UndefinedBehaviorSanitizer: implicit-integer-sign-change consensus/tx_verify #22537

issue fanquake opened this issue on July 23, 2021
  1. fanquake commented at 8:17 AM on July 23, 2021: member

    From a CI run of #22534 (22.x branch). https://cirrus-ci.com/task/4734379785191424?logs=ci#L2852:

    Run coins_view with args ['/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz', '-runs=1', '/tmp/cirrus-ci-build/ci/scratch/qa-assets/fuzz_seed_corpus/coins_view']INFO: Seed: 3665041784
INFO: Loaded 1 modules   (544969 inline 8-bit counters): 544969 [0x55ca7ebc0bd8, 0x55ca7ec45ca1), 
INFO: Loaded 1 PC tables (544969 PCs): 544969 [0x55ca7ec45ca8,0x55ca7f496938), 
INFO:     4904 files found in /tmp/cirrus-ci-build/ci/scratch/qa-assets/fuzz_seed_corpus/coins_view
INFO: -max_len is not provided; libFuzzer will not generate inputs larger than 1048576 bytes
INFO: seed corpus: files: 4904 min: 1b max: 3984182b total: 168246808b rss: 194Mb
consensus/tx_verify.cpp:163:108: runtime error: implicit conversion from type 'int' of value -2147483632 (32-bit, signed) to type 'unsigned int' changed the value to 2147483664 (32-bit, unsigned)
    [#0](/bitcoin-bitcoin/0/) 0x55ca7b5c2cf0  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x2dabcf0)
    [#1](/bitcoin-bitcoin/1/) 0x55ca7b0ca64d  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x28b364d)
    [#2](/bitcoin-bitcoin/2/) 0x55ca7b0c5241  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x28ae241)
    [#3](/bitcoin-bitcoin/3/) 0x55ca7afa4aa7  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x278daa7)
    [#4](/bitcoin-bitcoin/4/) 0x55ca7c8ac907  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x4095907)
    [#5](/bitcoin-bitcoin/5/) 0x55ca7c8ac5b5  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x40955b5)
    [#6](/bitcoin-bitcoin/6/) 0x55ca7aeaa441  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x2693441)
    [#7](/bitcoin-bitcoin/7/) 0x55ca7aea9b85  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x2692b85)
    [#8](/bitcoin-bitcoin/8/) 0x55ca7aeac4a7  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x26954a7)
    [#9](/bitcoin-bitcoin/9/) 0x55ca7aeac809  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x2695809)
    [#10](/bitcoin-bitcoin/10/) 0x55ca7ae9b4de  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x26844de)
    [#11](/bitcoin-bitcoin/11/) 0x55ca7aec4322  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x26ad322)
    [#12](/bitcoin-bitcoin/12/) 0x7f60ec4380b2  (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
    [#13](/bitcoin-bitcoin/13/) 0x55ca7ae7027d  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x265927d)
SUMMARY: UndefinedBehaviorSanitizer: implicit-integer-sign-change consensus/tx_verify.cpp:163:108 in 
MS: 0 ; base unit: 0000000000000000000000000000000000000000
0x29,0x1e,0x0,0x0,0x0,0x0,0x0,0x0,0xb0,0x3f,0x0,0x2d,0xe5,0xad,0xad,0xad,0xad,0xb2,0x50,0x52,0xca,0x36,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x3f,0x60,0x20,0x5c,0xad,0x5c,0xad,0x5c,0x0,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x5c,0xad,0x5c,0x0,0xdf,0x88,0x88,0x67,0x35,0x1,0x20,0x5c,0xad,0xad,0xad,0x2b,0x67,0xad,0xaf,0x5c,0x0,0x11,0x2a,0x0,0xad,0x0,0xff,0x35,0x35,0x5c,0xb2,0xad,0xad,0xad,0xad,0xad,0x5c,0x0,0x2,0x2,0x2,0xff,0x1,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x1,0x0,0x0,0x0,0x0,0x0,0x0,0x1,0x0,0x0,0x0,0x1,0x1,0x0,0x0,0x0,0x0,0x0,0xad,0x2f,0x5c,0xa6,0x10,0xe4,0x43,0x0,0xbc,0xff,0x88,0x35,0x35,0x2e,0x23,0xff,0xff,0xbd,0x21,0x2e,0xff,0x38,0x25,0xf7,0x2b,0xf7,0x2b,
)\x1e\x00\x00\x00\x00\x00\x00\xb0?\x00-\xe5\xad\xad\xad\xad\xb2PR\xca6\x00\x00\x00\x00\x00\x00\x00?` \\\xad\\\xad\\\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\\\xad\\\x00\xdf\x88\x88g5\x01 \\\xad\xad\xad+g\xad\xaf\\\x00\x11*\x00\xad\x00\xff55\\\xb2\xad\xad\xad\xad\xad\\\x00\x02\x02\x02\xff\x01\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x01\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x01\x00\x00\x00\x00\x00\xad/\\\xa6\x10\xe4C\x00\xbc\xff\x8855.#\xff\xff\xbd!.\xff8%\xf7+\xf7+
artifact_prefix='./'; Test unit written to ./crash-ec97b47763a1ed1d3df636a2cd0fc4c8b518565e
Base64: KR4AAAAAAACwPwAt5a2tra2yUFLKNgAAAAAAAAA/YCBcrVytXAACAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgJcrVwA34iIZzUBIFytra0rZ62vXAARKgCtAP81NVyyra2tra1cAAICAv8BAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAQAAAAAAAAEAAAABAQAAAAAArS9cphDkQwC8/4g1NS4j//+9IS7/OCX3K/cr
