xref: /netbsd/tests/usr.bin/c++/t_fuzzer_simple.sh (revision d3d203eb) 
1fdb6b69dSkamil# Copyright (c) 2018 The NetBSD Foundation, Inc.
2fdb6b69dSkamil# All rights reserved.
3fdb6b69dSkamil#
4fdb6b69dSkamil# This code is derived from software contributed to The NetBSD Foundation
5fdb6b69dSkamil# by Yang Zheng.
6fdb6b69dSkamil#
7fdb6b69dSkamil# Redistribution and use in source and binary forms, with or without
8fdb6b69dSkamil# modification, are permitted provided that the following conditions
9fdb6b69dSkamil# are met:
10fdb6b69dSkamil# 1. Redistributions of source code must retain the above copyright
11fdb6b69dSkamil#    notice, this list of conditions and the following disclaimer.
12fdb6b69dSkamil# 2. Redistributions in binary form must reproduce the above copyright
13fdb6b69dSkamil#    notice, this list of conditions and the following disclaimer in the
14fdb6b69dSkamil#    documentation and/or other materials provided with the distribution.
15fdb6b69dSkamil#
16fdb6b69dSkamil# THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
17fdb6b69dSkamil# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
18fdb6b69dSkamil# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
19fdb6b69dSkamil# PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
20fdb6b69dSkamil# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
21fdb6b69dSkamil# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
22fdb6b69dSkamil# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
23fdb6b69dSkamil# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
24fdb6b69dSkamil# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
25fdb6b69dSkamil# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
26fdb6b69dSkamil# POSSIBILITY OF SUCH DAMAGE.
27fdb6b69dSkamil#
28fdb6b69dSkamil
29fdb6b69dSkamiltest_target()
30fdb6b69dSkamil{
31fdb6b69dSkamil	SUPPORT='n'
32fdb6b69dSkamil	if uname -m | grep -q "amd64" && command -v c++ >/dev/null 2>&1 && \
33fdb6b69dSkamil		   ! echo __clang__ | c++ -E - | grep -q __clang__; then
34fdb6b69dSkamil		# only clang with major version newer than 7 is supported
35fdb6b69dSkamil		CLANG_MAJOR=`echo __clang_major__ | c++ -E - | grep -o '^[[:digit:]]'`
36fdb6b69dSkamil		if [ "$CLANG_MAJOR" -ge "7" ]; then
37fdb6b69dSkamil			SUPPORT='y'
38fdb6b69dSkamil		fi
39fdb6b69dSkamil	fi
40fdb6b69dSkamil}
41fdb6b69dSkamil
42fdb6b69dSkamilatf_test_case simple
43fdb6b69dSkamilsimple_head() {
44fdb6b69dSkamil	atf_set "descr" "Test thread sanitizer for error exit condition"
45fdb6b69dSkamil	atf_set "require.progs" "c++ paxctl"
46fdb6b69dSkamil}
47fdb6b69dSkamil
48fdb6b69dSkamilatf_test_case simple_profile
49fdb6b69dSkamilsimple_profile_head() {
50fdb6b69dSkamil	atf_set "descr" "Test thread sanitizer for simple with profiling option"
51fdb6b69dSkamil	atf_set "require.progs" "c++ paxctl"
52fdb6b69dSkamil}
53fdb6b69dSkamilatf_test_case simple_pic
54fdb6b69dSkamilsimple_pic_head() {
55fdb6b69dSkamil	atf_set "descr" "Test thread sanitizer for simple with position independent code (PIC) flag"
56fdb6b69dSkamil	atf_set "require.progs" "c++ paxctl"
57fdb6b69dSkamil}
58fdb6b69dSkamilatf_test_case simple_pie
59fdb6b69dSkamilsimple_pie_head() {
60fdb6b69dSkamil	atf_set "descr" "Test thread sanitizer for simple with position independent execution (PIE) flag"
61fdb6b69dSkamil	atf_set "require.progs" "c++ paxctl"
62fdb6b69dSkamil}
63fdb6b69dSkamil
64fdb6b69dSkamilsimple_body(){
65fdb6b69dSkamil	cat > test.cc << EOF
66fdb6b69dSkamil#include <stdlib.h>
67fdb6b69dSkamil#include <stdio.h>
68fdb6b69dSkamil#include <stdint.h>
69fdb6b69dSkamil
70fdb6b69dSkamilextern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
71fdb6b69dSkamil  if (size > 0 && data[0] == 'b') {
72fdb6b69dSkamil    fprintf(stderr, "BINGO\n");
73fdb6b69dSkamil    exit(1);
74fdb6b69dSkamil  }
75fdb6b69dSkamil
76fdb6b69dSkamil  return 0;
77fdb6b69dSkamil}
78fdb6b69dSkamilEOF
79fdb6b69dSkamil
80fdb6b69dSkamil	c++ -fsanitize=fuzzer -o test test.cc
81fdb6b69dSkamil	paxctl +a test
82fdb6b69dSkamil	atf_check -s ignore -o ignore -e match:"BINGO" ./test
83fdb6b69dSkamil}
84fdb6b69dSkamil
85fdb6b69dSkamilsimple_profile_body(){
86fdb6b69dSkamil	cat > test.cc << EOF
87fdb6b69dSkamil#include <stdlib.h>
88fdb6b69dSkamil#include <stdio.h>
89fdb6b69dSkamil#include <stdint.h>
90fdb6b69dSkamil
91fdb6b69dSkamilextern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
92fdb6b69dSkamil  if (size > 0 && data[0] == 'b') {
93fdb6b69dSkamil    fprintf(stderr, "BINGO\n");
94fdb6b69dSkamil    exit(1);
95fdb6b69dSkamil  }
96fdb6b69dSkamil
97fdb6b69dSkamil  return 0;
98fdb6b69dSkamil}
99fdb6b69dSkamilEOF
100fdb6b69dSkamil
101*d3d203ebSskrll	c++ -fsanitize=fuzzer -static -o test -pg test.cc
102fdb6b69dSkamil	paxctl +a test
103fdb6b69dSkamil	atf_check -s ignore -o ignore -e match:"BINGO" ./test
104fdb6b69dSkamil}
105fdb6b69dSkamil
106fdb6b69dSkamilsimple_pic_body(){
107fdb6b69dSkamil	cat > test.cc << EOF
108fdb6b69dSkamil#include <stddef.h>
109fdb6b69dSkamil#include <stdint.h>
110fdb6b69dSkamilint help(const uint8_t *data, size_t size);
111fdb6b69dSkamilextern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
112fdb6b69dSkamil    return help(data, size);
113fdb6b69dSkamil}
114fdb6b69dSkamilEOF
115fdb6b69dSkamil
116fdb6b69dSkamil	cat > pic.cc << EOF
117fdb6b69dSkamil#include <stdlib.h>
118fdb6b69dSkamil#include <stdio.h>
119fdb6b69dSkamil#include <stdint.h>
120fdb6b69dSkamil
121fdb6b69dSkamilint help(const uint8_t *data, size_t size) {
122fdb6b69dSkamil  if (size > 0 && data[0] == 'b') {
123fdb6b69dSkamil    fprintf(stderr, "BINGO\n");
124fdb6b69dSkamil    exit(1);
125fdb6b69dSkamil  }
126fdb6b69dSkamil
127fdb6b69dSkamil  return 0;
128fdb6b69dSkamil}
129fdb6b69dSkamilEOF
130fdb6b69dSkamil
131fdb6b69dSkamil	c++ -fsanitize=fuzzer -fPIC -shared -o libtest.so pic.cc
132fdb6b69dSkamil	c++ -o test test.cc -fsanitize=fuzzer -L. -ltest
133fdb6b69dSkamil	paxctl +a test
134fdb6b69dSkamil
135fdb6b69dSkamil	export LD_LIBRARY_PATH=.
136fdb6b69dSkamil	atf_check -s ignore -o ignore -e match:"BINGO" ./test
137fdb6b69dSkamil}
138fdb6b69dSkamilsimple_pie_body(){
139fdb6b69dSkamil
140fdb6b69dSkamil	#check whether -pie flag is supported on this architecture
141fdb6b69dSkamil	if ! c++ -pie -dM -E - < /dev/null 2>/dev/null >/dev/null; then
142fdb6b69dSkamil		atf_set_skip "c++ -pie not supported on this architecture"
143fdb6b69dSkamil	fi
144fdb6b69dSkamil	cat > test.cc << EOF
145fdb6b69dSkamil#include <stdlib.h>
146fdb6b69dSkamil#include <stdio.h>
147fdb6b69dSkamil#include <stdint.h>
148fdb6b69dSkamil
149fdb6b69dSkamilextern "C" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
150fdb6b69dSkamil  if (size > 0 && data[0] == 'b') {
151fdb6b69dSkamil    fprintf(stderr, "BINGO\n");
152fdb6b69dSkamil    exit(1);
153fdb6b69dSkamil  }
154fdb6b69dSkamil
155fdb6b69dSkamil  return 0;
156fdb6b69dSkamil}
157fdb6b69dSkamilEOF
158fdb6b69dSkamil
159fdb6b69dSkamil	c++ -fsanitize=fuzzer -o test -fpie -pie test.cc
160fdb6b69dSkamil	paxctl +a test
161fdb6b69dSkamil	atf_check -s ignore -o ignore -e match:"BINGO" ./test
162fdb6b69dSkamil}
163fdb6b69dSkamil
164fdb6b69dSkamil
165fdb6b69dSkamilatf_test_case target_not_supported
166fdb6b69dSkamiltarget_not_supported_head()
167fdb6b69dSkamil{
168fdb6b69dSkamil	atf_set "descr" "Test forced skip"
169fdb6b69dSkamil}
170fdb6b69dSkamil
171c52a0032Skamiltarget_not_supported_body()
172c52a0032Skamil{
173c52a0032Skamil	atf_skip "Target is not supported"
174c52a0032Skamil}
175c52a0032Skamil
176fdb6b69dSkamilatf_init_test_cases()
177fdb6b69dSkamil{
178fdb6b69dSkamil	test_target
179fdb6b69dSkamil	test $SUPPORT = 'n' && {
180fdb6b69dSkamil		atf_add_test_case target_not_supported
181fdb6b69dSkamil		return 0
182fdb6b69dSkamil	}
183fdb6b69dSkamil	atf_add_test_case simple
184fdb6b69dSkamil	atf_add_test_case simple_profile
185fdb6b69dSkamil	atf_add_test_case simple_pie
186fdb6b69dSkamil	atf_add_test_case simple_pic
187fdb6b69dSkamil}
188