diff options
Diffstat (limited to 'pathologist/refs')
30 files changed, 1405 insertions, 0 deletions
diff --git a/pathologist/refs/db/bad_memory_access.db b/pathologist/refs/db/bad_memory_access.db new file mode 100644 index 0000000..8635229 --- /dev/null +++ b/pathologist/refs/db/bad_memory_access.db | |||
Binary files differ | |||
diff --git a/pathologist/refs/db/bug_assertion_failure.db b/pathologist/refs/db/bug_assertion_failure.db new file mode 100644 index 0000000..80b952c --- /dev/null +++ b/pathologist/refs/db/bug_assertion_failure.db | |||
Binary files differ | |||
diff --git a/pathologist/refs/db/bug_bad_food.db b/pathologist/refs/db/bug_bad_food.db new file mode 100644 index 0000000..0d0b4dd --- /dev/null +++ b/pathologist/refs/db/bug_bad_food.db | |||
Binary files differ | |||
diff --git a/pathologist/refs/db/bug_bad_memory_access.db b/pathologist/refs/db/bug_bad_memory_access.db new file mode 100644 index 0000000..f5388fd --- /dev/null +++ b/pathologist/refs/db/bug_bad_memory_access.db | |||
Binary files differ | |||
diff --git a/pathologist/refs/db/bug_bug_assertion_failure.db b/pathologist/refs/db/bug_bug_assertion_failure.db new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/pathologist/refs/db/bug_bug_assertion_failure.db | |||
diff --git a/pathologist/refs/db/bug_division_by_zero_loop.db b/pathologist/refs/db/bug_division_by_zero_loop.db new file mode 100644 index 0000000..8c103ef --- /dev/null +++ b/pathologist/refs/db/bug_division_by_zero_loop.db | |||
Binary files differ | |||
diff --git a/pathologist/refs/db/bug_null_pointer_exception.db b/pathologist/refs/db/bug_null_pointer_exception.db new file mode 100644 index 0000000..91b1c8a --- /dev/null +++ b/pathologist/refs/db/bug_null_pointer_exception.db | |||
Binary files differ | |||
diff --git a/pathologist/refs/db/bug_null_pointer_exception_modified.db b/pathologist/refs/db/bug_null_pointer_exception_modified.db new file mode 100644 index 0000000..6c264fb --- /dev/null +++ b/pathologist/refs/db/bug_null_pointer_exception_modified.db | |||
Binary files differ | |||
diff --git a/pathologist/refs/reports/ref_bt_bug_assertion_failure.xml b/pathologist/refs/reports/ref_bt_bug_assertion_failure.xml new file mode 100644 index 0000000..9bdccb2 --- /dev/null +++ b/pathologist/refs/reports/ref_bt_bug_assertion_failure.xml | |||
@@ -0,0 +1,75 @@ | |||
1 | <?xml version="1.0"?> | ||
2 | <crash category="Assertion Failure" function="assertionFailure" line="9" file="bug_assertion_failure.c" > | ||
3 | <history><epoch step="0" > | ||
4 | <trace><function name="assertionFailure" line="9" file="bug_assertion_failure.c" depth="0" > | ||
5 | <expressions><expression name="assert(x<4)" > | ||
6 | Not Evaluated</expression> | ||
7 | <expression name="x<4" > | ||
8 | 0</expression> | ||
9 | <expression name="printf("Assertion Failure Now!\n")" > | ||
10 | Not Evaluated</expression> | ||
11 | <expression name="x" > | ||
12 | 5</expression> | ||
13 | </expressions> | ||
14 | </function> | ||
15 | <function name="main" line="14" file="bug_assertion_failure.c" depth="1" > | ||
16 | <expressions><expression name="assertionFailure()" > | ||
17 | Not Evaluated</expression> | ||
18 | <expression name="argv" > | ||
19 | 0xbfffecb4</expression> | ||
20 | <expression name="argc" > | ||
21 | 1</expression> | ||
22 | </expressions> | ||
23 | </function> | ||
24 | </trace> | ||
25 | </epoch> | ||
26 | <epoch step="1" > | ||
27 | <trace><function name="assertionFailure" line="8" file="bug_assertion_failure.c" depth="0" > | ||
28 | <expressions><expression name="printf("Assertion Failure Now!\n")" > | ||
29 | Not Evaluated</expression> | ||
30 | <expression name="x" > | ||
31 | 5</expression> | ||
32 | </expressions> | ||
33 | </function> | ||
34 | <function name="main" line="14" file="bug_assertion_failure.c" depth="1" > | ||
35 | <expressions><expression name="assertionFailure()" > | ||
36 | Not Evaluated</expression> | ||
37 | <expression name="argv" > | ||
38 | 0xbfffecb4</expression> | ||
39 | <expression name="argc" > | ||
40 | 1</expression> | ||
41 | </expressions> | ||
42 | </function> | ||
43 | </trace> | ||
44 | </epoch> | ||
45 | <epoch step="2" > | ||
46 | <trace><function name="assertionFailure" line="7" file="bug_assertion_failure.c" depth="0" > | ||
47 | <expressions><expression name="x" > | ||
48 | -1073746936</expression> | ||
49 | </expressions> | ||
50 | </function> | ||
51 | <function name="main" line="14" file="bug_assertion_failure.c" depth="1" > | ||
52 | <expressions><expression name="assertionFailure()" > | ||
53 | Not Evaluated</expression> | ||
54 | <expression name="argv" > | ||
55 | 0xbfffecb4</expression> | ||
56 | <expression name="argc" > | ||
57 | 1</expression> | ||
58 | </expressions> | ||
59 | </function> | ||
60 | </trace> | ||
61 | </epoch> | ||
62 | <epoch step="3" > | ||
63 | <trace><function name="main" line="14" file="bug_assertion_failure.c" depth="0" > | ||
64 | <expressions><expression name="assertionFailure()" > | ||
65 | Not Evaluated</expression> | ||
66 | <expression name="argv" > | ||
67 | 0xbfffecb4</expression> | ||
68 | <expression name="argc" > | ||
69 | 1</expression> | ||
70 | </expressions> | ||
71 | </function> | ||
72 | </trace> | ||
73 | </epoch> | ||
74 | </history> | ||
75 | </crash> | ||
diff --git a/pathologist/refs/reports/ref_bt_bug_bad_memory_access.xml b/pathologist/refs/reports/ref_bt_bug_bad_memory_access.xml new file mode 100644 index 0000000..8647995 --- /dev/null +++ b/pathologist/refs/reports/ref_bt_bug_bad_memory_access.xml | |||
@@ -0,0 +1,103 @@ | |||
1 | <?xml version="1.0"?> | ||
2 | <crash category="Bad memory access" function="badMemoryAccess" line="9" file="bug_bad_memory_access.c" > | ||
3 | <valgrind>==10333== Memcheck, a memory error detector | ||
4 | ==10333== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al. | ||
5 | ==10333== Using Valgrind-3.6.1 and LibVEX; rerun with -h for copyright info | ||
6 | ==10333== Command: ../../refs/src/bug_bad_memory_access | ||
7 | ==10333== Parent PID: 10332 | ||
8 | ==10333== | ||
9 | ==10333== Invalid write of size 4 | ||
10 | ==10333== at 0x80483D0: badMemoryAccess (bug_bad_memory_access.c:9) | ||
11 | ==10333== by 0x80483E2: main (bug_bad_memory_access.c:14) | ||
12 | ==10333== Address 0x4252352 is not stack'd, malloc'd or (recently) free'd | ||
13 | ==10333== | ||
14 | ==10333== | ||
15 | ==10333== Process terminating with default action of signal 11 (SIGSEGV) | ||
16 | ==10333== Access not within mapped region at address 0x4252352 | ||
17 | ==10333== at 0x80483D0: badMemoryAccess (bug_bad_memory_access.c:9) | ||
18 | ==10333== by 0x80483E2: main (bug_bad_memory_access.c:14) | ||
19 | ==10333== If you believe this happened as a result of a stack | ||
20 | ==10333== overflow in your program's main thread (unlikely but | ||
21 | ==10333== possible), you can try to increase the size of the | ||
22 | ==10333== main thread stack using the --main-stacksize= flag. | ||
23 | ==10333== The main thread stack size used in this run was 16777216. | ||
24 | ==10333== | ||
25 | ==10333== HEAP SUMMARY: | ||
26 | ==10333== in use at exit: 0 bytes in 0 blocks | ||
27 | ==10333== total heap usage: 0 allocs, 0 frees, 0 bytes allocated | ||
28 | ==10333== | ||
29 | ==10333== All heap blocks were freed -- no leaks are possible | ||
30 | ==10333== | ||
31 | ==10333== For counts of detected and suppressed errors, rerun with: -v | ||
32 | ==10333== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 11 from 6)</valgrind> | ||
33 | <history><epoch step="0" > | ||
