[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Memory corruption bug causes crash in bison 3.6.4
From: |
Dwight Guth |
Subject: |
Memory corruption bug causes crash in bison 3.6.4 |
Date: |
Wed, 24 Jun 2020 13:15:59 -0500 |
I have been able to reproduce this bug in the latest version and in
versions as old as 3.0.4, the oldest version I have tried.
I am attaching the smallest grammar I was able to produce that
generates the error. I'm aware that this grammar is rather contrived;
I can provide a larger, more complete-but-self-contained example upon
request, but the bug reporting instructions recommended I minimize the
grammar as much as possible, so I chose to provide the smallest
grammar I could construct that triggered the crash, even though in
practice it looks nothing like a real production grammar.
The bug manifests with the following error message, followed by bison
aborting without completing successfully or generating any output:
"double free or corrruption (!prev)". I am on Ubuntu 18.04, and I
built bison with gcc 7.5.0. I am also attaching the log generated from
running bison through valgrind on this example, which seems to show a
number of use-after-free violations.
--
Dwight Guth
Director of Engineering
Email: dwight.guth@runtimeverification.com
parser.y
Description: Binary data
valgrind_log
Description: Binary data
- Memory corruption bug causes crash in bison 3.6.4,
Dwight Guth <=
- [PATCH 0/4] Fix crash when generating IELR, Akim Demaille, 2020/06/26
- [PATCH 1/4] style: clean up ielr, Akim Demaille, 2020/06/26
- [PATCH 2/4] style: clean up nullable, Akim Demaille, 2020/06/26
- [PATCH 3/4] style: factor the access to a rule from its items, Akim Demaille, 2020/06/26
- [PATCH 4/4] ielr: fix crash on memory management, Akim Demaille, 2020/06/26
- Re: [PATCH 0/4] Fix crash when generating IELR, Dwight Guth, 2020/06/26