t_fuzzer_oom.sh revision 1.2.6.2
1 1.2.6.2 martin # Copyright (c) 2018 The NetBSD Foundation, Inc. 2 1.2.6.2 martin # All rights reserved. 3 1.2.6.2 martin # 4 1.2.6.2 martin # This code is derived from software contributed to The NetBSD Foundation 5 1.2.6.2 martin # by Yang Zheng. 6 1.2.6.2 martin # 7 1.2.6.2 martin # Redistribution and use in source and binary forms, with or without 8 1.2.6.2 martin # modification, are permitted provided that the following conditions 9 1.2.6.2 martin # are met: 10 1.2.6.2 martin # 1. Redistributions of source code must retain the above copyright 11 1.2.6.2 martin # notice, this list of conditions and the following disclaimer. 12 1.2.6.2 martin # 2. Redistributions in binary form must reproduce the above copyright 13 1.2.6.2 martin # notice, this list of conditions and the following disclaimer in the 14 1.2.6.2 martin # documentation and/or other materials provided with the distribution. 15 1.2.6.2 martin # 16 1.2.6.2 martin # THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 17 1.2.6.2 martin # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 18 1.2.6.2 martin # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 19 1.2.6.2 martin # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 20 1.2.6.2 martin # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 21 1.2.6.2 martin # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 22 1.2.6.2 martin # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 23 1.2.6.2 martin # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 24 1.2.6.2 martin # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 25 1.2.6.2 martin # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 26 1.2.6.2 martin # POSSIBILITY OF SUCH DAMAGE. 27 1.2.6.2 martin # 28 1.2.6.2 martin 29 1.2.6.2 martin test_target() 30 1.2.6.2 martin { 31 1.2.6.2 martin SUPPORT='n' 32 1.2.6.2 martin if uname -m | grep -q "amd64" && command -v c++ >/dev/null 2>&1 && \ 33 1.2.6.2 martin ! echo __clang__ | c++ -E - | grep -q __clang__; then 34 1.2.6.2 martin # only clang with major version newer than 7 is supported 35 1.2.6.2 martin CLANG_MAJOR=`echo __clang_major__ | c++ -E - | grep -o '^[[:digit:]]'` 36 1.2.6.2 martin if [ "$CLANG_MAJOR" -ge "7" ]; then 37 1.2.6.2 martin SUPPORT='y' 38 1.2.6.2 martin fi 39 1.2.6.2 martin fi 40 1.2.6.2 martin } 41 1.2.6.2 martin 42 1.2.6.2 martin atf_test_case oom 43 1.2.6.2 martin oom_head() { 44 1.2.6.2 martin atf_set "descr" "Test thread sanitizer for out-of-memory condition" 45 1.2.6.2 martin atf_set "require.progs" "c++ paxctl" 46 1.2.6.2 martin } 47 1.2.6.2 martin 48 1.2.6.2 martin atf_test_case oom_profile 49 1.2.6.2 martin oom_profile_head() { 50 1.2.6.2 martin atf_set "descr" "Test thread sanitizer for out-of-memory with profiling option" 51 1.2.6.2 martin atf_set "require.progs" "c++ paxctl" 52 1.2.6.2 martin } 53 1.2.6.2 martin atf_test_case oom_pic 54 1.2.6.2 martin oom_pic_head() { 55 1.2.6.2 martin atf_set "descr" "Test thread sanitizer for out-of-memory with position independent code (PIC) flag" 56 1.2.6.2 martin atf_set "require.progs" "c++ paxctl" 57 1.2.6.2 martin } 58 1.2.6.2 martin atf_test_case oom_pie 59 1.2.6.2 martin oom_pie_head() { 60 1.2.6.2 martin atf_set "descr" "Test thread sanitizer for out-of-memory with position independent execution (PIE) flag" 61 1.2.6.2 martin atf_set "require.progs" "c++ paxctl" 62 1.2.6.2 martin } 63 1.2.6.2 martin 64 1.2.6.2 martin oom_body(){ 65 1.2.6.2 martin cat > test.cc << EOF 66 1.2.6.2 martin #include <stddef.h> 67 1.2.6.2 martin #include <stdint.h> 68 1.2.6.2 martin #include <stdlib.h> 69 1.2.6.2 martin 70 1.2.6.2 martin extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { 71 1.2.6.2 martin if (size > 0 && data[0] == 'b') while (1) malloc(16*1024*1024); 72 1.2.6.2 martin return 0; 73 1.2.6.2 martin } 74 1.2.6.2 martin EOF 75 1.2.6.2 martin 76 1.2.6.2 martin c++ -fsanitize=fuzzer -o test test.cc 77 1.2.6.2 martin paxctl +a