34 | <trace><function name="badMemoryAccess" line="9" file="bug_bad_memory_access.c" depth="0" > | ||
35 | <expressions><expression name="*p" > | ||
36 | Not Evaluated</expression> | ||
37 | <expression name="printf("Bad memory access now!\n")" > | ||
38 | Not Evaluated</expression> | ||
39 | <expression name="0x4252352" > | ||
40 | 69542738</expression> | ||
41 | </expressions> | ||
42 | </function> | ||
43 | <function name="main" line="14" file="bug_bad_memory_access.c" depth="1" > | ||
44 | <expressions><expression name="badMemoryAccess()" > | ||
45 | Not Evaluated</expression> | ||
46 | <expression name="argv" > | ||
47 | 0xbfffecb4</expression> | ||
48 | <expression name="argc" > | ||
49 | 1</expression> | ||
50 | </expressions> | ||
51 | </function> | ||
52 | </trace> | ||
53 | </epoch> | ||
54 | <epoch step="1" > | ||
55 | <trace><function name="badMemoryAccess" line="8" file="bug_bad_memory_access.c" depth="0" > | ||
56 | <expressions><expression name="printf("Bad memory access now!\n")" > | ||
57 | Not Evaluated</expression> | ||
58 | <expression name="0x4252352" > | ||
59 | 69542738</expression> | ||
60 | </expressions> | ||
61 | </function> | ||
62 | <function name="main" line="14" file="bug_bad_memory_access.c" depth="1" > | ||
63 | <expressions><expression name="badMemoryAccess()" > | ||
64 | Not Evaluated</expression> | ||
65 | <expression name="argv" > | ||
66 | 0xbfffecb4</expression> | ||
67 | <expression name="argc" > | ||
68 | 1</expression> | ||
69 | </expressions> | ||
70 | </function> | ||
71 | </trace> | ||
72 | </epoch> | ||
73 | <epoch step="2" > | ||
74 | <trace><function name="badMemoryAccess" line="7" file="bug_bad_memory_access.c" depth="0" > | ||
75 | <expressions><expression name="0x4252352" > | ||
76 | 69542738</expression> | ||
77 | </expressions> | ||
78 | </function> | ||
79 | <function name="main" line="14" file="bug_bad_memory_access.c" depth="1" > | ||
80 | <expressions><expression name="badMemoryAccess()" > | ||
81 | Not Evaluated</expression> | ||
82 | <expression name="argv" > | ||
83 | 0xbfffecb4</expression> | ||
84 | <expression name="argc" > | ||
85 | 1</expression> | ||
86 | </expressions> | ||
87 | </function> | ||
88 | </trace> | ||
89 | </epoch> | ||
90 | <epoch step="3" > | ||
91 | <trace><function name="main" line="14" file="bug_bad_memory_access.c" depth="0" > | ||
92 | <expressions><expression name="badMemoryAccess()" > | ||
93 | Not Evaluated</expression> | ||
94 | <expression name="argv" > | ||
95 | 0xbfffecb4</expression> | ||
96 | <expression name="argc" > | ||
97 | 1</expression> | ||
98 | </expressions> | ||
99 | </function> | ||
100 | </trace> | ||
101 | </epoch> | ||
102 | </history> | ||
103 | </crash> | ||
diff --git a/pathologist/refs/reports/ref_bt_bug_division_by_zero_depth_1.xml b/pathologist/refs/reports/ref_bt_bug_division_by_zero_depth_1.xml new file mode 100644 index 0000000..7ae29ed --- /dev/null +++ b/pathologist/refs/reports/ref_bt_bug_division_by_zero_depth_1.xml | |||
@@ -0,0 +1,264 @@ | |||
1 | <?xml version="1.0"?> | ||
2 | <crash category="Division By Zero" function="main" line="14" file="bug_division_by_zero_loop.c" > | ||
3 | <history><epoch step="0" > | ||
4 | <trace><function name="main" line="14" file="bug_division_by_zero_loop.c" depth="0" > | ||
5 | <expressions><expression name="printf("result = %d\n",result)" > | ||
6 | Not Evaluated</expression> | ||
7 | <expression name="result/k" > | ||
8 | Not Evaluated</expression> | ||
9 | <expression name="i<5" > | ||
10 | 1</expression> | ||
11 | <expression name="i" > | ||
12 | 1</expression> | ||
13 | <expression name="printf("I am alive!\n")" > | ||
14 | Not Evaluated</expression> | ||
15 | <expression name="result" > | ||
16 | -10</expression> | ||
17 | <expression name="-1" > | ||
18 | -1</expression> | ||
19 | <expression name="k" > | ||
20 | 0</expression> | ||
21 | <expression name="argv" > | ||
22 | 0xbfffecb4</expression> | ||
23 | <expression name="argc" > | ||
24 | 1</expression> | ||
25 | </expressions> | ||
26 | </function> | ||
27 | </trace> | ||
28 | </epoch> | ||
29 | <epoch step="1" > | ||
30 | <trace><function name="main" line="13" file="bug_division_by_zero_loop.c" depth="0" > | ||
31 | <expressions><expression name="printf("result = %d\n",result)" > | ||
32 | Not Evaluated</expression> | ||
33 | <expression name="result/k" > | ||
34 | 10</expression> | ||
35 | <expression name="i<5" > | ||
36 | 1</expression> | ||
37 | <expression name="i" > | ||
38 | 1</expression> | ||
39 | <expression name="printf("I am alive!\n")" > | ||
40 | Not Evaluated</expression> | ||
41 | <expression name="result" > | ||
42 | -10</expression> | ||
43 | <expression name="-1" > | ||
44 | -1</expression> | ||
45 | <expression name="k" > | ||
46 | -1</expression> | ||
47 | <expression name="argv" > | ||
48 | 0xbfffecb4</expression> | ||
49 | <expression name="argc" > | ||
50 | 1</expression> | ||
51 | </expressions> | ||
52 | </function> | ||
53 | </trace> | ||
54 | </epoch> | ||
55 | <epoch step="2" > | ||
56 | <trace><function name="main" line="11" file="bug_division_by_zero_loop.c" depth="0" > | ||
57 | <expressions><expression name="printf("result = %d\n",result)" > | ||
58 | Not Evaluated</expression> | ||
59 | <expression name="result/k" > | ||
60 | 10</expression> | ||
61 | <expression name="i<5" > | ||
62 | 1</expression> | ||
63 | <expression name="i" > | ||
64 | 0</expression> | ||
65 | <expression name="printf("I am alive!\n")" > | ||
66 | Not Evaluated</expression> | ||
67 | <expression name="result" > | ||
68 | -10</expression> | ||
69 | <expression name="-1" > | ||
70 | -1</expression> | ||
71 | <expression name="k" > | ||
72 | -1</expression> | ||
73 | <expression name="argv" > | ||
74 | 0xbfffecb4</expression> | ||
75 | <expression name="argc" > | ||
76 | 1</expression> | ||
77 | </expressions> | ||
78 | </function> | ||
79 | </trace> | ||
80 | </epoch> | ||
81 | <epoch step="3" > | ||
82 | <trace><function name="main" line="15" file="bug_division_by_zero_loop.c" depth="0" > | ||
83 | <expressions><expression name="printf("result = %d\n",result)" > | ||
84 | Not Evaluated</expression> | ||
85 | <expression name="result/k" > | ||
86 | 10</expression> | ||
87 | <expression name="i<5" > | ||
88 | 1</expression> | ||
89 | <expression name="i" > | ||
90 | 0</expression> | ||
91 | <expression name="printf("I am alive!\n")" > | ||
92 | Not Evaluated</expression> | ||
93 | <expression name="result" > | ||
94 | -10</expression> | ||
95 | <expression name="-1" > | ||
96 | -1</expression> | ||
97 | <expression name="k" > | ||
98 | -1</expression> | ||
99 | <expression name="argv" > | ||
100 | 0xbfffecb4</expression> | ||
101 | <expression name="argc" > | ||
102 | 1</expression> | ||
103 | </expressions> | ||
104 | </function> | ||
105 | </trace> | ||
106 | </epoch> | ||
107 | <epoch step="4" > | ||
108 | <trace><function name="main" line="14" file="bug_division_by_zero_loop.c" depth="0" > | ||
109 | <expressions><expression name="printf("result = %d\n",result)" > | ||
110 | Not Evaluated</expression> | ||
111 | <expression name="result/k" > | ||
112 | -10</expression> | ||
113 | <expression name="i<5" > | ||
114 | 1</expression> | ||
115 | <expression name="i" > | ||
116 | 0</expression> | ||
117 | <expression name="printf("I am alive!\n")" > | ||
118 | Not Evaluated</expression> | ||
119 | <expression name="result" > | ||
120 | 10</expression> | ||
121 | <expression name="-1" > | ||
122 | -1</expression> | ||
123 | <expression name="k" > | ||
124 | -1</expression> | ||
125 | <expression name="argv" > | ||
126 | 0xbfffecb4</expression> | ||
