Commit Graph

3481 Commits

Author SHA1 Message Date
mrg 2fc9ba62ad don't print "long" with "%zu". 2018-05-09 08:45:03 +00:00
martin 3198bde1a4 Make the getrusage_maxrss test more stable by preventing the compiler to
optimize out a dummy loop. While there print more details when failing.
2018-05-09 06:32:52 +00:00
christos ccca93f2fc add tests for maxrss, msgsnd 2018-05-08 01:02:38 +00:00
kamil 410141583e Improve wording for non-native speakers of English
Improve wording in t_ubsan tests in for c++.

No functional change intended.

Follow the changed in cc/ by <martin>
2018-05-04 12:51:18 +00:00
kamil 1560a24938 Explain VLA in c++/t_ubsan_vla_out_of_bounds.sh (ATF test)
VLA - Variable Length Array

Requested by <martin>
2018-05-04 12:27:58 +00:00
kamil 15009a7646 Explain VLA in t_ubsan_vla_out_of_bounds.sh (ATF test)
VLA - Variable Length Array

Requested by <martin>
2018-05-04 12:26:53 +00:00
martin d3941ea9b2 Use more formal speech in messages 2018-05-04 10:44:24 +00:00
kamil e308425ef5 Add new ATF Undefined Behavior Sanitizer tests
Add new cc and c++ tests to check whether UBSan works.
These tests are prepared for GCC (in base) and Clang (with external patches).

Enable these tests for all ports by default, just verify whether we are
using GCC/Clang or a compatible compiler.

Add five equivalent C and C++ tests:
 - Integer addition overflow
 - Integer divide by zero
 - Integer negation overflow
 - Integer subtraction overflow
 - VLA out of bounds

All tests pass on NetBSD/amd64.

Patch submitted by <Harry Pantazis>
Minor cleanup by <myself>
2018-05-02 18:46:05 +00:00
kamil 385d9c8955 Implement PTRACE_VFORK
Add support for tracing vfork(2) events in the context of ptrace(2).

This API covers other frontends to fork1(9) like posix_spawn(2) or clone(2),
if they cause parent to wait for exec(2) or exit(2) of the child.

Changes:
 - Add new argument to sigswitch() determining whether we need to acquire
   the proc_lock or whether it's already held.
 - Refactor fork1(9) for fork(2) and vfork(2)-like events.
   Call sigswitch() from fork(1) for forking or vforking parent, instead of
   emitting kpsignal(9). We need to emit the signal and suspend the parent,
   returning to user and relock proc_lock.
 - Add missing prototype for proc_stop_done() in kern_sig.c.
 - Make sigswitch a public function accessible from other kernel code
   including <sys/signalvar.h>.
 - Remove an entry about unimplemented PTRACE_VFORK in the ptrace(2) man page.
 - Permin PTRACE_VFORK in the ptrace(2) frontend for userland.
 - Remove expected failure for unimplemented PTRACE_VFORK tests in the ATF
   ptrace(2) test-suite.
 - Relax signal routing constraints under a debugger for a vfork(2)ed child.
   This intended to protect from signaling a parent of a vfork(2)ed child that
   called PT_TRACE_ME, but wrongly misrouted other signals in vfork(2)
   use-cases.

Add XXX comments about still existing problems and future enhancements:
 - correct vfork(2) + PT_TRACE_ME handling.
 - fork1(2) handling of scenarios when a process is collected in valid but
   rare cases.

All ATF ptrace(2) fork[1-8] and vfork[1-8] tests pass.

Fix PR kern/51630 by Kamil Rytarowski (myself).

Sponsored by <The NetBSD Foundation>
2018-05-01 16:37:23 +00:00
kamil 66a7857d57 Add two new ptrace(2) ATF tests
Added:

 - traceme_pid1_parent
   Assert that a process cannot mark its parent a debugger twice

 - traceme_twice
   Verify that PT_TRACE_ME is not allowed when our parent is PID1

All tests pass.

