Refactor and slightly stricter p2p message processing #15197

pull jonasschnelli wants to merge 3 commits into bitcoin:master from jonasschnelli:2019/01/netmsg_1 changing 6 files +14 −22
  1. jonasschnelli commented at 7:04 am on January 18, 2019: contributor

    There are currently redundant checks of the network magic and the MAX_SIZE which makes the code more difficult to read.

    This moves and refactors network magic and message header verification from ProcessMessages() to the deserialisation of a network message.

    Slightly stricter because… … directly disconnect when network magic is invalid even before reading the rest of the message … disconnect directly rather then skipping a message when a command string in invalid (not all zeros after the first zero, invalid chars)

    Simplifies possible p2p protocol upgrades like BIP151

  2. jonasschnelli added the label P2P on Jan 18, 2019
  3. in src/net.cpp:838 in 99c83dffdc outdated
    834@@ -835,8 +835,8 @@ int CNetMessage::readHeader(const char *pch, unsigned int nBytes)
    835         return -1;
    836     }
    837 
    838-    // reject messages larger than MAX_SIZE
    839-    if (hdr.nMessageSize > MAX_SIZE)
    840+    // exit if message has an invalid header
    


    laanwj commented at 7:24 am on January 18, 2019:

    nit: I think “reject” was a better wording than “exit” Also please add braces now that this code is touched anyway.

    0if (!hdr.IsValid(Params().MessageStart())) {
    1    ...
    2}
    
  4. in src/protocol.cpp:105 in 99c83dffdc outdated
    101@@ -102,7 +102,10 @@ bool CMessageHeader::IsValid(const MessageStartChars& pchMessageStartIn) const
    102 {
    103     // Check start string
    104     if (memcmp(pchMessageStart, pchMessageStartIn, MESSAGE_START_SIZE) != 0)
    105+    {
    


    laanwj commented at 7:24 am on January 18, 2019:
    nit: { on same line as if
  5. jonasschnelli force-pushed on Jan 18, 2019
  6. laanwj commented at 7:34 am on January 18, 2019: member

    Concept ACK, it is good to reject an invalid message as soon as possible.

    I think this is correct

    • CNetMessage::readHeader for every message called before ::ProcessMessages
    • CMessageHeader::IsValid does the following checks, which includes checking the message size
      • Check message start
      • Check command string for errors
      • Check message size
  7. laanwj commented at 4:35 pm on January 21, 2019: member
    utACK c749b1347ed1101c2b41211bbbf9dff501bd5927
  8. naumenkogs commented at 7:46 pm on January 21, 2019: member

    utACK c749b13

    Perhaps also replace 24 with HEADER_SIZE here? (twice) https://github.com/bitcoin/bitcoin/blob/c749b1347ed1101c2b41211bbbf9dff501bd5927/src/net.cpp#L820

  9. jonasschnelli commented at 7:32 pm on January 24, 2019: contributor

    Perhaps also replace 24 with HEADER_SIZE here? (twice)

    It should be replaced but its irrelevant for this PR and not within the scope of it (will do later).

  10. laanwj commented at 1:50 pm on January 31, 2019: member

    p2p_invalid_messages is failing locally on this, probably due to something else merged in the meantime?