127 | <expression name="argc" > | ||
128 | 1</expression> | ||
129 | </expressions> | ||
130 | </function> | ||
131 | </trace> | ||
132 | </epoch> | ||
133 | <epoch step="5" > | ||
134 | <trace><function name="main" line="13" file="bug_division_by_zero_loop.c" depth="0" > | ||
135 | <expressions><expression name="printf("result = %d\n",result)" > | ||
136 | Not Evaluated</expression> | ||
137 | <expression name="result/k" > | ||
138 | -10</expression> | ||
139 | <expression name="i<5" > | ||
140 | 1</expression> | ||
141 | <expression name="i" > | ||
142 | 0</expression> | ||
143 | <expression name="printf("I am alive!\n")" > | ||
144 | Not Evaluated</expression> | ||
145 | <expression name="result" > | ||
146 | 10</expression> | ||
147 | <expression name="-1" > | ||
148 | -1</expression> | ||
149 | <expression name="k" > | ||
150 | -1</expression> | ||
151 | <expression name="argv" > | ||
152 | 0xbfffecb4</expression> | ||
153 | <expression name="argc" > | ||
154 | 1</expression> | ||
155 | </expressions> | ||
156 | </function> | ||
157 | </trace> | ||
158 | </epoch> | ||
159 | <epoch step="6" > | ||
160 | <trace><function name="main" line="11" file="bug_division_by_zero_loop.c" depth="0" > | ||
161 | <expressions><expression name="printf("result = %d\n",result)" > | ||
162 | Not Evaluated</expression> | ||
163 | <expression name="result/k" > | ||
164 | -10</expression> | ||
165 | <expression name="i<5" > | ||
166 | 0</expression> | ||
167 | <expression name="i" > | ||
168 | 1075441652</expression> | ||
169 | <expression name="printf("I am alive!\n")" > | ||
170 | Not Evaluated</expression> | ||
171 | <expression name="result" > | ||
172 | 10</expression> | ||
173 | <expression name="-1" > | ||
174 | -1</expression> | ||
175 | <expression name="k" > | ||
176 | -1</expression> | ||
177 | <expression name="argv" > | ||
178 | 0xbfffecb4</expression> | ||
179 | <expression name="argc" > | ||
180 | 1</expression> | ||
181 | </expressions> | ||
182 | </function> | ||
183 | </trace> | ||
184 | </epoch> | ||
185 | <epoch step="7" > | ||
186 | <trace><function name="main" line="10" file="bug_division_by_zero_loop.c" depth="0" > | ||
187 | <expressions><expression name="printf("result = %d\n",result)" > | ||
188 | Not Evaluated</expression> | ||
189 | <expression name="result/k" > | ||
190 | -10</expression> | ||
191 | <expression name="i<5" > | ||
192 | 0</expression> | ||
193 | <expression name="i" > | ||
194 | 1075441652</expression> | ||
195 | <expression name="printf("I am alive!\n")" > | ||
196 | Not Evaluated</expression> | ||
197 | <expression name="result" > | ||
198 | 10</expression> | ||
199 | <expression name="-1" > | ||
200 | -1</expression> | ||
201 | <expression name="k" > | ||
202 | -1</expression> | ||
203 | <expression name="argv" > | ||
204 | 0xbfffecb4</expression> | ||
205 | <expression name="argc" > | ||
206 | 1</expression> | ||
207 | </expressions> | ||
208 | </function> | ||
209 | </trace> | ||
210 | </epoch> | ||
211 | <epoch step="8" > | ||
212 | <trace><function name="main" line="8" file="bug_division_by_zero_loop.c" depth="0" > | ||
213 | <expressions><expression name="printf("result = %d\n",result)" > | ||
214 | Not Evaluated</expression> | ||
215 | <expression name="result/k" > | ||
216 | -1073801840</expression> | ||
217 | <expression name="i<5" > | ||
218 | 0</expression> | ||
219 | <expression name="i" > | ||
220 | 1075441652</expression> | ||
221 | <expression name="printf("I am alive!\n")" > | ||
222 | Not Evaluated</expression> | ||
223 | <expression name="result" > | ||
224 | 1073801840</expression> | ||
225 | <expression name="-1" > | ||
226 | -1</expression> | ||
227 | <expression name="k" > | ||
228 | -1</expression> | ||
229 | <expression name="argv" > | ||
230 | 0xbfffecb4</expression> | ||
231 | <expression name="argc" > | ||
232 | 1</expression> | ||
233 | </expressions> | ||
234 | </function> | ||
235 | </trace> | ||
236 | </epoch> | ||
237 | <epoch step="9" > | ||
238 | <trace><function name="main" line="7" file="bug_division_by_zero_loop.c" depth="0" > | ||
239 | <expressions><expression name="printf("result = %d\n",result)" > | ||
240 | Not Evaluated</expression> | ||
241 | <expression name="result/k" > | ||
242 | 7</expression> | ||
243 | <expression name="i<5" > | ||
244 | 0</expression> | ||
245 | <expression name="i" > | ||
246 | 1075441652</expression> | ||
247 | <expression name="printf("I am alive!\n")" > | ||
248 | Not Evaluated</expression> | ||
249 | <expression name="result" > | ||
250 | 1073801840</expression> | ||
251 | <expression name="-1" > | ||
252 | -1</expression> | ||
253 | <expression name="k" > | ||
254 | 134513787</expression> | ||
255 | <expression name="argv" > | ||
256 | 0xbfffecb4</expression> | ||
257 | <expression name="argc" > | ||
258 | 1</expression> | ||
259 | </expressions> | ||
260 | </function> | ||
261 | </trace> | ||
262 | </epoch> | ||
263 | </history> | ||
264 | </crash> | ||
diff --git a/pathologist/refs/reports/ref_bt_bug_division_by_zero_nodepth.xml b/pathologist/refs/reports/ref_bt_bug_division_by_zero_nodepth.xml new file mode 100644 index 0000000..408cb81 --- /dev/null +++ b/pathologist/refs/reports/ref_bt_bug_division_by_zero_nodepth.xml | |||
@@ -0,0 +1,130 @@ | |||
1 | <?xml version="1.0"?> | ||
2 | <crash category="Division By Zero" function="main" line="14" file="bug_division_by_zero_loop.c" > | ||
3 | <history><epoch step="0" > | ||
4 | <trace><function name="main" line="14" file="bug_division_by_zero_loop.c" depth="0" > | ||
5 | <expressions><expression name="result/k" > | ||
6 | Not Evaluated</expression> | ||
7 | <expression name="i<5" > | ||
8 | 1</expression> | ||
9 | <expression name="i" > | ||
10 | 1</expression> | ||
11 | </expressions> | ||
12 | </function> | ||
13 | </trace> | ||
14 | </epoch> | ||
15 | <epoch step="1" > | ||
16 | <trace><function name="main" line="13" file="bug_division_by_zero_loop.c" depth="0" > | ||
17 | <expressions><expression name="i<5" > | ||
18 | 1</expression> | ||
19 | <expression name="i" > | ||
20 | 1</expression> | ||
21 | </expressions> | ||
22 | </function> | ||
23 | </trace> | ||
24 | </epoch> | ||
25 | <epoch step="2" > | ||
26 | <trace><function name="main" line="11" file="bug_division_by_zero_loop.c" depth="0" > | ||
27 | <expressions><expression name="i<5" > | ||
28 | 1</expression> | ||
29 | <expression name="i" > | ||
30 | 0</expression> | ||
31 | </expressions> | ||
32 | </function> | ||
33 | </trace> | ||
34 | </epoch> | ||
35 | <epoch step="3" > | ||
36 | <trace><function name="main" line="15" file="bug_division_by_zero_loop.c" depth="0" > | ||
37 | <expressions><expression name="printf("result = %d\n",result)" > | ||
38 | Not Evaluated</expression> | ||
39 | <expression name="result/k" > | ||
40 | 10</expression> | ||
41 | <expression name="i<5" > | ||
42 | 1</expression> | ||
43 | <expression name="i" > | ||
44 | 0</expression> | ||
45 | </expressions> | ||
46 | </function> | ||
47 | </trace> | ||
48 | </epoch> | ||
49 | <epoch step="4" > | ||
50 | <trace><function name="main" line="14" file="bug_division_by_zero_loop.c" depth="0" > | ||
51 | <expressions><expression name="result/k" > | ||
52 | -10</expression> | ||
53 | <expression name="i<5" > | ||
54 | 1</expression> | ||
55 | <expression name="i" > | ||
56 | 0</expression> | ||
57 | </expressions> | ||
58 | </function> | ||
59 | </trace> | ||
60 | </epoch> | ||
61 | <epoch step="5" > | ||
62 | <trace><function name="main" line="13" file="bug_division_by_zero_loop.c" depth="0" > | ||
63 | <expressions><expression name="i<5" > | ||
