fuzz: Limit toxic test globals to their respective scope #21849

pull MarcoFalke wants to merge 1 commits into bitcoin:master from MarcoFalke:2105-fuzzToxic changing 1 files +10 −7
  1. MarcoFalke commented at 7:27 AM on May 4, 2021: member

    Globals in one fuzz target are toxic to all other fuzz targets, because we link all fuzz targets into one binary. Any code called by constructing the global will affect all other targets. This leads to incorrect coverage stats, false-positive crashes, ...

  2. fuzz: Limit toxic test globals to their respective scope cf83b82cf0
  3. fanquake added the label Tests on May 4, 2021
  4. MarcoFalke commented at 7:55 AM on May 4, 2021: member

    <!-- (gdb) run Starting program: /out/bitcoin-core/asmap [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". ==13==WARNING: MemorySanitizer: use-of-uninitialized-value [#0](/bitcoin-bitcoin/0/) 0x555557413f05 in secp256k1_fe_normalize_var /src/bitcoin-core/src/secp256k1/./src/field_5x52_impl.h:141:9 [#1](/bitcoin-bitcoin/1/) 0x5555574229b6 in secp256k1_ecmult_odd_multiples_table_storage_var /src/bitcoin-core/src/secp256k1/./src/ecmult_impl.h:176:9 [#2](/bitcoin-bitcoin/2/) 0x555557401f95 in secp256k1_ecmult_context_build /src/bitcoin-core/src/secp256k1/./src/ecmult_impl.h:332:5 [#3](/bitcoin-bitcoin/3/) 0x555557401a4c in secp256k1_context_preallocated_create /src/bitcoin-core/src/secp256k1/src/secp256k1.c:144:9 [#4](/bitcoin-bitcoin/4/) 0x555557402271 in secp256k1_context_create /src/bitcoin-core/src/secp256k1/src/secp256k1.c:154:9 [#5](/bitcoin-bitcoin/5/) 0x555557190478 in ECCVerifyHandle::ECCVerifyHandle() /src/bitcoin-core/src/pubkey.cpp:316:36 [#6](/bitcoin-bitcoin/6/) 0x555555982661 in __cxx_global_var_init.8 /src/bitcoin-core/src/test/fuzz/script_assets_test_minimizer.cpp:189:17 [#7](/bitcoin-bitcoin/7/) 0x55555598276f in _GLOBAL__sub_I_script_assets_test_minimizer.cpp /src/bitcoin-core/src/test/fuzz/script_assets_test_minimizer.cpp [#8](/bitcoin-bitcoin/8/) 0x55555769794c in __libc_csu_init (/out/bitcoin-core/asmap+0x214394c) [#9](/bitcoin-bitcoin/9/) 0x7ffff6ee57ce in __libc_start_main /build/glibc-e6zv40/glibc-2.23/csu/../csu/libc-start.c:247 [#10](/bitcoin-bitcoin/10/) 0x55555599eaf8 in _start (/out/bitcoin-core/asmap+0x44aaf8) DEDUP_TOKEN: secp256k1_fe_normalize_var--secp256k1_ecmult_odd_multiples_table_storage_var--secp256k1_ecmult_context_build Uninitialized value was stored to memory at [#0](/bitcoin-bitcoin/0/) 0x555555a4f9d9 in __msan_memcpy /src/llvm-project/compiler-rt/lib/msan/msan_interceptors.cpp:1558:3 [#1](/bitcoin-bitcoin/1/) 0x55555742294e in secp256k1_ecmult_odd_multiples_table_storage_var /src/bitcoin-core/src/secp256k1/./src/ecmult_impl.h:171:17 [#2](/bitcoin-bitcoin/2/) 0x555557401f95 in secp256k1_ecmult_context_build /src/bitcoin-core/src/secp256k1/./src/ecmult_impl.h:332:5 [#3](/bitcoin-bitcoin/3/) 0x555557401a4c in secp256k1_context_preallocated_create /src/bitcoin-core/src/secp256k1/src/secp256k1.c:144:9 [#4](/bitcoin-bitcoin/4/) 0x555557402271 in secp256k1_context_create /src/bitcoin-core/src/secp256k1/src/secp256k1.c:154:9 [#5](/bitcoin-bitcoin/5/) 0x555557190478 in ECCVerifyHandle::ECCVerifyHandle() /src/bitcoin-core/src/pubkey.cpp:316:36 [#6](/bitcoin-bitcoin/6/) 0x555555982661 in __cxx_global_var_init.8 /src/bitcoin-core/src/test/fuzz/script_assets_test_minimizer.cpp:189:17 [#7](/bitcoin-bitcoin/7/) 0x55555598276f in _GLOBAL__sub_I_script_assets_test_minimizer.cpp /src/bitcoin-core/src/test/fuzz/script_assets_test_minimizer.cpp [#8](/bitcoin-bitcoin/8/) 0x55555769794c in __libc_csu_init (/out/bitcoin-core/asmap+0x214394c) DEDUP_TOKEN: __msan_memcpy--secp256k1_ecmult_odd_multiples_table_storage_var--secp256k1_ecmult_context_build Uninitialized value was created by an allocation of 'p_ge' in the stack frame of function 'secp256k1_ecmult_odd_multiples_table_storage_var' [#0](/bitcoin-bitcoin/0/) 0x555557422620 in secp256k1_ecmult_odd_multiples_table_storage_var /src/bitcoin-core/src/secp256k1/./src/ecmult_impl.h:145 DEDUP_TOKEN: secp256k1_ecmult_odd_multiples_table_storage_var SUMMARY: MemorySanitizer: use-of-uninitialized-value /src/bitcoin-core/src/secp256k1/./src/field_5x52_impl.h:141:9 in secp256k1_fe_normalize_var Unique heap origins: 386 Stack depot allocated bytes: 46224 Unique origin histories: 259 History depot allocated bytes: 6216 Exiting [Inferior 1 (process 13) exited with code 01] (gdb) quit

  5. practicalswift commented at 8:19 AM on May 4, 2021: contributor

    cr ACK cf83b82cf04a57223ebed74b8935e56f74ed721b: non-toxic is better than toxic!

  6. laanwj commented at 3:16 PM on May 4, 2021: member

    Code review ACK cf83b82cf04a57223ebed74b8935e56f74ed721b

  7. MarcoFalke merged this on May 4, 2021
  8. MarcoFalke closed this on May 4, 2021
  9. MarcoFalke deleted the branch on May 4, 2021
  10. sidhujag referenced this in commit 96d7c92dae on May 5, 2021
  11. gwillen referenced this in commit 2306e2c134 on Jun 1, 2022
  12. DrahtBot locked this on Aug 18, 2022
Contributors
MarcoFalkepracticalswiftlaanwj
Labels
Tests
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-17 06:14 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me