test: migrate to some per-symbol ubsan suppressions #28865

pull fanquake wants to merge 1 commits into bitcoin:master from fanquake:ubsan_per_symbol changing 1 files +19 −11
  1. fanquake commented at 5:41 pm on November 13, 2023: member

    Now that the symbolizer should be hanging around (#28814), migrate some file-wide suppressions to be symbol specific. Should assist in catching new issues that may otherwise go unnoticed due to file-wide suppression.

    Only tested (so far) on aarch64 using the native ASAN & FUZZ CI.

  2. DrahtBot commented at 5:41 pm on November 13, 2023: contributor

    The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

    Code Coverage

    For detailed information about the code coverage, see the test coverage report.

    Reviews

    See the guideline for information on the review process.

    Type Reviewers
    ACK maflcko, dergoegge

    If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update.

    Conflicts

    Reviewers, this pull request conflicts with the following ones:

    • #28875 (build: Pass sanitize flags to instrument libsecp256k1 code by hebasto)
    • #28690 (build: Introduce internal kernel library by TheCharlatan)

    If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

  3. maflcko commented at 11:00 am on November 14, 2023: member
    Should be fine, if CI passes. Can easily be reverted, if it turns out failing locally.
  4. test: migrate to some per-symbol ubsan suppressions
    Tested on aarch64 using the ASAN CI job. Currently unable to test on
    x86_64 due to AppArmor & podman issues.
    fd30e9688e
  5. fanquake force-pushed on Nov 14, 2023
  6. fanquake renamed this:
    [WIP] test: migrate to some per-symbol ubsan suppressions
    test: migrate to some per-symbol ubsan suppressions
    on Nov 14, 2023
  7. DrahtBot added the label Tests on Nov 14, 2023
  8. fanquake marked this as ready for review on Nov 14, 2023
  9. fanquake commented at 3:59 pm on November 14, 2023: member
    Pushed up a few more changes.
  10. maflcko commented at 4:02 pm on November 14, 2023: member
    lgtm ACK fd30e9688e15fe6e0f8b64202a6e9c7d96333394
  11. fanquake requested review from dergoegge on Nov 14, 2023
  12. dergoegge approved
  13. dergoegge commented at 4:46 pm on November 14, 2023: member

    utACK fd30e9688e15fe6e0f8b64202a6e9c7d96333394 (if CI is green)

    Good stuff

  14. fanquake merged this on Nov 15, 2023
  15. fanquake closed this on Nov 15, 2023

  16. fanquake deleted the branch on Nov 15, 2023
  17. in test/sanitizer_suppressions/ubsan:62 in fd30e9688e
    64-implicit-integer-sign-change:compat/stdin.cpp
    65+implicit-integer-sign-change:SetStdinEcho
    66 implicit-integer-sign-change:compressor.h
    67 implicit-integer-sign-change:crypto/
    68-implicit-integer-sign-change:policy/fees.cpp
    69+implicit-integer-sign-change:TxConfirmStats::removeTx
    


    maflcko commented at 8:55 am on November 29, 2023:

    This now causes (locally):