64 | 1</expression> | ||
65 | <expression name="i" > | ||
66 | 0</expression> | ||
67 | </expressions> | ||
68 | </function> | ||
69 | </trace> | ||
70 | </epoch> | ||
71 | <epoch step="6" > | ||
72 | <trace><function name="main" line="11" file="bug_division_by_zero_loop.c" depth="0" > | ||
73 | <expressions><expression name="i<5" > | ||
74 | 0</expression> | ||
75 | <expression name="i" > | ||
76 | 1075441652</expression> | ||
77 | </expressions> | ||
78 | </function> | ||
79 | </trace> | ||
80 | </epoch> | ||
81 | <epoch step="7" > | ||
82 | <trace><function name="main" line="10" file="bug_division_by_zero_loop.c" depth="0" > | ||
83 | <expressions><expression name="printf("I am alive!\n")" > | ||
84 | Not Evaluated</expression> | ||
85 | <expression name="result" > | ||
86 | 10</expression> | ||
87 | <expression name="-1" > | ||
88 | -1</expression> | ||
89 | <expression name="k" > | ||
90 | -1</expression> | ||
91 | <expression name="argv" > | ||
92 | 0xbfffecb4</expression> | ||
93 | <expression name="argc" > | ||
94 | 1</expression> | ||
95 | </expressions> | ||
96 | </function> | ||
97 | </trace> | ||
98 | </epoch> | ||
99 | <epoch step="8" > | ||
100 | <trace><function name="main" line="8" file="bug_division_by_zero_loop.c" depth="0" > | ||
101 | <expressions><expression name="result" > | ||
102 | 1073801840</expression> | ||
103 | <expression name="-1" > | ||
104 | -1</expression> | ||
105 | <expression name="k" > | ||
106 | -1</expression> | ||
107 | <expression name="argv" > | ||
108 | 0xbfffecb4</expression> | ||
109 | <expression name="argc" > | ||
110 | 1</expression> | ||
111 | </expressions> | ||
112 | </function> | ||
113 | </trace> | ||
114 | </epoch> | ||
115 | <epoch step="9" > | ||
116 | <trace><function name="main" line="7" file="bug_division_by_zero_loop.c" depth="0" > | ||
117 | <expressions><expression name="-1" > | ||
118 | -1</expression> | ||
119 | <expression name="k" > | ||
120 | 134513787</expression> | ||
121 | <expression name="argv" > | ||
122 | 0xbfffecb4</expression> | ||
123 | <expression name="argc" > | ||
124 | 1</expression> | ||
125 | </expressions> | ||
126 | </function> | ||
127 | </trace> | ||
128 | </epoch> | ||
129 | </history> | ||
130 | </crash> | ||
diff --git a/pathologist/refs/reports/ref_bt_bug_null_pointer_exception.xml b/pathologist/refs/reports/ref_bt_bug_null_pointer_exception.xml new file mode 100644 index 0000000..aca18f3 --- /dev/null +++ b/pathologist/refs/reports/ref_bt_bug_null_pointer_exception.xml | |||
@@ -0,0 +1,79 @@ | |||
1 | <?xml version="1.0"?> | ||
2 | <crash category="npe" function="crashFunction" line="14" file="bug_null_pointer_exception.c" > | ||
3 | <history><epoch step="0" > | ||
4 | <trace><function name="crashFunction" line="14" file="bug_null_pointer_exception.c" depth="0" > | ||
5 | <expressions><expression name="crashStruct->crashValue" > | ||
6 | Not Evaluated</expression> | ||
7 | <expression name="printf("Now the program will crash!\n")" > | ||
8 | Not Evaluated</expression> | ||
9 | <expression name="NULL" > | ||
10 | 0x0</expression> | ||
11 | <expression name="crashStruct" > | ||
12 | 0x0</expression> | ||
13 | </expressions> | ||
14 | </function> | ||
15 | <function name="main" line="19" file="bug_null_pointer_exception.c" depth="1" > | ||
16 | <expressions><expression name="crashFunction()" > | ||
17 | Not Evaluated</expression> | ||
18 | <expression name="argv" > | ||
19 | 0xbfffece4</expression> | ||
20 | <expression name="argc" > | ||
21 | 1</expression> | ||
22 | </expressions> | ||
23 | </function> | ||
24 | </trace> | ||
25 | </epoch> | ||
26 | <epoch step="1" > | ||
27 | <trace><function name="crashFunction" line="13" file="bug_null_pointer_exception.c" depth="0" > | ||
28 | <expressions><expression name="printf("Now the program will crash!\n")" > | ||
29 | Not Evaluated</expression> | ||
30 | <expression name="NULL" > | ||
31 | 0x0</expression> | ||
32 | <expression name="crashStruct" > | ||
33 | 0x0</expression> | ||
34 | </expressions> | ||
35 | </function> | ||
36 | <function name="main" line="19" file="bug_null_pointer_exception.c" depth="1" > | ||
37 | <expressions><expression name="crashFunction()" > | ||
38 | Not Evaluated</expression> | ||
39 | <expression name="argv" > | ||
40 | 0xbfffece4</expression> | ||
41 | <expression name="argc" > | ||
42 | 1</expression> | ||
43 | </expressions> | ||
44 | </function> | ||
45 | </trace> | ||
46 | </epoch> | ||
47 | <epoch step="2" > | ||
48 | <trace><function name="crashFunction" line="12" file="bug_null_pointer_exception.c" depth="0" > | ||
49 | <expressions><expression name="NULL" > | ||
50 | 0x0</expression> | ||
51 | <expression name="crashStruct" > | ||
52 | 0xbfffec38</expression> | ||
53 | </expressions> | ||
54 | </function> | ||
55 | <function name="main" line="19" file="bug_null_pointer_exception.c" depth="1" > | ||
56 | <expressions><expression name="crashFunction()" > | ||
57 | Not Evaluated</expression> | ||
58 | <expression name="argv" > | ||
59 | 0xbfffece4</expression> | ||
60 | <expression name="argc" > | ||
61 | 1</expression> | ||
62 | </expressions> | ||
63 | </function> | ||
64 | </trace> | ||
65 | </epoch> | ||
66 | <epoch step="3" > | ||
67 | <trace><function name="main" line="19" file="bug_null_pointer_exception.c" depth="0" > | ||
68 | <expressions><expression name="crashFunction()" > | ||
69 | Not Evaluated</expression> | ||
70 | <expression name="argv" > | ||
71 | 0xbfffece4</expression> | ||
72 | <expression name="argc" > | ||
73 | 1</expression> | ||
74 | </expressions> | ||
75 | </function> | ||
76 | </trace> | ||
77 | </epoch> | ||
78 | </history> | ||
79 | </crash> | ||
diff --git a/pathologist/refs/reports/ref_bt_bug_null_pointer_exception_modified.xml b/pathologist/refs/reports/ref_bt_bug_null_pointer_exception_modified.xml new file mode 100644 index 0000000..b22f5ad --- /dev/null +++ b/pathologist/refs/reports/ref_bt_bug_null_pointer_exception_modified.xml | |||
@@ -0,0 +1,197 @@ | |||
1 | <?xml version="1.0"?> | ||
2 | <crash category="npe" function="crashFunction" line="20" file="bug_null_pointer_exception_modified.c" > | ||
3 | <history><epoch step="0" > | ||
4 | <trace><function name="crashFunction" line="20" file="bug_null_pointer_exception_modified.c" depth="0" > | ||
5 | <expressions><expression name="crashStruct->crashValue" > | ||
6 | Not Evaluated</expression> | ||
7 | <expression name="printf("Now the program will crash!\n")" > | ||
8 | Not Evaluated</expression> | ||
9 | <expression name="NULL" > | ||
10 | 0x0</expression> | ||
11 | <expression name="crashStruct" > | ||
12 | 0x0</expression> | ||
13 | <expression name="a+b" > | ||
14 | 8</expression> | ||
15 | <expression name="c" > | ||
16 | 8</expression> | ||
17 | <expression name="b" > | ||
18 | 5</expression> | ||
19 | <expression name="a" > | ||
20 | 3</expression> | ||
21 | </expressions> | ||
22 | </function> | ||
23 | <function name="intermediateFunction" line="25" file="bug_null_pointer_exception_modified.c" depth="1" > | ||
24 | <expressions><expression name="crashFunction()" > | ||
25 | Not Evaluated</expression> | ||
26 | </expressions> | ||
27 | </function> | ||
28 | <function name="main" line="30" file="bug_null_pointer_exception_modified.c" depth="2" > | ||
29 | <expressions><expression name="intermediateFunction()" > | ||
30 | Not Evaluated</expression> | ||
31 | <expression name="argv" > | ||
32 | 0xbfffecd4</expression> | ||
33 | <expression name="argc" > | ||
34 | 1</expression> | ||
35 | </expressions> | ||
36 | </function> | ||
37 | </trace> | ||
38 | </epoch> | ||