INFO: Seed: 3665041784
INFO: Loaded 1 modules   (544969 inline 8-bit counters): 544969 [0x55ca7ebc0bd8, 0x55ca7ec45ca1), 
INFO: Loaded 1 PC tables (544969 PCs): 544969 [0x55ca7ec45ca8,0x55ca7f496938), 
INFO:     4904 files found in /tmp/cirrus-ci-build/ci/scratch/qa-assets/fuzz_seed_corpus/coins_view
INFO: -max_len is not provided; libFuzzer will not generate inputs larger than 1048576 bytes
INFO: seed corpus: files: 4904 min: 1b max: 3984182b total: 168246808b rss: 194Mb
consensus/tx_verify.cpp:163:108: runtime error: implicit conversion from type 'int' of value -2147483632 (32-bit, signed) to type 'unsigned int' changed the value to 2147483664 (32-bit, unsigned)
    [#0](/bitcoin-bitcoin/0/) 0x55ca7b5c2cf0  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x2dabcf0)
    [#1](/bitcoin-bitcoin/1/) 0x55ca7b0ca64d  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x28b364d)
    [#2](/bitcoin-bitcoin/2/) 0x55ca7b0c5241  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x28ae241)
    [#3](/bitcoin-bitcoin/3/) 0x55ca7afa4aa7  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x278daa7)
    [#4](/bitcoin-bitcoin/4/) 0x55ca7c8ac907  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x4095907)
    [#5](/bitcoin-bitcoin/5/) 0x55ca7c8ac5b5  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x40955b5)
    [#6](/bitcoin-bitcoin/6/) 0x55ca7aeaa441  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x2693441)
    [#7](/bitcoin-bitcoin/7/) 0x55ca7aea9b85  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x2692b85)
    [#8](/bitcoin-bitcoin/8/) 0x55ca7aeac4a7  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x26954a7)
    [#9](/bitcoin-bitcoin/9/) 0x55ca7aeac809  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x2695809)
    [#10](/bitcoin-bitcoin/10/) 0x55ca7ae9b4de  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x26844de)
    [#11](/bitcoin-bitcoin/11/) 0x55ca7aec4322  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x26ad322)
    [#12](/bitcoin-bitcoin/12/) 0x7f60ec4380b2  (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
    [#13](/bitcoin-bitcoin/13/) 0x55ca7ae7027d  (/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x265927d)
SUMMARY: UndefinedBehaviorSanitizer: implicit-integer-sign-change consensus/tx_verify.cpp:163:108 in 
MS: 0 ; base unit: 0000000000000000000000000000000000000000
0x29,0x1e,0x0,0x0,0x0,0x0,0x0,0x0,0xb0,0x3f,0x0,0x2d,0xe5,0xad,0xad,0xad,0xad,0xb2,0x50,0x52,0xca,0x36,0x0,0x0,0x0,0x0,0x0,0x0,0x0,0x3f,0x60,0x20,0x5c,0xad,0x5c,0xad,0x5c,0x0,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x5c,0xad,0x5c,0x0,0xdf,0x88,0x88,0x67,0x35,0x1,0x20,0x5c,0xad,0xad,0xad,0x2b,0x67,0xad,0xaf,0x5c,0x0,0x11,0x2a,0x0,0xad,0x0,0xff,0x35,0x35,0x5c,0xb2,0xad,0xad,0xad,0xad,0xad,0x5c,0x0,0x2,0x2,0x2,0xff,0x1,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x2,0x1,0x0,0x0,0x0,0x0,0x0,0x0,0x1,0x0,0x0,0x0,0x1,0x1,0x0,0x0,0x0,0x0,0x0,0xad,0x2f,0x5c,0xa6,0x10,0xe4,0x43,0x0,0xbc,0xff,0x88,0x35,0x35,0x2e,0x23,0xff,0xff,0xbd,0x21,0x2e,0xff,0x38,0x25,0xf7,0x2b,0xf7,0x2b,
)\x1e\x00\x00\x00\x00\x00\x00\xb0?\x00-\xe5\xad\xad\xad\xad\xb2PR\xca6\x00\x00\x00\x00\x00\x00\x00?` \\\xad\\\xad\\\x00\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\\\xad\\\x00\xdf\x88\x88g5\x01 \\\xad\xad\xad+g\xad\xaf\\\x00\x11*\x00\xad\x00\xff55\\\xb2\xad\xad\xad\xad\xad\\\x00\x02\x02\x02\xff\x01\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x02\x01\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x01\x01\x00\x00\x00\x00\x00\xad/\\\xa6\x10\xe4C\x00\xbc\xff\x8855.#\xff\xff\xbd!.\xff8%\xf7+\xf7+
artifact_prefix='./'; Test unit written to ./crash-ec97b47763a1ed1d3df636a2cd0fc4c8b518565e
Base64: KR4AAAAAAACwPwAt5a2tra2yUFLKNgAAAAAAAAA/YCBcrVytXAACAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgJcrVwA34iIZzUBIFytra0rZ62vXAARKgCtAP81NVyyra2tra1cAAICAv8BAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAQAAAAAAAAEAAAABAQAAAAAArS9cphDkQwC8/4g1NS4j//+9IS7/OCX3K/cr
Target "/tmp/cirrus-ci-build/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz -runs=1 /tmp/cirrus-ci-build/ci/scratch/qa-assets/fuzz_seed_corpus/coins_view" failed with exit code 1
  2. fanquake added the label Bug on Jul 23, 2021
  3. MarcoFalke commented at 8:25 AM on July 23, 2021: member