test 78 1.2.6.2 martin atf_check -s ignore -o ignore -e match:"ERROR: libFuzzer: out-of-memory" ./test -rss_limit_mb=30 79 1.2.6.2 martin } 80 1.2.6.2 martin 81 1.2.6.2 martin oom_profile_body(){ 82 1.2.6.2 martin cat > test.cc << EOF 83 1.2.6.2 martin #include <stddef.h> 84 1.2.6.2 martin #include <stdint.h> 85 1.2.6.2 martin #include <stdlib.h> 86 1.2.6.2 martin 87 1.2.6.2 martin extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { 88 1.2.6.2 martin if (size > 0 && data[0] == 'b') while (1) malloc(16*1024*1024); 89 1.2.6.2 martin return 0; 90 1.2.6.2 martin } 91 1.2.6.2 martin EOF 92 1.2.6.2 martin 93 1.2.6.2 martin c++ -fsanitize=fuzzer -o test -pg test.cc 94 1.2.6.2 martin paxctl +a test 95 1.2.6.2 martin atf_check -s ignore -o ignore -e match:"ERROR: libFuzzer: out-of-memory" ./test -rss_limit_mb=30 96 1.2.6.2 martin } 97 1.2.6.2 martin 98 1.2.6.2 martin oom_pic_body(){ 99 1.2.6.2 martin cat > test.cc << EOF 100 1.2.6.2 martin #include <stddef.h> 101 1.2.6.2 martin #include <stdint.h> 102 1.2.6.2 martin int help(const uint8_t *data, size_t size); 103 1.2.6.2 martin extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { 104 1.2.6.2 martin return help(data, size); 105 1.2.6.2 martin } 106 1.2.6.2 martin EOF 107 1.2.6.2 martin 108 1.2.6.2 martin cat > pic.cc << EOF 109 1.2.6.2 martin #include <stddef.h> 110 1.2.6.2 martin #include <stdint.h> 111 1.2.6.2 martin #include <stdlib.h> 112 1.2.6.2 martin 113 1.2.6.2 martin int help(const uint8_t *data, size_t size) { 114 1.2.6.2 martin if (size > 0 && data[0] == 'b') while (1) malloc(16*1024*1024); 115 1.2.6.2 martin return 0; 116 1.2.6.2 martin } 117 1.2.6.2 martin EOF 118 1.2.6.2 martin 119 1.2.6.2 martin c++ -fsanitize=fuzzer -fPIC -shared -o libtest.so pic.cc 120 1.2.6.2 martin c++ -o test test.cc -fsanitize=fuzzer -L. -ltest 121 1.2.6.2 martin paxctl +a test 122 1.2.6.2 martin 123 1.2.6.2 martin export LD_LIBRARY_PATH=. 124 1.2.6.2 martin atf_check -s ignore -o ignore -e match:"ERROR: libFuzzer: out-of-memory" ./test -rss_limit_mb=30 125 1.2.6.2 martin } 126 1.2.6.2 martin oom_pie_body(){ 127 1.2.6.2 martin 128 1.2.6.2 martin #check whether -pie flag is supported on this architecture 129 1.2.6.2 martin if ! c++ -pie -dM -E - < /dev/null 2>/dev/null >/dev/null; then 130 1.2.6.2 martin atf_set_skip "c++ -pie not supported on this architecture" 131 1.2.6.2 martin fi 132 1.2.6.2 martin cat > test.cc << EOF 133 1.2.6.2 martin #include <stddef.h> 134 1.2.6.2 martin #include <stdint.h> 135 1.2.6.2 martin #include <stdlib.h> 136 1.2.6.2 martin 137 1.2.6.2 martin extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { 138 1.2.6.2 martin if (size > 0 && data[0] == 'b') while (1) malloc(16*1024*1024); 139 1.2.6.2 martin return 0; 140 1.2.6.2 martin } 141 1.2.6.2 martin EOF 142 1.2.6.2 martin 143 1.2.6.2 martin c++ -fsanitize=fuzzer -o test -fpie -pie test.cc 144 1.2.6.2 martin paxctl +a test 145 1.2.6.2 martin atf_check -s ignore -o ignore -e match:"ERROR: libFuzzer: out-of-memory" ./test -rss_limit_mb=30 146 1.2.6.2 martin } 147 1.2.6.2 martin 148 1.2.6.2 martin 149 1.2.6.2 martin atf_test_case target_not_supported 150 1.2.6.2 martin target_not_supported_head() 151 1.2.6.2 martin { 152 1.2.6.2 martin atf_set "descr" "Test forced skip" 153 1.2.6.2 martin } 154 1.2.6.2 martin 155 1.2.6.2 martin target_not_supported_body() 156 1.2.6.2 martin { 157 1.2.6.2 martin atf_skip "Target is not supported" 158 1.2.6.2 martin } 159 1.2.6.2 martin 160 1.2.6.2 martin atf_init_test_cases() 161 1.2.6.2 martin { 162 1.2.6.2 martin test_target 163 1.2.6.2 martin test $SUPPORT = 'n' && { 164 1.2.6.2 martin atf_add_test_case target_not_supported 165 1.2.6.2 martin return 0 166 1.2.6.2 martin } 167 1.2.6.2 martin atf_add_test_case oom 168 1.2.6.2 martin atf_add_test_case oom_profile 169 1.2.6.2 martin atf_add_test_case oom_pie 170 1.2.6.2 martin atf_add_test_case oom_pic 171 1.2.6.2 martin } 172
Indexes created Thu Oct 02 01:09:59 GMT 2025