39 | <epoch step="1" > | ||
40 | <trace><function name="crashFunction" line="19" file="bug_null_pointer_exception_modified.c" depth="0" > | ||
41 | <expressions><expression name="printf("Now the program will crash!\n")" > | ||
42 | Not Evaluated</expression> | ||
43 | <expression name="NULL" > | ||
44 | 0x0</expression> | ||
45 | <expression name="crashStruct" > | ||
46 | 0x0</expression> | ||
47 | <expression name="a+b" > | ||
48 | 8</expression> | ||
49 | <expression name="c" > | ||
50 | 8</expression> | ||
51 | <expression name="b" > | ||
52 | 5</expression> | ||
53 | <expression name="a" > | ||
54 | 3</expression> | ||
55 | </expressions> | ||
56 | </function> | ||
57 | <function name="intermediateFunction" line="25" file="bug_null_pointer_exception_modified.c" depth="1" > | ||
58 | <expressions><expression name="crashFunction()" > | ||
59 | Not Evaluated</expression> | ||
60 | </expressions> | ||
61 | </function> | ||
62 | <function name="main" line="30" file="bug_null_pointer_exception_modified.c" depth="2" > | ||
63 | <expressions><expression name="intermediateFunction()" > | ||
64 | Not Evaluated</expression> | ||
65 | <expression name="argv" > | ||
66 | 0xbfffecd4</expression> | ||
67 | <expression name="argc" > | ||
68 | 1</expression> | ||
69 | </expressions> | ||
70 | </function> | ||
71 | </trace> | ||
72 | </epoch> | ||
73 | <epoch step="2" > | ||
74 | <trace><function name="crashFunction" line="18" file="bug_null_pointer_exception_modified.c" depth="0" > | ||
75 | <expressions><expression name="NULL" > | ||
76 | 0x0</expression> | ||
77 | <expression name="crashStruct" > | ||
78 | 0xb7fc0ff4</expression> | ||
79 | <expression name="a+b" > | ||
80 | 8</expression> | ||
81 | <expression name="c" > | ||
82 | 8</expression> | ||
83 | <expression name="b" > | ||
84 | 5</expression> | ||
85 | <expression name="a" > | ||
86 | 3</expression> | ||
87 | </expressions> | ||
88 | </function> | ||
89 | <function name="intermediateFunction" line="25" file="bug_null_pointer_exception_modified.c" depth="1" > | ||
90 | <expressions><expression name="crashFunction()" > | ||
91 | Not Evaluated</expression> | ||
92 | </expressions> | ||
93 | </function> | ||
94 | <function name="main" line="30" file="bug_null_pointer_exception_modified.c" depth="2" > | ||
95 | <expressions><expression name="intermediateFunction()" > | ||
96 | Not Evaluated</expression> | ||
97 | <expression name="argv" > | ||
98 | 0xbfffecd4</expression> | ||
99 | <expression name="argc" > | ||
100 | 1</expression> | ||
101 | </expressions> | ||
102 | </function> | ||
103 | </trace> | ||
104 | </epoch> | ||
105 | <epoch step="3" > | ||
106 | <trace><function name="crashFunction" line="17" file="bug_null_pointer_exception_modified.c" depth="0" > | ||
107 | <expressions><expression name="a+b" > | ||
108 | 8</expression> | ||
109 | <expression name="c" > | ||
110 | 134520820</expression> | ||
111 | <expression name="b" > | ||
112 | 5</expression> | ||
113 | <expression name="a" > | ||
114 | 3</expression> | ||
115 | </expressions> | ||
116 | </function> | ||
117 | <function name="intermediateFunction" line="25" file="bug_null_pointer_exception_modified.c" depth="1" > | ||
118 | <expressions><expression name="crashFunction()" > | ||
119 | Not Evaluated</expression> | ||
120 | </expressions> | ||
121 | </function> | ||
122 | <function name="main" line="30" file="bug_null_pointer_exception_modified.c" depth="2" > | ||
123 | <expressions><expression name="intermediateFunction()" > | ||
124 | Not Evaluated</expression> | ||
125 | <expression name="argv" > | ||
126 | 0xbfffecd4</expression> | ||
127 | <expression name="argc" > | ||
128 | 1</expression> | ||
129 | </expressions> | ||
130 | </function> | ||
131 | </trace> | ||
132 | </epoch> | ||
133 | <epoch step="4" > | ||
134 | <trace><function name="crashFunction" line="16" file="bug_null_pointer_exception_modified.c" depth="0" > | ||
135 | <expressions><expression name="b" > | ||
136 | -1073746904</expression> | ||
137 | <expression name="a" > | ||
138 | 3</expression> | ||
139 | </expressions> | ||
140 | </function> | ||
141 | <function name="intermediateFunction" line="25" file="bug_null_pointer_exception_modified.c" depth="1" > | ||
142 | <expressions><expression name="crashFunction()" > | ||
143 | Not Evaluated</expression> | ||
144 | </expressions> | ||
145 | </function> | ||
146 | <function name="main" line="30" file="bug_null_pointer_exception_modified.c" depth="2" > | ||
147 | <expressions><expression name="intermediateFunction()" > | ||
148 | Not Evaluated</expression> | ||
149 | <expression name="argv" > | ||
150 | 0xbfffecd4</expression> | ||
151 | <expression name="argc" > | ||
152 | 1</expression> | ||
153 | </expressions> | ||
154 | </function> | ||
155 | </trace> | ||
156 | </epoch> | ||
157 | <epoch step="5" > | ||
158 | <trace><function name="crashFunction" line="15" file="bug_null_pointer_exception_modified.c" depth="0" > | ||
159 | <expressions><expression name="a" > | ||
160 | 134513721</expression> | ||
161 | </expressions> | ||
162 | </function> | ||
163 | <function name="intermediateFunction" line="25" file="bug_null_pointer_exception_modified.c" depth="1" > | ||
164 | <expressions><expression name="crashFunction()" > | ||
165 | Not Evaluated</expression> | ||
166 | </expressions> | ||
167 | </function> | ||
168 | <function name="main" line="30" file="bug_null_pointer_exception_modified.c" depth="2" > | ||
169 | <expressions><expression name="intermediateFunction()" > | ||
170 | Not Evaluated</expression> | ||
171 | <expression name="argv" > | ||
172 | 0xbfffecd4</expression> | ||
173 | <expression name="argc" > | ||
174 | 1</expression> | ||
175 | </expressions> | ||
176 | </function> | ||
177 | </trace> | ||
178 | </epoch> | ||
179 | <epoch step="6" > | ||
180 | <trace><function name="intermediateFunction" line="25" file="bug_null_pointer_exception_modified.c" depth="0" > | ||
181 | <expressions><expression name="crashFunction()" > | ||
182 | Not Evaluated</expression> | ||
183 | </expressions> | ||
184 | </function> | ||
185 | <function name="main" line="30" file="bug_null_pointer_exception_modified.c" depth="1" > | ||
186 | <expressions><expression name="intermediateFunction()" > | ||
187 | Not Evaluated</expression> | ||
188 | <expression name="argv" > | ||
189 | 0xbfffecd4</expression> | ||
190 | <expression name="argc" > | ||
191 | 1</expression> | ||
192 | </expressions> | ||
193 | </function> | ||
194 | </trace> | ||
195 | </epoch> | ||
196 | </history> | ||
197 | </crash> | ||
diff --git a/pathologist/refs/reports/ref_bug_assertion_failure.xml b/pathologist/refs/reports/ref_bug_assertion_failure.xml new file mode 100644 index 0000000..6117765 --- /dev/null +++ b/pathologist/refs/reports/ref_bug_assertion_failure.xml | |||
@@ -0,0 +1,27 @@ | |||
1 | <?xml version="1.0"?> | ||
2 | <crash category="Assertion Failure" function="assertionFailure" line="9" file="bug_assertion_failure.c" > | ||
3 | <history><epoch step="0" > | ||
4 | <trace><function name="assertionFailure" line="9" file="bug_assertion_failure.c" depth="0" > | ||
5 | <expressions><expression name="assert(x<4)" > | ||
6 | Not Evaluated</expression> | ||
7 | <expression name="x<4" > | ||
8 | 0</expression> | ||
9 | <expression name="printf("Assertion Failure Now!\n")" > | ||
10 | Not Evaluated</expression> | ||
11 | <expression name="x" > | ||
12 | 5</expression> | ||
13 | </expressions> | ||
14 | </function> | ||
15 | <function name="main" line="14" file="bug_assertion_failure.c" depth="1" > | ||
16 | <expressions><expression name="assertionFailure()" > | ||
