fuzz: libstdc++ vs libc++ iostream exception messages differ #18749

issue fanquake opened this issue on April 23, 2020
  1. fanquake commented at 11:21 AM on April 23, 2020: member

    The exceptions thrown by the libstdc++ and libc++ standard libraries seems to differ for iostream errors. libstdc++ will output iostream error while libc++ will output unspecified iostream_category error. This means that the expected serialization messages i.e: https://github.com/bitcoin/bitcoin/blob/64139803f1225dab26197a20314109d37fa87d5f/src/test/fuzz/process_message.cpp#L47-L50

    don't always work. For example on macOS:

    ./autogen.sh
CC=/usr/local/opt/llvm/bin/clang-10 CXX=/usr/local/opt/llvm/bin/clang-10 ./configure --enable-fuzz --with-sanitizers=address,fuzzer,undefined
make -j8 
src/test/fuzz/process_message ../qa-assets/fuzz_seed_corpus/process_message
... fuzz fuzz fuzz
INFO: Seed: 3527492440
INFO: Loaded 1 modules   (866992 inline 8-bit counters): 866992 [0x1092eab28, 0x1093be5d8), 
INFO: Loaded 1 PC tables (866992 PCs): 866992 [0x1093be5d8,0x10a0f90d8), 
INFO:     2888 files found in ../qa-assets/fuzz_seed_corpus/process_message
INFO: -max_len is not provided; libFuzzer will not generate inputs larger than 1016709 bytes
INFO: seed corpus: files: 2888 min: 1b max: 1016709b total: 21650652b rss: 129Mb
Unexpected exception when processing message type "tx": Unknown transaction optional data: unspecified iostream_category error
Assertion failed: (false), function test_one_input, file test/fuzz/process_message.cpp, line 109.

    The same difference can be observed on a Debian system, compiling with Clang and linking against either library. i.e:

    #include <iostream>
#include <fstream>
int main() {
	std::ifstream file;
	file.exceptions(file.failbit);
	try {
		file.open("Not there!");
	}
	catch (const std::ios_base::failure &e) {
		std::cerr << e.what() << " " << e.code() << "\n.";
	}
}

    clang version 9.0.1-12 
Target: x86_64-pc-linux-gnu

clang++ stream.cpp -o stream
./stream
basic_ios::clear: iostream error iostream:1

# compile with libc++
clang++ stream.cpp -stdlib=libc++ -o stream
root@a1c752a65885:/# ./stream
ios_base::clear: unspecified iostream_category error iostream:1

    cc @practicalswift

  2. fanquake added the label Tests on Apr 23, 2020
  3. MarcoFalke commented at 11:30 AM on April 23, 2020: member

    The same issue should happen when running libFuzzer/honggfuzz on Windows

  4. laanwj commented at 1:58 PM on April 23, 2020: member

    This is one of the reasons I'm always nervous about matching on the exact text of error messages. Happy this is only in the fuzzer, at least.

  5. practicalswift commented at 9:15 AM on April 24, 2020: contributor

    @fanquake The reason for the text matching was to mimic how it was done here:

    https://github.com/bitcoin/bitcoin/blob/c7e6b3b343e836ff41e9a8872187e0b24f13064d/src/net_processing.cpp#L3337-L3357

    Perhaps matching on the error message substring instead of the whole string in the fuzzing harness would solve the problem with different string prefixes? :)

  6. MarcoFalke commented at 11:53 AM on April 24, 2020: member

    The matching was removed from master, so it can be removed from the fuzzer as well?

  7. practicalswift commented at 12:37 PM on April 24, 2020: contributor

    @MarcoFalke Sure! Fix submitted as #18757 :) @fanquake Thanks for the ping!

  8. MarcoFalke closed this on Apr 24, 2020
  9. DrahtBot locked this on Feb 15, 2022
Contributors
fanquakeMarcoFalkelaanwjpracticalswift
Labels
Tests
Linked (view graph)
#18757 test: Remove enumeration of expected deserialization exceptions in ProcessMessage(...) fuzzer
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-26 00:14 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me