     0$ test/functional/test_runner.py p2p_invalid_messages.py
     1Temporary test directory at /tmp/test_runner_₿_🏃_20190131_144734
     21/1 - p2p_invalid_messages.py failed, Duration: 1 s
     3
     4stdout:
     52019-01-31T13:47:34.927000Z TestFramework (INFO): Initializing test directory /tmp/test_runner_₿_🏃_20190131_144734/p2p_invalid_messages_0
     62019-01-31T13:47:35.309000Z TestFramework (ERROR): Assertion failed
     7Traceback (most recent call last):
     8  File "/.../bitcoin/test/functional/test_framework/test_framework.py", line 173, in main
     9    self.run_test()
    10  File "/home/orion/projects/bitcoin/bitcoin/test/functional/p2p_invalid_messages.py", line 45, in run_test
    11    self.test_magic_bytes()
    12  File "/home/orion/projects/bitcoin/bitcoin/test/functional/p2p_invalid_messages.py", line 150, in test_magic_bytes
    13    self.nodes[0].disconnect_p2ps()
    14  File "/usr/lib/python3.6/contextlib.py", line 88, in __exit__
    15    next(self.gen)
    16  File "/.../bitcoin/test/functional/test_framework/test_node.py", line 291, in assert_debug_log
    17    self._raise_assertion_error('Expected message "{}" does not partially match log:\n\n{}\n\n'.format(expected_msg, print_log))
    18  File "/.../bitcoin/test/functional/test_framework/test_node.py", line 143, in _raise_assertion_error
    19    raise AssertionError(self._node_msg(msg))
    20AssertionError: [node 0] Expected message "PROCESSMESSAGE: INVALID MESSAGESTART ping" does not partially match log:
    21
    22 - 2019-01-31T13:47:35.257438Z INVALID MESSAGESTART ping
    23 - 2019-01-31T13:47:35.257494Z disconnecting peer=0
    24 - 2019-01-31T13:47:35.257613Z Cleared nodestate for peer=0
    25
    26
    272019-01-31T13:47:35.363000Z TestFramework (INFO): Stopping nodes
    282019-01-31T13:47:35.567000Z TestFramework (WARNING): Not cleaning up dir /tmp/test_runner_₿_🏃_20190131_144734/p2p_invalid_messages_0
    292019-01-31T13:47:35.567000Z TestFramework (ERROR): Test failed. Test logging available at /tmp/test_runner_₿_🏃_20190131_144734/p2p_invalid_messages_0/test_framework.log
    302019-01-31T13:47:35.569000Z TestFramework (ERROR): Hint: Call /.../bitcoin/test/functional/combine_logs.py '/tmp/test_runner_₿_🏃_20190131_144734/p2p_invalid_messages_0' to consolidate all logs
    31
    32
    33stderr:
    34
    35
    36
    37TEST                    | STATUS    | DURATION
    38
    39p2p_invalid_messages.py | ✖ Failed  | 1 s
    40
    41ALL                     | ✖ Failed  | 1 s (accumulated)
    42Runtime: 1 s
    
  11. in src/net.cpp:656 in c749b1347e outdated
    834@@ -835,9 +835,10 @@ int CNetMessage::readHeader(const char *pch, unsigned int nBytes)
    835         return -1;
    836     }
    837 
    838-    // reject messages larger than MAX_SIZE
    839-    if (hdr.nMessageSize > MAX_SIZE)
    840+    // reject if message has an invalid header
    841+    if (!hdr.IsValid(Params().MessageStart())) {
    842         return -1;
    843+    }
    


    MarcoFalke commented at 3:41 pm on January 31, 2019:
    Previously this wouldn’t log and now this logs. This is a minor change in behaviour and opens the possibility to fill in the (currently empty) string in assert_debug_log in the invalid message functional test.
  12. MarcoFalke commented at 3:42 pm on January 31, 2019: member
    Needs rebase
  13. jonasschnelli force-pushed on Jan 31, 2019
  14. jonasschnelli commented at 7:35 pm on January 31, 2019: contributor
    Re-added the invalid header log (slightly changed log message) and fixed the new tests.
  15. jonasschnelli force-pushed on Jan 31, 2019
  16. in src/net.cpp:654 in 03501001d3 outdated
    664@@ -665,9 +665,11 @@ int CNetMessage::readHeader(const char *pch, unsigned int nBytes)
    665         return -1;
    666     }
    667 
    668-    // reject messages larger than MAX_SIZE
    669-    if (hdr.nMessageSize > MAX_SIZE)
    670+    // reject if message has an invalid header
    671+    if (!hdr.IsValid(Params().MessageStart())) {
    672+        LogPrint(BCLog::NET, "INVALID HEADER DETECTED\n");
    


    MarcoFalke commented at 7:42 pm on January 31, 2019:

    There is already logging in

    0LogPrintf("CMessageHeader::IsValid(): (%s, %u bytes) nMessageSize > MAX_SIZE
    

    I have no opinion on where to do it, but it should suffice to log only one line instead of two for a single error.


    jonasschnelli commented at 8:08 pm on January 31, 2019:

    Without the log entry in L670, we would only log the invalid message size (not invalid magic check and invalid command strings). We could drop the invalid message size but I think this is one we should keep since it smells after DoS/dishonest peers.