Sponsored by <The NetBSD Foundation>
2018-04-29 13:56:00 +00:00
kamil 7c9ce7b74f Enable traceme_raise1 in the ATF ptrace(2) tests
This test checks raise(SIGKILL). If we enter the kernel with this signal
we report a signaled child in a debugger, not stopped with an option to
make an action.

FreeBSD behaves differently and allows intercepting this event in a tracer.
Follow the Linux behavior.

If we really want to prevent raise(SIGKILL) from signaling the tracee, we
still can breakpoint raise(3) and alter the syscall arguments (or use
the PT_SYSCALL mode). If we are already in the kernel, SIGKILL always means
killing the process, whether or not traced and the source of SIGKILL.

This tests passes on NetBSD without kernel changes.

Sponsored by <The NetBSD Foundation>
2018-04-28 19:00:25 +00:00
kamil 736f73b24b Refactor the traceme3 ATF ptrace(2) test
Replace traceme3 with new ATF tests using diverse signals:

 - traceme_signal_nohandler1 SIGKILL
 - traceme_signal_nohandler2 SIGSTOP (temporarily disabled)
 - traceme_signal_nohandler3 SIGABRT (emits core dump)
 - traceme_signal_nohandler4 SIGHUP
 - traceme_signal_nohandler5 SIGCONT

These SIGSTOP test does not work properly right now as it unstops the
traccee.

Sponsored by <The NetBSD Foundation>
2018-04-28 18:07:15 +00:00
kamil f738c48337 Handle core dumps in ATF ptrace(2) tests easier
Cast WCOREDUMP() to either 1 or 0.

It could be changed to a boolean type, but it's already good enough.

Sponsored by <The NetBSD Foundation>
2018-04-28 17:56:55 +00:00
kamil 5abe8ef7df Refactor the traceme2 ATF ptrace(2) tests
Replace traceme2 with 3 tests:
 - traceme_sighandler_catch1
 - traceme_sighandler_catch2
 - traceme_sighandler_catch3

These tests are verified with PT_TRACE_ME for: SIGHUP, SIGCONT and SIGABRT.

We don't want tests all signals (this is a domain for a fuzzer), but we want
to cover tests with signals from different groups.

All tests pass.

Sponsored by <The NetBSD Foundation>
2018-04-28 00:14:37 +00:00
kamil 0165d5af91 Refactor the traceme1 and traceme4 ATF ptrace(2) tests
Use common bode for these tests and a macro 1-liner to define a new test.

Test the same scenarios for 5 signals:
 - SIGKILL (temporarily disabled)
 - SIGSTOP
 - SIGABRT
 - SIGHUP
 - SIGCONT

These tests call: raise(sig). It's actually important to assert their
behavior for tests that are from different kinds.

The SIGKILL test is work in progress. It can be caught by a debugger on the
FreeBSD kernel, but it's causing a signaled event in a debugger on Linux.

NetBSD is right now in one of the camps, but research whether this is a bug
or feature is in progress.

Sponsored by <The NetBSD Foundation>
2018-04-27 21:36:45 +00:00
maxv 8ad8ab65b1 Remove ping6_opts_hops, "-g" does not exist anymore (RH0 removed). 2018-04-26 06:23:33 +00:00
kre 7fea2a9dfc Add a test case for PR bin/53201
Currently this test case will fail, a fix is coming soon (not worth
marking this as an expected failure.)

This test case and the initial bug report comes from
Martijn Dekker's modernish (shell/test set).
2018-04-21 21:28:35 +00:00
ozaki-r 0be59150b6 Add a test that checks if brconfig flush surely removes all entries 2018-04-18 04:03:12 +00:00
kamil 6827020217 Refactor fork-like ATG tests in t_ptrace_wait*
Add CPP syntax sugare to define each fork-like test within a single line
of code with less than 80 columns.

This is a preparation for new fork-like scenarios where we detach either
child and/or parent with PT_DETACH.

The code could be still reduced to smaller number of columns, instead of:

   FORK_TEST(fork1, DSCR(fork,0,0,0,0,0), fork, F, F, F, F, F)

we could perhaps need 50% of it, as the data is duplicated.

