UndefinedBehaviorSanitizer: implicit-integer-sign-change consensus/tx_verify #22537

issue fanquake openend this issue on July 23, 2021
  1. fanquake commented at 8:17 am on July 23, 2021: member

    From a CI run of #22534 (22.x branch). https://cirrus-ci.com/task/4734379785191424?logs=ci#L2852:

     0Run coins_view with args ['/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz', '-runs=1', '/tmp/cirrus-ci-build/ci/scratch/qa-assets/fuzz_seed_corpus/coins_view']INFO: Seed: 3665041784
 1INFO: Loaded 1 modules   (544969 inline 8-bit counters): 544969 [0x55ca7ebc0bd8, 0x55ca7ec45ca1), 
 2INFO: Loaded 1 PC tables (544969 PCs): 544969 [0x55ca7ec45ca8,0x55ca7f496938), 
 3INFO:     4904 files found in /tmp/cirrus-ci-build/ci/scratch/qa-assets/fuzz_seed_corpus/coins_view
 4INFO: -max_len is not provided; libFuzzer will not generate inputs larger than 1048576 bytes
 5INFO: seed corpus: files: 4904 min: 1b max: 3984182b total: 168246808b rss: 194Mb
 6consensus/tx_verify.cpp:163:108: runtime error: implicit conversion from type 'int' of value -2147483632 (32-bit, signed) to type 'unsigned int' changed the value to 2147483664 (32-bit, unsigned)
 7    [#0](/bitcoin-bitcoin/0/) 0x55ca7b5c2cf0  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x2dabcf0)
 8    [#1](/bitcoin-bitcoin/1/) 0x55ca7b0ca64d  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x28b364d)
 9    [#2](/bitcoin-bitcoin/2/) 0x55ca7b0c5241  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x28ae241)
10    [#3](/bitcoin-bitcoin/3/) 0x55ca7afa4aa7  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x278daa7)
11    [#4](/bitcoin-bitcoin/4/) 0x55ca7c8ac907  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x4095907)
12    [#5](/bitcoin-bitcoin/5/) 0x55ca7c8ac5b5  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x40955b5)
13    [#6](/bitcoin-bitcoin/6/) 0x55ca7aeaa441  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x2693441)
14    [#7](/bitcoin-bitcoin/7/) 0x55ca7aea9b85  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x2692b85)
15    [#8](/bitcoin-bitcoin/8/) 0x55ca7aeac4a7  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x26954a7)
16    [#9](/bitcoin-bitcoin/9/) 0x55ca7aeac809  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x2695809)
17    [#10](/bitcoin-bitcoin/10/) 0x55ca7ae9b4de  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x26844de)
18    [#11](/bitcoin-bitcoin/11/) 0x55ca7aec4322  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x26ad322)
19    [#12](/bitcoin-bitcoin/12/) 0x7f60ec4380b2  (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
20    [#13](/bitcoin-bitcoin/13/) 0x55ca7ae7027d  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x265927d)
21SUMMARY: UndefinedBehaviorSanitizer: implicit-integer-sign-change consensus/tx_verify.cpp:163:108 in 
22MS: 0 ; base unit: 0000000000000000000000000000000000000000
230x29,0x1e,0x0,0x0,0x0,0x0,0x0,0x0,0xb0,0x3f,0x0,0x2d,0xe5,0xad,0xad,0xad,0xad,0xb2,0x50,0x52,0xca,0x36,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x3f,0x60,0x20,0x5c,0xad,0x5c,0xad,0x5c,0x0,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x5c,0xad,0x5c,0x0,0xdf,0x88,0x88,0x67,0x35,0x1,0x20,0x5c,0xad,0xad,0xad,0x2b,0x67,0xad,0xaf,0x5c,0x0,0x11,0x2a,0x0,0xad,0x0,0xff,0x35,0x35,0x5c,0xb2,0xad,0xad,0xad,0xad,0xad,0x5c,0x0,0x2,0x2,0x2,0xff,0x1,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x1,0x0,0x0,0x0,0x0,0x0,0x0,0x1,0x0,0x0,0x0,0x1,0x1,0x0,0x0,0x0,0x0,0x0,0xad,0x2f,0x5c,0xa6,0x10,0xe4,0x43,0x0,0xbc,0xff,0x88,0x35,0x35,0x2e,0x23,0xff,0xff,0xbd,0x21,0x2e,0xff,0x38,0x25,0xf7,0x2b,0xf7,0x2b,
24)\x1e\x00\x00\x00\x00\x00\x00\xb0?\x00-\xe5\xad\xad\xad\xad\xb2PR\xca6\x00\x00\x00\x00\x00\x00\x00?` \\\xad\\\xad\\\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\\\xad\\\x00\xdf\x88\x88g5\x01 \\\xad\xad\xad+g\xad\xaf\\\x00\x11*\x00\xad\x00\xff55\\\xb2\xad\xad\xad\xad\xad\\\x00\x02\x02\x02\xff\x01\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x01\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x01\x00\x00\x00\x00\x00\xad/\\\xa6\x10\xe4C\x00\xbc\xff\x8855.#\xff\xff\xbd!.\xff8%\xf7+\xf7+
25artifact_prefix='./'; Test unit written to ./crash-ec97b47763a1ed1d3df636a2cd0fc4c8b518565e
26Base64: KR4AAAAAAACwPwAt5a2tra2yUFLKNgAAAAAAAAA/YCBcrVytXAACAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgJcrVwA34iIZzUBIFytra0rZ62vXAARKgCtAP81NVyyra2tra1cAAICAv8BAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAQAAAAAAAAEAAAABAQAAAAAArS9cphDkQwC8/4g1NS4j//+9IS7/OCX3K/cr