17 | Not Evaluated</expression> | ||
18 | <expression name="argv" > | ||
19 | 0xbfffecf4</expression> | ||
20 | <expression name="argc" > | ||
21 | 1</expression> | ||
22 | </expressions> | ||
23 | </function> | ||
24 | </trace> | ||
25 | </epoch> | ||
26 | </history> | ||
27 | </crash> | ||
diff --git a/pathologist/refs/reports/ref_bug_bad_food.xml b/pathologist/refs/reports/ref_bug_bad_food.xml new file mode 100644 index 0000000..485a4e0 --- /dev/null +++ b/pathologist/refs/reports/ref_bug_bad_food.xml | |||
@@ -0,0 +1,46 @@ | |||
1 | <?xml version="1.0"?> | ||
2 | <crash category="Bad memory access" function="main" line="8" file="bug_bad_food.c" > | ||
3 | <valgrind>==563== Memcheck, a memory error detector | ||
4 | ==563== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al. | ||
5 | ==563== Using Valgrind-3.6.1 and LibVEX; rerun with -h for copyright info | ||
6 | ==563== Command: ../../refs/src/bug_bad_food | ||
7 | ==563== Parent PID: 562 | ||
8 | ==563== | ||
9 | ==563== Invalid read of size 4 | ||
10 | ==563== at 0x804840D: main (bug_bad_food.c:8) | ||
11 | ==563== Address 0xbaadf00d is not stack'd, malloc'd or (recently) free'd | ||
12 | ==563== | ||
13 | ==563== | ||
14 | ==563== Process terminating with default action of signal 11 (SIGSEGV) | ||
15 | ==563== Access not within mapped region at address 0xBAADF00D | ||
16 | ==563== at 0x804840D: main (bug_bad_food.c:8) | ||
17 | ==563== If you believe this happened as a result of a stack | ||
18 | ==563== overflow in your program's main thread (unlikely but | ||
19 | ==563== possible), you can try to increase the size of the | ||
20 | ==563== main thread stack using the --main-stacksize= flag. | ||
21 | ==563== The main thread stack size used in this run was 16777216. | ||
22 | ==563== | ||
23 | ==563== HEAP SUMMARY: | ||
24 | ==563== in use at exit: 0 bytes in 0 blocks | ||
25 | ==563== total heap usage: 0 allocs, 0 frees, 0 bytes allocated | ||
26 | ==563== | ||
27 | ==563== All heap blocks were freed -- no leaks are possible | ||
28 | ==563== | ||
29 | ==563== For counts of detected and suppressed errors, rerun with: -v | ||
30 | ==563== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 11 from 6)</valgrind> | ||
31 | <history><epoch step="0" > | ||
32 | <trace><function name="main" line="8" file="bug_bad_food.c" depth="0" > | ||
33 | <expressions><expression name="NULL" > | ||
34 | 0x0</expression> | ||
35 | <expression name="0xBAADF00D" > | ||
36 | 3131961357</expression> | ||
37 | <expression name="argv" > | ||
38 | 0xbfffecc4</expression> | ||
39 | <expression name="argc" > | ||
40 | 1</expression> | ||
41 | </expressions> | ||
42 | </function> | ||
43 | </trace> | ||
44 | </epoch> | ||
45 | </history> | ||
46 | </crash> | ||
diff --git a/pathologist/refs/reports/ref_bug_bad_memory_access.xml b/pathologist/refs/reports/ref_bug_bad_memory_access.xml new file mode 100644 index 0000000..bee2441 --- /dev/null +++ b/pathologist/refs/reports/ref_bug_bad_memory_access.xml | |||
@@ -0,0 +1,55 @@ | |||
1 | <?xml version="1.0"?> | ||
2 | <crash category="Bad memory access" function="badMemoryAccess" line="9" file="bug_bad_memory_access.c" > | ||
3 | <valgrind>==10321== Memcheck, a memory error detector | ||
4 | ==10321== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al. | ||
5 | ==10321== Using Valgrind-3.6.1 and LibVEX; rerun with -h for copyright info | ||
6 | ==10321== Command: ../../refs/src/bug_bad_memory_access | ||
7 | ==10321== Parent PID: 10320 | ||
8 | ==10321== | ||
9 | ==10321== Invalid write of size 4 | ||
10 | ==10321== at 0x80483D0: badMemoryAccess (bug_bad_memory_access.c:9) | ||
11 | ==10321== by 0x80483E2: main (bug_bad_memory_access.c:14) | ||
12 | ==10321== Address 0x4252352 is not stack'd, malloc'd or (recently) free'd | ||
13 | ==10321== | ||
14 | ==10321== | ||
15 | ==10321== Process terminating with default action of signal 11 (SIGSEGV) | ||
16 | ==10321== Access not within mapped region at address 0x4252352 | ||
17 | ==10321== at 0x80483D0: badMemoryAccess (bug_bad_memory_access.c:9) | ||
18 | ==10321== by 0x80483E2: main (bug_bad_memory_access.c:14) | ||
19 | ==10321== If you believe this happened as a result of a stack | ||
20 | ==10321== overflow in your program's main thread (unlikely but | ||
21 | ==10321== possible), you can try to increase the size of the | ||
22 | ==10321== main thread stack using the --main-stacksize= flag. | ||
23 | ==10321== The main thread stack size used in this run was 16777216. | ||
24 | ==10321== | ||
25 | ==10321== HEAP SUMMARY: | ||
26 | ==10321== in use at exit: 0 bytes in 0 blocks | ||
27 | ==10321== total heap usage: 0 allocs, 0 frees, 0 bytes allocated | ||
28 | ==10321== | ||
29 | ==10321== All heap blocks were freed -- no leaks are possible | ||
30 | ==10321== | ||
31 | ==10321== For counts of detected and suppressed errors, rerun with: -v | ||
32 | ==10321== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 11 from 6)</valgrind> | ||
33 | <history><epoch step="0" > | ||
34 | <trace><function name="badMemoryAccess" line="9" file="bug_bad_memory_access.c" depth="0" > | ||
35 | <expressions><expression name="*p" > | ||
36 | Not Evaluated</expression> | ||
37 | <expression name="printf("Bad memory access now!\n")" > | ||
38 | Not Evaluated</expression> | ||
39 | <expression name="0x4252352" > | ||
40 | 69542738</expression> | ||
41 | </expressions> | ||
42 | </function> | ||
43 | <function name="main" line="14" file="bug_bad_memory_access.c" depth="1" > | ||
44 | <expressions><expression name="badMemoryAccess()" > | ||
45 | Not Evaluated</expression> | ||
46 | <expression name="argv" > | ||
47 | 0xbfffecb4</expression> | ||
48 | <expression name="argc" > | ||
49 | 1</expression> | ||
50 | </expressions> | ||
51 | </function> | ||
52 | </trace> | ||
53 | </epoch> | ||
54 | </history> | ||
55 | </crash> | ||
diff --git a/pathologist/refs/reports/ref_bug_division_by_zero_depth_1.xml b/pathologist/refs/reports/ref_bug_division_by_zero_depth_1.xml new file mode 100644 index 0000000..5095fd0 --- /dev/null +++ b/pathologist/refs/reports/ref_bug_division_by_zero_depth_1.xml | |||
@@ -0,0 +1,30 @@ | |||
1 | <?xml version="1.0"?> | ||
2 | <crash category="Division By Zero" function="main" line="14" file="bug_division_by_zero_loop.c" > | ||
3 | <history><epoch step="0" > | ||
4 | <trace><function name="main" line="14" file="bug_division_by_zero_loop.c" depth="0" > | ||
5 | <expressions><expression name="printf("result = %d\n",result)" > | ||
6 | Not Evaluated</expression> | ||
7 | <expression name="result/k" > | ||
8 | Not Evaluated</expression> | ||
9 | <expression name="i<5" > | ||
10 | 1</expression> | ||
11 | <expression name="i" > | ||
12 | 1</expression> | ||
13 | <expression name="printf("I am alive!\n")" > | ||
14 | Not Evaluated</expression> | ||
15 | <expression name="result" > | ||
16 | -10</expression> | ||
17 | <expression name="-1" > | ||
18 | -1</expression> | ||
19 | <expression name="k" > | ||
20 | 0</expression> | ||
21 | <expression name="argv" > | ||
22 | 0xbfffece4</expression> | ||
23 | <expression name="argc" > | ||
24 | 1</expression> | ||
25 | </expressions> | ||
26 | </function> | ||
27 | </trace> | ||
28 | </epoch> | ||
29 | </history> | ||
30 | </crash> | ||
diff --git a/pathologist/refs/reports/ref_bug_division_by_zero_depth_1000.xml b/pathologist/refs/reports/ref_bug_division_by_zero_depth_1000.xml new file mode 100644 index 0000000..5095fd0 --- /dev/null +++ b/pathologist/refs/reports/ref_bug_division_by_zero_depth_1000.xml | |||
@@ -0,0 +1,30 @@ | |||