    After this PR, you will get two log entries in case of an message size larger then MAX_SIZE.

    1. LogPrintf("CMessageHeader::IsValid(): (%s, %u bytes) nMessageSize > MAX_SIZE\n", GetCommand(), nMessageSize);
    2. LogPrint(BCLog::NET, "INVALID HEADER DETECTED\n");

    Which I think is acceptable.

    Of course we could remove the first entry about the message size.

  17. DrahtBot commented at 6:59 pm on March 11, 2019: member

    The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

    Conflicts

    Reviewers, this pull request conflicts with the following ones:

    • #18764 (refactor: test: replace inv type magic numbers by constants by theStack)
    • #17785 (p2p: Unify Send and Receive protocol versions by hebasto)

    If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

  18. DrahtBot added the label Needs rebase on Apr 23, 2019
  19. jonasschnelli force-pushed on Apr 24, 2019
  20. jonasschnelli commented at 12:44 pm on April 24, 2019: contributor
    Rebased.
  21. DrahtBot removed the label Needs rebase on Apr 24, 2019
  22. practicalswift commented at 1:43 pm on April 24, 2019: contributor
    Concept ACK
  23. DrahtBot added the label Needs rebase on Oct 28, 2019
  24. dongcarl commented at 7:47 pm on January 22, 2020: member
  25. Remove redundant message network magic check 183c54f9de
  26. Reject invalid headers (disconnect) during deserialization
    # Conflicts:
    #	src/net_processing.cpp
    3a6579b54b
  27. net: Move MAX_PROTOCOL_MESSAGE_LENGTH to protocol.h 2fccdaf26c
  28. jonasschnelli force-pushed on May 7, 2020
  29. jonasschnelli commented at 7:35 am on May 7, 2020: contributor
    Rebased (used @dongcarl’s rebase).
  30. DrahtBot removed the label Needs rebase on May 7, 2020
  31. in src/net_processing.cpp:3391 in 2fccdaf26c
    3386-    }
    3387 
    3388-    // Check header
    3389-    if (!msg.m_valid_header)
    3390-    {
    3391-        LogPrint(BCLog::NET, "PROCESSMESSAGE: ERRORS IN HEADER %s peer=%d\n", SanitizeString(msg.m_command), pfrom->GetId());
    


    jonatack commented at 10:44 am on May 10, 2020:
    Is the msg command and peer id information in the above two NET log error messages useful, worth keeping?
  32. jonatack commented at 11:07 am on May 10, 2020: member

    Almost-ACK 2fccdaf26c21af216b7323b8321d3971766ffd23 code review, tests green, but like with the CI, the process_messages fuzzer crashes immediately.

