[Bug gas/29005] New: ASAN error: in pa_chk_field_selector /home/marxin/buildworker/zen2-cross-binutils-sanitizers/build/gas/config/tc-hppa.c:2448
https://sourceware.org/bugzilla/show_bug.cgi?id=29005
Bug ID: 29005
Summary: ASAN error: in pa_chk_field_selector
/home/marxin/buildworker/zen2-cross-binutils-sanitizer
s/build/gas/config/tc-hppa.c:2448
Product: binutils
Version: 2.37
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: gas
Assignee: unassigned at sourceware dot org
Reporter: mliska at suse dot cz
Target Milestone: ---
The following fails when I build binutils with:
configure --build=x86_64-linux --disable-gdb --disable-gdbserver
--enable-obsolete --target=hppa-hp-hpux10 CFLAGS="-g -O2
-fsanitize=address,undefined -Wno-error" CXXLAGS="-g -O2
-fsanitize=address,undefined -Wno-error" LDFLAGS="-ldl"
Target: hppa-hp-hpux10
FAIL: quoted symbol names
Executing on host: sh -c {../as-new -alm
/home/marxin/buildworker/zen2-cross-binutils-sanitizers/build/gas/testsuite/gas/all/macro.s
2>&1} /dev/null dump.out (timeout = 300)
==59545==ERROR: AddressSanitizer: heap-buffer-overflow on address
0x603001d4 at pc 0x004c1bd9 bp 0x7fffb980 sp 0x7fffb978
#0 0x4c1bd8 in pa_chk_field_selector
/home/marxin/buildworker/zen2-cross-binutils-sanitizers/build/gas/config/tc-hppa.c:2448
#1 0x4d95c3 in parse_cons_expression_hppa
/home/marxin/buildworker/zen2-cross-binutils-sanitizers/build/gas/config/tc-hppa.c:2488
#2 0x47ee3f in cons_worker
/home/marxin/buildworker/zen2-cross-binutils-sanitizers/build/gas/read.c:4232
#3 0x4c0df8 in pa_cons
/home/marxin/buildworker/zen2-cross-binutils-sanitizers/build/gas/config/tc-hppa.c:8156
#4 0x48a446 in read_a_source_file
/home/marxin/buildworker/zen2-cross-binutils-sanitizers/build/gas/read.c:1202
#5 0x413f46 in perform_an_assembly_pass
/home/marxin/buildworker/zen2-cross-binutils-sanitizers/build/gas/as.c:1254
#6 0x413f46 in main
/home/marxin/buildworker/zen2-cross-binutils-sanitizers/build/gas/as.c:1416
#7 0x76a7962f in __libc_start_call_main (/lib64/libc.so.6+0x4062f)
#8 0x76a796ef in __libc_start_main_alias_1 (/lib64/libc.so.6+0x406ef)
#9 0x416174 in _start (/dev/shm/1k1segnb/gas/as-new+0x416174)
--
You are receiving this mail because:
You are on the CC list for the bug.
[Bug gas/29005] ASAN error: in pa_chk_field_selector /home/marxin/buildworker/zen2-cross-binutils-sanitizers/build/gas/config/tc-hppa.c:2448
https://sourceware.org/bugzilla/show_bug.cgi?id=29005 Martin Liska changed: What|Removed |Added CC||jbeulich at suse dot com --- Comment #1 from Martin Liska --- The ASAN issue is there likely since the beginning, it was b3446f947bd16a0e2a211343d076c36e4de68a2c which added the new test-case. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug gas/29005] ASAN error: in pa_chk_field_selector /home/marxin/buildworker/zen2-cross-binutils-sanitizers/build/gas/config/tc-hppa.c:2448
https://sourceware.org/bugzilla/show_bug.cgi?id=29005 --- Comment #2 from Jan Beulich --- With the function deliberately (albeit with a FIXME comment) parsing past line ends, I'd rather leave the fixing of this to hppa maintainers. Not knowing their assembly language (and having found a couple of comments hinting at quirks there) the risk is just too high for me to introduce new issues. -- You are receiving this mail because: You are on the CC list for the bug.
Issue 43035 in oss-fuzz: binutils:fuzz_dlltool: Timeout in fuzz_dlltool
Updates: Labels: -restrict-view-commit -deadline-approaching Deadline-Exceeded Comment #3 on issue 43035 by sheriffbot: binutils:fuzz_dlltool: Timeout in fuzz_dlltool https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43035#c3 This bug has exceeded our disclosure deadline. It has been opened to the public. - Your friendly Sheriffbot -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment.
[Bug gas/29005] ASAN error: in pa_chk_field_selector /home/marxin/buildworker/zen2-cross-binutils-sanitizers/build/gas/config/tc-hppa.c:2448
https://sourceware.org/bugzilla/show_bug.cgi?id=29005 Alan Modra changed: What|Removed |Added Assignee|unassigned at sourceware dot org |amodra at gmail dot com Ever confirmed|0 |1 Last reconfirmed||2022-03-29 Status|UNCONFIRMED |ASSIGNED -- You are receiving this mail because: You are on the CC list for the bug.
[Bug gas/29005] ASAN error: in pa_chk_field_selector /home/marxin/buildworker/zen2-cross-binutils-sanitizers/build/gas/config/tc-hppa.c:2448
https://sourceware.org/bugzilla/show_bug.cgi?id=29005 --- Comment #3 from cvs-commit at gcc dot gnu.org --- The master branch has been updated by Alan Modra : https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=1fc6fa2f1be66d99007bc2dba90f2c57f941bf58 commit 1fc6fa2f1be66d99007bc2dba90f2c57f941bf58 Author: Alan Modra Date: Mon Mar 28 17:51:30 2022 +1030 asan: heap buffer overflow in pa_chk_field_selector The buffer overflow showed up running the gas "all macro" test. PR 29005 * config/tc-hppa.c (pa_chk_field_selector): Don't read past end of line. -- You are receiving this mail because: You are on the CC list for the bug.
[Bug gas/29005] ASAN error: in pa_chk_field_selector /home/marxin/buildworker/zen2-cross-binutils-sanitizers/build/gas/config/tc-hppa.c:2448
https://sourceware.org/bugzilla/show_bug.cgi?id=29005 Alan Modra changed: What|Removed |Added Target Milestone|--- |2.39 Status|ASSIGNED|RESOLVED Resolution|--- |FIXED --- Comment #4 from Alan Modra --- Fixed for 2.39 -- You are receiving this mail because: You are on the CC list for the bug.
[Bug gas/16908] #line directives are ignored inside macros
https://sourceware.org/bugzilla/show_bug.cgi?id=16908 --- Comment #4 from cvs-commit at gcc dot gnu.org --- The master branch has been updated by Jan Beulich : https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=be13be5b687ff0c31eacb0bdd0ab90c329476ed1 commit be13be5b687ff0c31eacb0bdd0ab90c329476ed1 Author: Jan Beulich Date: Tue Mar 29 08:18:14 2022 +0200 gas/Dwarf: special-case .linefile only for macros Restrict the PR gas/16908 workaround to just macros, matching the original intention as well as the comment there. For constructs like .irp or .rept the reasoning doesn't apply, as there's no separate "invocation" point which may be of interest to record (for, as said there, short macros). -- You are receiving this mail because: You are on the CC list for the bug.