27INFO: Seed: 3665041784
28INFO: Loaded 1 modules   (544969 inline 8-bit counters): 544969 [0x55ca7ebc0bd8, 0x55ca7ec45ca1), 
29INFO: Loaded 1 PC tables (544969 PCs): 544969 [0x55ca7ec45ca8,0x55ca7f496938), 
30INFO:     4904 files found in /tmp/cirrus-ci-build/ci/scratch/qa-assets/fuzz_seed_corpus/coins_view
31INFO: -max_len is not provided; libFuzzer will not generate inputs larger than 1048576 bytes
32INFO: seed corpus: files: 4904 min: 1b max: 3984182b total: 168246808b rss: 194Mb
33consensus/tx_verify.cpp:163:108: runtime error: implicit conversion from type 'int' of value -2147483632 (32-bit, signed) to type 'unsigned int' changed the value to 2147483664 (32-bit, unsigned)
34    [#0](/bitcoin-bitcoin/0/) 0x55ca7b5c2cf0  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x2dabcf0)
35    [#1](/bitcoin-bitcoin/1/) 0x55ca7b0ca64d  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x28b364d)
36    [#2](/bitcoin-bitcoin/2/) 0x55ca7b0c5241  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x28ae241)
37    [#3](/bitcoin-bitcoin/3/) 0x55ca7afa4aa7  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x278daa7)
38    [#4](/bitcoin-bitcoin/4/) 0x55ca7c8ac907  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x4095907)
39    [#5](/bitcoin-bitcoin/5/) 0x55ca7c8ac5b5  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x40955b5)
40    [#6](/bitcoin-bitcoin/6/) 0x55ca7aeaa441  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x2693441)
41    [#7](/bitcoin-bitcoin/7/) 0x55ca7aea9b85  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x2692b85)
42    [#8](/bitcoin-bitcoin/8/) 0x55ca7aeac4a7  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x26954a7)
43    [#9](/bitcoin-bitcoin/9/) 0x55ca7aeac809  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x2695809)
44    [#10](/bitcoin-bitcoin/10/) 0x55ca7ae9b4de  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x26844de)
45    [#11](/bitcoin-bitcoin/11/) 0x55ca7aec4322  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x26ad322)
46    [#12](/bitcoin-bitcoin/12/) 0x7f60ec4380b2  (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
47    [#13](/bitcoin-bitcoin/13/) 0x55ca7ae7027d  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x265927d)
48SUMMARY: UndefinedBehaviorSanitizer: implicit-integer-sign-change consensus/tx_verify.cpp:163:108 in 
49MS: 0 ; base unit: 0000000000000000000000000000000000000000
500x29,0x1e,0x0,0x0,0x0,0x0,0x0,0x0,0xb0,0x3f,0x0,0x2d,0xe5,0xad,0xad,0xad,0xad,0xb2,0x50,0x52,0xca,0x36,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x3f,0x60,0x20,0x5c,0xad,0x5c,0xad,0x5c,0x0,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x5c,0xad,0x5c,0x0,0xdf,0x88,0x88,0x67,0x35,0x1,0x20,0x5c,0xad,0xad,0xad,0x2b,0x67,0xad,0xaf,0x5c,0x0,0x11,0x2a,0x0,0xad,0x0,0xff,0x35,0x35,0x5c,0xb2,0xad,0xad,0xad,0xad,0xad,0x5c,0x0,0x2,0x2,0x2,0xff,0x1,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x1,0x0,0x0,0x0,0x0,0x0,0x0,0x1,0x0,0x0,0x0,0x1,0x1,0x0,0x0,0x0,0x0,0x0,0xad,0x2f,0x5c,0xa6,0x10,0xe4,0x43,0x0,0xbc,0xff,0x88,0x35,0x35,0x2e,0x23,0xff,0xff,0xbd,0x21,0x2e,0xff,0x38,0x25,0xf7,0x2b,0xf7,0x2b,
51)\x1e\x00\x00\x00\x00\x00\x00\xb0?\x00-\xe5\xad\xad\xad\xad\xb2PR\xca6\x00\x00\x00\x00\x00\x00\x00?` \\\xad\\\xad\\\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\\\xad\\\x00\xdf\x88\x88g5\x01 \\\xad\xad\xad+g\xad\xaf\\\x00\x11*\x00\xad\x00\xff55\\\xb2\xad\xad\xad\xad\xad\\\x00\x02\x02\x02\xff\x01\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x01\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x01\x00\x00\x00\x00\x00\xad/\\\xa6\x10\xe4C\x00\xbc\xff\x8855.#\xff\xff\xbd!.\xff8%\xf7+\xf7+
52artifact_prefix='./'; Test unit written to ./crash-ec97b47763a1ed1d3df636a2cd0fc4c8b518565e
53Base64: KR4AAAAAAACwPwAt5a2tra2yUFLKNgAAAAAAAAA/YCBcrVytXAACAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgJcrVwA34iIZzUBIFytra0rZ62vXAARKgCtAP81NVyyra2tra1cAAICAv8BAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAQAAAAAAAAEAAAABAQAAAAAArS9cphDkQwC8/4g1NS4j//+9IS7/OCX3K/cr
54Target "/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz -runs=1 /tmp/cirrus-ci-build/ci/scratch/qa-assets/fuzz_seed_corpus/coins_view" failed with exit code 1
  2. fanquake added the label Bug on Jul 23, 2021
  3. MarcoFalke commented at 8:25 am on July 23, 2021: member

