******************************************************************************
********************* IBIS GOLDEN PARSER BUG REPORT FORM *********************
******************************************************************************

INSTRUCTIONS

To report a bug in the IBIS golden parser.  Please fill out the top part
of the following form and send the complete form to info@ibis.org.

A list of reported bugs is maintained at http://ibis.org/bugs/ibischk/ .

******************************************************************************

PARSER VERSION NUMBER: 7.2.1

PLATFORM (SPARC, HP700, PC, etc.): PC

OS AND VERSION: Microsoft Windows 11 Enterprise 22H2, Build 22621.3296

REPORTED BY: Michael Mirmak, Intel Corporation

DATE: March 19, 2024

TITLE: Crash Caused by iassert macro and abort()

DESCRIPTION OF BUG:

Executing the following command on the enclosed .ami file results in a crash of ibischk7_64:

	ibischk7_64.exe -ami crash-59fde231108c8156c7285a9eec94fc4661b61dc7.ami

The generated output is shown at the bottom of this section.  A Microsoft Visual C++ error 
message dialog box is also generated by the crash.

Without modification of the source code, any software which incorporates
ibischk7 as a library will itself be forced to crash as a result of this error.

This behavior is caused by the file cmn.c, line 610, in which the macro "iassert" is called:

	iassert(*pv != NULL);
 
The "iassert" macro is itself defined in the file ibis_chk.h, on line 269:

	#define iassert(ex) if (!(ex)) {fprintf(stdout,"%s:%d:assertion failed.\n",__FILE__,__LINE__);fflush(stdout);abort();}

The "abort()" call at the end of the macro causes abnormal termination of the program.

Note that this issue was discovered as the result of "fuzzing testing", a recent software testing
technique where command-line, UI, and library inputs are deliberately subject to incorrectly typed, 
overly-long, or incorrectly formatted data to test software error-handling routines.  Fuzzing
testing is becoming increasingly popular for automatic security analysis of software.

The enclosed .ami file generates the following output:

IBISCHK7 V7.2.1
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal non-7-bit ASCII character (code b5).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal NUL character (code 0).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal NUL character (code 0).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal NUL character (code 0).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR (line    1) - Found illegal NUL character (code 0).  - To fix, save file in MS_DOS format and remove .txt extension.
ERROR - Parsing aborted
..\..\cmn.c:610:assertion failed.

**********************

The following feedback from a parser code user is relevant for a fix:

We build and deliver ibischk without IASSERT defined, so we do not use the iassert() macro.  It's been this way for quite a while, 
though I don't know for sure that we've never used iassert().  The macro appears in many places, but only seems to be intended to 
help the developer catch bug conditions during development.  It might be reasonable to leave it enabled in production code just in 
case the information it gives can help diagnose problems.

If (and only if) I build ibischk for (Tool A) with IASSERT defined, the test case .ami file does cause (Tool A) to crash.  But the 
iassert() instance that triggers abort() in this case is not catching a real problem.  Here's the code:

void
CMN_freeSetNull(void **pv)
{
   iassert(*pv != NULL);

#ifdef ITRACE
   printf("%s:memptr:%lu:free\n",__FILE__,(UL)(*pv));
#endif

   free(*pv);
   *pv = 0;
}

There's nothing illegal about calling the C runtime function free() with a NULL pointer.  During development, we might turn on the 
ITRACE behavior, which requires that *pv != NULL.  But outside of development, no problem.

We can rethink our build policy of leaving IASSERT undefined – it's not a bad idea to have the iassert() macro enabled.  But first, 
I think the parser code should move the call to iassert() above inside the #ifdef ITRACE / #endif block.  Then, to make iassert() 
more friendly towards integration within a parent application, I would look into making it throw an exception instead of calling 
abort().

INSERT IBIS FILE DEMONSTRATING THE BUG:

Supporting files are found in the https://ibis.org/bugs/ibischk/bug248 directory:

- crash-59fde231108c8156c7285a9eec94fc4661b61dc7.ami (this file contains non-7-bit ASCII characters and so cannot be included in this form)
- crash-message-windows.jpg (this shows the Microsoft Visual C++ Runtime Library error message generated when ibischk7 aborts)

******************************************************************************
******************** BELOW FOR ADMINISTRATION AND TRACKING *******************
******************************************************************************

BUG NUMBER: 248

SEVERITY: [FATAL, SEVERE, MODERATE, ANNOYING, ENHANCEMENT]  [FATAL]

PRIORITY: [HIGH, MEDIUM, LOW]                               [MEDIUM]

STATUS: [OPEN, CLOSED, WILL NOT FIX, NOT A BUG]             [OPEN]

FIXED VERSION:

FIXED DATE:

NOTES ON BUG FIX:


******************************************************************************
******************************************************************************