On the other hand the line is already short and taking only a single line.

No functional change intended.

Sponsored by <The NetBSD Foundation>
2018-04-15 00:19:23 +00:00
kamil 8a7b75cec0 Import new C and C++ ATF tests for ASan
Add new tests:
 - tests/usr.bin/cc/t_asan_poison.sh
 - tests/usr.bin/c++/t_asan_poison.sh

These tests verify the following build options:
 - regular
 - profile
 - pic
 - pie
 - compat32
 - (static unsupported)

These tests verify whether ASan code can include compiler and sanitizer
specific header: <sanitizer/asan_interface.h>. The testing code checks
the ASAN_POISON_MEMORY_REGION() functionality, poisoning valid memory and
asserting that it triggers expected failure.

Patch submitted by <Siddharth Muralee>
2018-04-11 03:25:25 +00:00
kamil ea82fba129 Cover more fork/vfork/vforkdone scenarios in ATF ptrace(2) tests
Use a shared common body for all the tests: fork1..fork8, vfork1..vfork8.

Merge vforkdone1 and vforkdone2 into vfork* tests.

All the (v?)fork[1-8] tests cover:
 - calling either fork(2) or vfork(2)
 - tracking either enabled or disabled FORK, VFORK or VFORK_DONE

All the PTRACE_VFORK tests are marked as expected failure.

Sponsored by <The NetBSD Foundation>
2018-04-11 01:52:59 +00:00
kamil 1924131dec ATF t_ptrace_wait* refactoring: vforkdone1 and vforkdone2
Merge vforkdone1 and vforkdone2 into other fork tests and reuse the same
function body fork_test().

There is an implicit enhancement in vforkdone2 that it was skipping
PTRACE_VFORK check. This test is now marked as expected failure.

PR kern/51630

Sponsored by <The NetBSD Foundation>
2018-04-10 22:45:39 +00:00
ozaki-r f72ad93267 Add a test case for bridge_rtdelete 2018-04-10 07:09:00 +00:00
kamil 4fb49d74f0 ATF: ptrace: Merge code in fork2 and vfork2 tests with (v)fork1 ones
Reduce code duplication, use the same function body with conditional
switches.

Sponsored by <The NetBSD Foundation>
2018-04-10 00:40:35 +00:00
kamil 3a2e5c145a Merge code in tests: fork1 and vfork1 (ATF t_ptrace_wait*)
Marge bodies of two tests into the same function.
Add few checks for regular fork or not (vfork).

Sponsored by <The NetBSD Foundation>
2018-04-10 00:09:31 +00:00
martin b29a640aff Use tcpdump -n to avoid reverse DNS lookup. There is no point in having
different results from running this test in a networked vs. a non-networked
environment.
Adjust golden output accordingly.
Fixes PR 53150.
2018-04-09 16:21:05 +00:00
kamil 42c80d5774 Improve documentation of the ATF test t_ptrace_wait*: traceme2
Set the description to:

  Verify that a signal emitted by a tracer to a child is caught by
  a signal handler.

Sponsored by <The NetBSD Foundation>
2018-04-09 15:45:16 +00:00
kamil 2e7534f345 Add check in ATF tests for security.models.extensions.user_set_dbregs
Introduce a new function can_we_set_dbregs() in the ATF ptrace(2) tests.
It uses lazy-bool evaluation whether a process can call PT_SETDBREGS.

In case of not being able to do so, print a message and mark a test
as skipped:

  Either run this test as root or set sysctl(3)
  security.models.extensions.user_set_dbregs to 1

No functional change intended to the code flow of the existing tested
scenarios.

