Auxpow Security #18
Comments
|
Yes, it is true that you can replace the auxpow by a different one if you like - but as you say, why would someone do that? And more importantly, why do you think that would be a problem? |
|
@domob1812 can you please transfer this issue to the Namecoin repo rather than your personal repo, so that we have proper transparency about threat model discussions? (Not sure why it was reported here.)
@globaltoken While I can't think of any significant security issues with the current design as deployed, I can think of 2 interesting effects of the current design:
In practice I tend to think that the benefit of (2) outweighs the drawback of (1), at least until a more scalable AuxPoW spec such as the one by Luke Dashjr is deployed. (Luke's spec has much smaller AuxPoW headers and also uses a single timestamp across all chains, so it's clearly a winner in this department, but it also requires Bitcoin to hardfork, so the political implications of that make it unlikely to happen soon. But I hope it eventually happens.) |
|
@domob1812 As we see in the bitcoin blockchain, people are doing lot of crazy stuff. I thought about a new NetMsgType, where we have an extra "auxpow.dat" file, that will hash all auxdata and makes a chain of it. So in this case, you know what auxpow data was first in the block, and which is manipulated. As described, this is not a big problem, but a blockchain should be forgery safe or? |
@globaltoken How would this chain be authenticated? By a DMMS? If so, how? If not, what is it useful for? (Remember that the P2P network is trivially easy to Sybil and that most nodes are not online 24/7 and that new nodes come online all the time.) |
|
Also why exactly are we supposed to care if someone embeds a malware sample in an AuxPoW coinbase transaction...? |
|
As an aside, it would be possible to softfork Namecoin to impose a limit on the distance between the sidechain timestamps and the parent timestamps. This would greatly increase the cost of forging AuxPoW headers. It's not clear to me exactly what the claimed benefit would be though, seeing as the forensic analysis use case I described wouldn't matter AFAICT. |
|
To elaborate on my point, it's not really feasible to stop miners from forward-dating timestamps in a reorg attack, since the timestamp enforcement in Bitcoin and Namecoin only requires that the median timestamp not decrease. If we required parent and sidechain timestamps to be near each other, then someone doing a reorg attack on the sidechain would just forward-date the sidechain blocks they're mining so that they matched the parent chain, and the attack would still work fine. Which is exactly what they'd do anyway since it's cheaper due to not losing the parent block reward. If someone wanted to confuse forensic analysis after the fact, they might want to backdate parent blocks in a re-org, but that's already highly expensive regardless of the existence of that softfork. |
|
It's not about a malware in the Coinbase transaction. That was just an example. If this nodes will be online and have a listen function, they can distribute the blocks to freshly syncing nodes. If 3 different blocks were distributed at height 100 000 a lot of users have different auxpow at block height 100 000. How can we be sure, which is the correct one? There is no consens in the blockchain, since all nodes will have then different auxpow. This will not affect any blocks, but having for example 3000 nodes online and 1000 of them have auxpow A, 100 000 have auxpow B, and 100 000 have auxpow C. In theory like you said, you can write some stuff into the coinbase. My idea was, like the normal blockchain, a second sidechain database. To add one entry to the database, we will hash the height of this block and the auxpow data of this block. The database will follow a own chain. SHA256(height, auxpowhash, size, previous auxpow hash) Before we sync the blocks, we will sync the sidechain auxpow.dat. Now while syncing, in CheckBlockHeader we can add the auxpow validation, that will check, if the synchronized data of auxpow matchs the expected from auxpow.dat So there is no chance later to fake the auxdata. |
|
@JeremyRand I think we talk about 2 different attacks. You are talking about a security related attack, I talk about a data manipulation attack in auxpow, that has no security consequences, but it could be a problem for the blockchain if this data is found in the blockchain. Maybe you should get me an external link about your described timestamp attack, because I can't imagine exactly how it should work. |
|
Okay, so the attack here is that someone who's mining today wants to replace an AuxPoW header from the distant past which has much lower difficulty, and therefore is trivially easy to mine with modern mining equipment (to the point that the attacker doesn't mind burning some small amount of parent chain hashrate to do it)? Okay, so I guess someone could do this. What do they replace the AuxPoW header with? I suppose they could embed Hidden Wiki text like someone did with Bitcoin, but what does that achieve? Last I checked no one is being held liable for storing the Bitcoin chain despite that text being there. In fact, I'd suggest that there's a more straightforward "white hat attack" that can be done here: just mine a bunch of AuxPoW headers with empty coinbase transactions, and specifically replace the AuxPoW headers that have massive coinbase transactions (I seem to recall Eligius is well-known for having large coinbases). This would basically be a way to expend PoW to compress the Namecoin blockchain retroactively. Anyway, I don't see how your proposed solution actually authenticates the AuxPoW data. Sure, you can have a checkpoint commitment to all the AuxPoW below a certain height, but authenticating that the checkpoint is correct isn't actually feasible -- blockchain checkpoints work because you can independently verify the correctness of all the blocks they commit to, and you can independently verify that no one has presented a longer chain than the chain they commit to, so it's trivially easy for anyone who wants to audit a checkpoint to do so. Your system doesn't have any way to audit the checkpoints because they are not authenticated by a DMMS. Saying "use a database" is nonsensical -- a database isn't used to authenticate anything in Bitcoin, it's just a storage mechanism for fast lookups of data that's already been authenticated. Similarly, syncing the AuxPoW from the P2P network (regardless of whether it's before you sync the headers) isn't going to help you authenticate it, because there's no DMMS and the P2P network is trivially easy to Sybil. If we actually wanted to make the DMMS commit to the AuxPoW data (which I don't think is a bad thing, for the record), I think the "right" way to do it is probably to add an extra hash to the block header, which is committed to by the prev_hash field of the following block header. I'm not sure what the most efficient way to encode it would be. In any event this would be a hardfork (though presumably we could roll it into AAA if there were a consensus that it's a good idea). |
|
In my suggested solution, there is a way to check if the checkpoint is valid. In the database, that will be created and managed by the nodes, we have the hardcoded first auxpow block. With this: We get the hash SHA256(height, auxpowhash, size, previous auxpow hash) Lets assue SHA256(100000, SHA256(auxpow), auxpowserializedsize, NULLHASH), lets assume the hash of this first "auxpow genesis" block is now Then the nodes will save in the database height 100000, and the hash 9D470C30FEADC659CBF63EBD2F2533EE11B4F972CEAAE3E14259FC089185315E Now lets say height 100002 is auxpow again, the next entry is: The database will save now 100002, 7CC408FB3482A3479BB212959C3D70036E5C2CDB7F336CE7F6A9370A71AC826F and this is going on and on ... If you start the node, it gets the current auxpow db like above through the new implemented netmsgtype. Then it starts syncing. Lets guess auxpow started at block 100,000 and now the node gets from the syncing nodes the block header. It checks if this is a auxpow block (nVersion & 256), if so search this height in the auxpow.dat SHA256(SHA256(block 100000), SHA256(this->auxpow), auxpowserializedsize, (prevauxpowhash, in this case null, because this is the auxpow activation height)). Now we get while validating the block manually the same hash = 9D470C30FEADC659CBF63EBD2F2533EE11B4F972CEAAE3E14259FC089185315E. This auxpow matchs the expected hash from the db, we will sync it, it's valid. And while syncing you can also sync from a node, that is on another fork, and use a forked chain. |
|
First off, that's not how checkpoints work. Checkpoints don't commit to the first block in a chain, they commit to the set of all blocks below a given height. Committing to the first block doesn't give you any way to verify that later blocks are correct. Also I've mentioned Sybil attacks several times in this thread and it doesn't appear that you understand what they are or how easy they are to perform. |
|
Well, you can define hardcoded checkpoints for the auxpow.dat as well in the chainparams. But I was thinking more to add this in GLT first, because Masternodes are more trusted then all other normal nodes. So a sybil attack at GLT is probably not the case. I just wanted to let you know about this issue. However, if you think it's safe how it is, leave it. Feel free to leave solutions instead focussing on the problems. |
And we thank you for that.
I don't recall us ever making a claim that we were certain this was the case, we were asking what attack scenario you were describing and trying to analyze the costs/benefits of the various potential fixes. This analysis is made much harder by:
Said every shitcoin developer ever who doesn't want to find out their solutions are broken until they're deployed on mainnet and someone decides to actually do an attack.... If you're the kind of developer who gets offended when people poke holes in proposals, you might want to re-evaluate being in the crypto space. No one is in any way obligated to provide a different proposal just because they criticized someone else's proposal. That's simply not how this space works. (Also I'm not sure why you're telling me to provide a solution when you haven't commented on the one I already provided 2 posts ago.) |
|
I think all other proposals are not possible with a softfork. Otherwise I like your idea with hashing the auxpow hash into the Blockheader, but the auxpow is serialized after the block. So the block hash will change. I am not sure, but I think the auxpow block must include the blockhash or block height of the block or? |
The AuxPoW needs to commit to the block hash, and a block needs to commit to the previous block hash, but there's no fundamental requirement that those two commitments be identical. I'm suggesting that a block can commit to the previous block's AuxPoW as part of the data hashed to yield the prev_hash field. Technically this would allow an AuxPoW to be replaced before the next block is mined, but I'm under the impression this isn't a significant threat. Am I missing something that would prevent this from working? It should be noted that this design would require checkpoint-using clients that don't currently process AuxPoW to download an extra 32 bytes per block (unless there's some way to compress it that I'm not seeing [1]). I'm not yet sure how big of a problem that is. [1] I suppose maybe the commitment to the previous block's AuxPoW could be stuffed into the transaction Merkle tree in some way, but I haven't thought about this very carefully and maybe there are other drawbacks to that approach. |
|
As an aside, I tend to think there are other spam vectors besides this that are more important to close for Namecoin, some of which (e.g. decreasing the block weight limit) are already being worked on. That doesn't in any way imply that there's anything wrong with discussing this vector and potential fixes, just that I'd expect this vector to get a less prompt fix. |
JeremyRand
pushed a commit
to JeremyRand/namecoin-core
that referenced
this issue
Mar 11, 2019
f545dfabff Merge domob1812#18: Use utf-8 to decode filename f8e797a058 Use utf-8 to decode filename 2fc114812a Merge domob1812#14: Fixes to allow building with msvc. d6eab93138 Fixes to allow building with msvc. git-subtree-dir: src/leveldb git-subtree-split: f545dfabff4c2e9836efed094dba99a34fbc6b88
domob1812
pushed a commit
that referenced
this issue
Feb 17, 2020
…4fbc6b88..f8ae182c1e5176d12e816fb2217ae33a5472fdd7
f8ae182c1e5176d12e816fb2217ae33a5472fdd7 Adds unicode support to Windows environment.
92ae82c78f225de84040c51e07fd0b4a61caed99 Increase maximum read-only mmap()s used from 1000 to 4096 on 64-bit systems
d42e63d49d9df05b12cd00af4ffc5f2b3edf7e21 Do not crash if filesystem can't fsync
bf2c2090b7ee12c5d85b85f08649b6e685f8715f Add filename to corruption errors
0c40829872a9f00f38e11dc370ff8adb3e19f25b Remove redundant PROJECT_SOURCE_DIR usage from CMake config.
5abdf4c019e51fce59d34c21b13bf4e0a948828a Fix installed target definition.
cf4d9ab23de7ec36b8e00536b7450f02c639cd87 Test CMake installation on Travis.
95d0ba1cb046bfd76619b8b80e14ee1b2897d219 Renamed local variable in DBImpl::Write.
657ba514298a726c7533f3106d3778062b59d75f Added return in Version::Get::State::Match to quiet warning.
370d532a00581ca79c87af7d7811e56de0ca52a8 Using CMake's check_cxx_compiler_flag to check support for -Wthread-safety.
45ee61579c1eb3accd6c88c922ec468dd61beea8 Update Travis CI configuration.
60db170a43a373d734c5b9f19693d36c75251c39 Fix tsan problem in env_test.
21304d41f77990b8edabbdab33b222bd5ceb5f18 Merge pull request #698 from neal-zhu:master
5e921896eedf87b0fb06bc8a1fd0991b9ac64131 drop fileds in State that are duplicates of fileds in Saver and fix typo
53e280b56866ac4c90a9f5fcfe02ebdfd4a19832 Simplify unlocking in DeleteObsoleteFiles.
046216a7ca6fb17a40cf8aa5598d90c825212a3d Add "leveldb" subdirectory to public include paths.
9ee91ac747ddf26f484d54f9aa474ccc4a2e0359 Ending sentences with periods in README.md.
e0d5f83a4f80060fe5b5d80025f0ad049bca430e Align EnvPosix and EnvWindows.
69061b464ab1da287da9b7ffec1ed911b754403b Disable exceptions and RTTI in CMake configuration.
107a75b62c19cce901ce10619b63c4b7acc9a0be cache Saver in State object
76ca1162768e5c89f1a49946a1f286c702ae27ae fix bug(uninitialized options pointer in State)
f668239bb262609146496b854e1ec3cea9cd1a83 remove TODO in Version::ForEachOverlapping
177cd08629883c409f7a01f90f7084bc5518f1ef format
8fa7a937ee8f38d8869357b0f27f120c5c58f4c9 fix bug
6a90bb91ee72642241fdbeefa673f88370c7b245 use ForEachOverlapping to impl Get
4cb80b7ddce6ff6089b15d8cfebf746fc1572477 Merge pull request #386 from ivanabc:master
72a38ff7f206b3924ac009a12a1838d6a0bdab03 Replace "> >" with ">>"
863f185970eff21e826e5fe1164a6215a515c23b unsigned char -> uint8_t
a3b71c1ff65e30ced00e85ebbca9ae5786af6626 Use GCC 9 on Travis CI
ae49533210e96bdee9c9479a7fa547f375a39c8b Add explicit typecasts to avoid compiler warning.
