Hello, this is Ahcheong Lee I'm currently working on a new fuzzing technique, and I found some crashes on GNU bison3.5.2. For ease of maintenance, I'll send one crash by one by email.
I've found there was similar crash report on bison3.3 (link <https://lists.gnu.org/archive/html/bug-bison/2019-03/msg00008.html>), the crash was fixed, but it seems it appeared again. There was a segmentation fault on quotearg_buffer_restyled, lib/quotearg.c:400 You can reproduce it with the following command: ./bison <attached file> This is call stack info: Program received signal SIGSEGV, Segmentation fault. 0x0000000000462dd5 in quotearg_buffer_restyled (buffer=0x69cb90 "debugger11/id:000015", buffersize=21, arg=0x0, argsize=18446744073709551615, quoting_style=escape_quoting_style, flags=1, quote_these_too=0x7fffffffa948, left_quote=0x0, right_quote=0x0) at lib/quotearg.c:400 400 for (i = 0; ! (argsize == SIZE_MAX ? arg[i] == '\0' : i == argsize); i++) (gdb) bt #0 0x0000000000462dd5 in quotearg_buffer_restyled (buffer=0x69cb90 "debugger11/id:000015", buffersize=21, arg=0x0, argsize=18446744073709551615, quoting_style=escape_quoting_style, flags=1, quote_these_too=0x7fffffffa948, left_quote=0x0, right_quote=0x0) at lib/quotearg.c:400 #1 0x0000000000463402 in quotearg_n_options (n=3, arg=0x0, argsize=18446744073709551615, options=0x7fffffffa940) at lib/quotearg.c:907 #2 0x00000000004635cd in quotearg_n_style (n=3, s=escape_quoting_style, arg=0x0) at lib/quotearg.c:958 #3 0x00000000004162e5 in location_print (loc=..., out=0x7ffff7dd2540 <_IO_2_1_stderr_>) at src/location.c:179 #4 0x00000000004076b8 in error_message (loc=0x692a88, indent=0x7fffffffabbc, flags=Wother, sever=severity_warning, message=0x47881d "previous declaration", args=0x7fffffffaac0) at src/complain.c:430 #5 0x0000000000407987 in complains (loc=0x692a88, indent=0x7fffffffabbc, flags=Wother, message=0x47881d "previous declaration", args=0x7fffffffaac0) at src/complain.c:488 #6 0x0000000000407b40 in complain_indent (loc=0x692a88, flags=Wother, indent=0x7fffffffabbc, message=0x47881d "previous declaration") at src/complain.c:510 #7 0x000000000044d1ce in symbol_class_set (sym=0x692a80, class=token_sym, loc=..., declaring=true) at src/symtab.c:552 #8 0x000000000042eee2 in gram_parse () at src/parse-gram.y:538 #9 0x0000000000436978 in reader (gram=0x691bb0 "debugger11/id:000015") at src/reader.c:716 #10 0x0000000000417e3d in main (argc=2, argv=0x7fffffffe378) at src/main.c:104 Thank you, Ahcheong Lee --------------------------------------------- Ahcheong Lee, Master's student School of Computing, KAIST Room# 2438, E3-1, KAIST 373-1 Guseong-dong, Yuseong-gu Daejeon, South Korea 34141 Phone : 010-7350-3811 ------------------------------------------------
bison_crash_quotearg_buffer_restyled
Description: Binary data