Sponsored by <The NetBSD Foundation>
2018-04-08 17:20:18 +00:00
ozaki-r 810a5ee058 Fix typo 2018-04-07 12:36:58 +00:00
ozaki-r 6ca7de5d0d Add tests for GARP without DAD
Additionally make the existing tests for GARP more explicit.
2018-04-06 09:23:36 +00:00
ozaki-r 9e4591fa4a Show outputs of commands if $DEBUG 2018-04-06 09:22:38 +00:00
ozaki-r 4cb98a5a0c Improve packet checks and error reporting 2018-04-06 09:21:57 +00:00
kamil 8e4f836c68 Add new ATF tests for Address Sanitzier (ASan)
Add new C and C++ tests:
 - t_asan_double_free
 - t_asan_global_buffer_overflow
 - t_asan_heap_overflow
 - t_asan_off_by_one
 - t_asan_uaf

Each tests checks:
 - regular build
 - 32-bit
 - PIC
 - PIE
 - profile

These tests require paxctl(8) to disable ASLR in order to work in a
predictable way. This is especially true for all !regular builds with
additional compiler flags.

There are no static variations of these tests as this mode is not supported
in upstream ASan.

Enable these tests on amd64 and i386.

This is part two patch, adding the remaining C++ changes.

Patch submitted by <Siddharth Muralee>
Additional polishing by myself.
2018-04-04 23:53:26 +00:00
kamil 9f0bdbd997 Add new ATF tests for Address Sanitzier (ASan)
Add new C and C++ tests:
 - t_asan_double_free
 - t_asan_global_buffer_overflow
 - t_asan_heap_overflow
 - t_asan_off_by_one
 - t_asan_uaf

Each tests checks:
 - regular build
 - 32-bit
 - PIC
 - PIE
 - profile

These tests require paxctl(8) to disable ASLR in order to work in a
predictable way. This is especially true for all !regular builds with
additional compiler flags.

There are no static variations of these tests as this mode is not supported
in upstream ASan.

Enable these tests on amd64 and i386.

Patch submitted by <Siddharth Muralee>
Additional polishing by myself.
2018-04-04 23:51:35 +00:00
kamil b4fcb5aedb Correct a small regression typo in usr.bin/c++ ATF tests
TESTS_SH= changed to TESTS_SH+=
2018-04-04 15:53:04 +00:00
kamil b269e95d9e Sort entries in ATF tests in tests/usr.bin/c++/Makefile
No functional change intended.
2018-04-04 15:08:59 +00:00
roy 64785daad7 Handle errors better.
Fix test for checking we sent all the data we asked to.
2018-03-26 09:11:15 +00:00
roy 8a9420adee Allow a valid sendto .... duh 2018-03-24 15:51:57 +00:00
kamil 77dc83fa09 Add new C++ ATF tests
Add new variations for existing C++ tests:
 - Static
 - Profile+32-bit
 - PIC+32-bit
 - PIC+Profile
 - PIC+Profile+32-bit

All tests pass for NetBSD/amd64:
 - t_cxxruntime
 - t_hello
 - t_static_destructor

+--------------------------------------------------------------+
| Options            | cxxruntime | hello  | static_destructor |
+--------------------------------------------------------------+
| None               | Passed     | Passed | Passed            |
| 32-bit             | Passed     | Passed | Passed            |
| PIC                | Passed     | Passed | Passed            |
| PIE                | Passed     | Passed | Passed            |
| Profile            | Passed     | Passed | Passed            |
| Static             | Passed     | Passed | Passed            |
| Profile+32-bit     | Passed     | Passed | Passed            |
| PIC+32-bit         | Passed     | Passed | Passed            |
| PIC+Profile        | Passed     | Passed | Passed            |
| PIC+Profile+32-bit | Passed     | Passed | Passed            |
+--------------------------------------------------------------+

Add new C++11 std::call_once tests:
 - t_call_once
 - t_call_once2

Add new C++11 test with pthread_once(3) and C++ lambda:
 - t_pthread_once

All tests with the profile option for std::call_once and
pthread_once(3) are marked as expected failure (NetBSD/amd64).