63d5315e1c224e52da8ec68d118c5b73ba2a63fc Merge branch 'master' into master
c00e177f3613068eda4bff4abfbd3bd4165a86e8 Guard DBImpl::versions_ by mutex_.
1d0b101165ddd34f26cc5c62b76f2a2e0d622483 Converted two for-loops to while-loops.
28e6d238be73e743c963fc0a26395b783a7565e2 Switch to using C++ 11 override specifier.
85cd40d108d8f8d91f58fd263c0f8428d11c34d5 Added unit test for InternalKey::DecodeFrom with empty string.
1aae5c9f29ea43ceca745efae012c4aa731e9374 Merge pull request #411 from proller:assert1
b7b86baec9ce47569affc5db54a20a6cc520e0f0 Using std::ostringstream in key DebugString.
3e6c000e18519cb22e0a44d0dea45b34daee4ee1 Merge pull request #457 from jellor:patch-2
1d94fe2f4d1dfdf1a6312bf4b36efcbe0c1bf576 Merge branch 'master' into patch-2
27dc99fb2642cadc87c9aaec82c54a2c725ee0d6 Fix EnvPosix tests on Travis CI.
9521545b062841409cf66eff0655feff09d9fd82 Formatting changes for prior O_CLOEXEC fix.
900f7d37eb3224059dd37afc6614d3158ddaeb8d Merge pull request #624 from adam-azarchs:master
a7528a5d2bd29126b60a277b528ed606b67c1771 Clean up util/coding.{h,cc}.
142035edd4b1ab431c0ecbd547d4a77f1eca0667 Initialize Stats::start_ before first use in Stats::Start().
e22b1cec6e1e0e2dec4c93b658acbfc56fb692c0 Merge pull request #365 from allangj:c-strict-prototypes
cd1ec032cd276409ba403cab4d0b2548dd26b890 Add argument definition for void c functions.
4bd052d7e8b0469b2b87664388e2a99cb212ecdb Consolidate benchmark code to benchmarks/.
506b1722ef1a58d87325575d9bbcd3c8869381c7 Convert missed virtual -> override in db_test.cc.
24424a1ef2c284f4ec30544a3458023362cbeacd Style cleanup.
9a56c49ed415df1b72ba1c84c8e7ed00de497f68 Merge pull request #679 from smartxworks:optimize-readseq
abf441b657c7e75091e2bd59449df6849358b812 Merge pull request #278 from wankai:master
78b39d68c15ba020c0d60a3906fb66dbf1697595 Bump the version number from 1.21 to 1.22.
9bd23c767601a2420478eec158927882b879bada Correct class/structure declaration order.
c784d63b931d07895833fb80185b10d44ad63cce Moved port/README to port/README.md.
297e66afc1dda3f3d7a7cc2022030164c302cb7a Format all files IAW the Google C++ Style Guide.
3724030179716fd8d95cf79339884c49afade8f9 Update Travis CI configuration.
d3d1c8a0f40a7eaa12a5bb702fa01786b7c3a646 don't check current key in DBIter::Next()
3dc9202f78a3eb30ee8c0267e4e4be2e3f986e45 [leveldb] Specifically export the WriteBatch::Handler inner class for Windows link
2ccb45c33aecd8b15000c0c622f45eb119b6b478 Check for possibly invalid offset in test.
7b1174519044339f07a023dc445b0d36425bd6db Changed Windows specific highlighting from bash to cmd.
2f008ac19ec783e4d0ba2161320241c99e9897e1 Initialize class members to default values in constructors.
ffabb1ae86cc4eb4516a7c0824c878c3b2d19e5d Merge pull request #665 from cheng-chang:coding
7da571cf2b954a107fa060698bfbfbba8e8318f8 Merge pull request #669 from pavel-pimenov:fix-readme-windows-mkdir
df4a323aafbf65996fec23de8b2dbb9d7e27ae11 Merge pull request #472 from zhoudayang:patch-1
5a2a472741f36ecf5b994439da5a64c6ab90c47f Fixed missing std namespaces and make_unique.
08e771901f454ac32643bd8e8cb2bcfa08026c0c Simplify issue320_test.
65e86f75ea30e44bc65327f92a16328684269acb Fix formatting of recent snapshot compaction fix.
7711e76766231bf93e0487c4530b2655e8c4c0b1 Merge pull request #339 from richcole-at-amazon:master
71ed7c401ec1b1e38d6f7cb9eb2fcff93c24d1f1 Fixed typo in comment in version_set.h.
09fa8868dbe0cb2701f0560c59ebb63cc17f1271 Align version/soversion CMake setup closer with other repositories.
20fb601aa9f68ff0aa147df22524b7d01758552b Fix snapshot compaction bug
37300aa54b8256dd2edfd504942eb2bd20823647 Restore soname versioning with CMake build
952be04df6edb936b8f7d0f652861100a7f61e97 Fix mkdir (windows)
56178ddaf4d3ba6c8d1cfb218610b1be3f5aa710 Update the version to 1.21 in preparation for a new release.
35619d248d909b197f68226c7d0a9ff947b82e8a Project import generated by Copybara.
416344de2fdffb3f17c565b984885d0122bfa1e9 leveldb: Register in copybara whitelist.
da94ac67e91679842a56a876f0b19b429d72de25 leveldb: Minor cleanup in ports.
bd24b963060861518c6648925f9708178562c992 leveldb: Silence unused argument warnings in MSVC.
6188a54ce95b47cc6bd398d7f2eb45d061857e45 leveldb: Add tests for empty keys and values.
cf1b5f473259e46c667f3fb5a28bcd884ee3a102 Remove unnecessary bit operation.
7035af5fc36657447054617759854a726d31dbe0 Two small fixes for the Windows implementation (#661)
6571279d6de21fe33caa31b2ea4170d34b15b10e fix a typo in the comment of skiplist_test.cc (#664)
15e227896621d01ebad4c5d4b3cc82a7a9b5b30b Use override consistently in leveldb::test::ErrorEnv.
ea49b27d062c4bc998616cef7944f7f9088a327d Switch corruption_test to use InMemEnv.
ce399ac28af7023b1aff0ede4986cb6d89b3c0b5 Always copy bytes to scratch buffer when reading w/MemEnv.
201f77d137f30ea46e789a2ad60e9119b6f990fc Inline defaults in options.
9ce30510d482f5b2fa2965201453f0fc914f700c Deleted dangling reference to deleted atomic_pointer.h.
7d8e41e49b8fddda66a2c5f0a6a47f1a916e8d26 leveldb: Replace AtomicPointer with std::atomic.
dd906262fd364c08a652dfa914f9995f6b7608a9 Make InMemoryEnv more consistent with filesystem based Env's.
cf1d1ab255de2a741695aec53d83e4f808f9e819 leveldb: Remove unused file port/win/stdint.h.
a20508dc6a18a34e05a6fc476a8d587fa9bb6608 Fix typo (#565)
04470825ac96cab0d9d16e4ed410349d082fbf82 Add AppVeyor (Windows CI) badge to README.
ed76289b259d42d0a57c147e791e2c235ed28805 Align windows_logger with posix_logger.
808e59ec6a160244960cda64b393968ffbdae72c Improve CI configuration.
c69d33b0ec3dad2a8063ad66da9d51a1d6309f4e Added native support for Windows.
75fceae7003e217e16b04433831da7528ae56881 Add O_CLOEXEC to open calls.
fe4494804f5e3a2e25485d32aeb0eb7d2f25732e leveldb: Make WriteBatch::ApproximateSize() const.
296de8d5b8e4e57bd1e46c981114dfbe58a8c4fa leveldb: Fix PosixWritableFile::Sync() on Apple systems.
b70493ca8586285b49e9888e2b528f71806bdc6e Fix fdatasync() feature detection in opensource build.
af7abf06ea061222c2c34d98e1995c5a901f374f Add back space to POSIX Logger.
58d70545af9ec7f30821f973b604f8e2a2f9ebdb Update Travis CI configuration.
1cb384088184be9840bd59b4040503a9fa9aee66 Clean up env_posix.cc.
a7dc502e9f11c2e5c911ba45b999676c43eaa51f Rework once initialization in env_posix.cc.
c43565dd398b2233db8eb49ba05234d62fb42e03 C++11 cleanup for util/mutexlock.h.
0145a94ab6bec48e596df499e8f6103e138a74ab Update .gitignore.
73d5834eceee8efa9a8ccfec77dc096a9e8ba18a Rework threading in env_posix.cc.
05709fb43eea34936c9f535edcb74d5e91a0b495 Remove InitOnce from the port API.
bb88f25115d20a6d73dfb6b16cc298db2f66948b Clean up PosixWritableFile in env_posix.cc.
7b945f200339aa47c24788d3ee9910c09c513843 Clean up posix_logger.h.
89af27bde59fbbb3025653812b45fec10a655cb7 Remove ssize_t from code that is not POSIX-specific.
03064cbbb2c00c3e6e41a78e8111d14a020f7d6f Simplify Limiter in env_posix.cc.
9b44da73d9b1d839c437e3fdaaa14ea08260dce4 Clarify comments for leveldb::Env file reading methods.
0ef2310f67f0c0b4ba3e6ad86d8138440af30d67 Remove GCC on OSX from the Travis CI matrix.
16a2b8bb3af5b1f54676256e55a5d3f0ec02da42 Expose WriteBatch::Append in the C API.
f7b0e1d901da26ac5ce6ad7f0a9806ce1440197e Expose WriteBatch::Append().
6caf73ad9dae0ee91873bcb39554537b85163770 Clean up Iterator.
6a6bdafcf10f5d4bef1ca52697c38d10c28b1a8b Corrected typo in docs: "cache" to "block_cache".
18683981505dc374ce29211c80a9552f8f2f4571 Clean up SnapshotImpl.
e7840de9f3db1a5eddedfecbbbc1ff72a4c2631a Fix documentation for log file growth.
bc23e00f955eadb9e26f8ce07c1c664e7b985ff0 Update default log file size in doc.
4de9594f6fbfd69043239a5705b5f32065f02d34 Add move constructor to Status.
d177a0263cce4344d05188521ad53459c369b940 Replace port_posix with port_stdcxx.
14cce848e7b8a040a8f457d5a796722a55e19597 Fix sign mismatch warnings in GCC.
8046a51b21114d3575421bfc78b1d98b1678720a Add forgotten <limits> header to util/logging.cc.
a0008deb679480fd30e845d7e52421af72160c2c Reimplement ConsumeDecimalNumber.
1f7dd5d5f6822f2b0b9f9e4c7d87d4535c122c0e Add tests for ConsumeDecimalNumber.
1cc8b10b8232e174d5bd1313959825727e03faa7 Document the building process.
09217fd0677a4fd9713c7a4d774c494a7d3c1f15 Replace NULL with nullptr in C++ files.
6a3b915166fce75aaf9ac209114a3ad9caa34171 Remove PLATFORM_IS_LITTLE_ENDIAN from port/posix.h.
260655b4c294991fe03bf6ab8b6d722ccfc41d32 Define LEVELDB_HAS_PORT_CONFIG_H for old compilers.
6fa45666703add49f77652b2eadd874d49aedaf6 Rename CMake project / targets from Leveldb to leveldb.
0db30413a4cfa8c980e675ba5cb96717d688af92 leveldb: Add more thread safety annotations.
04f39105c5a418905da8b7657ca244d672c99d3b Take <atomic> for granted in port/atomic_pointer.h.
74f032ff6f2465160366d865b1bb89a45dc2046b leveldb: Require C++11.
8e75db8623703cdc25ec3cd06f82129296672489 Remove build configuration for make.
df9a841a4fc9a04c7713542d75f50e749fb64b7b Add export.h to CMakeLists.txt
50fbc87e8c62a816d6afd4740e0652a13ac6dc3e Replace SIZE_MAX with std::numeric_limits.
739c25100e46576cdcdfff2d6f43f9f7008103c7 Add CMake build support.
0fa5a4f7b1ad9dc16b705bcad1f3ca913f187325 Extend thread safety annotations.
8143c12f3fc483b1ba61cdce11f9c1faf6d01bea Fix includes in util/testharness.h.
aece2068d7375f987685b8b145288c5557f9ce50 Remove extern from function declarations.
ddab751002588fe58955357d68d12b062e038d0d Add tests for {Old}InfoLogFileName().
7fd7c0072159abbca2660d91fc0667d5c17c4d16 Remove unused function ExtractValueType.
594cc987af2e0af6417c4ac2b947ee8cdad59e5e Bypass OSMemoryBarrier() warning on Mac.
49f35d3fc940a1e2d599d6ee3306eeb31a205e4b leveldb: Update Travis CI configuration for open source build.
623d014a54f8cf9b74ad6aaba9181ca1e65c43a1 Expose Env::GetTempDirectory() for use in C test.
8c8024ea33d8efc8c415597fb7fa1745002961d6 Switch HAVE_ library detection macros to 0/1.
41172a24016bc29fc795ed504737392587f54e3d Enable thread safety annotations in open source version.
