bug-gnu-pspp
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

PSPP-BUG: Assertion `ds->n_stack > 0' failed in pspp

From: Youngseok Choi
Subject: PSPP-BUG: Assertion `ds->n_stack > 0' failed in pspp
Date: Tue, 4 Apr 2023 16:47:36 +0900
Hello, pspp developers!

We are developing a new fuzzer, and it found new assertion bug in the latest pspp executable.

Command Input
pspp poc_file

poc_file is attached.

Output
/home/youngseok/data/230327/asan_inter_30_30_shrink5_1_230308/pspp/4_id:000204/poc_file:1.11: error: DATA LIST: Bad character U+0002 in input.
    1 |  dat   lis lis/v���rrrrrr

/home/youngseok/data/230327/asan_inter_30_30_shrink5_1_230308/pspp/4_id:000204/poc_file:1.17-1.18: error: DATA LIST: Bad character U+FFFD in input.
    1 |  dat   lis lis/v���rrrrrr

/home/youngseok/data/230327/asan_inter_30_30_shrink5_1_230308/pspp/4_id:000204/poc_file:1.18-1.19: error: DATA LIST: Bad character U+FFFD in input.
    1 |  dat   lis lis/v���rrrrrr

/home/youngseok/data/230327/asan_inter_30_30_shrink5_1_230308/pspp/4_id:000204/poc_file:1.19-1.20: error: DATA LIST: Bad character U+FFFD in input.
    1 |  dat   lis lis/v���rrrrrr

/home/youngseok/data/230327/asan_inter_30_30_shrink5_1_230308/pspp/4_id:000204/poc_file:1.21: error: DATA LIST: Bad character U+007F in input.
    1 |  dat   lis lis/v���rrrrrr

/home/youngseok/data/230327/asan_inter_30_30_shrink5_1_230308/pspp/4_id:000204/poc_file:1.27: error: DATA LIST: Bad character U+0000 in input.
    1 |  dat   lis lis/v���rrrrrr

Reading free-form data from INLINE.
+--------+------+
|Variable|Format|
+--------+------+
|v       |F8.0  |
|r       |F8.0  |
|rrrrr   |F8.0  |
|$$      |F8.0  |
+--------+------+

/home/youngseok/data/230327/asan_inter_30_30_shrink5_1_230308/pspp/4_id:000204/poc_file:2.1-2.2: error: Bad character U+FFFD in input.
    2 | ���?�

/home/youngseok/data/230327/asan_inter_30_30_shrink5_1_230308/pspp/4_id:000204/poc_file:2.2-2.3: error: Bad character U+FFFD in input.
    2 | ���?�

/home/youngseok/data/230327/asan_inter_30_30_shrink5_1_230308/pspp/4_id:000204/poc_file:2.3: error: Bad character U+0001 in input.
    2 | ���?�

/home/youngseok/data/230327/asan_inter_30_30_shrink5_1_230308/pspp/4_id:000204/poc_file:2.3: error: Bad character U+0019 in input.
    2 | ���?�

/home/youngseok/data/230327/asan_inter_30_30_shrink5_1_230308/pspp/4_id:000204/poc_file:2.3-2.4: error: Bad character U+FFFD in input.
    2 | ���?�

/home/youngseok/data/230327/asan_inter_30_30_shrink5_1_230308/pspp/4_id:000204/poc_file:2.4: error: Syntax error expecting command name.
    2 | ���?�

/home/youngseok/data/230327/asan_inter_30_30_shrink5_1_230308/pspp/4_id:000204/poc_file:2.5-2.6: error: Bad character U+FFFD in input.
    2 | ���?�

/home/youngseok/data/230327/asan_inter_30_30_shrink5_1_230308/pspp/4_id:000204/poc_file:2.6: error: Bad character U+0000 in input.
    2 | ���?�

/home/youngseok/data/230327/asan_inter_30_30_shrink5_1_230308/pspp/4_id:000204/poc_file:2.6-2.7: error: Bad character U+FFFD in input.
    2 | ���?�

/home/youngseok/data/230327/asan_inter_30_30_shrink5_1_230308/pspp/4_id:000204/poc_file:2.10-2.11: error: Bad character U+FFFD in input.
    2 | ���?�

/home/youngseok/data/230327/asan_inter_30_30_shrink5_1_230308/pspp/4_id:000204/poc_file:2.12-2.13: error: Bad character U+FFFD in input.
    2 | ���?�

/home/youngseok/data/230327/asan_inter_30_30_shrink5_1_230308/pspp/4_id:000204/poc_file:2.14-2.15: error: Bad character U+FFFD in input.
    2 | ���?�

/home/youngseok/data/230327/asan_inter_30_30_shrink5_1_230308/pspp/4_id:000204/poc_file:2.15: error: Bad character U+0000 in input.
    2 | ���?�

/home/youngseok/data/230327/asan_inter_30_30_shrink5_1_230308/pspp/4_id:000204/poc_file:2.23: error: Unterminated string constant.
    2 | ���?�

/home/youngseok/data/230327/asan_inter_30_30_shrink5_1_230308/pspp/4_id:000204/poc_file:3.1-3.3: error: DATE: DATE is not yet implemented.
    3 | dat
      | ^~~

/home/youngseok/data/230327/asan_inter_30_30_shrink5_1_230308/pspp/4_id:000204/poc_file:4.2-4.3: error: DATE: Bad character U+FFFD in input.
    4 |
l�s<���
      |  ^~

/home/youngseok/data/230327/asan_inter_30_30_shrink5_1_230308/pspp/4_id:000204/poc_file:4.5-4.6: error: DATE: Bad character U+FFFD in input.
    4 |
l�s<���
      |     ^~

/home/youngseok/data/230327/asan_inter_30_30_shrink5_1_230308/pspp/4_id:000204/poc_file:4.6-4.7: error: DATE: Bad character U+FFFD in input.
    4 |
l�s<���
      |      ^~

/home/youngseok/data/230327/asan_inter_30_30_shrink5_1_230308/pspp/4_id:000204/poc_file:4.7-4.8: error: DATE: Bad character U+FFFD in input.
    4 |
l�s<���
      |       ^~

/home/youngseok/data/230327/asan_inter_30_30_shrink5_1_230308/pspp/4_id:000204/poc_file:4.8: error: DATE: Bad character U+0004 in input.
    4 |
l�s<���
      |        ^
pspp: src/data/dataset.c:828: proc_pop_transformations: Assertion `ds->n_stack > 0' failed.

Backtrace
#0  0x00007ffff56cae87 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
#1  0x00007ffff56cc7f1 in __GI_abort () at abort.c:79
#2  0x00007ffff56bc3fa in __assert_fail_base (fmt=0x7ffff58436c0 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=assertion@entry=0x7ffff66ed060 "ds->n_stack > 0", file=file@entry=0x7ffff66eca20 "src/data/dataset.c", line=line@entry=828, function=function@entry=0x7ffff66ed560 <__PRETTY_FUNCTION__.12198> "proc_pop_transformations") at assert.c:92
#3  0x00007ffff56bc472 in __GI___assert_fail (assertion=0x7ffff66ed060 "ds->n_stack > 0", file=0x7ffff66eca20 "src/data/dataset.c", line=828, function=0x7ffff66ed560 <__PRETTY_FUNCTION__.12198> "proc_pop_transformations") at assert.c:101
#4  0x00007ffff65738cd in proc_pop_transformations (ds=0x612000000040, chain=0x60b000003400) at src/data/dataset.c:828
#5  0x00007ffff6a0c8be in cmd_loop (lexer=0x6040000007d0, ds=0x612000000040) at src/language/commands/loop.c:117
#6  0x00007ffff690d362 in do_parse_command (lexer=0x6040000007d0, ds=0x612000000040, state=CMD_STATE_DATA) at src/language/command.c:243
#7  0x00007ffff690cd0a in cmd_parse_in_state (lexer=0x6040000007d0, ds=0x612000000040, state=CMD_STATE_DATA) at src/language/command.c:149
#8  0x00007ffff690cdda in cmd_parse (lexer=0x6040000007d0, ds=0x612000000040) at src/language/command.c:164
#9  0x0000555555559e7b in main (argc=2, argv=0x7fffffffe048) at src/ui/terminal/main.c:139

Environment
OS: Ubuntu 18.04
gcc: 7.5.0
pspp: 1.6.2 (master branch - git commit id eb1521cd226e0b8cafab7c72d860b21eda71662)

Note that pspp is built with address sanitizer and several options: 
CFLAGS="-fsanitize=address -g -O0" CXXFLAGS="-fsanitize=address -g -O0" \ ./configure --prefix=`pwd`/install_main --without-perl-module --without-gui

Thank you.
Youngseok Choi

Attachment: poc_file
Description: Binary data

reply via email to
[Prev in Thread] Current Thread [Next in Thread]