Results for *_once*:
+------------------------------------------------------------+
| Options            | call_once | call_once2 | pthread_once |
+------------------------------------------------------------+
| None               | Passed    | Passed     | Passed       |
| 32-bit             | Passed    |  Passed    | Passed       |
| PIC                | Passed    | Passed     | Passed       |
| PIE                | Passed    | Passed     | Passed       |
| Profile            |  Failed   |  Failed    |  Failed      |
| Static             | Passed    | Passed     | Passed       |
| Profile+32-bit     |  Failed   |  Failed    |  Failed      |
| PIC+32-bit         | Passed    | Passed     | Passed       |
| PIC+Profile        |  Failed   |  Failed    |  Failed      |
| PIC+Profile+32-bit |  Failed   |  Failed    |  Failed      |
+------------------------------------------------------------+

Long term there is an option to refacotr the framework for C and C++ tests,
in order to reduce code duplication.

Patches sent by Yang Zheng <tomsun.0.7@gmail.com>
2018-03-24 00:26:51 +00:00
kamil 62ac00a826 Fix a printf(3)-like format in ATF ICMP t_ping.c
Use %zd for ssize_t, instead of %d.
2018-03-24 00:06:32 +00:00
roy 80b75699b5 Note value received. Harden another sendto for ENOBUFS. 2018-03-23 10:05:45 +00:00
roy 05ee2584ab Handle ENOBUFS in sendto 2018-03-22 17:27:34 +00:00
roy 1875ff6c39 Handle ENOBUFS in recv 2018-03-22 17:16:05 +00:00
ozaki-r 57e881a906 Avoid setting IP addresses of the same subnet on different interface
If we do so, there will remain one route that is of a preceding address, but
that behavior is not documented and may be changed in the future.  Tests
shouldn't rely on such a unstable behavior.
2018-03-22 09:21:24 +00:00
roy d96ab75caf Handle ENOBUFS when receiving messages.
Don't send messages if the receiver has died.
2018-03-21 12:37:12 +00:00
kamil ce34db38fd Add new ATF tests: kernel/t_zombie
New tests attempting to kill, stop, drop or revive a zombie:
 - signal1 (SIGKILL)
 - signal2 (SIGSTOP)
 - signal3 (SIGABRT)
 - signal4 (SIGHUP)
 - signal5 (SIGCONT)

New test race1 verifying whether there are any kernel races when processing
signals to zombies, executing in a loop for 5 seconds.

These tests were inspired by a kernel unexpected behavior when a lookup
of a dying process could result in two detected entities once as an alive
process and once as a zombie.

race1 is similar to t_ptrace_wait* race1, however without ptrace(2) involved.

Sponsored by <The NetBSD Foundation>
2018-03-14 02:13:47 +00:00
kamil a9dda15d6e ATF: Add new test race1 in t_ptrace_wait*
Reuse the attach1's test body for race1.

Add a new test race1:
  Assert that await_zombie() in attach1 always finds a single
  process and no other error is reported

race1 requires HAVE_PID in wait(2)-like function.

This test is executed in a loop for 5 seconds (16k iterations on Intel i7).
A buggy kernel was asserting an error within this timeframe almost always.

The bug in the kernel is now gone and this test is expected to pass
correctly.

Sponsored by <The NetBSD Foundation>
2018-03-13 14:54:13 +00:00
kamil c6513ba7ad ATF t_ptrace_wait*: Disable debug messages in msg.h
msg.h is a dummy IPC interface.

Disable additional debugging logging here, especially wanted in race*
tests.

Sponsored by <The NetBSD Foundation>
2018-03-13 14:45:36 +00:00
kamil 8fa6ff479d Add a new function in ATF t_ptrace_wait*: await_zombie_raw()
Add await_zombie_raw() that is the same as await_zombie(), whith an
addition of additional "useconds_t ms" parameter indicating delays between
new polling for a zombie process.

This new function will be used for testing a race condition that has been
observed occassionally crashing a test case -- returning duplicate entries
for KERN_PROC_PID.

Sponsored by <The NetBSD Foundation>
2018-03-13 13:34:40 +00:00
knakahara a0d17a179a Enhance assertion ipsecif(4) ATF to avoid confusing setkey(8) error message.
When setkey(8) says "syntax error at [-E]", it must mean get_if_ipsec_unique()
failed.
2018-03-13 03:50:26 +00:00