     0$ src/test/fuzz/process_messages
     1
     2INFO: Seed: 3691449907
     3INFO: Loaded 1 modules   (492032 inline 8-bit counters): 492032 [0x56069c1c61e8, 0x56069c23e3e8), 
     4INFO: Loaded 1 PC tables (492032 PCs): 492032 [0x56069c23e3e8,0x56069c9c03e8), 
     5INFO: -max_len is not provided; libFuzzer will not generate inputs larger than 4096 bytes
     6INFO: A corpus is not provided, starting from an empty corpus
     7[#2](/bitcoin-bitcoin/2/)	INITED cov: 5995 ft: 5996 corp: 1/1b exec/s: 0 rss: 180Mb
     8	NEW_FUNC[0/1]: 0x560699684c00 in std::_Rb_tree_iterator<std::pair<long const, (anonymous namespace)::CNodeState> >::operator--() /usr/lib/gcc/x86_64-linux-gnu/8/../../../../include/c++/8/bits/stl_tree.h:301
     9[#4](/bitcoin-bitcoin/4/)	NEW    cov: 6006 ft: 8664 corp: 2/2b exec/s: 0 rss: 185Mb L: 1/1 MS: 1 ChangeBit-
    10[#5](/bitcoin-bitcoin/5/)	NEW    cov: 6017 ft: 13028 corp: 3/4098b exec/s: 0 rss: 186Mb L: 4096/4096 MS: 1 CrossOver-
    11[#6](/bitcoin-bitcoin/6/)	NEW    cov: 6017 ft: 13130 corp: 4/4106b exec/s: 0 rss: 187Mb L: 8/4096 MS: 1 CMP- DE: "cmpctbl"-
    12	NEW_FUNC[0/125]: 0x56069947f910 in FuzzedDataProvider::ConsumeBytesAsString[abi:cxx11](unsigned long) /home/jon/projects/bitcoin/bitcoin/src/./test/fuzz/FuzzedDataProvider.h:63
    13	NEW_FUNC[1/125]: 0x56069947ffd0 in ConsumeRandomLengthByteVector(FuzzedDataProvider&, unsigned long) /home/jon/projects/bitcoin/bitcoin/src/./test/fuzz/util.h:28
    14[#12](/bitcoin-bitcoin/12/)	NEW    cov: 7458 ft: 15384 corp: 5/4189b exec/s: 0 rss: 191Mb L: 83/4096 MS: 1 InsertRepeatedBytes-
    15[#13](/bitcoin-bitcoin/13/)	REDUCE cov: 7458 ft: 15384 corp: 5/2206b exec/s: 0 rss: 192Mb L: 2113/2113 MS: 1 EraseBytes-
    16[#19](/bitcoin-bitcoin/19/)	NEW    cov: 7459 ft: 15385 corp: 6/2289b exec/s: 0 rss: 195Mb L: 83/2113 MS: 1 ChangeBinInt-
    17[#27](/bitcoin-bitcoin/27/)	NEW    cov: 7459 ft: 15409 corp: 7/2461b exec/s: 0 rss: 195Mb L: 172/2113 MS: 3 ChangeBit-ShuffleBytes-InsertRepeatedBytes-
    18[#28](/bitcoin-bitcoin/28/)	NEW    cov: 7459 ft: 15416 corp: 8/2478b exec/s: 0 rss: 197Mb L: 17/2113 MS: 1 CMP- DE: "getblockt"-
    19[#31](/bitcoin-bitcoin/31/)	NEW    cov: 7459 ft: 15422 corp: 9/2490b exec/s: 0 rss: 202Mb L: 12/2113 MS: 3 PersAutoDict-ChangeBinInt-CopyPart- DE: "cmpctbl"-
    20[#42](/bitcoin-bitcoin/42/)	NEW    cov: 7459 ft: 15450 corp: 10/2582b exec/s: 0 rss: 203Mb L: 92/2113 MS: 1 CMP- DE: "getblocks"-
    21process_messages: test/util/net.cpp:12: void ConnmanTestMsg::NodeReceiveMsgBytes(CNode &, const char *, unsigned int, bool &) const: Assertion `node.ReceiveMsgBytes(pch, nBytes, complete)' failed.
    22==49545== ERROR: libFuzzer: deadly signal
    23    [#0](/bitcoin-bitcoin/0/) 0x560699453cc7 in __sanitizer_print_stack_trace /tmp/final/llvm.src/projects/compiler-rt/lib/asan/asan_stack.cc:38:3
    24    [#1](/bitcoin-bitcoin/1/) 0x560699391b46 in fuzzer::Fuzzer::CrashCallback() /tmp/final/llvm.src/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:233:5
    25    [#2](/bitcoin-bitcoin/2/) 0x560699391b0f in fuzzer::Fuzzer::StaticCrashSignalCallback() /tmp/final/llvm.src/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:206:6