1 | <?xml version="1.0"?> | ||
2 | <crash category="Division By Zero" function="main" line="14" file="bug_division_by_zero_loop.c" > | ||
3 | <history><epoch step="0" > | ||
4 | <trace><function name="main" line="14" file="bug_division_by_zero_loop.c" depth="0" > | ||
5 | <expressions><expression name="printf("result = %d\n",result)" > | ||
6 | Not Evaluated</expression> | ||
7 | <expression name="result/k" > | ||
8 | Not Evaluated</expression> | ||
9 | <expression name="i<5" > | ||
10 | 1</expression> | ||
11 | <expression name="i" > | ||
12 | 1</expression> | ||
13 | <expression name="printf("I am alive!\n")" > | ||
14 | Not Evaluated</expression> | ||
15 | <expression name="result" > | ||
16 | -10</expression> | ||
17 | <expression name="-1" > | ||
18 | -1</expression> | ||
19 | <expression name="k" > | ||
20 | 0</expression> | ||
21 | <expression name="argv" > | ||
22 | 0xbfffece4</expression> | ||
23 | <expression name="argc" > | ||
24 | 1</expression> | ||
25 | </expressions> | ||
26 | </function> | ||
27 | </trace> | ||
28 | </epoch> | ||
29 | </history> | ||
30 | </crash> | ||
diff --git a/pathologist/refs/reports/ref_bug_division_by_zero_nodepth.xml b/pathologist/refs/reports/ref_bug_division_by_zero_nodepth.xml new file mode 100644 index 0000000..5bf6472 --- /dev/null +++ b/pathologist/refs/reports/ref_bug_division_by_zero_nodepth.xml | |||
@@ -0,0 +1,16 @@ | |||
1 | <?xml version="1.0"?> | ||
2 | <crash category="Division By Zero" function="main" line="14" file="bug_division_by_zero_loop.c" > | ||
3 | <history><epoch step="0" > | ||
4 | <trace><function name="main" line="14" file="bug_division_by_zero_loop.c" depth="0" > | ||
5 | <expressions><expression name="result/k" > | ||
6 | Not Evaluated</expression> | ||
7 | <expression name="i<5" > | ||
8 | 1</expression> | ||
9 | <expression name="i" > | ||
10 | 1</expression> | ||
11 | </expressions> | ||
12 | </function> | ||
13 | </trace> | ||
14 | </epoch> | ||
15 | </history> | ||
16 | </crash> | ||
diff --git a/pathologist/refs/reports/ref_bug_null_pointer_exception.xml b/pathologist/refs/reports/ref_bug_null_pointer_exception.xml new file mode 100644 index 0000000..cced7bd --- /dev/null +++ b/pathologist/refs/reports/ref_bug_null_pointer_exception.xml | |||
@@ -0,0 +1,27 @@ | |||
1 | <?xml version="1.0"?> | ||
2 | <crash category="npe" function="crashFunction" line="14" file="bug_null_pointer_exception.c" > | ||
3 | <history><epoch step="0" > | ||
4 | <trace><function name="crashFunction" line="14" file="bug_null_pointer_exception.c" depth="0" > | ||
5 | <expressions><expression name="crashStruct->crashValue" > | ||
6 | Not Evaluated</expression> | ||
7 | <expression name="printf("Now the program will crash!\n")" > | ||
8 | Not Evaluated</expression> | ||
9 | <expression name="NULL" > | ||
10 | 0x0</expression> | ||
11 | <expression name="crashStruct" > | ||
12 | 0x0</expression> | ||
13 | </expressions> | ||
14 | </function> | ||
15 | <function name="main" line="19" file="bug_null_pointer_exception.c" depth="1" > | ||
16 | <expressions><expression name="crashFunction()" > | ||
17 | Not Evaluated</expression> | ||
18 | <expression name="argv" > | ||
19 | 0xbfffece4</expression> | ||
20 | <expression name="argc" > | ||
21 | 1</expression> | ||
22 | </expressions> | ||
23 | </function> | ||
24 | </trace> | ||
25 | </epoch> | ||
26 | </history> | ||
27 | </crash> | ||
diff --git a/pathologist/refs/src/Makefile.am b/pathologist/refs/src/Makefile.am new file mode 100644 index 0000000..63d622a --- /dev/null +++ b/pathologist/refs/src/Makefile.am | |||
@@ -0,0 +1,41 @@ | |||
1 | if MINGW | ||
2 | WINFLAGS = -Wl,--no-undefined -Wl,--export-all-symbols | ||
3 | endif | ||
4 | |||
5 | |||
6 | if USE_COVERAGE | ||
7 | AM_CFLAGS = --coverage -g -O0 | ||
8 | XLIB = -lgcov | ||
9 | else | ||
10 | AM_CFLAGS = -g -O0 | ||
11 | endif | ||
12 | |||
13 | |||
14 | noinst_PROGRAMS = | ||
15 | bug_null_pointer_exception \ | ||
16 | bug_bad_memory_access \ | ||
17 | bug_assertion_failure \ | ||
18 | bug_crypto_crc \ | ||
19 | bug_division_by_zero_loop \ | ||
20 | bug_null_pointer_exception_modified \ | ||
21 | bug_sigbus \ | ||
22 | bug_bad_food | ||
23 | |||
24 | check_PROGRAMS = \ | ||
25 | bug_null_pointer_exception \ | ||
26 | bug_bad_memory_access \ | ||
27 | bug_assertion_failure \ | ||
28 | bug_crypto_crc \ | ||
29 | bug_division_by_zero_loop \ | ||
30 | bug_null_pointer_exception_modified \ | ||
31 | bug_sigbus \ | ||
32 | bug_bad_food | ||
33 | |||
34 | bug_null_pointer_exception_SOURCES = bug_null_pointer_exception.c | ||
35 | bug_bad_memory_access_SOURCES = bug_bad_memory_access.c | ||
36 | bug_assertion_failure_SOURCES = bug_assertion_failure.c | ||
37 | bug_crypto_crc_SOURCES = bug_crypto_crc.c | ||
38 | bug_division_by_zero_loop_SOURCES = bug_division_by_zero_loop.c | ||
39 | bug_null_pointer_exception_modified_SOURCES = bug_null_pointer_exception_modified.c | ||
40 | bug_sigbus_SOURCES = bug_sigbus.c | ||
41 | bug_bad_food_SOURCES = bug_bad_food.c | ||
diff --git a/pathologist/refs/src/bug_assertion_failure.c b/pathologist/refs/src/bug_assertion_failure.c new file mode 100644 index 0000000..2dbc3f0 --- /dev/null +++ b/pathologist/refs/src/bug_assertion_failure.c | |||
@@ -0,0 +1,16 @@ | |||
1 | #include <stdio.h> | ||
2 | #include <assert.h> | ||
3 | |||
4 | void assertionFailure() | ||
5 | { | ||
6 | int x; | ||
7 | x = 5; | ||
8 | printf("Assertion Failure Now!\n"); | ||
9 | assert(x < 4); | ||
10 | } | ||
11 | |||
12 | int main(int argc, char *argv[]) | ||
13 | { | ||
14 | assertionFailure(); | ||
15 | return 0; | ||
16 | } | ||
diff --git a/pathologist/refs/src/bug_bad_food.c b/pathologist/refs/src/bug_bad_food.c new file mode 100644 index 0000000..8c4de54 --- /dev/null +++ b/pathologist/refs/src/bug_bad_food.c | |||
@@ -0,0 +1,11 @@ | |||
1 | #include <stdio.h> | ||
2 | |||
3 | int main(int argc, char **argv) | ||
4 | { | ||
5 | void *badfood = (void*) (long) 0xBAADF00D; | ||
6 | void *nil = NULL; | ||
7 | |||
8 | fprintf (stderr, "%d\n", | ||
9 | (int) (long) * (int*) ((1 == argc) ? badfood : nil)); | ||
10 | return 0; | ||
11 | } | ||
diff --git a/pathologist/refs/src/bug_bad_memory_access.c b/pathologist/refs/src/bug_bad_memory_access.c new file mode 100644 index 0000000..54e50ad --- /dev/null +++ b/pathologist/refs/src/bug_bad_memory_access.c | |||
@@ -0,0 +1,16 @@ | |||
1 | #include <stdio.h> | ||
2 | #include <string.h> | ||
3 | |||
4 | |||
5 | void badMemoryAccess() | ||
6 | { | ||
7 | int *p = (int*) 0x4252352; | ||
8 | printf("Bad memory access now!\n"); | ||
9 | *p = 5; | ||
10 | } | ||
11 | |||
12 | int main(int argc, char *argv[]) | ||
13 | { | ||
14 | badMemoryAccess(); | ||
15 | return 0; | ||
16 | } | ||
diff --git a/pathologist/refs/src/bug_crypto_crc.c b/pathologist/refs/src/bug_crypto_crc.c new file mode 100644 index 0000000..f252785 --- /dev/null +++ b/pathologist/refs/src/bug_crypto_crc.c | |||
@@ -0,0 +1,121 @@ | |||
1 | /* | ||
2 | This file is part of GNUnet. | ||
3 | (C) 2001, 2002, 2003, 2004, 2006 Christian Grothoff (and other contributing authors) | ||
4 | |||
5 | GNUnet is free software; you can redistribute it and/or modify | ||
6 | it under the terms of the GNU General Public License as published | ||
7 | by the Free Software Foundation; either version 2, or (at your | ||
8 | option) any later version. | ||
9 | |||
10 | GNUnet is distributed in the hope that it will be useful, but | ||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
13 | General Public License for more details. | ||
14 | |||
15 | You should have received a copy of the GNU General Public License | ||
