::string::npos) {
1215       parsed.push_back(str.substr(pos));
1216       break;
1217     } else {
1218       parsed.push_back(str.substr(pos, colon - pos));
1219       pos = colon + 1;
1220     }
1221   }
1222   dest->swap(parsed);
1223 }
1224 
1225 # if GTEST_OS_WINDOWS
1226 // Recreates the pipe and event handles from the provided parameters,
1227 // signals the event, and returns a file descriptor wrapped around the pipe
1228 // handle. This function is called in the child process only.
GetStatusFileDescriptor(unsigned int parent_process_id,size_t write_handle_as_size_t,size_t event_handle_as_size_t)1229 int GetStatusFileDescriptor(unsigned int parent_process_id,
1230                             size_t write_handle_as_size_t,
1231                             size_t event_handle_as_size_t) {
1232   AutoHandle parent_process_handle(::OpenProcess(PROCESS_DUP_HANDLE,
1233                                                    FALSE,  // Non-inheritable.
1234                                                    parent_process_id));
1235   if (parent_process_handle.Get() == INVALID_HANDLE_VALUE) {
1236     DeathTestAbort("Unable to open parent process " +
1237                    StreamableToString(parent_process_id));
1238   }
1239 
1240   // TODO(vladl@google.com): Replace the following check with a
1241   // compile-time assertion when available.
1242   GTEST_CHECK_(sizeof(HANDLE) <= sizeof(size_t));
1243 
1244   const HANDLE write_handle =
1245       reinterpret_cast<HANDLE>(write_handle_as_size_t);
1246   HANDLE dup_write_handle;
1247 
1248   // The newly initialized handle is accessible only in in the parent
1249   // process. To obtain one accessible within the child, we need to use
1250   // DuplicateHandle.
1251   if (!::DuplicateHandle(parent_process_handle.Get(), write_handle,
1252                          ::GetCurrentProcess(), &dup_write_handle,
1253                          0x0,    // Requested privileges ignored since
1254                                  // DUPLICATE_SAME_ACCESS is used.
1255                          FALSE,  // Request non-inheritable handler.
1256                          DUPLICATE_SAME_ACCESS)) {
1257     DeathTestAbort("Unable to duplicate the pipe handle " +
1258                    StreamableToString(write_handle_as_size_t) +
1259                    " from the parent process " +
1260                    StreamableToString(parent_process_id));
1261   }
1262 
1263   const HANDLE event_handle = reinterpret_cast<HANDLE>(event_handle_as_size_t);
1264   HANDLE dup_event_handle;
1265 
1266   if (!::DuplicateHandle(parent_process_handle.Get(), event_handle,
1267                          ::GetCurrentProcess(), &dup_event_handle,
1268                          0x0,
1269                          FALSE,
1270                          DUPLICATE_SAME_ACCESS)) {
1271     DeathTestAbort("Unable to duplicate the event handle " +
1272                    StreamableToString(event_handle_as_size_t) +
1273                    " from the parent process " +
1274                    StreamableToString(parent_process_id));
1275   }
1276 
1277   const int write_fd =
1278       ::_open_osfhandle(reinterpret_cast<intptr_t>(dup_write_handle), O_APPEND);
1279   if (write_fd == -1) {
1280     DeathTestAbort("Unable to convert pipe handle " +
1281                    StreamableToString(write_handle_as_size_t) +
1282                    " to a file descriptor");
1283   }
1284 
1285   // Signals the parent that the write end of the pipe has been acquired
1286   // so the parent can release its own write end.
1287   ::SetEvent(dup_event_handle);
1288 
1289   return write_fd;
1290 }
1291 # endif  // GTEST_OS_WINDOWS
1292 
1293 // Returns a newly created InternalRunDeathTestFlag object with fields
1294 // initialized from the GTEST_FLAG(internal_run_death_test) flag if
1295 // the flag is specified; otherwise returns NULL.
ParseInternalRunDeathTestFlag()1296 InternalRunDeathTestFlag* ParseInternalRunDeathTestFlag() {
1297   if (GTEST_FLAG(internal_run_death_test) == "") return NULL;
1298 
1299   // GTEST_HAS_DEATH_TEST implies that we have ::std::string, so we
1300   // can use it here.
1301   int line = -1;
1302   int index = -1;
1303   ::std::vector< ::std::string> fields;
1304   SplitString(GTEST_FLAG(internal_run_death_test).c_str(), '|', &fields);
1305   int write_fd = -1;
1306 
1307 # if GTEST_OS_WINDOWS
1308 
1309   unsigned int parent_process_id = 0;
1310   size_t write_handle_as_size_t = 0;
1311   size_t event_handle_as_size_t = 0;
1312 
1313   if (fields.size() != 6
1314       || !ParseNaturalNumber(fields[1], &line)
1315       || !ParseNaturalNumber(fields[2], &index)
1316       || !ParseNaturalNumber(fields[3], &parent_process_id)
1317       || !ParseNaturalNumber(fields[4], &write_handle_as_size_t)
1318       || !ParseNaturalNumber(fields[5], &event_handle_as_size_t)) {
1319     DeathTestAbort("Bad --gtest_internal_run_death_test flag: " +
1320                    GTEST_FLAG(internal_run_death_test));
1321   }
1322   write_fd = GetStatusFileDescriptor(parent_process_id,
1323                                      write_handle_as_size_t,
1324                                      event_handle_as_size_t);
1325 # else
1326 
1327   if (fields.size() != 4
1328       || !ParseNaturalNumber(fields[1], &line)
1329       || !ParseNaturalNumber(fields[2], &index)
1330       || !ParseNaturalNumber(fields[3], &write_fd)) {
1331     DeathTestAbort("Bad --gtest_internal_run_death_test flag: "
1332         + GTEST_FLAG(internal_run_death_test));
1333   }
1334 
1335 # endif  // GTEST_OS_WINDOWS
1336 
1337   return new InternalRunDeathTestFlag(fields[0], line, index, write_fd);
1338 }
1339 
1340 }  // namespace internal
1341 
1342 #endif  // GTEST_HAS_DEATH_TEST
1343 
1344 }  // namespace testing
1345