47cb9e2a211e1d7157078ba7bab536beb29e56dc Add leveldb_options_set_max_file_size to the C API.
b5d4a22e64c7a6615b412f464026c808b58b1d34 Fixed style guide link in CONTRIBUTING.md
3da4d8b9899257386aeb5ffa345a6477c62ff7bf Deleted unused assignments in Reader.
0509414f858ae7c7225e29f3659a709afb324355 leveldb::DestroyDB will now delete empty directories.
23162ca1c6d891a9c5fe0e0fab1193cd54ed1b4f Fix typo (forgotten reference operator) in test.
5c39524f3639e6bf6ab49215152d24273e662986 Replace SSE-optimized CRC32C in POSIX port with external library.
ca216e493f32278f50a823811ab95f64cf0f839b leveldb: Rename SNAPPY to HAVE_SNAPPY.
25767d066ca995c055f04b78a31a6e518087e667 leveldb: Remove *_unlocked feature detection from POSIX port.
4a7e7f50dcf661cfffe71737650b0fb18e195d18 Add LEVELDB_EXPORT macro to export public symbols.
542590d2a8eee3838f40b01405baa6d2f6f8c700 leveldb: Include <algorithm> in util/env_test.cc.
8ae7998aabae4f208d77afcb930dafabade1b28d Fix FD leak in POSIX Env.
d9a9e02edf2b8187aa481416b36c49710026ab37 leveldb: Add tests for CL 170769101.
4447f9caced2bd09585c90f1b203c3aa8f4bbc40 Remove handling for unused LRUHandle representation special case.
2372ac574fdeb1235e70cdd86a2681d1ce05cf65 Fix file writing bug in CL 170738066.
1c75e88055e06da2939f9f4bd294625b76792815 Fix use of uninitialized value in LRUHandle.
7e12c00ecf1bb725e212618e7026e4d34d6cd3bb Fix issue 474: a race between the f*_unlocked() STDIO calls in env_posix.cc and concurrent application calls to fflush(NULL).
bcd9a8ea4a8aad23a3e101a23c61615bab2a093f Use portable CRC32C from google/crc32c.
ea0a7586b8615fd39c6b8f5a8a21a1f242129c2f Remove confusing and unnecessary if.
141e7671359d5e6c65ff70460774b53b94371df1 Simplify Table::Open() flow and remove a delete call.
09a3c8e7417547829b94bcdaa62cdf9e896f29a9 Switched variable type from int to uint64_t in ConsumeDecimalNumber.
2964b803b857932ff7499d7bebb61dc5514dab7c leveldb: Fix alignment code in SSE4.2-optimized CRC32C.
02f43c0fcde39823830493503e8a3f72fed43d24 Remove dead code.
0b402e96a76b19cd98e82402de636449a2613228 Use __APPLE__ instead of OS_MACOS. The former is compiler-provided.
8415f00eeedd96934d3578572d3802900e61a556 leveldb: Report missing CURRENT manifest file as database corruption.
69e2bd224b7f11e021527cb95bab18f1ee6e1b3b LevelDB: Add WriteBatch::ApproximateSize().
471f0b84ec3420c7565511eb6e2fee8e0a0550e8 fix comment
5b817400a0a5afe3badbb8859706a571882ababc fix comment
7d060117fa0d5cab7cb15b0cf127533bea9ffbc7 broken db: fix assertion in leveldb::InternalKey::Encode, mark base as corrupt
2883fcd849ca7b479d8a2f4fc929f0b6c7b9e372 set const property
e5f0a51fa44115fb083c1e71d5ddcd07a7aba719 reduce lock's range in DeleteObsoleteFiles
dd598676cd655dc2a2aaef47715ce18175d4a550 block_builder header file dependency fixed
REVERT: f545dfabff4c2e9836efed094dba99a34fbc6b88 Merge #18: Use utf-8 to decode filename
REVERT: f8e797a058b7a3993314e985dfdff8124214ba99 Use utf-8 to decode filename
REVERT: 2fc114812a04e6b88852fa37eedc556a464241f7 Merge #14: Fixes to allow building with msvc.
REVERT: 524b7e36a8e3bce6fcbcd1b5df09024283f325ba Merge #19: Increase maximum read-only mmap()s used from 1000 to 4096 on 64-bit systems
REVERT: 4874cb8d3e1dc7b9026b9faf51b9282c91f8ef40 Increase maximum number of read-only mmap()s used from 1000 to 4096 on 64 bit systems.
REVERT: 64052c76c567cff3dad32d1db0ef969d97b5882f Merge #15: Add filename to corruption errors
REVERT: 135ed0fb4e5d6440b174c4b80c147e915dd58969 Add filename to corruption errors
REVERT: d6eab93138884ee6c466fad5dadf2a1bfeb7cffd Fixes to allow building with msvc.
REVERT: c521b3ac654cfbe009c575eacf7e5a6e189bb5bb Merge #11: fixup define checks. Cleans up some oopses from #5.
REVERT: 8b1cd3753b184341e837b30383832645135d3d73 fixup define checks. Cleans up some oopses from #5.
REVERT: 6b1508d6d58caabf76cec2688b3428c9070b7bc9 Merge #6: Fixes typo
REVERT: fceb805426c66c8b79e2d75b83b4a35c57ad3a6e Merge #10: Clean up compile-time warnings (gcc 7.1)
REVERT: 0ec2a343f3be66ef6e25f9b9badc0256ac0911b7 Clean up compile-time warnings (gcc 7.1)
REVERT: d4c268a3571a66b3712ad24dfaf4b9f9671bcdf2 Merge #5: Move helper functions out of sse4.2 object
REVERT: 8d4eb0847041a26377dc99b1c4fb5c22d4841d5e Add HasAcceleratedCRC32C to port_win.h
REVERT: 77cfbfd250a690978a3b81d364054039467ed549 crc32: move helper functions out of port_posix_sse.cc
REVERT: 4c1e9e01688864a32217e541102fa8d2df9a3d59 silence compiler warnings about uninitialized variables
REVERT: 4953164851d1bc2fc653f60a98df5aa5c1dfcebd Merge #2: Prefer std::atomic over MemoryBarrier
REVERT: 2953978ef8cd8f0babcac86a52f5c688a5ad8fa8 Fixes typo
REVERT: f134284a1ce6e8e3ccc375a0a44300d9a87c51ab Merge #1: Merge upstream LevelDB 1.20
REVERT: 196962ff01c39b4705d8117df5c3f8c205349950 Add AcceleratedCRC32C to port_win.h
REVERT: ba8a445fdaa7cf3cb888a151e055330483b946f6 Prefer std::atomic over MemoryBarrier
REVERT: 1bdf1c34c5d903e466673a15103124568d995db4 Merge upstream LevelDB v1.20
REVERT: d31721eb0a115ac55506bb6735034bf915adc914 Merge #17: Fixed file sharing errors
REVERT: fecd449021504dc647c1a1226d72ab0d5efb84ad Fixed file sharing error in Win32Env::GetFileSize(), Win32SequentialFile::_Init(), Win32RandomAccessFile::_Init() Fixed error checking in Win32SequentialFile::_Init()
REVERT: 5b7510f1b79d9af1c5fe272a4587517a2579d3b7 Merge #14: Merge upstream LevelDB 1.19
REVERT: 0d969fd5708c9fd559d63be28664e1e840beb8ca Merge #16: [LevelDB] Do no crash if filesystem can't fsync
REVERT: c8c029b5b5793d3c9afef34afa53d10a910adf4e [LevelDB] Do no crash if filesystem can't fsync
REVERT: a31c8aa408d5594830f7cb20ead1ef1dff51b79e Add NewAppendableFile for win32 environment
REVERT: d40bc3fa5aaa5438d4d8f55ee83e6b3cd161ce02 Merge #13: Typo
REVERT: ebbd772d33d8596e5765a4d1251308d732d61355 Typo
REVERT: 1913d718ef8b07288229a75553862fcb343bf3ab Merge upstream LevelDB 1.19
REVERT: 20ca81f08fb7fa108923a091668e447dcf5c6b9d Merge pull request #9
REVERT: 7aa105e1a34e6e52b1e0de16d9d659a2af26fa0a leveldb: Win32WritableFile without memory mapping
REVERT: 7d41e6f89ff04ce9e6a742932924796f69c6e23d Merge upstream LevelDB 1.18
REVERT: 42dcc7edfc98c50038e4604fa630c626db17bf42 Merge upstream LevelDB 1.17.
REVERT: e991315d7fe4ca84a98902578106cbffa3dcccfd Merge upstream LevelDB 1.15.
REVERT: 02ac9f170b1c47e2c613cd47b8d7da45743af575 Merge upstream LevelDB 1.14.
REVERT: 936b4613ea4551992e6096b1e05eeefc09a20e3b Merge upstream LevelDB 1.13.
REVERT: be1b0ff1fcd6ad820a7fd111ac671fb51cc68001 On Mac OS X fsync does not guarantee write to disk. Use fcntl F_FULLFSYNC instead.
REVERT: a02ddf9b14d145e88185ee209ab8b01d8826663a Added GNU/kFreeBSD kernel name (TARGET_OS)
REVERT: 848746862caf337254a8a3e3a6bd3fa355db4fc8 CondVar::SignalAll was broken, leading to deadlocks on Windows builds. http://code.google.com/p/leveldb/issues/detail?id=149
REVERT: f6d84d1baf74a15ee8a0f73a81c647058bf816e9 Allow files to be opened for reading multiple times
REVERT: cb8e3f7adfaa48e09fb7a467086d69e4b6f948bd Checking whether closing succeeds
REVERT: d5317e8eda06d8dbbf04f08866c92323ccdbb43f Print actual Win32 error that occurred on file creation failure.