16 | along with GNUnet; see the file COPYING. If not, write to the | ||
17 | Free Software Foundation, Inc., 59 Temple Place - Suite 330, | ||
18 | Boston, MA 02111-1307, USA. | ||
19 | |||
20 | For the actual CRC code: | ||
21 | Copyright abandoned; this code is in the public domain. | ||
22 | Provided to GNUnet by peter@horizon.com | ||
23 | */ | ||
24 | |||
25 | /** | ||
26 | * @file monkey/bug_crypto_crc.c | ||
27 | * @brief implementation of CRC32 (this code has been copied from GNUnet util source directory, and modified to be Seaspider friendly) | ||
28 | * @author Christian Grothoff, Safey A.Halim | ||
29 | */ | ||
30 | |||
31 | #include <assert.h> | ||
32 | #include <stdlib.h> | ||
33 | #include <stdio.h> | ||
34 | #include <stdint.h> | ||
35 | |||
36 | #define Z_NULL 0 | ||
37 | |||
38 | |||
39 | #define POLYNOMIAL (unsigned long)0xedb88320 | ||
40 | static unsigned long crc_table[256]; | ||
41 | |||
42 | /* | ||
43 | * This routine writes each crc_table entry exactly once, | ||
44 | * with the ccorrect final value. Thus, it is safe to call | ||
45 | * even on a table that someone else is using concurrently. | ||
46 | */ | ||
47 | static void | ||
48 | crc_init () | ||
49 | { | ||
50 | static int once; | ||
51 | unsigned int i, j; | ||
52 | unsigned long h = 1; | ||
53 | |||
54 | if (once) | ||
55 | return; | ||
56 | once = 1; | ||
57 | crc_table[0] = 0; | ||
58 | for (i = 128; i; i >>= 1) | ||
59 | { | ||
60 | h = (h >> 1) ^ ((h & 1) ? POLYNOMIAL : 0); | ||
61 | /* h is now crc_table[i] */ | ||
62 | for (j = 0; j < 256; j += 2 * i) | ||
63 | crc_table[i + j] = crc_table[j] ^ h; | ||
64 | } | ||
65 | } | ||
66 | |||
67 | /* | ||
68 | * This computes the standard preset and inverted CRC, as used | ||
69 | * by most networking standards. Start by passing in an initial | ||
70 | * chaining value of 0, and then pass in the return value from the | ||
71 | * previous crc32() call. The final return value is the CRC. | ||
72 | * Note that this is a little-endian CRC, which is best used with | ||
73 | * data transmitted lsbit-first, and it should, itself, be appended | ||
74 | * to data in little-endian byte and bit order to preserve the | ||
75 | * property of detecting all burst errors of length 32 bits or less. | ||
76 | */ | ||
77 | static unsigned long | ||
78 | crc_go (unsigned long crc, const char *buf, size_t len) | ||
79 | { | ||
80 | crc_init (); | ||
81 | assert (crc_table[255] != 0); | ||
82 | crc ^= 0xffffffff; | ||
83 | while (len--) | ||
84 | crc = (crc >> 8) ^ crc_table[(crc ^ *buf++) & 0xff]; | ||
85 | return crc ^ 0xffffffff; | ||
86 | } | ||
87 | |||
88 | |||
89 | /** | ||
90 | * Compute the CRC32 checksum for the first len bytes of the buffer. | ||
91 | * | ||
92 | * @param buf the data over which we're taking the CRC | ||
93 | * @param len the length of the buffer | ||
94 | * @return the resulting CRC32 checksum | ||
95 | */ | ||
96 | int32_t | ||
97 | crc32_n (const void *buf, size_t len) | ||
98 | { | ||
99 | unsigned long crc; | ||
100 | crc = crc_go (0L, Z_NULL, 0); | ||
101 | crc = crc_go (crc, (char *) buf, len); | ||
102 | return crc; | ||
103 | } | ||
104 | |||
105 | |||
106 | int main () | ||
107 | { | ||
108 | char buf[1024]; | ||
109 | int i; | ||
110 | for (i = 0; i < 1024; i++) | ||
111 | { | ||
112 | buf[i] = (char) i; | ||
113 | } | ||
114 | for (i = 0; i < 1024; i++) | ||
115 | { | ||
116 | printf("%d\n", crc32_n (&buf[i], 1024 - i)); | ||
117 | } | ||
118 | return 0; | ||
119 | } | ||
120 | |||
121 | /* end of bug_crypto_crc.c */ | ||
diff --git a/pathologist/refs/src/bug_division_by_zero_loop.c b/pathologist/refs/src/bug_division_by_zero_loop.c new file mode 100644 index 0000000..544b7d2 --- /dev/null +++ b/pathologist/refs/src/bug_division_by_zero_loop.c | |||
@@ -0,0 +1,18 @@ | |||
1 | #include <stdio.h> | ||
2 | |||
3 | int | ||
4 | main (int argc, char *argv[]) | ||
5 | { | ||
6 | int i, k, result, tmp; | ||
7 | k = -1; | ||
8 | result = 10; | ||
9 | |||
10 | printf("I am alive!\n"); | ||
11 | for (i = 0; i < 5; i++) | ||
12 | { | ||
13 | k += i; | ||
14 | result = result / k; /* Division by zero in second iteration */ | ||
15 | printf("result = %d\n", result); | ||
16 | } | ||
17 | return 0; | ||
18 | } | ||
diff --git a/pathologist/refs/src/bug_null_pointer_exception.c b/pathologist/refs/src/bug_null_pointer_exception.c new file mode 100644 index 0000000..4accd65 --- /dev/null +++ b/pathologist/refs/src/bug_null_pointer_exception.c | |||
@@ -0,0 +1,21 @@ | |||
1 | #include <stdio.h> | ||
2 | #include <string.h> | ||
3 | |||
4 | |||
5 | struct CrashStruct { | ||
6 | const char *crashValue; | ||
7 | }; | ||
8 | |||
9 | void crashFunction() | ||
10 | { | ||
11 | struct CrashStruct *crashStruct; | ||
12 | crashStruct = NULL; | ||
13 | printf("Now the program will crash!\n"); | ||
14 | crashStruct->crashValue = "hello!"; | ||
15 | } | ||
16 | |||
17 | int main(int argc, char *argv[]) | ||
18 | { | ||
19 | crashFunction(); | ||
20 | return 0; | ||
21 | } | ||
diff --git a/pathologist/refs/src/bug_null_pointer_exception_modified.c b/pathologist/refs/src/bug_null_pointer_exception_modified.c new file mode 100644 index 0000000..497b9f0 --- /dev/null +++ b/pathologist/refs/src/bug_null_pointer_exception_modified.c | |||
@@ -0,0 +1,32 @@ | |||
1 | #include <stdio.h> | ||
2 | #include <string.h> | ||
3 | |||
4 | |||
5 | struct CrashStruct { | ||
6 | const char *crashValue; | ||
7 | }; | ||
8 | |||
9 | void crashFunction() | ||
10 | { | ||
11 | struct CrashStruct *crashStruct; | ||
12 | int a; | ||
13 | int b; | ||
14 | int c; | ||
15 | a = 3; | ||
16 | b = 5; | ||
17 | c = a + b; | ||
18 | crashStruct = NULL; | ||
19 | printf("Now the program will crash!\n"); | ||
20 | crashStruct->crashValue = "hello!"; | ||
21 | } | ||
22 | |||
23 | void intermediateFunction() | ||
24 | { | ||
25 | crashFunction(); | ||
26 | } | ||
27 | |||
28 | int main(int argc, char *argv[]) | ||
29 | { | ||
30 | intermediateFunction(); | ||
31 | return 0; | ||
32 | } | ||
diff --git a/pathologist/refs/src/bug_sigbus.c b/pathologist/refs/src/bug_sigbus.c new file mode 100644 index 0000000..39348ef --- /dev/null +++ b/pathologist/refs/src/bug_sigbus.c | |||
@@ -0,0 +1,50 @@ | |||
1 | #include <stdlib.h> | ||
2 | #include <stdio.h> | ||
3 | #include <string.h> | ||
4 | |||
5 | int main(int argc, char **argv) | ||
6 | { | ||
7 | // | ||
8 | // __asm__("pushf\n" | ||
9 | // "orl $0x40000, (%esp)\n" | ||
10 | // "popf"); | ||
11 | |||
12 | int testvar = 0x12345678; | ||
13 | int *testvarp; | ||
14 | |||
15 | testvarp = &testvar; | ||
16 | printf("testvarp was %lx\n", testvarp); | ||
17 | printf("testvar was %lx\n", *testvarp); | ||
18 | |||
19 | testvarp = (int *)(((char *)testvarp) + 1); | ||
20 | printf("testvarp is %lx\n", testvarp); | ||
21 | printf("testvar is %lx\n", *testvarp); | ||
22 | |||
23 | |||
24 | // char* str; | ||
25 | // str = realloc(str,10); | ||
26 | // */ | ||
27 | // | ||
28 | // /* | ||
29 | // char *p; | ||
30 | // | ||
31 | // __asm__("pushf\n" | ||
32 | // "orl $0x40000, (%esp)\n" | ||
33 | // "popf"); | ||
34 | // | ||
35 | // /* | ||
36 | // * malloc() always provides aligned memory. | ||
37 | // * Do not use stack variable like a[9], depending on the compiler you use, | ||
38 | // * a may not be aligned properly. | ||
39 | // */ | ||
40 | // p = malloc(sizeof(int) + 1); | ||
41 | // memset(p, 0, sizeof(int) + 1); | ||
42 | // | ||
43 | // /* making p unaligned */ | ||
44 | // p++; | ||
45 | // | ||
46 | // printf("%d\n", *(int *)p); | ||
47 | // | ||
48 | // return 0; | ||
49 | |||
50 | } | ||