    Workarounds I can see:

    • Disable the integer sanitizer with a suppression
    • Backport #22232
    • Comment out the failing line in the test
    • Ignore the failure
    • Something else?
  4. MarcoFalke removed the label Bug on Jul 23, 2021
  5. MarcoFalke added the label Tests on Jul 23, 2021
  6. fanquake commented at 4:15 am on July 29, 2021: member
    I can’t imagine we are going to backport #22232. I’m slightly leaning towards commenting out the failing test, with explanation . If by ignore you literally mean just ignore the CI failures, I don’t think that’s an option.
  7. hebasto commented at 10:18 am on August 7, 2021: member

    Workarounds I can see: …

    ~See #22629 (comment).~

    UPDATE: #22629 (comment)

  8. MarcoFalke commented at 4:18 pm on January 13, 2022: member
    Is this still an issue?
  9. MarcoFalke closed this on Jan 13, 2022
  10. MarcoFalke reopened this on Jan 13, 2022
  11. MarcoFalke added this to the milestone 22.1 on Apr 16, 2022
  12. MarcoFalke commented at 9:30 am on April 16, 2022: member
    Not sure what the status of 22.x is at this point? Given that #22629 (comment) has been NACKed, the options are (1) suppression, (2) removing the line in the test, or (3) ignore. See #22537 (comment)
  13. MarcoFalke commented at 2:30 pm on August 10, 2022: member

    The feature request didn’t seem to attract much attention in the past. Also, the issue seems not important enough right now to keep it sitting around idle in the list of open issues.

    Closing due to lack of interest. Pull requests with improvements are always welcome.

    See also https://github.com/bitcoin/bitcoin/commit/e9d30fbb3a90dfafebdb026a53b4f632614d660e

  14. MarcoFalke closed this on Aug 10, 2022
  15. bitcoin locked this on Aug 10, 2023


fanquake MarcoFalke hebasto

Labels
Tests

Milestone
22.1

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-07-01 10:13 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me