test: format-truncation warning in dbwrapper_tests #27014

issue Sjors openend this issue on February 1, 2023
  1. Sjors commented at 1:57 pm on February 1, 2023: member

    Compiling master at e1bf5470f919cf212703466411968916db8ae61f on Ubuntu 22.10 (with depends):

     0  CXX      test/test_bitcoin-dbwrapper_tests.o
     1test/dbwrapper_tests.cpp: In member function void dbwrapper_tests::iterator_string_ordering::test_method():
     2test/dbwrapper_tests.cpp:365:41: error: %d directive output may be truncated writing between 1 and 11 bytes into a region of size 10 [-Werror=format-truncation=]
     3  365 |             snprintf(buf, sizeof(buf), "%d", x);
     4      |                                         ^~
     5test/dbwrapper_tests.cpp:365:40: note: directive argument in the range [-2147483648, 9]
     6  365 |             snprintf(buf, sizeof(buf), "%d", x);
     7      |                                        ^~~~
     8In file included from /usr/include/stdio.h:906,
     9                 from /usr/include/c++/12/cstdio:42,
    10                 from /usr/include/c++/12/ext/string_conversions.h:43,
    11                 from /usr/include/c++/12/bits/basic_string.h:3960,
    12                 from /usr/include/c++/12/string:53,
    13                 from ./clientversion.h:30,
    14                 from ./dbwrapper.h:8,
    15                 from test/dbwrapper_tests.cpp:5:
    16In function int snprintf(char*, size_t, const char*, ...),
    17    inlined from void dbwrapper_tests::iterator_string_ordering::test_method() at test/dbwrapper_tests.cpp:365:21:
    18/usr/include/x86_64-linux-gnu/bits/stdio2.h:54:35: note: __builtin___snprintf_chk output between 2 and 12 bytes into a destination of size 10
    19   54 |   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
    20      |          ~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    21   55 |                                    __glibc_objsize (__s), __fmt,
    22      |                                    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    23   56 |                                    __va_arg_pack ());
    24      |                                    ~~~~~~~~~~~~~~~~~
    

    (I ran with --enable-werror, otherwise it’s merely a warning)

    cc @achow101

  2. Sjors added the label Bug on Feb 1, 2023
  3. achow101 commented at 4:36 pm on February 1, 2023: member
    Not seeing this at all. What compiler version are you using?
  4. john-moffett commented at 6:01 pm on February 1, 2023: contributor

    I can’t reproduce it, either.

    1. Started a clean image of Ubuntu 22.10
    2. Cloned bitcoin repo
    3. sudo apt-get update
    4. sudo apt-get install make automake cmake curl g++-multilib libtool binutils bsdmainutils pkg-config python3 patch bison
    5. cd depends && make NO_QT=1 -j8 && cd ..
    6. ./autogen.sh && CONFIG_SITE=$PWD/depends/x86_64-pc-linux-gnu/share/config.site ./configure --enable-werror
    7. make -j8

    Here’s my configure output:

     0Build Options:
     1  with external callbacks = no
     2  with benchmarks         = no
     3  with tests              = yes
     4  with coverage           = no
     5  with examples           = no
     6  module ecdh             = no
     7  module recovery         = yes
     8  module extrakeys        = yes
     9  module schnorrsig       = yes
    10
    11  asm                     = x86_64
    12  ecmult window size      = 15
    13  ecmult gen prec. bits   = 4
    14
    15  valgrind                = no
    16  CC                      = gcc -m64
    17  CPPFLAGS                =  -I/home/ubuntu/bitcoin/depends/x86_64-pc-linux-gnu/include/ 
    18  SECP_CFLAGS             = -O2  -std=c89 -pedantic -Wno-long-long -Wnested-externs -Wshadow -Wstrict-prototypes -Wundef -Wno-overlength-strings -Wall -Wno-unused-function -Wextra -Wcast-align -Wcast-align=strict -fvisibility=hidden 
    19  CFLAGS                  = -pipe -std=c11 -O2 
    20  LDFLAGS                 = -L/home/ubuntu/bitcoin/depends/x86_64-pc-linux-gnu/lib 
    21
    22Options used to compile and link:
    23  external signer = yes
    24  multiprocess    = no
    25  with experimental syscall sandbox support = yes
    26  with libs       = yes
    27  with wallet     = yes
    28    with sqlite   = yes
    29    with bdb      = yes
    30  with gui / qt   = no
    31  with zmq        = yes
    32  with test       = yes
    33  with fuzz binary = yes
    34  with bench      = yes
    35  with upnp       = yes
    36  with natpmp     = yes
    37  use asm         = yes
    38  USDT tracing    = yes
    39  sanitizers      = 
    40  debug enabled   = no
    41  gprof enabled   = no
    42  werror          = yes
    43  LTO             = no
    44
    45  target os       = linux-gnu
    46  build os        = linux-gnu
    47
    48  CC              = gcc -m64
    49  CFLAGS          = -pthread -pipe -std=c11 -O2 
    50  CPPFLAGS        =   -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2  -DHAVE_BUILD_INFO -DPROVIDE_FUZZ_MAIN_FUNCTION -I/home/ubuntu/bitcoin/depends/x86_64-pc-linux-gnu/include/ 
    51  CXX             = g++ -m64 -std=c++17
    52  CXXFLAGS        =    -fstack-reuse=none -Wstack-protector -fstack-protector-all -fcf-protection=full -fstack-clash-protection   -Werror   -fno-extended-identifiers -pipe -std=c++17 -O2 
    53  LDFLAGS         =  -lpthread  -Wl,-z,relro -Wl,-z,now -Wl,-z,separate-code -pie   -L/home/ubuntu/bitcoin/depends/x86_64-pc-linux-gnu/lib 
    54  AR              = ar
    55  ARFLAGS         = cr
    

    Could you provide your configure output?

    0ldd --version
    1ldd (Ubuntu GLIBC 2.36-0ubuntu4) 2.36
    

    As for the actual warning, it makes some sense and likely can be fixed (among several other ways) just by making x an unsigned int on line 363.

  5. Sjors commented at 6:50 pm on February 1, 2023: member
    • ldd (Ubuntu GLIBC 2.36-0ubuntu4) 2.36
    • gcc (Ubuntu 12.2.0-3ubuntu1) 12.2.0

    I narrowed it down to compiling with sanitizers (I assumed those only impacted run time):

    0./configure --prefix=/home/sjors/dev/bitcoin-depends/depends/x86_64-pc-linux-gnu --enable-werror --enable-suppress-external-warnings --enable-debug  --with-sanitizers=address,undefined --disable-asm --without-gui
    
     0Build Options:
     1  with external callbacks = no
     2  with benchmarks         = no
     3  with tests              = yes
     4  with coverage           = no
     5  with examples           = no
     6  module ecdh             = no
     7  module recovery         = yes
     8  module extrakeys        = yes
     9  module schnorrsig       = yes
    10
    11  asm                     = x86_64
    12  ecmult window size      = 15
    13  ecmult gen prec. bits   = 4
    14
    15  valgrind                = no
    16  CC                      = gcc -m64
    17  CPPFLAGS                =  -D_GLIBCXX_DEBUG -D_GLIBCXX_DEBUG_PEDANTIC -D_LIBCPP_DEBUG=1 -I/home/sjors/dev/bitcoin-depends/depends/x86_64-pc-linux-gnu/include/ 
    18  SECP_CFLAGS             = -O2  -std=c89 -pedantic -Wno-long-long -Wnested-externs -Wshadow -Wstrict-prototypes -Wundef -Wno-overlength-strings -Wall -Wno-unused-function -Wextra -Wcast-align -Wcast-align=strict -fvisibility=hidden 
    19  CFLAGS                  = -pipe -std=c11 -O1 
    20  LDFLAGS                 = -L/home/sjors/dev/bitcoin-depends/depends/x86_64-pc-linux-gnu/lib 
    21
    22Options used to compile and link:
    23  external signer = yes
    24  multiprocess    = no
    25  with experimental syscall sandbox support = no
    26  with libs       = yes
    27  with wallet     = yes
    28    with sqlite   = yes
    29    with bdb      = yes
    30  with gui / qt   = no
    31  with zmq        = yes
    32  with test       = yes
    33  with fuzz binary = yes
    34  with bench      = yes
    35  with upnp       = yes
    36  with natpmp     = yes
    37  use asm         = no
    38  USDT tracing    = yes
    39  sanitizers      = address,undefined
    40  debug enabled   = yes
    41  gprof enabled   = no
    42  werror          = yes
    43  LTO             = no
    44
    45  target os       = linux-gnu
    46  build os        = linux-gnu
    47
    48  CC              = /usr/bin/ccache gcc -m64
    49  CFLAGS          = -pthread -pipe -std=c11 -O1 
    50  CPPFLAGS        =  -DDEBUG -DDEBUG_LOCKORDER -DDEBUG_LOCKCONTENTION -DRPC_DOC_CHECK -DABORT_ON_FAILED_ASSUME -fmacro-prefix-map=$(abs_top_srcdir)=.   -DHAVE_BUILD_INFO -DPROVIDE_FUZZ_MAIN_FUNCTION -D_GLIBCXX_DEBUG -D_GLIBCXX_DEBUG_PEDANTIC -D_LIBCPP_DEBUG=1 -I/home/sjors/dev/bitcoin-depends/depends/x86_64-pc-linux-gnu/include/ 
    51  CXX             = /usr/bin/ccache g++ -m64 -std=c++17
    52  CXXFLAGS        =   -O0 -g3 -ftrapv -fdebug-prefix-map=$(abs_top_srcdir)=.  -fstack-reuse=none -Wstack-protector -fstack-protector-all -fcf-protection=full -fstack-clash-protection   -Werror   -fno-extended-identifiers -pipe -std=c++17 -O1 
    53  LDFLAGS         =  -lpthread  -Wl,-z,relro -Wl,-z,now -Wl,-z,separate-code -pie   -L/home/sjors/dev/bitcoin-depends/depends/x86_64-pc-linux-gnu/lib 
    54  AR              = ar
    55  ARFLAGS         = cr
    