     0# FUZZ=policy_estimator UBSAN_OPTIONS="suppressions=/root/fuzz_dir/scratch/fuzz_gen/code/test/sanitizer_suppressions/ubsan:print_stacktrace=1:halt_on_error=1:report_error_type=1" /root/fuzz_dir/scratch/fuzz_gen/code/src/test/fuzz/fuzz -runs=1 /root/fuzz_dir/scratch/fuzz_gen/code/crash-* 
     1INFO: Running with entropic power schedule (0xFF, 100).
     2INFO: Seed: 3432838904
     3INFO: Loaded 1 modules   (545951 inline 8-bit counters): 545951 [0x55cbc06c70a8, 0x55cbc074c547), 
     4INFO: Loaded 1 PC tables (545951 PCs): 545951 [0x55cbc074c548,0x55cbc0fa0f38), 
     5/root/fuzz_dir/scratch/fuzz_gen/code/src/test/fuzz/fuzz: Running 14 inputs 1 time(s) each.
     6Running: /root/fuzz_dir/scratch/fuzz_gen/code/crash-154b42214e70781a9c1ad72d3f2693913dcf8c06
     7policy/fees.cpp:632:27: runtime error: implicit conversion from type 'unsigned int' of value 4294574080 (32-bit, unsigned) to type 'int' changed the value to -393216 (32-bit, signed)
     8    [#0](/bitcoin-bitcoin/0/) 0x55cbbe10daee in CBlockPolicyEstimator::processBlockTx(unsigned int, CTxMemPoolEntry const*) src/policy/fees.cpp:632:27
     9    [#1](/bitcoin-bitcoin/1/) 0x55cbbe10e361 in CBlockPolicyEstimator::processBlock(unsigned int, std::vector<CTxMemPoolEntry const*, std::allocator<CTxMemPoolEntry const*>>&) src/policy/fees.cpp:680:13
    10    [#2](/bitcoin-bitcoin/2/) 0x55cbbd84af48 in policy_estimator_fuzz_target(Span<unsigned char const>)::$_1::operator()() const src/test/fuzz/policy_estimator.cpp:69:40
    11    [#3](/bitcoin-bitcoin/3/) 0x55cbbd84af48 in unsigned long CallOneOf<policy_estimator_fuzz_target(Span<unsigned char const>)::$_0, policy_estimator_fuzz_target(Span<unsigned char const>)::$_1, policy_estimator_fuzz_target(Span<unsigned char const>)::$_2, policy_estimator_fuzz_target(Span<unsigned char const>)::$_3>(FuzzedDataProvider&, policy_estimator_fuzz_target(Span<unsigned char const>)::$_0, policy_estimator_fuzz_target(Span<unsigned char const>)::$_1, policy_estimator_fuzz_target(Span<unsigned char const>)::$_2, policy_estimator_fuzz_target(Span<unsigned char const>)::$_3) src/./test/fuzz/util.h:43:27
    12    [#4](/bitcoin-bitcoin/4/) 0x55cbbd84af48 in policy_estimator_fuzz_target(Span<unsigned char const>) src/test/fuzz/policy_estimator.cpp:38:9
    13    [#5](/bitcoin-bitcoin/5/) 0x55cbbda1cc18 in std::function<void (Span<unsigned char const>)>::operator()(Span<unsigned char const>) const /usr/bin/../lib/gcc/x86_64-linux-gnu/13/../../../../include/c++/13/bits/std_function.h:591:9
    14    [#6](/bitcoin-bitcoin/6/) 0x55cbbda1cc18 in LLVMFuzzerTestOneInput src/test/fuzz/fuzz.cpp:178:5
    15    [#7](/bitcoin-bitcoin/7/) 0x55cbbd26a944 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/root/fuzz_dir/scratch/fuzz_gen/code/src/test/fuzz/fuzz+0x190e944) (BuildId: ffb89e0b86c093ca3bdeae6f85537737a4e3b42d)
    16    [#8](/bitcoin-bitcoin/8/) 0x55cbbd253916 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) (/root/fuzz_dir/scratch/fuzz_gen/code/src/test/fuzz/fuzz+0x18f7916) (BuildId: ffb89e0b86c093ca3bdeae6f85537737a4e3b42d)
    17    [#9](/bitcoin-bitcoin/9/) 0x55cbbd25945a in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/root/fuzz_dir/scratch/fuzz_gen/code/src/test/fuzz/fuzz+0x18fd45a) (BuildId: ffb89e0b86c093ca3bdeae6f85537737a4e3b42d)
    18    [#10](/bitcoin-bitcoin/10/) 0x55cbbd284026 in main (/root/fuzz_dir/scratch/fuzz_gen/code/src/test/fuzz/fuzz+0x1928026) (BuildId: ffb89e0b86c093ca3bdeae6f85537737a4e3b42d)
    19    [#11](/bitcoin-bitcoin/11/) 0x7fe4aa8280cf  (/lib/x86_64-linux-gnu/libc.so.6+0x280cf) (BuildId: 96ab1a8f3b2c9a2ed37c7388615e6a726d037e89)
    20    [#12](/bitcoin-bitcoin/12/) 0x7fe4aa828188 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x28188) (BuildId: 96ab1a8f3b2c9a2ed37c7388615e6a726d037e89)
    21    [#13](/bitcoin-bitcoin/13/) 0x55cbbd24e494 in _start (/root/fuzz_dir/scratch/fuzz_gen/code/src/test/fuzz/fuzz+0x18f2494) (BuildId: ffb89e0b86c093ca3bdeae6f85537737a4e3b42d)
    22
    23SUMMARY: UndefinedBehaviorSanitizer: implicit-integer-sign-change policy/fees.cpp:632:27 in 
    
    0# base64 /root/fuzz_dir/scratch/fuzz_gen/code/crash-154b42214e70781a9c1ad72d3f2693913dcf8c06 
    1AQEAAAAAADkFlVwAAQEAAAAAADkFlZVcACTDSSsP3746IAZrH48khwMAAQEB/QEALQAACwAAAAAA
    2FgAAAAAAAQAABgAAAAAAAAAAAAAAAAAAACcQAAAAAAAAAAAAAAAAAAAAAAD6AAAAOQWVXAABAQAA
    3AAAAOQWVlVwAIMNJKw/fvjogBmsfjySHAwABAQH9AQAtAAALAAAAAAAAAAABAAAGAAAAAAAAAAAA
    4AAAAAAAAJxAAAAAAAAAAAAAAAAAAAAAAAPr/AAAAAAAAAAAAAAQAAAAA/wAAAAAAAAAAAAAEAAAA
    5AAEBAeAIAVwBXAAA/jbSBvwBKABSKBwBYgEB2wAEkvXInHYAAAAAAAAAvgAAAAAA/9//6v8e/xIk
    6MgAlAiUAOw==
    

    fanquake commented at 9:42 am on November 29, 2023:
    Open a PR to add a new suppression? Otherwise I can.

    maflcko commented at 9:59 am on November 29, 2023:
  18. fanquake referenced this in commit 453c9ca590 on Nov 29, 2023
  19. bitcoin locked this on Nov 28, 2024

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-12-22 09:12 UTC

This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me