1 # Copyright (c) 2018 The NetBSD Foundation, Inc. 2 # All rights reserved. 3 # 4 # This code is derived from software contributed to The NetBSD Foundation 5 # by Yang Zheng. 6 # 7 # Redistribution and use in source and binary forms, with or without 8 # modification, are permitted provided that the following conditions 9 # are met: 10 # 1. Redistributions of source code must retain the above copyright 11 # notice, this list of conditions and the following disclaimer. 12 # 2. Redistributions in binary form must reproduce the above copyright 13 # notice, this list of conditions and the following disclaimer in the 14 # documentation and/or other materials provided with the distribution. 15 # 16 # THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 17 # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 18 # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 19 # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 20 # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 21 # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 22 # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 23 # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 24 # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 25 # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 26 # POSSIBILITY OF SUCH DAMAGE. 27 # 28 29 test_target() 30 { 31 SUPPORT='n' 32 if uname -m | grep -q "amd64" && command -v c++ >/dev/null 2>&1 && \ 33 ! echo __clang__ | c++ -E - | grep -q __clang__; then 34 # only clang with major version newer than 7 is supported 35 CLANG_MAJOR=`echo __clang_major__ | c++ -E - | grep -o '^[[:digit:]]'` 36 if [ "$CLANG_MAJOR" -ge "7" ]; then 37 SUPPORT='y' 38 fi 39 fi 40 } 41 42 atf_test_case timeout 43 timeout_head() { 44 atf_set "descr" "Test thread sanitizer for timeout condition" 45 atf_set "require.progs" "c++ paxctl" 46 } 47 48 atf_test_case timeout_profile 49 timeout_profile_head() { 50 atf_set "descr" "Test thread sanitizer for timeout with profiling option" 51 atf_set "require.progs" "c++ paxctl" 52 } 53 atf_test_case timeout_pic 54 timeout_pic_head() { 55 atf_set "descr" "Test thread sanitizer for timeout with position independent code (PIC) flag" 56 atf_set "require.progs" "c++ paxctl" 57 } 58 atf_test_case timeout_pie 59 timeout_pie_head() { 60 atf_set "descr" "Test thread sanitizer for timeout with position independent execution (PIE) flag" 61 atf_set "require.progs" "c++ paxctl" 62 } 63 64 timeout_body(){ 65 cat > test.cc << EOF 66 #include <stddef.h> 67 #include <stdint.h> 68 69 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { 70 if (size > 0 && data[0] == 'b') while (1) ; 71 return 0; 72 } 73 EOF 74 75 c++ -fsanitize=fuzzer -o test test.cc 76 paxctl +a test 77 atf_check -s ignore -o ignore -e match:"ERROR: libFuzzer: timeout" ./test -timeout=5 78 } 79 80 timeout_profile_body(){ 81 cat > test.cc << EOF 82 #include <stddef.h> 83 #include <stdint.h> 84 85 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { 86 if (size > 0 && data[0] == 'b') while (1) ; 87 return 0; 88 } 89 EOF 90 91 c++ -fsanitize=fuzzer -static -o test -pg test.cc 92 paxctl +a test 93 atf_check -s ignore -o ignore -e match:"ERROR: libFuzzer: timeout" ./test -timeout=5 94 } 95 96 timeout_pic_body(){ 97 cat > test.cc << EOF 98 #include <stddef.h> 99 #include <stdint.h> 100 int help(const uint8_t *data, size_t size); 101 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { 102 return help(data, size); 103 } 104 EOF 105 106 cat > pic.cc << EOF 107 #include <stddef.h> 108 #include <stdint.h> 109 110 int help(const uint8_t *data, size_t size) { 111 if (size > 0 && data[0] == 'b') while (1) ; 112 return 0; 113 } 114 EOF 115 116 c++ -fsanitize=fuzzer -fPIC -shared -o libtest.so pic.cc 117 c++ -o test test.cc -fsanitize=fuzzer -L. -ltest 118 paxctl +a test 119 120 export LD_LIBRARY_PATH=. 121 atf_check -s ignore -o ignore -e match:"ERROR: libFuzzer: timeout" ./test -timeout=5 122 } 123 timeout_pie_body(){ 124 125 #check whether -pie flag is supported on this architecture 126 if ! c++ -pie -dM -E - < /dev/null 2>/dev/null >/dev/null; then 127 atf_set_skip "c++ -pie not supported on this architecture" 128 fi 129 cat > test.cc << EOF 130 #include <stddef.h> 131 #include <stdint.h> 132 133 extern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { 134 if (size > 0 && data[0] == 'b') while (1) ; 135 return 0; 136 } 137 EOF 138 139 c++ -fsanitize=fuzzer -o test -fpie -pie test.cc 140 paxctl +a test 141 atf_check -s ignore -o ignore -e match:"ERROR: libFuzzer: timeout" ./test -timeout=5 142 } 143 144 145 atf_test_case target_not_supported 146 target_not_supported_head() 147 { 148 atf_set "descr" "Test forced skip" 149 } 150 151 target_not_supported_body() 152 { 153 atf_skip "Target is not supported" 154 } 155 156 atf_init_test_cases() 157 { 158 test_target 159 test $SUPPORT = 'n' && { 160 atf_add_test_case target_not_supported 161 return 0 162 } 163 atf_add_test_case timeout 164 atf_add_test_case timeout_profile 165 atf_add_test_case timeout_pie 166 atf_add_test_case timeout_pic 167 } 168
Indexes created Sat Sep 20 22:09:52 GMT 2025