    26    [#3](/bitcoin-bitcoin/3/) 0x7f45a3cc972f  (/lib/x86_64-linux-gnu/libpthread.so.0+0x1272f)
    27    [#4](/bitcoin-bitcoin/4/) 0x7f45a35267ba in gsignal (/lib/x86_64-linux-gnu/libc.so.6+0x377ba)
    28    [#5](/bitcoin-bitcoin/5/) 0x7f45a3511534 in abort (/lib/x86_64-linux-gnu/libc.so.6+0x22534)
    29    [#6](/bitcoin-bitcoin/6/) 0x7f45a351140e in __tls_get_addr (/lib/x86_64-linux-gnu/libc.so.6+0x2240e)
    30    [#7](/bitcoin-bitcoin/7/) 0x7f45a351f101 in __assert_fail (/lib/x86_64-linux-gnu/libc.so.6+0x30101)
    31    [#8](/bitcoin-bitcoin/8/) 0x56069a017513 in ConnmanTestMsg::NodeReceiveMsgBytes(CNode&, char const*, unsigned int, bool&) const /home/jon/projects/bitcoin/bitcoin/src/test/util/net.cpp:12:5
    32    [#9](/bitcoin-bitcoin/9/) 0x56069a0179b7 in ConnmanTestMsg::ReceiveMsgFrom(CNode&, CSerializedNetMsg&) const /home/jon/projects/bitcoin/bitcoin/src/test/util/net.cpp:36:5
    33    [#10](/bitcoin-bitcoin/10/) 0x56069947cb33 in test_one_input(std::vector<unsigned char, std::allocator<unsigned char> > const&) /home/jon/projects/bitcoin/bitcoin/src/test/fuzz/process_messages.cpp:70:23
    34    [#11](/bitcoin-bitcoin/11/) 0x56069a6cd4bf in LLVMFuzzerTestOneInput /home/jon/projects/bitcoin/bitcoin/src/test/fuzz/fuzz.cpp:38:5
    35    [#12](/bitcoin-bitcoin/12/) 0x560699392d9c in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /tmp/final/llvm.src/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:515:13
    36    [#13](/bitcoin-bitcoin/13/) 0x5606993925fb in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /tmp/final/llvm.src/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:440:3
    37    [#14](/bitcoin-bitcoin/14/) 0x56069939402d in fuzzer::Fuzzer::MutateAndTestOne() /tmp/final/llvm.src/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:648:19
    38    [#15](/bitcoin-bitcoin/15/) 0x5606993948e5 in fuzzer::Fuzzer::Loop(std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, fuzzer::fuzzer_allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&) /tmp/final/llvm.src/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:775:5
    39    [#16](/bitcoin-bitcoin/16/) 0x5606993895f0 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /tmp/final/llvm.src/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:754:6
    40    [#17](/bitcoin-bitcoin/17/) 0x5606993ab1f2 in main /tmp/final/llvm.src/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
    41    [#18](/bitcoin-bitcoin/18/) 0x7f45a351309a in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2409a)
    42    [#19](/bitcoin-bitcoin/19/) 0x560699382689 in _start (/home/jon/projects/bitcoin/bitcoin/src/test/fuzz/process_messages+0x1d4b689)
    43
    44NOTE: libFuzzer has rudimentary signal handlers.
    45      Combine libFuzzer with AddressSanitizer or similar for better crash reports.
    46SUMMARY: libFuzzer: deadly signal
    47MS: 4 InsertByte-ChangeBinInt-ChangeBit-InsertByte-; base unit: 238a1471e0fe80591ae349e15e2e05d2f27d2752
    480x53,0x6d,0x70,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x97,0x51,0x51,0x51,0x51,0x51,0x27,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x4a,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x67,0x65,0x74,0x62,0x6c,0x6f,0x63,0x6b,0x33,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x51,0x63,0x74,0x62,0x6c,0x2,