    Workarounds I can see:

    • Disable the integer sanitizer with a suppression
    • Backport #22232
    • Comment out the failing line in the test
    • Ignore the failure
    • Something else?
  4. MarcoFalke removed the label Bug on Jul 23, 2021
  5. MarcoFalke added the label Tests on Jul 23, 2021
  6. fanquake commented at 4:15 AM on July 29, 2021: member

    I can't imagine we are going to backport #22232. I'm slightly leaning towards commenting out the failing test, with explanation . If by ignore you literally mean just ignore the CI failures, I don't think that's an option.

  7. hebasto commented at 10:18 AM on August 7, 2021: member

    Workarounds I can see: ...

    ~See #22629 (comment).~

    UPDATE: #22629 (comment)

  8. MarcoFalke commented at 4:18 PM on January 13, 2022: member

    Is this still an issue?

  9. MarcoFalke closed this on Jan 13, 2022
  10. MarcoFalke reopened this on Jan 13, 2022
  11. MarcoFalke added this to the milestone 22.1 on Apr 16, 2022
  12. MarcoFalke commented at 9:30 AM on April 16, 2022: member

    Not sure what the status of 22.x is at this point? Given that #22629 (comment) has been NACKed, the options are (1) suppression, (2) removing the line in the test, or (3) ignore. See #22537 (comment)

  13. MarcoFalke commented at 2:30 PM on August 10, 2022: member

    The feature request didn't seem to attract much attention in the past. Also, the issue seems not important enough right now to keep it sitting around idle in the list of open issues.

    Closing due to lack of interest. Pull requests with improvements are always welcome.

    See also https://github.com/bitcoin/bitcoin/commit/e9d30fbb3a90dfafebdb026a53b4f632614d660e

  14. MarcoFalke closed this on Aug 10, 2022
  15. bitcoin locked this on Aug 10, 2023
Contributors
fanquakeMarcoFalkehebasto
Labels
Tests

Milestone
22.1

Linked (view graph)
#1 JSON-RPC support for mobile devices ("ultra-lightweight" clients)#2 Long-term, safe, store-of-value#3 Encrypt wallet#4 Export/Import wallet in a human readable, future-proof format#5 Make the version number the protocol version and not the client version#6 Treat wallet as a generic keystore#7 Block-header-only, faster startup client#8 RPC command to sign text with wallet private key#9 Fix for GUI on Macs and latest wxWidgets#10 Add address to listtransactions output#11 Nolisten patch#12 Monitor transactions and/or blocks#13 Messages with or about transactions#22534 [22.x] rc2 backports
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-15 00:14 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me