[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r25664 - monkey/trunk/pathologist/src/pathologist
From: |
gnunet |
Subject: |
[GNUnet-SVN] r25664 - monkey/trunk/pathologist/src/pathologist |
Date: |
Fri, 28 Dec 2012 18:33:32 +0100 |
Author: teichm
Date: 2012-12-28 18:33:32 +0100 (Fri, 28 Dec 2012)
New Revision: 25664
Modified:
monkey/trunk/pathologist/src/pathologist/action_api.c
monkey/trunk/pathologist/src/pathologist/pathologist.c
Log:
bug 2658 should be fixed, distinguish Null- and BADF00D-Pointer via
disassembling
Modified: monkey/trunk/pathologist/src/pathologist/action_api.c
===================================================================
--- monkey/trunk/pathologist/src/pathologist/action_api.c 2012-12-28
12:59:28 UTC (rev 25663)
+++ monkey/trunk/pathologist/src/pathologist/action_api.c 2012-12-28
17:33:32 UTC (rev 25664)
@@ -18,8 +18,6 @@
static int crashExpressionFoundInEDB = MONKEY_YES;
static int async_c = 0;
-static char *signalMeaning = NULL;
-static char *signalName = NULL;
static int stoppedInSharedLib = MONKEY_NO;
static int failureFunctionStartLine = 0; // start line number of the
function in which the failure occurs
static struct WatchInfo *watchInfoListHead = NULL;
@@ -541,14 +539,8 @@
struct Trace *trace = NULL;
/* Variables used across recursive calls */
- static int isBugClassified = MONKEY_NO;
static struct MONKEY_EDB_Context *edbCntxt;
- if (NULL == signalMeaning) {
- signalMeaning = cntxt->gdb_stop_reason->signal_meaning;
- signalName = cntxt->gdb_stop_reason->signal_name;
- }
-
if (NULL == epoch) {
epoch = MONKEY_malloc(sizeof(struct Epoch));
epoch->traceListHead = NULL;
@@ -597,28 +589,6 @@
// Do value analysis for relevant expressions
analyzeExpressionValues(function, cntxt);
- //TODO Evil, bring it out of the loop!
- if (MONKEY_NO == isBugClassified) {
- if ((strcasecmp(signalMeaning, "Segmentation fault") ==
0)
- || (strcasecmp(signalMeaning, "Signal 0") == 0)) {
- if (MONKEY_YES == cntxt->has_null) {
- cntxt->bug_detected = BUG_NULL_POINTER;
- }
- else {
- cntxt->bug_detected =
BUG_BAD_MEM_ACCESS;
- }
- }
- else if (strcasecmp(signalMeaning, "Aborted") == 0) {
- cntxt->bug_detected = BUG_ABORT;
- }
- else if (strcasecmp(signalMeaning, "Arithmetic
exception") == 0) {
- cntxt->bug_detected = BUG_ARITHMETIC;
- }
- else if (strcasecmp(signalName, "SIGBUS") == 0) {
- cntxt->bug_detected = BUG_SIG_BUS;
- }
- isBugClassified = MONKEY_YES;
- }
/* Now, dive deeper into the stack trace */
cntxt->gdb_frames = cntxt->gdb_frames->next;
@@ -1010,6 +980,24 @@
}
+int MONKEY_ACTION_is_Nullpointer(struct MONKEY_ACTION_Context* cntxt)
+{
+ mi_asm_insns* disassembled_code =
gmi_data_disassemble_se(cntxt->gdb_handle, "$pc", "$pc+1", 0);
+ char* reg;
+ while(reg = strstr(disassembled_code->ins->inst, "(%")) {
+ //printf("%s\n", reg);
+ reg++;
+ size_t len = strcspn(reg, "),");
+ reg[0]='$';
+ reg[len]='\0';
+ char* val = gmi_data_evaluate_expression(cntxt->gdb_handle,
reg);
+ //printf("%s\n", val);
+ if( !strcmp(val, "0") ) return 1;
+ }
+ return 0;
+}
+
+
int MONKEY_ACTION_format_report_xml(struct MONKEY_ACTION_Context
*cntxt)
{
Modified: monkey/trunk/pathologist/src/pathologist/pathologist.c
===================================================================
--- monkey/trunk/pathologist/src/pathologist/pathologist.c 2012-12-28
12:59:28 UTC (rev 25663)
+++ monkey/trunk/pathologist/src/pathologist/pathologist.c 2012-12-28
17:33:32 UTC (rev 25664)
@@ -195,7 +195,20 @@
fprintf (stderr, "Debug with gdb, program exited normally!\n");
break;
case GDB_STATE_STOPPED:
+ //categorize bug
+ if ((strcasecmp(cntxt->gdb_stop_reason->signal_meaning,
"Segmentation fault") == 0)
+ || (strcasecmp(cntxt->gdb_stop_reason->signal_meaning, "Signal
0") == 0))
+ cntxt->bug_detected =
MONKEY_ACTION_is_Nullpointer(cntxt) ? BUG_NULL_POINTER : BUG_BAD_MEM_ACCESS;
+ else if (strcasecmp(cntxt->gdb_stop_reason->signal_meaning,
"Aborted") == 0)
+ cntxt->bug_detected = BUG_ABORT;
+ else if (strcasecmp(cntxt->gdb_stop_reason->signal_meaning,
"Arithmetic exception") == 0)
+ cntxt->bug_detected = BUG_ARITHMETIC;
+ else if (strcasecmp(cntxt->gdb_stop_reason->signal_name,
"SIGBUS") == 0)
+ cntxt->bug_detected = BUG_SIG_BUS;
+
+ // get relevant expressions
retVal = MONKEY_ACTION_inspect_expression_database (cntxt);
+
if (MONKEY_NO == retVal)
{
fprintf( stderr,
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r25664 - monkey/trunk/pathologist/src/pathologist,
gnunet <=