    49SmpQQQQQQQQ\x97QQQQQ'QQQQQQQQQQQQQQQQQQQQQQQQQQQJQQQQQQQQQQQQQQQQQQQQQQQQQQgetblock3QQQQQQQQctbl\x02
    50artifact_prefix='./'; Test unit written to ./crash-1d54d0ac152cf2bedf83aeae267ba747a6faf9e4
    51Base64: U21wUVFRUVFRUVGXUVFRUVEnUVFRUVFRUVFRUVFRUVFRUVFRUVFRUVFRUVFRSlFRUVFRUVFRUVFRUVFRUVFRUVFRUVFRUVFRZ2V0YmxvY2szUVFRUVFRUVFjdGJsAg==
    52
    53
    54$ src/test/fuzz/process_messages ../qa-assets/fuzz_seed_corpus/
    55
    56INFO: Seed: 3660452216
    57INFO: Loaded 1 modules   (492032 inline 8-bit counters): 492032 [0x559f8ede51e8, 0x559f8ee5d3e8), 
    58INFO: Loaded 1 PC tables (492032 PCs): 492032 [0x559f8ee5d3e8,0x559f8f5df3e8), 
    59INFO:    52251 files found in ../qa-assets/fuzz_seed_corpus/
    60INFO: -max_len is not provided; libFuzzer will not generate inputs larger than 1048576 bytes
    61INFO: seed corpus: files: 52251 min: 1b max: 3984182b total: 462001668b rss: 224Mb
    62[#512](/bitcoin-bitcoin/512/)	pulse  cov: 6015 ft: 13211 corp: 7/9b exec/s: 256 rss: 515Mb
    63[#1024](/bitcoin-bitcoin/1024/)	pulse  cov: 6015 ft: 13362 corp: 9/14b exec/s: 256 rss: 515Mb
    64[#2048](/bitcoin-bitcoin/2048/)	pulse  cov: 6015 ft: 13372 corp: 11/23b exec/s: 227 rss: 515Mb
    65[#4096](/bitcoin-bitcoin/4096/)	pulse  cov: 6015 ft: 13374 corp: 12/29b exec/s: 240 rss: 515Mb
    66process_messages: test/util/net.cpp:12: void ConnmanTestMsg::NodeReceiveMsgBytes(CNode &, const char *, unsigned int, bool &) const: Assertion `node.ReceiveMsgBytes(pch, nBytes, complete)' failed.
    67==49620== ERROR: libFuzzer: deadly signal
    68    [#0](/bitcoin-bitcoin/0/) 0x559f8c072cc7 in __sanitizer_print_stack_trace /tmp/final/llvm.src/projects/compiler-rt/lib/asan/asan_stack.cc:38:3
    69    [#1](/bitcoin-bitcoin/1/) 0x559f8bfb0b46 in fuzzer::Fuzzer::CrashCallback() /tmp/final/llvm.src/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:233:5
    70    [#2](/bitcoin-bitcoin/2/) 0x559f8bfb0b0f in fuzzer::Fuzzer::StaticCrashSignalCallback() /tmp/final/llvm.src/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:206:6
    71    [#3](/bitcoin-bitcoin/3/) 0x7fcd3259272f  (/lib/x86_64-linux-gnu/libpthread.so.0+0x1272f)
    72    [#4](/bitcoin-bitcoin/4/) 0x7fcd31def7ba in gsignal (/lib/x86_64-linux-gnu/libc.so.6+0x377ba)
    73    [#5](/bitcoin-bitcoin/5/) 0x7fcd31dda534 in abort (/lib/x86_64-linux-gnu/libc.so.6+0x22534)
    74    [#6](/bitcoin-bitcoin/6/) 0x7fcd31dda40e in __tls_get_addr (/lib/x86_64-linux-gnu/libc.so.6+0x2240e)
    75    [#7](/bitcoin-bitcoin/7/) 0x7fcd31de8101 in __assert_fail (/lib/x86_64-linux-gnu/libc.so.6+0x30101)
    76    [#8](/bitcoin-bitcoin/8/) 0x559f8cc36513 in ConnmanTestMsg::NodeReceiveMsgBytes(CNode&, char const*, unsigned int, bool&) const /home/jon/projects/bitcoin/bitcoin/src/test/util/net.cpp:12:5
    77    [#9](/bitcoin-bitcoin/9/) 0x559f8cc369b7 in ConnmanTestMsg::ReceiveMsgFrom(CNode&, CSerializedNetMsg&) const /home/jon/projects/bitcoin/bitcoin/src/test/util/net.cpp:36:5
    78    [#10](/bitcoin-bitcoin/10/) 0x559f8c09bb33 in test_one_input(std::vector<unsigned char, std::allocator<unsigned char> > const&) /home/jon/projects/bitcoin/bitcoin/src/test/fuzz/process_messages.cpp:70:23