REVERT: 907f3084998fa4ce96b7abc6d9b12c7aa7b81c8c Port leveldb to MinGW32
REVERT: 9def2bfbf18dfbc0c3c95e90c91f043a6de3c1cb Mingw support for Windows LevelDB port
REVERT: 0a7b0748c71e64fd920eed94c26d69bc9ae77870 Pre-Vista leveldb::port::InitOnce implementation
REVERT: 31a2b09985842c833fbbd81e17f207c377217754 Native Windows LevelDB port
REVERT: 058a0357cd9650b214a199f81669a07d3eb4a298 Remove Snappy support
git-subtree-dir: src/leveldb
git-subtree-split: f8ae182c1e5176d12e816fb2217ae33a5472fdd7
domob1812
pushed a commit
that referenced
this issue
Nov 2, 2020
fa56d56 fuzz: Properly initialize PrecomputedTransactionData (MarcoFalke) Pull request description: Fixes: ``` script_flags: script/interpreter.cpp:1512: bool SignatureHashSchnorr(uint256 &, const ScriptExecutionData &, const T &, uint32_t, uint8_t, SigVersion, const PrecomputedTransactionData &) [T = CTransaction]: Assertion `cache.m_bip341_taproot_ready && cache.m_spent_outputs_ready' failed. ==34989== ERROR: libFuzzer: deadly signal #0 0x55e90077ff11 in __sanitizer_print_stack_trace (/tmp/bitcoin-core/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/script_flags+0x20cf11) #1 0x55e9006cb068 in fuzzer::PrintStackTrace() (/tmp/bitcoin-core/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/script_flags+0x158068) #2 0x55e9006b01b3 in fuzzer::Fuzzer::CrashCallback() (/tmp/bitcoin-core/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/script_flags+0x13d1b3) #3 0x7f6fb89383bf (/lib/x86_64-linux-gnu/libpthread.so.0+0x153bf) #4 0x7f6fb855018a in raise (/lib/x86_64-linux-gnu/libc.so.6+0x4618a) #5 0x7f6fb852f858 in abort (/lib/x86_64-linux-gnu/libc.so.6+0x25858) #6 0x7f6fb852f728 (/lib/x86_64-linux-gnu/libc.so.6+0x25728) #7 0x7f6fb8540f35 in __assert_fail (/lib/x86_64-linux-gnu/libc.so.6+0x36f35) #8 0x55e9008275bd in bool SignatureHashSchnorr<CTransaction>(uint256&, ScriptExecutionData const&, CTransaction const&, unsigned int, unsigned char, SigVersion, PrecomputedTransactionData const&) /tmp/bitcoin-core/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/script/interpreter.cpp:1512:5 #9 0x55e900825a3f in GenericTransactionSignatureChecker<CTransaction>::CheckSchnorrSignature(Span<unsigned char const>, Span<unsigned char const>, SigVersion, ScriptExecutionData const&, ScriptError_t*) const /tmp/bitcoin-core/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/script/interpreter.cpp:1699:10 #10 0x55e900832503 in VerifyWitnessProgram(CScriptWitness const&, int, std::vector<unsigned char, std::allocator<unsigned char> > const&, unsigned int, BaseSignatureChecker const&, ScriptError_t*, bool) /tmp/bitcoin-core/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/script/interpreter.cpp:1900:26 #11 0x55e90082ecb5 in VerifyScript(CScript const&, CScript const&, CScriptWitness const*, unsigned int, BaseSignatureChecker const&, ScriptError_t*) /tmp/bitcoin-core/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/script/interpreter.cpp:1977:18 #12 0x55e9007a9b61 in test_one_input(std::vector<unsigned char, std::allocator<unsigned char> > const&) /tmp/bitcoin-core/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/script_flags.cpp:51:30 #13 0x55e9007d0b49 in LLVMFuzzerTestOneInput /tmp/bitcoin-core/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz.cpp:36:5 #14 0x55e9006b1871 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/tmp/bitcoin-core/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/script_flags+0x13e871) #15 0x55e9006b0fb5 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) (/tmp/bitcoin-core/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/script_flags+0x13dfb5) #16 0x55e9006b38d7 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::__Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) (/tmp/bitcoin-core/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/script_flags+0x1408d7) #17 0x55e9006b3c39 in fuzzer::Fuzzer::Loop(std::__Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) (/tmp/bitcoin-core/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/script_flags+0x140c39) #18 0x55e9006a290e in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/tmp/bitcoin-core/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/script_flags+0x12f90e) #19 0x55e9006cb752 in main (/tmp/bitcoin-core/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/script_flags+0x158752) #20 0x7f6fb85310b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2) #21 0x55e9006776ad in _start (/tmp/bitcoin-core/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/script_flags+0x1046ad) ACKs for top commit: laanwj: Code review ACK fa56d56 Tree-SHA512: 5637b0a0d982360df32d8cd39e913395967af02ec746508fc5f2fd649695c58bfaaf18ef76f4ca9da764d34fdd63dfe188317dd41b2ed57534bd4055a05ae870
domob1812
pushed a commit
that referenced
this issue
Jan 18, 2021
…data layer violation b3e9bca qt, refactor: Drop no longer used PeerTableModel::getNodeStats function (Hennadii Stepanov) 49c6040 qt: Use PeerTableModel::StatsRole (Hennadii Stepanov) 35007ed qt: Add PeerTableModel::StatsRole (Hennadii Stepanov) Pull request description: This PR allows to access to the `CNodeCombinedStats` instance directly from any view object. The `PeerTableModel::getNodeStats` member function removed as a kind of layer violation. No behavior changes. Also other pulls (bugfixes) are based on this one: #18 and #164. ACKs for top commit: jonatack: Tested re-ACK b3e9bca per `git range-diff ae8f797 4c05fe0 b3e9bca` promag: Code review ACK b3e9bca. jonasschnelli: utACK b3e9bca Tree-SHA512: 6ba50d5dd2c0373655d491ce8b130c47d598da2db5ff4b00633f447404c7e70f8562ead53ddf166e851384d9632ff9146a770c99845c2cdd3ff7250677e4c130
domob1812
pushed a commit
that referenced
this issue
May 3, 2021
fa1fdeb fuzz: Ensure prevout is consensus-valid (MarcoFalke) Pull request description: It shouldn't be possible to create consensus-invalid prevouts, so there is no need to fuzz them. To reproduce: ``` $ echo 'AAAAAAEAAAAAAQF0Rw0SGsrit4+YZSEfpcQT/o+bJbjgVjATUHqrCfRE+QsBAAAXFgAUlsvXHgGV ZxF3QXxitwe1tIOYdLj2NePHATl9CgAAAAAAGXapFOFHg1yqRFl7soeowwpIEOoe9G1NiKwCRzBE AiAx6F2Q008gvJnok6JiyOn7lPqCJJmDiI2omRNXT1Q7XAIgCQP6WJizAqhnvImpQqYMJkqePGvx Jy/pGRMy1iNL0ecDIQJr4tWomVTBfjpyMFMOD9aDAR5gkByOIYiaQOv8P/sRztP3pS8RDAAAEUUE NQBwYAAAAAC5F6kUTLIzj/lKP2Hmpwyzukns2eweRkOH' | base64 --decode > /tmp/a $ FUZZ=script_flags ./src/test/fuzz/fuzz /tmp/a INFO: Running with entropic power schedule (0xFF, 100). INFO: Seed: 59714236 INFO: Loaded 1 modules (212532 inline 8-bit counters): 212532 [0x55987fb3f668, 0x55987fb7349c), INFO: Loaded 1 PC tables (212532 PCs): 212532 [0x55987fb734a0,0x55987feb17e0), ./src/test/fuzz/fuzz: Running 1 inputs 1 time(s) each. Running: /tmp/a fuzz: script/interpreter.cpp:1495: bool HandleMissingData(MissingDataBehavior): Assertion `!"Missing data"' failed. ==520092== ERROR: libFuzzer: deadly signal #0 0x55987f111180 in __sanitizer_print_stack_trace (/root/fuzz_dir/scratch/fuzz_gen/code/src/test/fuzz/fuzz+0x5ea180) #1 0x55987f0ba828 in fuzzer::PrintStackTrace() fuzzer.o #2 0x55987f09de43 in fuzzer::Fuzzer::CrashCallback() fuzzer.o #3 0x7fd003d563bf (/lib/x86_64-linux-gnu/libpthread.so.0+0x153bf) #4 0x7fd00399a18a in raise (/lib/x86_64-linux-gnu/libc.so.6+0x4618a) #5 0x7fd003979858 in abort (/lib/x86_64-linux-gnu/libc.so.6+0x25858) #6 0x7fd003979728 (/lib/x86_64-linux-gnu/libc.so.6+0x25728) #7 0x7fd00398af35 in __assert_fail (/lib/x86_64-linux-gnu/libc.so.6+0x36f35) #8 0x55987f8ce194 in HandleMissingData(MissingDataBehavior) /root/fuzz_dir/scratch/fuzz_gen/code/src/script/interpreter.cpp:1495:9 #9 0x55987f8ce194 in GenericTransactionSignatureChecker<CTransaction>::CheckECDSASignature(std::vector<unsigned char, std::allocator<unsigned char> > const&, std::vector<unsigned char, std::allocator<unsigned char> > const&, CScript const&, SigVersion) const /root/fuzz_dir/scratch/fuzz_gen/code/src/script/interpreter.cpp:1685:68 #10 0x55987f8cbbc8 in EvalChecksigPreTapscript(std::vector<unsigned char, std::allocator<unsigned char> > const&, std::vector<unsigned char, std::allocator<unsigned char> > const&, prevector<28u, unsigned char, unsigned int, int>::const_iterator, prevector<28u, unsigned char, unsigned int, int>::const_iterator, unsigned int, BaseSignatureChecker const&, SigVersion, ScriptError_t*, bool&) /root/fuzz_dir/scratch/fuzz_gen/code/src/script/interpreter.cpp:363:24 #11 0x55987f8cbbc8 in EvalChecksig(std::vector<unsigned char, std::allocator<unsigned char> > const&, std::vector<unsigned char, std::allocator<unsigned char> > const&, prevector<28u, unsigned char, unsigned int, int>::const_iterator, prevector<28u, unsigned char, unsigned int, int>::const_iterator, ScriptExecutionData&, unsigned int, BaseSignatureChecker const&, SigVersion, ScriptError_t*, bool&) /root/fuzz_dir/scratch/fuzz_gen/code/src/script/interpreter.cpp:421:16 #12 0x55987f8c5a01 in EvalScript(std::vector<std::vector<unsigned char, std::allocator<unsigned char> >, std::allocator<std::vector<unsigned char, std::allocator<unsigned char> > > >&, CScript const&, unsigned int, BaseSignatureChecker const&, SigVersion, ScriptExecutionData&, ScriptError_t*) /root/fuzz_dir/scratch/fuzz_gen/code/src/script/interpreter.cpp:1094:26 #13 0x55987f8d6d6e in ExecuteWitnessScript(Span<std::vector<unsigned char, std::allocator<unsigned char> > const> const&, CScript const&, unsigned int, SigVersion, BaseSignatureChecker const&, ScriptExecutionData&, ScriptError_t*) /root/fuzz_dir/scratch/fuzz_gen/code/src/script/interpreter.cpp:1843:10 #14 0x55987f8d48fc in VerifyWitnessProgram(CScriptWitness const&, int, std::vector<unsigned char, std::allocator<unsigned char> > const&, unsigned int, BaseSignatureChecker const&, ScriptError_t*, bool) /root/fuzz_dir/scratch/fuzz_gen/code/src/script/interpreter.cpp:1904:20 #15 0x55987f8d3d8b in VerifyScript(CScript const&, CScript const&, CScriptWitness const*, unsigned int, BaseSignatureChecker const&, ScriptError_t*) /root/fuzz_dir/scratch/fuzz_gen/code/src/script/interpreter.cpp:2045:22 #16 0x55987f201d47 in script_flags_fuzz_target(Span<unsigned char const>) /root/fuzz_dir/scratch/fuzz_gen/code/src/test/fuzz/script_flags.cpp:54:30 #17 0x55987f11447f in std::_Function_handler<void (Span<unsigned char const>), void (*)(Span<unsigned char const>)>::_M_invoke(std::_Any_data const&, Span<unsigned char const>&&) /usr/bin/../lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/bits/std_function.h:300:2 #18 0x55987f8aed17 in std::function<void (Span<unsigned char const>)>::operator()(Span<unsigned char const>) const /usr/bin/../lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/bits/std_function.h:688:14 #19 0x55987f8aed17 in LLVMFuzzerTestOneInput /root/fuzz_dir/scratch/fuzz_gen/code/src/test/fuzz/fuzz.cpp:63:5 #20 0x55987f09f5e3 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) fuzzer.o #21 0x55987f0894e2 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) fuzzer.o #22 0x55987f08f2da in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) fuzzer.o #23 0x55987f0bb002 in main (/root/fuzz_dir/scratch/fuzz_gen/code/src/test/fuzz/fuzz+0x594002) #24 0x7fd00397b0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2) #25 0x55987f06420d in _start (/root/fuzz_dir/scratch/fuzz_gen/code/src/test/fuzz/fuzz+0x53d20d) NOTE: libFuzzer has rudimentary signal handlers. Combine libFuzzer with AddressSanitizer or similar for better crash reports. SUMMARY: libFuzzer: deadly signal ACKs for top commit: practicalswift: Tested ACK fa1fdeb Tree-SHA512: 6130ed9ab6d8eeab901f64a1c069300e67d0b6009c42763262fe6edeab8192e088c1a3c1f61aee900b9ebbc48fbf6e837b41704bad592ec526398355766e208a
domob1812
pushed a commit
that referenced
this issue
May 10, 2021
…e a dereferenceable iterator outside its valid range) fa09871 refactor: Avoid sign-compare compiler warning in util/asmap (MarcoFalke) Pull request description: Can be reproduced on current master with `D_GLIBCXX_DEBUG`: ``` /usr/bin/../lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/debug/safe_iterator.h:883: In function: __gnu_debug::_Safe_iterator<type-parameter-0-0, type-parameter-0-1, std::random_access_iterator_tag>::_Self __gnu_debug::operator+(const __gnu_debug::_Safe_iterator<type-parameter-0-0, type-parameter-0-1, std::random_access_iterator_tag>::_Self &, __gnu_debug::_Safe_iterator<type-parameter-0-0, type-parameter-0-1, std::random_access_iterator_tag>::difference_type) Error: attempt to advance a dereferenceable iterator 369 steps, which falls outside its valid range. Objects involved in the operation: iterator @ 0x0x7ffd3d613138 { type = std::__cxx1998::_Bit_const_iterator (constant iterator); state = dereferenceable; references sequence with type 'std::__debug::vector<bool, std::allocator<bool> >' @ 0x0x7ffd3d663590 } ==65050== ERROR: libFuzzer: deadly signal #0 0x559ab9787690 in __sanitizer_print_stack_trace (/bitcoin/src/test/fuzz/fuzz+0x5a1690) #1 0x559ab9733998 in fuzzer::PrintStackTrace() (/bitcoin/src/test/fuzz/fuzz+0x54d998) #2 0x559ab9718ae3 in fuzzer::Fuzzer::CrashCallback() (/bitcoin/src/test/fuzz/fuzz+0x532ae3) #3 0x7f70a0e723bf (/lib/x86_64-linux-gnu/libpthread.so.0+0x153bf) #4 0x7f70a0b3418a in raise (/lib/x86_64-linux-gnu/libc.so.6+0x4618a) #5 0x7f70a0b13858 in abort (/lib/x86_64-linux-gnu/libc.so.6+0x25858) #6 0x7f70a0f21148 (/lib/x86_64-linux-gnu/libstdc++.so.6+0xa1148) #7 0x559ab9f60a96 in __gnu_debug::operator+(__gnu_debug::_Safe_iterator<std::__cxx1998::_Bit_const_iterator, std::__debug::vector<bool, std::allocator<bool> >, std::random_access_iterator_tag> const&, long) /usr/bin/../lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/debug/safe_iterator.h:881:2 #8 0x559ab9f61062 in SanityCheckASMap(std::__debug::vector<bool, std::allocator<bool> > const&, int) util/asmap.cpp:159:21 #9 0x559ab9e4fdfa in SanityCheckASMap(std::__debug::vector<bool, std::allocator<bool> > const&) netaddress.cpp:1242:12 #10 0x559ab9793fcb in addrman_fuzz_target(Span<unsigned char const>) test/fuzz/addrman.cpp:43:14 #11 0x559ab978a03c in std::_Function_handler<void (Span<unsigned char const>), void (*)(Span<unsigned char const>)>::_M_invoke(std::_Any_data const&, Span<unsigned char const>&&) /usr/bin/../lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/bits/std_function.h:300:2 #12 0x559aba2692c7 in std::function<void (Span<unsigned char const>)>::operator()(Span<unsigned char const>) const /usr/bin/../lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/bits/std_function.h:688:14 #13 0x559aba269132 in LLVMFuzzerTestOneInput test/fuzz/fuzz.cpp:63:5 #14 0x559ab971a1a1 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/bitcoin/src/test/fuzz/fuzz+0x5341a1) #15 0x559ab97198e5 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) (/bitcoin/src/test/fuzz/fuzz+0x5338e5) #16 0x559ab971bb87 in fuzzer::Fuzzer::MutateAndTestOne() (/bitcoin/src/test/fuzz/fuzz+0x535b87) #17 0x559ab971c885 in fuzzer::Fuzzer::Loop(std::__Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) (/bitcoin/src/test/fuzz/fuzz+0x536885) #18 0x559ab970b23e in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/bitcoin/src/test/fuzz/fuzz+0x52523e) #19 0x559ab9734082 in main (/bitcoin/src/test/fuzz/fuzz+0x54e082) #20 0x7f70a0b150b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2) #21 0x559ab96dffdd in _start (/bitcoin/src/test/fuzz/fuzz+0x4f9fdd) ACKs for top commit: sipa: utACK fa09871 vasild: ACK fa09871 Tree-SHA512: 802fda33bda40fe2521f1e3be075ceddc5fd9ba185bd494286e50019931dfd688da7a6513601138b1dc7bb8e80ae47c8572902406eb59f68990619ddb2656748
domob1812
pushed a commit
that referenced
this issue
May 17, 2021
…st RPC fa2e614 test: Fix off-by-one in mockscheduler test RPC (MarcoFalke) Pull request description: Fixes: ``` fuzz: scheduler.cpp:83: void CScheduler::MockForward(std::chrono::seconds): Assertion `delta_seconds.count() > 0 && delta_seconds < std::chrono::hours{1}' failed. ==1059066== ERROR: libFuzzer: deadly signal #0 0x558f75449c10 in __sanitizer_print_stack_trace (/root/fuzz_dir/scratch/fuzz_gen/code/src/test/fuzz/fuzz+0x5fec10) #1 0x558f753f32b8 in fuzzer::PrintStackTrace() fuzzer.o #2 0x558f753d68d3 in fuzzer::Fuzzer::CrashCallback() fuzzer.o #3 0x7f4a3cbbb3bf (/lib/x86_64-linux-gnu/libpthread.so.0+0x153bf) #4 0x7f4a3c7ff18a in raise (/lib/x86_64-linux-gnu/libc.so.6+0x4618a) #5 0x7f4a3c7de858 in abort (/lib/x86_64-linux-gnu/libc.so.6+0x25858) #6 0x7f4a3c7de728 (/lib/x86_64-linux-gnu/libc.so.6+0x25728) #7 0x7f4a3c7eff35 in __assert_fail (/lib/x86_64-linux-gnu/libc.so.6+0x36f35) #8 0x558f7588a913 in CScheduler::MockForward(std::chrono::duration<long, std::ratio<1l, 1l> >) scheduler.cpp:83:5 #9 0x558f75b0e5b1 in mockscheduler()::$_7::operator()(RPCHelpMan const&, JSONRPCRequest const&) const rpc/misc.cpp:435:30 #10 0x558f75b0e5b1 in std::_Function_handler<UniValue (RPCHelpMan const&, JSONRPCRequest const&), mockscheduler()::$_7>::_M_invoke(std::_Any_data const&, RPCHelpMan const&, JSONRPCRequest const&) /usr/bin/../lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/bits/std_function.h:285:9 #11 0x558f7587a141 in std::function<UniValue (RPCHelpMan const&, JSONRPCRequest const&)>::operator()(RPCHelpMan const&, JSONRPCRequest const&) const /usr/bin/../lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/bits/std_function.h:688:14 #12 0x558f7587a141 in RPCHelpMan::HandleRequest(JSONRPCRequest const&) const rpc/util.cpp:565:26 #13 0x558f756c0086 in CRPCCommand::CRPCCommand(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, RPCHelpMan (*)())::'lambda'(JSONRPCRequest const&, UniValue&, bool)::operator()(JSONRPCRequest const&, UniValue&, bool) const ./rpc/server.h:110:91 #14 0x558f756c0086 in std::_Function_handler<bool (JSONRPCRequest const&, UniValue&, bool), CRPCCommand::CRPCCommand(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, RPCHelpMan (*)())::'lambda'(JSONRPCRequest const&, UniValue&, bool)>::_M_invoke(std::_Any_data const&, JSONRPCRequest const&, UniValue&, bool&&) /usr/bin/../lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/bits/std_function.h:285:9 #15 0x558f756b8592 in std::function<bool (JSONRPCRequest const&, UniValue&, bool)>::operator()(JSONRPCRequest const&, UniValue&, bool) const /usr/bin/../lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/bits/std_function.h:688:14 #16 0x558f756b8592 in ExecuteCommand(CRPCCommand const&, JSONRPCRequest const&, UniValue&, bool) rpc/server.cpp:480:20 #17 0x558f756b8592 in ExecuteCommands(std::vector<CRPCCommand const*, std::allocator<CRPCCommand const*> > const&, JSONRPCRequest const&, UniValue&) rpc/server.cpp:444:13 #18 0x558f756b8017 in CRPCTable::execute(JSONRPCRequest const&) const rpc/server.cpp:464:13 #19 0x558f7552457a in (anonymous namespace)::RPCFuzzTestingSetup::CallRPC(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > const&) test/fuzz/rpc.cpp:50:25 #20 0x558f7552457a in rpc_fuzz_target(Span<unsigned char const>) test/fuzz/rpc.cpp:354:28 #21 0x558f7544cf0f in std::_Function_handler<void (Span<unsigned char const>), void (*)(Span<unsigned char const>)>::_M_invoke(std::_Any_data const&, Span<unsigned char const>&&) /usr/bin/../lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/bits/std_function.h:300:2 #22 0x558f75c05197 in std::function<void (Span<unsigned char const>)>::operator()(Span<unsigned char const>) const /usr/bin/../lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/bits/std_function.h:688:14 #23 0x558f75c05197 in LLVMFuzzerTestOneInput test/fuzz/fuzz.cpp:74:5 #24 0x558f753d8073 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) fuzzer.o #25 0x558f753c1f72 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) fuzzer.o #26 0x558f753c7d6a in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) fuzzer.o #27 0x558f753f3a92 in main (/root/fuzz_dir/scratch/fuzz_gen/code/src/test/fuzz/fuzz+0x5a8a92) #28 0x7f4a3c7e00b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2) #29 0x558f7539cc9d in _start (/root/fuzz_dir/scratch/fuzz_gen/code/src/test/fuzz/fuzz+0x551c9d) ACKs for top commit: practicalswift: cr ACK fa2e614 Tree-SHA512: cfa120265261f0ad019b46c426b915c1c007806b37aecb27016ce780a0ddea5e6fc9b09065fd40684b11183dcd3bf543558d7a655e604695021653540266baf7
domob1812
pushed a commit
that referenced
this issue
Feb 28, 2022
fa7e147 test: Fix intermittent Tsan issue (MarcoFalke) Pull request description: Fix https://cirrus-ci.com/task/5176769937408000?logs=ci#L5161 ``` WARNING: ThreadSanitizer: data race (pid=22965) Write of size 8 at 0x7f74d5e21f50 by main thread: #0 std::__1::ios_base::precision(long) /usr/lib/llvm-13/bin/../include/c++/v1/ios:513:18 (test_bitcoin+0x1a8366) #1 boost::io::ios_base_all_saver::restore() /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/io/ios_state.hpp:341:17 (test_bitcoin+0x1a8366) #2 boost::unit_test::unit_test_log_t::operator<<(boost::unit_test::log::begin const&) /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/test/impl/unit_test_log.ipp:336:55 (test_bitcoin+0x1a8366) #3 boost::test_tools::tt_detail::report_assertion(boost::test_tools::assertion_result const&, boost::unit_test::lazy_ostream const&, boost::unit_test::basic_cstring<char const>, unsigned long, boost::test_tools::tt_detail::tool_level, boost::test_tools::tt_detail::check_type, unsigned long, ...) /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/test/impl/test_tools.ipp:359:19 (test_bitcoin+0x1b3b9b) #4 txindex_tests::txindex_initial_sync::test_method() src/test/txindex_tests.cpp:31:5 (test_bitcoin+0x78aebc) #5 txindex_tests::txindex_initial_sync_invoker() src/test/txindex_tests.cpp:16:1 (test_bitcoin+0x78a384) #6 boost::detail::function::void_function_invoker0<void (*)(), void>::invoke(boost::detail::function::function_buffer&) /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/function/function_template.hpp:117:11 (test_bitcoin+0x2bf30d) #7 boost::function0<void>::operator()() const /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/function/function_template.hpp:763:14 (test_bitcoin+0x224027) #8 boost::detail::forward::operator()() /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/test/impl/execution_monitor.ipp:1368:32 (test_bitcoin+0x224027) #9 boost::detail::function::function_obj_invoker0<boost::detail::forward, int>::invoke(boost::detail::function::function_buffer&) /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/function/function_template.hpp:137:18 (test_bitcoin+0x224027) #10 boost::function0<int>::operator()() const /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/function/function_template.hpp:763:14 (test_bitcoin+0x1ac66c) #11 int boost::detail::do_invoke<boost::shared_ptr<boost::detail::translator_holder_base>, boost::function<int ()> >(boost::shared_ptr<boost::detail::translator_holder_base> const&, boost::function<int ()> const&) /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/test/impl/execution_monitor.ipp:290:30 (test_bitcoin+0x1ac66c) #12 boost::execution_monitor::catch_signals(boost::function<int ()> const&) /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/test/impl/execution_monitor.ipp:879:16 (test_bitcoin+0x1ac66c) #13 boost::execution_monitor::execute(boost::function<int ()> const&) /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/test/impl/execution_monitor.ipp:1277:16 (test_bitcoin+0x1ac980) #14 boost::execution_monitor::vexecute(boost::function<void ()> const&) /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/test/impl/execution_monitor.ipp:1377:5 (test_bitcoin+0x1a7f9b) #15 boost::unit_test::unit_test_monitor_t::execute_and_translate(boost::function<void ()> const&, unsigned long) /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/test/impl/unit_test_monitor.ipp:49:9 (test_bitcoin+0x1a7f9b) #16 boost::unit_test::framework::state::execute_test_tree(unsigned long, unsigned long, boost::unit_test::framework::state::random_generator_helper const*) /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/test/impl/framework.ipp:823:44 (test_bitcoin+0x1e0d5c) #17 boost::unit_test::framework::state::execute_test_tree(unsigned long, unsigned long, boost::unit_test::framework::state::random_generator_helper const*) /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/test/impl/framework.ipp:792:58 (test_bitcoin+0x1e14a6) #18 boost::unit_test::framework::state::execute_test_tree(unsigned long, unsigned long, boost::unit_test::framework::state::random_generator_helper const*) /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/test/impl/framework.ipp:792:58 (test_bitcoin+0x1e14a6) #19 boost::unit_test::framework::run(unsigned long, bool) /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/test/impl/framework.ipp:1696:29 (test_bitcoin+0x1a6bfb) #20 boost::unit_test::unit_test_main(boost::unit_test::test_suite* (*)(int, char**), int, char**) /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/test/impl/unit_test_main.ipp:248:9 (test_bitcoin+0x1c4ed6) #21 main /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/test/impl/unit_test_main.ipp:304:12 (test_bitcoin+0x1c5506) Previous write of size 8 at 0x7f74d5e21f50 by thread T4: [failed to restore the stack] Location is global 'std::__1::cout' of size 160 at 0x7f74d5e21f30 (libc++.so.1+0x0000000cdf50) Thread T4 'b-txindex' (tid=22989, running) created by main thread at: #0 pthread_create <null> (test_bitcoin+0x1184cd) #1 std::__1::__libcpp_thread_create(unsigned long*, void* (*)(void*), void*) /usr/lib/llvm-13/bin/../include/c++/v1/__threading_support:514:10 (test_bitcoin+0xa23f1b) #2 std::__1::thread::thread<void (*)(char const*, std::__1::function<void ()>), char const*, BaseIndex::Start(CChainState&)::$_0, void>(void (*&&)(char const*, std::__1::function<void ()>), char const*&&, BaseIndex::Start(CChainState&)::$_0&&) /usr/lib/llvm-13/bin/../include/c++/v1/thread:307:16 (test_bitcoin+0xa23f1b) #3 BaseIndex::Start(CChainState&) src/index/base.cpp:363:21 (test_bitcoin+0xa23f1b) #4 txindex_tests::txindex_initial_sync::test_method() src/test/txindex_tests.cpp:31:5 (test_bitcoin+0x78adfa) #5 txindex_tests::txindex_initial_sync_invoker() src/test/txindex_tests.cpp:16:1 (test_bitcoin+0x78a384) #6 boost::detail::function::void_function_invoker0<void (*)(), void>::invoke(boost::detail::function::function_buffer&) /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/function/function_template.hpp:117:11 (test_bitcoin+0x2bf30d) #7 boost::function0<void>::operator()() const /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/function/function_template.hpp:763:14 (test_bitcoin+0x224027) #8 boost::detail::forward::operator()() /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/test/impl/execution_monitor.ipp:1368:32 (test_bitcoin+0x224027) #9 boost::detail::function::function_obj_invoker0<boost::detail::forward, int>::invoke(boost::detail::function::function_buffer&) /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/function/function_template.hpp:137:18 (test_bitcoin+0x224027) #10 boost::function0<int>::operator()() const /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/function/function_template.hpp:763:14 (test_bitcoin+0x1ac66c) #11 int boost::detail::do_invoke<boost::shared_ptr<boost::detail::translator_holder_base>, boost::function<int ()> >(boost::shared_ptr<boost::detail::translator_holder_base> const&, boost::function<int ()> const&) /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/test/impl/execution_monitor.ipp:290:30 (test_bitcoin+0x1ac66c) #12 boost::execution_monitor::catch_signals(boost::function<int ()> const&) /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/test/impl/execution_monitor.ipp:879:16 (test_bitcoin+0x1ac66c) #13 boost::execution_monitor::execute(boost::function<int ()> const&) /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/test/impl/execution_monitor.ipp:1277:16 (test_bitcoin+0x1ac980) #14 boost::execution_monitor::vexecute(boost::function<void ()> const&) /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/test/impl/execution_monitor.ipp:1377:5 (test_bitcoin+0x1a7f9b) #15 boost::unit_test::unit_test_monitor_t::execute_and_translate(boost::function<void ()> const&, unsigned long) /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/test/impl/unit_test_monitor.ipp:49:9 (test_bitcoin+0x1a7f9b) #16 boost::unit_test::framework::state::execute_test_tree(unsigned long, unsigned long, boost::unit_test::framework::state::random_generator_helper const*) /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/test/impl/framework.ipp:823:44 (test_bitcoin+0x1e0d5c) #17 boost::unit_test::framework::state::execute_test_tree(unsigned long, unsigned long, boost::unit_test::framework::state::random_generator_helper const*) /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/test/impl/framework.ipp:792:58 (test_bitcoin+0x1e14a6) #18 boost::unit_test::framework::state::execute_test_tree(unsigned long, unsigned long, boost::unit_test::framework::state::random_generator_helper const*) /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/test/impl/framework.ipp:792:58 (test_bitcoin+0x1e14a6) #19 boost::unit_test::framework::run(unsigned long, bool) /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/test/impl/framework.ipp:1696:29 (test_bitcoin+0x1a6bfb) #20 boost::unit_test::unit_test_main(boost::unit_test::test_suite* (*)(int, char**), int, char**) /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/test/impl/unit_test_main.ipp:248:9 (test_bitcoin+0x1c4ed6) #21 main /tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/include/boost/test/impl/unit_test_main.ipp:304:12 (test_bitcoin+0x1c5506) SUMMARY: ThreadSanitizer: data race /usr/lib/llvm-13/bin/../include/c++/v1/ios:513:18 in std::__1::ios_base::precision(long) ================== Exit status: 2 ACKs for top commit: fanquake: CI ignored ACK fa7e147 Tree-SHA512: 5194e026410b96ad3c8addeecce0a55ee0271c3cfac9fa0715345b1a50d59925549cee0a3e415e5837ae6d2f214a7b622c73cfc7fdf41d5e55c24fb87fddb9d1
Because there's so much to learn about this project's other leader across the pond. The two of you have very different work, but like a Parent in Merge Mining, who is to say the chain from the project's "namecoin" repositories are the "best and official" master upstream chain. Git is a block chain. GitHub has properties like hashes and parent sometimes more than one to commits. Sometimes even find commits in a repository that is not part of it anymore if you click enough of those hashes. Poor orphans. :) |
domob1812
pushed a commit
that referenced
this issue
Aug 22, 2022
… response fac04cb refactor: Add lock annotations to Active* methods (MacroFake) fac15ff Fix logical race in rest_getutxos (MacroFake) fa97a52 Fix UB/data-race in RPCNotifyBlockChange (MacroFake) fa530bc Add ChainstateManager::GetMutex(), an alias for ::cs_main (MacroFake) Pull request description: This fixes two issues: * A data race in `ActiveChain`, which returns a reference to the chain (a `std::vector`), which is not thread safe. See also below traceback. * A corrupt rest response, which returns a blockheight and blockhash, which are unrelated to each other and to the result, as the chain might advance between each call without cs_main held. The issues are fixed by taking cs_main and holding it for the required time. ``` ================== WARNING: ThreadSanitizer: data race (pid=32335) Write of size 8 at 0x7b3c000008f0 by thread T22 (mutexes: write M131626, write M151, write M131553): #0 std::__1::enable_if<(is_move_constructible<CBlockIndex**>::value) && (is_move_assignable<CBlockIndex**>::value), void>::type std::__1::swap<CBlockIndex**>(CBlockIndex**&, CBlockIndex**&) /usr/lib/llvm-13/bin/../include/c++/v1/__utility/swap.h:39:7 (bitcoind+0x501239) #1 std::__1::vector<CBlockIndex*, std::__1::allocator<CBlockIndex*> >::__swap_out_circular_buffer(std::__1::__split_buffer<CBlockIndex*, std::__1::allocator<CBlockIndex*>&>&) /usr/lib/llvm-13/bin/../include/c++/v1/vector:977:5 (bitcoind+0x501239) #2 std::__1::vector<CBlockIndex*, std::__1::allocator<CBlockIndex*> >::__append(unsigned long) /usr/lib/llvm-13/bin/../include/c++/v1/vector:1117:9 (bitcoind+0x501239) #3 std::__1::vector<CBlockIndex*, std::__1::allocator<CBlockIndex*> >::resize(unsigned long) /usr/lib/llvm-13/bin/../include/c++/v1/vector:2046:15 (bitcoind+0x4ffe29) #4 CChain::SetTip(CBlockIndex*) src/chain.cpp:19:12 (bitcoind+0x4ffe29) #5 CChainState::ConnectTip(BlockValidationState&, CBlockIndex*, std::__1::shared_ptr<CBlock const> const&, ConnectTrace&, DisconnectedBlockTransactions&) src/validation.cpp:2748:13 (bitcoind+0x475d00) #6 CChainState::ActivateBestChainStep(BlockValidationState&, CBlockIndex*, std::__1::shared_ptr<CBlock const> const&, bool&, ConnectTrace&) src/validation.cpp:2884:18 (bitcoind+0x47739e) #7 CChainState::ActivateBestChain(BlockValidationState&, std::__1::shared_ptr<CBlock const>) src/validation.cpp:3011:22 (bitcoind+0x477baf) #8 node::ThreadImport(ChainstateManager&, std::__1::vector<fs::path, std::__1::allocator<fs::path> >, ArgsManager const&) src/node/blockstorage.cpp:883:30 (bitcoind+0x23cd74) #9 AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7::operator()() const src/init.cpp:1657:9 (bitcoind+0x15863e) #10 decltype(static_cast<AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7&>(fp)()) std::__1::__invoke<AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7&>(AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7&) /usr/lib/llvm-13/bin/../include/c++/v1/type_traits:3918:1 (bitcoind+0x15863e) #11 void std::__1::__invoke_void_return_wrapper<void, true>::__call<AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7&>(AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7&) /usr/lib/llvm-13/bin/../include/c++/v1/__functional/invoke.h:61:9 (bitcoind+0x15863e) #12 std::__1::__function::__alloc_func<AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7, std::__1::allocator<AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7>, void ()>::operator()() /usr/lib/llvm-13/bin/../include/c++/v1/__functional/function.h:171:16 (bitcoind+0x15863e) #13 std::__1::__function::__func<AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7, std::__1::allocator<AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7>, void ()>::operator()() /usr/lib/llvm-13/bin/../include/c++/v1/__functional/function.h:345:12 (bitcoind+0x15863e) #14 std::__1::__function::__value_func<void ()>::operator()() const /usr/lib/llvm-13/bin/../include/c++/v1/__functional/function.h:498:16 (bitcoind+0x88891f) #15 std::__1::function<void ()>::operator()() const /usr/lib/llvm-13/bin/../include/c++/v1/__functional/function.h:1175:12 (bitcoind+0x88891f) #16 util::TraceThread(char const*, std::__1::function<void ()>) src/util/thread.cpp:18:9 (bitcoind+0x88891f) #17 decltype(static_cast<void (*>(fp)(static_cast<char const*>(fp0), static_cast<AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7>(fp0))) std::__1::__invoke<void (*)(char const*, std::__1::function<void ()>), char const*, AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7>(void (*&&)(char const*, std::__1::function<void ()>), char const*&&, AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7&&) /usr/lib/llvm-13/bin/../include/c++/v1/type_traits:3918:1 (bitcoind+0x157e6a) #18 void std::__1::__thread_execute<std::__1::unique_ptr<std::__1::__thread_struct, std::__1::default_delete<std::__1::__thread_struct> >, void (*)(char const*, std::__1::function<void ()>), char const*, AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7, 2ul, 3ul>(std::__1::tuple<std::__1::unique_ptr<std::__1::__thread_struct, std::__1::default_delete<std::__1::__thread_struct> >, void (*)(char const*, std::__1::function<void ()>), char const*, AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7>&, std::__1::__tuple_indices<2ul, 3ul>) /usr/lib/llvm-13/bin/../include/c++/v1/thread:280:5 (bitcoind+0x157e6a) #19 void* std::__1::__thread_proxy<std::__1::tuple<std::__1::unique_ptr<std::__1::__thread_struct, std::__1::default_delete<std::__1::__thread_struct> >, void (*)(char const*, std::__1::function<void ()>), char const*, AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7> >(void*) /usr/lib/llvm-13/bin/../include/c++/v1/thread:291:5 (bitcoind+0x157e6a) Previous read of size 8 at 0x7b3c000008f0 by main thread: #0 std::__1::vector<CBlockIndex*, std::__1::allocator<CBlockIndex*> >::size() const /usr/lib/llvm-13/bin/../include/c++/v1/vector:680:61 (bitcoind+0x15179d) #1 CChain::Tip() const src/./chain.h:449:23 (bitcoind+0x15179d) #2 ChainstateManager::ActiveTip() const src/./validation.h:927:59 (bitcoind+0x15179d) #3 AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*) src/init.cpp:1841:35 (bitcoind+0x15179d) #4 AppInit(node::NodeContext&, int, char**) src/bitcoind.cpp:231:43 (bitcoind+0x133fd2) #5 main src/bitcoind.cpp:275:13 (bitcoind+0x133fd2) Location is heap block of size 232 at 0x7b3c00000870 allocated by main thread: #0 operator new(unsigned long) <null> (bitcoind+0x132668) #1 ChainstateManager::InitializeChainstate(CTxMemPool*, std::__1::optional<uint256> const&) src/validation.cpp:4851:21 (bitcoind+0x48e26b) #2 node::LoadChainstate(bool, ChainstateManager&, CTxMemPool*, bool, Consensus::Params const&, bool, long, long, long, bool, bool, std::__1::function<bool ()>, std::__1::function<void ()>) src/node/chainstate.cpp:31:14 (bitcoind+0x24de07) #3 AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*) src/init.cpp:1438:32 (bitcoind+0x14e994) #4 AppInit(node::NodeContext&, int, char**) src/bitcoind.cpp:231:43 (bitcoind+0x133fd2) #5 main src/bitcoind.cpp:275:13 (bitcoind+0x133fd2) Mutex M131626 (0x7b3c00000898) created at: #0 pthread_mutex_lock <null> (bitcoind+0xda898) #1 std::__1::mutex::lock() <null> (libc++.so.1+0x49f35) #2 node::ThreadImport(ChainstateManager&, std::__1::vector<fs::path, std::__1::allocator<fs::path> >, ArgsManager const&) src/node/blockstorage.cpp:883:30 (bitcoind+0x23cd74) #3 AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7::operator()() const src/init.cpp:1657:9 (bitcoind+0x15863e) #4 decltype(static_cast<AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7&>(fp)()) std::__1::__invoke<AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7&>(AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7&) /usr/lib/llvm-13/bin/../include/c++/v1/type_traits:3918:1 (bitcoind+0x15863e) #5 void std::__1::__invoke_void_return_wrapper<void, true>::__call<AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7&>(AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7&) /usr/lib/llvm-13/bin/../include/c++/v1/__functional/invoke.h:61:9 (bitcoind+0x15863e) #6 std::__1::__function::__alloc_func<AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7, std::__1::allocator<AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7>, void ()>::operator()() /usr/lib/llvm-13/bin/../include/c++/v1/__functional/function.h:171:16 (bitcoind+0x15863e) #7 std::__1::__function::__func<AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7, std::__1::allocator<AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7>, void ()>::operator()() /usr/lib/llvm-13/bin/../include/c++/v1/__functional/function.h:345:12 (bitcoind+0x15863e) #8 std::__1::__function::__value_func<void ()>::operator()() const /usr/lib/llvm-13/bin/../include/c++/v1/__functional/function.h:498:16 (bitcoind+0x88891f) #9 std::__1::function<void ()>::operator()() const /usr/lib/llvm-13/bin/../include/c++/v1/__functional/function.h:1175:12 (bitcoind+0x88891f) #10 util::TraceThread(char const*, std::__1::function<void ()>) src/util/thread.cpp:18:9 (bitcoind+0x88891f) #11 decltype(static_cast<void (*>(fp)(static_cast<char const*>(fp0), static_cast<AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7>(fp0))) std::__1::__invoke<void (*)(char const*, std::__1::function<void ()>), char const*, AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7>(void (*&&)(char const*, std::__1::function<void ()>), char const*&&, AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7&&) /usr/lib/llvm-13/bin/../include/c++/v1/type_traits:3918:1 (bitcoind+0x157e6a) #12 void std::__1::__thread_execute<std::__1::unique_ptr<std::__1::__thread_struct, std::__1::default_delete<std::__1::__thread_struct> >, void (*)(char const*, std::__1::function<void ()>), char const*, AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7, 2ul, 3ul>(std::__1::tuple<std::__1::unique_ptr<std::__1::__thread_struct, std::__1::default_delete<std::__1::__thread_struct> >, void (*)(char const*, std::__1::function<void ()>), char const*, AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7>&, std::__1::__tuple_indices<2ul, 3ul>) /usr/lib/llvm-13/bin/../include/c++/v1/thread:280:5 (bitcoind+0x157e6a) #13 void* std::__1::__thread_proxy<std::__1::tuple<std::__1::unique_ptr<std::__1::__thread_struct, std::__1::default_delete<std::__1::__thread_struct> >, void (*)(char const*, std::__1::function<void ()>), char const*, AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7> >(void*) /usr/lib/llvm-13/bin/../include/c++/v1/thread:291:5 (bitcoind+0x157e6a) Mutex M151 (0x55aacb8ea030) created at: #0 pthread_mutex_init <null> (bitcoind+0xbed2f) #1 std::__1::recursive_mutex::recursive_mutex() <null> (libc++.so.1+0x49fb3) #2 __libc_start_main <null> (libc.so.6+0x29eba) Mutex M131553 (0x7b4c000042e0) created at: #0 pthread_mutex_init <null> (bitcoind+0xbed2f) #1 std::__1::recursive_mutex::recursive_mutex() <null> (libc++.so.1+0x49fb3) #2 std::__1::__unique_if<CTxMemPool>::__unique_single std::__1::make_unique<CTxMemPool, CBlockPolicyEstimator*, int const&>(CBlockPolicyEstimator*&&, int const&) /usr/lib/llvm-13/bin/../include/c++/v1/__memory/unique_ptr.h:728:32 (bitcoind+0x15c81d) #3 AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*) src/init.cpp:1426:24 (bitcoind+0x14e7b4) #4 AppInit(node::NodeContext&, int, char**) src/bitcoind.cpp:231:43 (bitcoind+0x133fd2) #5 main src/bitcoind.cpp:275:13 (bitcoind+0x133fd2) Thread T22 'b-loadblk' (tid=32370, running) created by main thread at: #0 pthread_create <null> (bitcoind+0xbd5bd) #1 std::__1::__libcpp_thread_create(unsigned long*, void* (*)(void*), void*) /usr/lib/llvm-13/bin/../include/c++/v1/__threading_support:443:10 (bitcoind+0x155e06) #2 std::__1::thread::thread<void (*)(char const*, std::__1::function<void ()>), char const (&) [8], AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7, void>(void (*&&)(char const*, std::__1::function<void ()>), char const (&) [8], AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*)::$_7&&) /usr/lib/llvm-13/bin/../include/c++/v1/thread:307:16 (bitcoind+0x155e06) #3 AppInitMain(node::NodeContext&, interfaces::BlockAndHeaderTipInfo*) src/init.cpp:1656:29 (bitcoind+0x150164) #4 AppInit(node::NodeContext&, int, char**) src/bitcoind.cpp:231:43 (bitcoind+0x133fd2) #5 main src/bitcoind.cpp:275:13 (bitcoind+0x133fd2) SUMMARY: ThreadSanitizer: data race /usr/lib/llvm-13/bin/../include/c++/v1/__utility/swap.h:39:7 in std::__1::enable_if<(is_move_constructible<CBlockIndex**>::value) && (is_move_assignable<CBlockIndex**>::value), void>::type std::__1::swap<CBlockIndex**>(CBlockIndex**&, CBlockIndex**&) ================== ``` From https://cirrus-ci.com/task/5612886578954240?logs=ci#L4868 ACKs for top commit: achow101: re-ACK fac04cb theStack: Code-review ACK fac04cb Tree-SHA512: 9d619f99ff6373874c7ffe1db20674575605646b4b54b692fb54515a4a49f110a770026d7320ed6dfeaa7976be4cd89e93f821acdbf22c7662bd1c5be0cedcd2
domob1812
pushed a commit
that referenced
this issue
Dec 19, 2022
e4be0e9 test: add -maxtipage test for the maximum allowable value (James O'Beirne) a451e83 fix: validation: cast now() to seconds for maxtipage comparison (James O'Beirne) Pull request description: Since bitcoin/bitcoin@faf4487, the maxtipage comparison in IsInitialBlockDownload() has been broken, since the NodeClock::now() time_point is in the system's native denomination (nanoseconds). Without this patch, specifying the maximum allowable -maxtipage (9223372036854775807) results in a SIGABRT crash: ``` % gdb --args ./src/bitcoind -maxtipage=9223372036854775207 -minimumchainwork=0x00 -stopatheight=30000 ... 2022-11-09T15:55:17Z [dnsseed] dnsseed thread exit [Thread 0x7fff937fe640 (LWP 69883) exited] Thread 29 "b-msghand" received signal SIGABRT, Aborted. [Switching to Thread 0x7fff91ffb640 (LWP 69886)] __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=6, no_tid=no_tid@entry=0) at ./nptl/pthread_kill.c:44 44 ./nptl/pthread_kill.c: No such file or directory. (gdb) bt #0 __pthread_kill_implementation (threadid=<optimized out>, signo=signo@entry=6, no_tid=no_tid@entry=0) at ./nptl/pthread_kill.c:44 #1 0x00007ffff768989f in __pthread_kill_internal (signo=6, threadid=<optimized out>) at ./nptl/pthread_kill.c:78 #2 0x00007ffff763da52 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26 #3 0x00007ffff7628469 in __GI_abort () at ./stdlib/abort.c:79 #4 0x00007ffff7cf79a4 in __mulvdi3 () from /lib/x86_64-linux-gnu/libgcc_s.so.1 #5 0x00005555558d13ab in std::chrono::__duration_cast_impl<std::chrono::duration<long, std::ratio<1l, 1000000000l> >, std::ratio<1000000000l, 1l>, long, false, true>::__cast<long, std::ratio<1l, 1l> > (__d=...) at /usr/include/c++/12/bits/chrono.h:521 #6 std::chrono::duration_cast<std::chrono::duration<long, std::ratio<1l, 1000000000l> >, long, std::ratio<1l, 1l> > (__d=...) at /usr/include/c++/12/bits/chrono.h:260 #7 std::chrono::duration<long, std::ratio<1l, 1000000000l> >::duration<long, std::ratio<1l, 1l>, void> (__d=..., this=<optimized out>) at /usr/include/c++/12/bits/chrono.h:514 #8 std::chrono::operator-<long, std::ratio<1l, 1000000000l>, long, std::ratio<1l, 1l> > (__rhs=..., __lhs=...) at /usr/include/c++/12/bits/chrono.h:650 #9 std::chrono::operator-<NodeClock, std::chrono::duration<long, std::ratio<1l, 1000000000l> >, long, std::ratio<1l, 1l> > (__rhs=..., __lhs=...) at /usr/include/c++/12/bits/chrono.h:1020 #10 Chainstate::IsInitialBlockDownload (this=0x555556071940) at ./src/validation.cpp:1545 #11 0x00005555556efd1e in operator() (__closure=<optimized out>) at ./src/net_processing.cpp:3369 #12 (anonymous namespace)::PeerManagerImpl::ProcessMessage (this=0x555556219be0, pfrom=..., msg_type=..., vRecv=..., time_received=..., interruptMsgProc=...) at ./src/net_processing.cpp:3369 #13 0x00005555556f75cc in (anonymous namespace)::PeerManagerImpl::ProcessMessages (this=0x555556219be0, pfrom=<optimized out>, interruptMsgProc=std::atomic<bool> = { false }) at ./src/net_processing.cpp:4985 #14 0x00005555556a83c9 in CConnman::ThreadMessageHandler (this=0x5555560ebc70) at ./src/net.cpp:2014 #15 0x0000555555c4d5d6 in std::function<void ()>::operator()() const (this=0x7fff91ffadb0) at /usr/include/c++/12/bits/std_function.h:591 #16 util::TraceThread(std::basic_string_view<char, std::char_traits<char> >, std::function<void ()>) ( thread_name="0\255\377\221\377\177\000\000\v\000\000\000\000\000\000\000TraceThread\000\000\000\000\000P\255\377\221\377\177\000\000\017\000\000\000\000\000\000\000util/thread.cpp\000\000\000\000\000\000\000\000\000\000ihB鵿6\000\000\000\000\000\000\000\000\260\255\377\221\377\177\000\000\277\211\321UUU\000\000p\324\304UUU\000\000\002\000\000\000\000\000\000\000\240xh\367\377\177\000\000\000\000\000\000\000\000\000\000]\340iUUU\000\000p\274\016VUU\000\000\000\000\000\000\000\000\000\000\300\303iUUU\000\000p\206jUUU", '\000' <repeats 11 times>, "ihB鵿6\200\251!VUU\000\000"..., thread_func=...) at util/thread.cpp:21 #17 0x000055555569e05d in std::__invoke_impl<void, void (*)(std::basic_string_view<char>, std::function<void()>), char const*, CConnman::Start(CScheduler&, const Options&)::<lambda()> > (__f=<optimized out>) at /usr/include/c++/12/bits/invoke.h:61 #18 std::__invoke<void (*)(std::basic_string_view<char>, std::function<void()>), char const*, CConnman::Start(CScheduler&, const Options&)::<lambda()> > (__fn=<optimized out>) at /usr/include/c++/12/bits/invoke.h:96 #19 std::thread::_Invoker<std::tuple<void (*)(std::basic_string_view<char, std::char_traits<char> >, std::function<void()>), char const*, CConnman::Start(CScheduler&, const Options&)::<lambda()> > >::_M_invoke<0, 1, 2> (this=<optimized out>) at /usr/include/c++/12/bits/std_thread.h:252 #20 std::thread::_Invoker<std::tuple<void (*)(std::basic_string_view<char, std::char_traits<char> >, std::function<void()>), char const*, CConnman::Start(CScheduler&, const Options&)::<lambda()> > >::operator() (this=<optimized out>) at /usr/include/c++/12/bits/std_thread.h:259 #21 std::thread::_State_impl<std::thread::_Invoker<std::tuple<void (*)(std::basic_string_view<char, std::char_traits<char> >, std::function<void()>), char const*, CConnman::Start(CScheduler&, const Options&)::<lambda()> > > >::_M_run(void) (this=<optimized out>) at /usr/include/c++/12/bits/std_thread.h:210 #22 0x00007ffff7ad43d3 in ?? () from /lib/x86_64-linux-gnu/libstdc++.so.6 #23 0x00007ffff7687b27 in start_thread (arg=<optimized out>) at ./nptl/pthread_create.c:435 #24 0x00007ffff770a78c in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81 (gdb) ``` ACKs for top commit: MarcoFalke: review ACK e4be0e9 🏽 Tree-SHA512: d892d6264a284d952a68a8631a6301277373b8df939dafd9e2652f2f22ab60712cde63b90c27c67ea2d05f02443452e3e4e1b9f25479bfaca00d4c4de13b9fbd
domob1812
pushed a commit
that referenced
this issue
May 8, 2023
