Closed GoogleCodeExporter closed 8 years ago
Hello!
First of all, thanks for your feedback!
Avalanche identifies a crash each time a program terminated abnormally. We try
to gather as much information about such situations as possible, but,
unfortunately, cannot completely guarantee that this information is enough to
identify the cause of termination. In rare cases (such as OOM situation you
have encountered) we get false-positives.
Also, Avalanche keeps the size of all input files to be checked - that means
that initial input test_image_2.png will never be enough to generate
test_image.png exploit.
Original comment by m.k.erma...@gmail.com
on 22 Aug 2011 at 12:54
I propose some little improvement for such cases. Each instrumentation plugin
(tracegrid or covgrind) should report it own status by, for example, by
separate file to the main program. So the orchestra tool could differ failed
plugin and failed application cases.
As another variant would be the running of the tested application in a
standalone mode with possible exploit.
Original comment by xeioexception
on 22 Aug 2011 at 1:08
The return value of Valgrind will always be the return value of the simulated
process - it can't be used to differ between plugin failures and application
failures.
Standalone application runs were used in previous versions, but it was decided
that they are ineffective.
Original comment by m.k.erma...@gmail.com
on 23 Aug 2011 at 10:37
Now "partially fixed" in revision 238. Warnings are added to exploit reports
when no stack trace is available (possibly terminated with SIGKILL) and when
terminated by signal from another process (not kernel).
Original comment by m.k.erma...@gmail.com
on 25 Aug 2011 at 3:41
Original issue reported on code.google.com by
xeioexception
on 22 Aug 2011 at 6:40Attachments: