bug-gnu-pspp
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PSPP-BUG: [bug #54664] segfault in count_newlines in lexer.c

From: Friedrich Beckmann
Subject: Re: PSPP-BUG: [bug #54664] segfault in count_newlines in lexer.c
Date: Sat, 15 Sep 2018 11:04:32 +0200 
Hi Tianxiao,

thanks for the bug report!

Friedrich


> Am 15.09.2018 um 09:41 schrieb Tianxiao Gu <address@hidden>:
> 
> URL:
>  <https://savannah.gnu.org/bugs/?54664>
> 
>                 Summary: segfault in count_newlines in lexer.c
>                 Project: PSPP
>            Submitted by: tianxiaogu
>            Submitted on: Sat 15 Sep 2018 07:41:18 AM UTC
>                Category: Syntax Parser
>                Severity: 5 - Average
>                  Status: None
>             Assigned to: None
>             Open/Closed: Open
>         Discussion Lock: Any
>                 Release: None
>                  Effort: 0.00
> 
>    _______________________________________________________
> 
> Details:
> 
> When compiling pspp with address sanitizer, we can trigger the following
> segfault.
> When compiling pspp without address sanitizer, we cannot.
> 
> Reproduce:
> 
> ./src/ui/terminal/pspp test-case0
> 
> =================================================================
> ==1955==ERROR: AddressSanitizer: SEGV on unknown address 0x614000010000 (pc
> 0x7f4f3fa4c540 bp 0x7fff1fae28a0 sp 0x7fff1fae2018 T0)
> ==1955==The signal is caused by a READ memory access.
>    #0 0x7f4f3fa4c53f  (/lib/x86_64-linux-gnu/libc.so.6+0x18a53f)
>    #1 0x7f4f411645a1  (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x415a1)
>    #2 0x7f4f40c52dfe in count_newlines src/language/lexer/lexer.c:906
>    #3 0x7f4f40c52f85 in lex_source_get_last_line_number
> src/language/lexer/lexer.c:926
>    #4 0x7f4f40c534a9 in lex_get_last_line_number
> src/language/lexer/lexer.c:1003
>    #5 0x55f3ba564627 in output_msg src/ui/terminal/main.c:226
>    #6 0x7f4f407f7314 in ship_message src/libpspp/message.c:283
>    #7 0x7f4f407f76df in submit_note src/libpspp/message.c:309
>    #8 0x7f4f407f7ad7 in process_msg src/libpspp/message.c:349
>    #9 0x7f4f407f7b39 in msg_emit src/libpspp/message.c:363
>    #10 0x7f4f40c5443c in lex_source_read__ src/language/lexer/lexer.c:1206
>    #11 0x7f4f40c55d4d in lex_source_get__ src/language/lexer/lexer.c:1398
>    #12 0x7f4f40c50c29 in lex_get src/language/lexer/lexer.c:228
>    #13 0x55f3ba564051 in main src/ui/terminal/main.c:135
>    #14 0x7f4f3f8e3b96 in __libc_start_main
> (/lib/x86_64-linux-gnu/libc.so.6+0x21b96)
>    #15 0x55f3ba563ac9 in _start
> (/home/t/Projects/fuzzing/pspp/pspp/src/ui/terminal/.libs/pspp+0x4ac9)
> 
> AddressSanitizer can not provide additional info.
> SUMMARY: AddressSanitizer: SEGV (/lib/x86_64-linux-gnu/libc.so.6+0x18a53f) 
> ==1955==ABORTING
> 
> 
> 
>    _______________________________________________________
> 
> File Attachments:
> 
> 
> -------------------------------------------------------
> Date: Sat 15 Sep 2018 07:41:18 AM UTC  Name: test-case-0  Size: 339B   By:
> tianxiaogu
> 
> <http://savannah.gnu.org/bugs/download.php?file_id=45015>
> 
>    _______________________________________________________
> 
> Reply to this item at:
> 
>  <https://savannah.gnu.org/bugs/?54664>
> 
> _______________________________________________
>  Message sent via Savannah
>  https://savannah.gnu.org/
> 
> 
> _______________________________________________
> Bug-gnu-pspp mailing list
> address@hidden
> https://lists.gnu.org/mailman/listinfo/bug-gnu-pspp
reply via email to
[Prev in Thread] Current Thread [Next in Thread]