1# Copyright (c) 2018 The NetBSD Foundation, Inc.
2# All rights reserved.
3#
4# This code is derived from software contributed to The NetBSD Foundation
5# by Yang Zheng.
6#
7# Redistribution and use in source and binary forms, with or without
8# modification, are permitted provided that the following conditions
9# are met:
10# 1. Redistributions of source code must retain the above copyright
11#    notice, this list of conditions and the following disclaimer.
12# 2. Redistributions in binary form must reproduce the above copyright
13#    notice, this list of conditions and the following disclaimer in the
14#    documentation and/or other materials provided with the distribution.
15#
16# THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
17# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
18# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
19# PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
20# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
21# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
22# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
23# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
24# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
25# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
26# POSSIBILITY OF SUCH DAMAGE.
27#
28
29test_target()
30{
31	SUPPORT='n'
32	if uname -m | grep -q "amd64" && command -v c++ >/dev/null 2>&1 && \
33		   ! echo __clang__ | c++ -E - | grep -q __clang__; then
34		# only clang with major version newer than 7 is supported
35		CLANG_MAJOR=`echo __clang_major__ | c++ -E - | grep -o '^[[:digit:]]'`
36		if [ "$CLANG_MAJOR" -ge "7" ]; then
37			SUPPORT='y'
38		fi
39	fi
40}
41
42atf_test_case free
43free_head() {
44	atf_set "descr" "Test memory sanitizer for use-after-free case"
45	atf_set "require.progs" "c++ paxctl"
46}
47
48atf_test_case free_profile
49free_profile_head() {
50	atf_set "descr" "Test memory sanitizer for use-after-free with profiling option"
51	atf_set "require.progs" "c++ paxctl"
52}
53atf_test_case free_pic
54free_pic_head() {
55	atf_set "descr" "Test memory sanitizer for use-after-free with position independent code (PIC) flag"
56	atf_set "require.progs" "c++ paxctl"
57}
58atf_test_case free_pie
59free_pie_head() {
60	atf_set "descr" "Test memory sanitizer for use-after-free with position independent execution (PIE) flag"
61	atf_set "require.progs" "c++ paxctl"
62}
63
64free_body(){
65	cat > test.cc << EOF
66#include <stdlib.h>
67int main() {
68  int *a = (int *)malloc(sizeof(int));
69  *a = 9;
70  free(a);
71  return *a;
72}
73EOF
74
75	c++ -fsanitize=memory -o test test.cc
76	paxctl +a test
77	atf_check -s ignore -o ignore -e match:"WARNING: MemorySanitizer: use-of-uninitialized-value" ./test
78}
79
80free_profile_body(){
81	cat > test.cc << EOF
82#include <stdlib.h>
83int main() {
84  int *a = (int *)malloc(sizeof(int));
85  *a = 9;
86  free(a);
87  return *a;
88}
89EOF
90
91	c++ -fsanitize=memory -static -o test -pg test.cc
92	paxctl +a test
93	atf_check -s ignore -o ignore -e match:"WARNING: MemorySanitizer: use-of-uninitialized-value" ./test
94}
95
96free_pic_body(){
97	cat > test.cc << EOF
98#include <stdio.h>
99#include <stdlib.h>
100int help(int);
101int main(int argc, char **argv) {return help(argc);}
102EOF
103
104	cat > pic.cc << EOF
105#include <stdlib.h>
106int help(int argc) {
107  int *a = (int *)malloc(sizeof(int));
108  *a = 9;
109  free(a);
110  return *a;
111}
112EOF
113
114	c++ -fsanitize=memory -fPIC -shared -o libtest.so pic.cc
115	c++ -o test test.cc -fsanitize=memory -L. -ltest
116	paxctl +a test
117
118	export LD_LIBRARY_PATH=.
119	atf_check -s ignore -o ignore -e match:"WARNING: MemorySanitizer: use-of-uninitialized-value" ./test
120}
121free_pie_body(){
122
123	#check whether -pie flag is supported on this architecture
124	if ! c++ -pie -dM -E - < /dev/null 2>/dev/null >/dev/null; then
125		atf_set_skip "c++ -pie not supported on this architecture"
126	fi
127	cat > test.cc << EOF
128#include <stdlib.h>
129int main() {
130  int *a = (int *)malloc(sizeof(int));
131  *a = 9;
132  free(a);
133  return *a;
134}
135EOF
136
137	c++ -fsanitize=memory -o test -fpie -pie test.cc
138	paxctl +a test
139	atf_check -s ignore -o ignore -e match:"WARNING: MemorySanitizer: use-of-uninitialized-value" ./test
140}
141
142atf_test_case target_not_supported
143target_not_supported_head()
144{
145	atf_set "descr" "Test forced skip"
146}
147
148target_not_supported_body()
149{
150	atf_skip "Target is not supported"
151}
152
153atf_init_test_cases()
154{
155	test_target
156	test $SUPPORT = 'n' && {
157		atf_add_test_case target_not_supported
158		return 0
159	}
160	atf_add_test_case free
161	atf_add_test_case free_profile
162	atf_add_test_case free_pie
163	atf_add_test_case free_pic
164}
165