  6. john-moffett commented at 9:42 pm on February 1, 2023: contributor

    Managed to recreate by making depends with DEBUG=1, which adds -D_GLIBCXX_DEBUG -D_GLIBCXX_DEBUG_PEDANTIC -D_LIBCPP_DEBUG=1 to the CPPFLAGS when configuring bitcoin, then running with your configure options.

    This is really bizarre. I made a simple test file with the same behavior and tried to compile it on the Ubuntu instance.

     0ubuntu@:~/bitcoin$ g++ t.cpp -o t.bin -fsanitize=undefined 
     1ubuntu@:~/bitcoin$ g++ t.cpp -o t.bin -fsanitize=undefined -O1 
     2t.cpp: In function int main():
     3t.cpp:11:41: warning: %d directive output may be truncated writing between 1 and 11 bytes into a region of size 9 [-Wformat-truncation=]
     4   11 |             snprintf(buf, sizeof(buf), "%d", x);
     5      |                                         ^~
     6t.cpp:11:40: note: directive argument in the range [-2147483648, 9]
     7   11 |             snprintf(buf, sizeof(buf), "%d", x);
     8      |                                        ^~~~
     9In file included from /usr/include/stdio.h:906,
    10                 from t.cpp:1:
    11In function int snprintf(char*, size_t, const char*, ...),
    12    inlined from int main() at t.cpp:11:21:
    13/usr/include/x86_64-linux-gnu/bits/stdio2.h:54:35: note: __builtin___snprintf_chk output between 2 and 12 bytes into a destination of size 9
    14   54 |   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
    15      |          ~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    16   55 |                                    __glibc_objsize (__s), __fmt,
    17      |                                    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    18   56 |                                    __va_arg_pack ());
    19      |                                    ~~~~~~~~~~~~~~~~~
    

    Compiles fine without -O1, but gives the warning with it.

    Anyway, I can confirm that changing it to an unsigned int fixes the issue.

  7. john-moffett commented at 4:54 pm on February 3, 2023: contributor
    I think the explanation at #27027 sheds light on most of this. Another interesting behavior is that the warning is only emitted for the combination of -fsanitize=undefined and optimization level -O1 (not -O2, -Ofast, etc.). I suppose the offending code is changed before the check in those cases?
  8. maflcko closed this on Feb 6, 2023

  9. sidhujag referenced this in commit 5dc32bdc36 on Feb 6, 2023
  10. bitcoin locked this on Feb 6, 2024

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-12-21 15:12 UTC

This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me