    79    [#11](/bitcoin-bitcoin/11/) 0x559f8d2ec4bf in LLVMFuzzerTestOneInput /home/jon/projects/bitcoin/bitcoin/src/test/fuzz/fuzz.cpp:38:5
    80    [#12](/bitcoin-bitcoin/12/) 0x559f8bfb1d9c in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /tmp/final/llvm.src/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:515:13
    81    [#13](/bitcoin-bitcoin/13/) 0x559f8bfb15fb in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /tmp/final/llvm.src/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:440:3
    82    [#14](/bitcoin-bitcoin/14/) 0x559f8bfb34ee in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, fuzzer::fuzzer_allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&) /tmp/final/llvm.src/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:723:7
    83    [#15](/bitcoin-bitcoin/15/) 0x559f8bfb3765 in fuzzer::Fuzzer::Loop(std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, fuzzer::fuzzer_allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&) /tmp/final/llvm.src/projects/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:739:3
    84    [#16](/bitcoin-bitcoin/16/) 0x559f8bfa85f0 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /tmp/final/llvm.src/projects/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:754:6
    85    [#17](/bitcoin-bitcoin/17/) 0x559f8bfca1f2 in main /tmp/final/llvm.src/projects/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
    86    [#18](/bitcoin-bitcoin/18/) 0x7fcd31ddc09a in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2409a)
    87    [#19](/bitcoin-bitcoin/19/) 0x559f8bfa1689 in _start (/home/jon/projects/bitcoin/bitcoin/src/test/fuzz/process_messages+0x1d4b689)
    88
    89NOTE: libFuzzer has rudimentary signal handlers.
    90      Combine libFuzzer with AddressSanitizer or similar for better crash reports.
    91SUMMARY: libFuzzer: deadly signal
    92MS: 0 ; base unit: 0000000000000000000000000000000000000000
    930xff,0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x28,0xff,0xff,0xff,0xff,
    94\xff\xff\xff\xff\xff\xff\xff\xff(\xff\xff\xff\xff
    95artifact_prefix='./'; Test unit written to ./crash-f85246b48c886455a89bedd4a1a6b76478478e98
    96Base64: //////////8o/////w==
    
  33. fanquake referenced this in commit 0f2fa599ae on May 12, 2020
  34. sidhujag referenced this in commit 41ee04fed3 on May 12, 2020
  35. DrahtBot commented at 7:33 pm on May 20, 2020: member

    🐙 This pull request conflicts with the target branch and needs rebase.

  36. DrahtBot added the label Needs rebase on May 20, 2020
  37. fanquake referenced this in commit 6af9b31bfc on Sep 29, 2020
  38. jnewbery commented at 10:39 am on September 29, 2020: member
    This is obsoleted by #19107 @jonasschnelli - if you think that there’s anything in here that isn’t addressed by 19107, feel free to reopen or open another PR.
  39. jnewbery closed this on Sep 29, 2020

  40. sidhujag referenced this in commit 7f1c584210 on Sep 29, 2020
  41. DrahtBot locked this on Feb 15, 2022

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-12-18 15:12 UTC

This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me