f952e67 ci: remove usage of untrusted bpfcc-tools (fanquake) 1232c2f ci: use LLVM/clang-16 in native_asan job (fanquake) Pull request description: Similar to #27298. Working for me on `x86_64` and solves the issue I currently see with TSAN on `aarch64` with master (6882828): ```bash crc32c/src/crc32c_arm64.cc:101:26: runtime error: load of misaligned address 0xffff84400406 for type 'uint64_t' (aka 'unsigned long'), which requires 8 byte alignment 0xffff84400406: note: pointer points here b9 c5 22 00 01 01 1a 6c 65 76 65 6c 64 62 2e 42 79 74 65 77 69 73 65 43 6f 6d 70 61 72 61 74 6f ^ #0 0xaaaaaddaf0b4 in crc32c::ExtendArm64(unsigned int, unsigned char const*, unsigned long) src/./src/crc32c/src/crc32c_arm64.cc:101:26 #1 0xaaaaadd2c838 in leveldb::crc32c::Value(char const*, unsigned long) src/./leveldb/util/crc32c.h:20:60 #2 0xaaaaadd2c838 in leveldb::log::Reader::ReadPhysicalRecord(leveldb::Slice*) src/./src/leveldb/db/log_reader.cc:246:29 #3 0xaaaaadd2ba9c in leveldb::log::Reader::ReadRecord(leveldb::Slice*, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >*) src/./src/leveldb/db/log_reader.cc:72:38 #4 0xaaaaadd41710 in leveldb::VersionSet::Recover(bool*) src/./src/leveldb/db/version_set.cc:910:19 #5 0xaaaaadcf9fec in leveldb::DBImpl::Recover(leveldb::VersionEdit*, bool*) src/./src/leveldb/db/db_impl.cc:320:18 #6 0xaaaaadd12068 in leveldb::DB::Open(leveldb::Options const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, leveldb::DB**) src/./src/leveldb/db/db_impl.cc:1487:20 #7 0xaaaaad314e80 in CDBWrapper::CDBWrapper(DBParams const&) src/./src/dbwrapper.cpp:156:30 #8 0xaaaaace94880 in CBlockTreeDB::CBlockTreeDB(DBParams const&) src/./txdb.h:89:23 #9 0xaaaaace94880 in std::_MakeUniq<CBlockTreeDB>::__single_object std::make_unique<CBlockTreeDB, DBParams>(DBParams&&) /usr/bin/../lib/gcc/aarch64-linux-gnu/11/../../../../include/c++/11/bits/unique_ptr.h:962:34 #10 0xaaaaace94880 in ChainTestingSetup::ChainTestingSetup(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::vector<char const*, std::allocator<char const*> > const&) src/./src/test/util/setup_common.cpp:188:51 #11 0xaaaaace95da0 in TestingSetup::TestingSetup(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::vector<char const*, std::allocator<char const*> > const&, bool, bool) src/./src/test/util/setup_common.cpp:243:7 #12 0xaaaaace96730 in TestChain100Setup::TestChain100Setup(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::vector<char const*, std::allocator<char const*> > const&, bool, bool) src/./src/test/util/setup_common.cpp:274:7 #13 0xaaaaac1ddbc8 in blockfilter_index_tests::BuildChainTestingSetup::BuildChainTestingSetup() src/./src/test/blockfilter_index_tests.cpp:26:8 #14 0xaaaaac1ddbc8 in blockfilter_index_tests::blockfilter_index_initial_sync::blockfilter_index_initial_sync() src/./src/test/blockfilter_index_tests.cpp:112:1 #15 0xaaaaac1ddbc8 in blockfilter_index_tests::blockfilter_index_initial_sync_invoker() src/./src/test/blockfilter_index_tests.cpp:112:1 #16 0xaaaaabf08f7c in boost::function0<void>::operator()() const /usr/include/boost/function/function_template.hpp:763:14 #17 0xaaaaabf95468 in boost::detail::forward::operator()() /usr/include/boost/test/impl/execution_monitor.ipp:1388:32 #18 0xaaaaabf95468 in boost::detail::function::function_obj_invoker0<boost::detail::forward, int>::invoke(boost::detail::function::function_buffer&) /usr/include/boost/function/function_template.hpp:137:18 #19 0xaaaaabf8e12c in boost::function0<int>::operator()() const /usr/include/boost/function/function_template.hpp:763:14 #20 0xaaaaabe7be14 in boost::execution_monitor::catch_signals(boost::function<int ()> const&) /usr/include/boost/test/impl/execution_monitor.ipp:903:16 #21 0xaaaaabe7c1c0 in boost::execution_monitor::execute(boost::function<int ()> const&) /usr/include/boost/test/impl/execution_monitor.ipp:1301:16 #22 0xaaaaabe6f47c in boost::execution_monitor::vexecute(boost::function<void ()> const&) /usr/include/boost/test/impl/execution_monitor.ipp:1397:5 #23 0xaaaaabe75124 in boost::unit_test::unit_test_monitor_t::execute_and_translate(boost::function<void ()> const&, unsigned long) /usr/include/boost/test/impl/unit_test_monitor.ipp:49:9 #24 0xaaaaabed19fc in boost::unit_test::framework::state::execute_test_tree(unsigned long, unsigned long, boost::unit_test::framework::state::random_generator_helper const*) /usr/include/boost/test/impl/framework.ipp:815:44 #25 0xaaaaabed0f6c in boost::unit_test::framework::state::execute_test_tree(unsigned long, unsigned long, boost::unit_test::framework::state::random_generator_helper const*) /usr/include/boost/test/impl/framework.ipp:784:58 #26 0xaaaaabed0f6c in boost::unit_test::framework::state::execute_test_tree(unsigned long, unsigned long, boost::unit_test::framework::state::random_generator_helper const*) /usr/include/boost/test/impl/framework.ipp:784:58 #27 0xaaaaabe73878 in boost::unit_test::framework::run(unsigned long, bool) /usr/include/boost/test/impl/framework.ipp:1721:29 #28 0xaaaaabe9d244 in boost::unit_test::unit_test_main(boost::unit_test::test_suite* (*)(int, char**), int, char**) /usr/include/boost/test/impl/unit_test_main.ipp:250:9 #29 0xffff8f0773f8 (/lib/aarch64-linux-gnu/libc.so.6+0x273f8) (BuildId: f37f3aa07c797e333fd106472898d361f71798f5) #30 0xffff8f0774c8 in __libc_start_main (/lib/aarch64-linux-gnu/libc.so.6+0x274c8) (BuildId: f37f3aa07c797e333fd106472898d361f71798f5) #31 0xaaaaabda55ac in _start (/home/fedora/ci_scratch/ci/scratch/build/bitcoin-aarch64-unknown-linux-gnu/src/test/test_bitcoin+0x10e55ac) (BuildId: b7909adaefd9db6cd6a7c4d3d40207cf6bdaf4b3) SUMMARY: UndefinedBehaviorSanitizer: misaligned-pointer-use crc32c/src/crc32c_arm64.cc:101:26 in ``` ACKs for top commit: dergoegge: utACK f952e67 MarcoFalke: lgtm ACK f952e67 Tree-SHA512: 9dee2abf73d3f23bb9979bfb453b48e39f0b7a5f58d43824ecf053a53e9800ed413b915382b274d1a84baf2999683e3b485463e377e0455b3f0ead65ed1d1916
domob1812
pushed a commit
that referenced
this issue
Jun 26, 2023
682274a ci: install llvm-symbolizer in MSAN jobs (fanquake) 96527cd ci: use LLVM 16.0.6 in MSAN jobs (fanquake) Pull request description: Fixes: bitcoin/bitcoin#27737 (comment). Tested (locally) with #27495 that it produces a symbolized backtrace: ```bash 2023-06-20T17:5Uninitialized bytes in __interceptor_strlen at offset 113 inside [0x719000006908, 114) ==35429==WARNING: MemorySanitizer: use-of-uninitialized-value #0 0x56060fae8c4b in sqlite3Strlen30 /home/ubuntu/ci_scratch/depends/work/build/x86_64-pc-linux-gnu/sqlite/3380500-f816a3e2d52/sqlite3.c:32670:28 #1 0x56060fb0fcf4 in sqlite3PagerOpen /home/ubuntu/ci_scratch/depends/work/build/x86_64-pc-linux-gnu/sqlite/3380500-f816a3e2d52/sqlite3.c:57953:17 #2 0x56060fb0f48b in sqlite3BtreeOpen /home/ubuntu/ci_scratch/depends/work/build/x86_64-pc-linux-gnu/sqlite/3380500-f816a3e2d52/sqlite3.c:68679:10 #3 0x56060fb01384 in openDatabase /home/ubuntu/ci_scratch/depends/work/build/x86_64-pc-linux-gnu/sqlite/3380500-f816a3e2d52/sqlite3.c:171911:8 #4 0x56060fb016ca in sqlite3_open_v2 /home/ubuntu/ci_scratch/depends/work/build/x86_64-pc-linux-gnu/sqlite/3380500-f816a3e2d52/sqlite3.c:172034:10 #5 0x56060e8a94db in wallet::SQLiteDatabase::Open() src/wallet/sqlite.cpp:250:19 #6 0x56060e8a30fd in wallet::SQLiteDatabase::SQLiteDatabase(fs::path const&, fs::path const&, wallet::DatabaseOptions const&, bool) src/wallet/sqlite.cpp:133:9 #7 0x56060e8b78f5 in std::__1::__unique_if<wallet::SQLiteDatabase>::__unique_single std::__1::make_unique[abi:v160006]<wallet::SQLiteDatabase, std::__1::__fs::filesystem::path, fs::path&, wallet::DatabaseOptions const&>(std::__1::__fs::filesystem::path&&, fs::path&, wallet::DatabaseOptions const&) /home/ubuntu/ci_scratch/ci/scratch/msan/cxx_build/include/c++/v1/__memory/unique_ptr.h:686:30 #8 0x56060e8b5240 in wallet::MakeSQLiteDatabase(fs::path const&, wallet::DatabaseOptions const&, wallet::DatabaseStatus&, bilingual_str&) src/wallet/sqlite.cpp:641:19 #9 0x56060e83560b in wallet::MakeDatabase(fs::path const&, wallet::DatabaseOptions const&, wallet::DatabaseStatus&, bilingual_str&) src/wallet/walletdb.cpp:1261:16 #10 0x56060e7546e9 in wallet::MakeWalletDatabase(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, wallet::DatabaseOptions const&, wallet::DatabaseStatus&, bilingual_str&) src/wallet/wallet.cpp:2905:12 #11 0x56060e4bc03f in wallet::TestLoadWallet(wallet::WalletContext&) src/wallet/test/util.cpp:68:21 #12 0x56060e349ad4 in wallet::wallet_tests::ZapSelectTx::test_method() src/wallet/test/wallet_tests.cpp:897:19 #13 0x56060e348598 in wallet::wallet_tests::ZapSelectTx_invoker() src/wallet/test/wallet_tests.cpp:891:1 #14 0x56060cfec325 in boost::detail::function::void_function_invoker0<void (*)(), void>::invoke(boost::detail::function::function_buffer&) /home/ubuntu/ci_scratch/depends/x86_64-pc-linux-gnu/include/boost/function/function_template.hpp:117:11 #15 0x56060ced3a7e in boost::function0<void>::operator()() const /home/ubuntu/ci_scratch/depends/x86_64-pc-linux-gnu/include/boost/function/function_template.hpp:763:14 #16 0x56060ced3a7e in boost::detail::forward::operator()() /home/ubuntu/ci_scratch/depends/x86_64-pc-linux-gnu/include/boost/test/impl/execution_monitor.ipp:1388:32 #17 0x56060ced3a7e in boost::detail::function::function_obj_invoker0<boost::detail::forward, int>::invoke(boost::detail::function::function_buffer&) /home/ubuntu/ci_scratch/depends/x86_64-pc-linux-gnu/include/boost/function/function_template.hpp:137:18 #18 0x56060cda71c2 in boost::function0<int>::operator()() const /home/ubuntu/ci_scratch/depends/x86_64-pc-linux-gnu/include/boost/function/function_template.hpp:763:14 #19 0x56060cda71c2 in int boost::detail::do_invoke<boost::shared_ptr<boost::detail::translator_holder_base>, boost::function<int ()>>(boost::shared_ptr<boost::detail::translator_holder_base> const&, boost::function<int ()> const&) /home/ubuntu/ci_scratch/depends/x86_64-pc-linux-gnu/include/boost/test/impl/execution_monitor.ipp:301:30 #20 0x56060cda71c2 in boost::execution_monitor::catch_signals(boost::function<int ()> const&) /home/ubuntu/ci_scratch/depends/x86_64-pc-linux-gnu/include/boost/test/impl/execution_monitor.ipp:903:16 #21 0x56060cda784a in boost::execution_monitor::execute(boost::function<int ()> const&) /home/ubuntu/ci_scratch/depends/x86_64-pc-linux-gnu/include/boost/test/impl/execution_monitor.ipp:1301:16 #22 0x56060cd9ec3a in boost::execution_monitor::vexecute(boost::function<void ()> const&) /home/ubuntu/ci_scratch/depends/x86_64-pc-linux-gnu/include/boost/test/impl/execution_monitor.ipp:1397:5 #23 0x56060cd9ec3a in boost::unit_test::unit_test_monitor_t::execute_and_translate(boost::function<void ()> const&, unsigned long) /home/ubuntu/ci_scratch/depends/x86_64-pc-linux-gnu/include/boost/test/impl/unit_test_monitor.ipp:49:9 #24 0x56060ce1a07b in boost::unit_test::framework::state::execute_test_tree(unsigned long, unsigned long, boost::unit_test::framework::state::random_generator_helper const*) /home/ubuntu/ci_scratch/depends/x86_64-pc-linux-gnu/include/boost/test/impl/framework.ipp:815:44 #25 0x56060ce1ad8b in boost::unit_test::framework::state::execute_test_tree(unsigned long, unsigned long, boost::unit_test::framework::state::random_generator_helper const*) /home/ubuntu/ci_scratch/depends/x86_64-pc-linux-gnu/include/boost/test/impl/framework.ipp:784:58 #26 0x56060ce1ad8b in boost::unit_test::framework::state::execute_test_tree(unsigned long, unsigned long, boost::unit_test::framework::state::random_generator_helper const*) /home/ubuntu/ci_scratch/depends/x86_64-pc-linux-gnu/include/boost/test/impl/framework.ipp:784:58 #27 0x56060cd9b8de in boost::unit_test::framework::run(unsigned long, bool) /home/ubuntu/ci_scratch/depends/x86_64-pc-linux-gnu/include/boost/test/impl/framework.ipp:1722:29 #28 0x56060cdd4fac in boost::unit_test::unit_test_main(boost::unit_test::test_suite* (*)(int, char**), int, char**) /home/ubuntu/ci_scratch/depends/x86_64-pc-linux-gnu/include/boost/test/impl/unit_test_main.ipp:250:9 #29 0x56060cdd6094 in main /home/ubuntu/ci_scratch/depends/x86_64-pc-linux-gnu/include/boost/test/impl/unit_test_main.ipp:306:12 #30 0x7f7379691d8f (/lib/x86_64-linux-gnu/libc.so.6+0x29d8f) (BuildId: 69389d485a9793dbe873f0ea2c93e02efaa9aa3d) #31 0x7f7379691e3f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x29e3f) (BuildId: 69389d485a9793dbe873f0ea2c93e02efaa9aa3d) #32 0x56060cce2e24 in _start (/home/ubuntu/ci_scratch/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/test_bitcoin+0x188e24) Uninitialized value was created by a heap allocation #0 0x56060cd163f2 in malloc /ci_base_install/ci/scratch/msan/llvm-project/compiler-rt/lib/msan/msan_interceptors.cpp:934:3 #1 0x56060fc10069 in sqlite3MemMalloc /home/ubuntu/ci_scratch/depends/work/build/x86_64-pc-linux-gnu/sqlite/3380500-f816a3e2d52/sqlite3.c:25163:7 #2 0x56060fb063bc in mallocWithAlarm /home/ubuntu/ci_scratch/depends/work/build/x86_64-pc-linux-gnu/sqlite/3380500-f816a3e2d52/sqlite3.c:28846:7 #3 0x56060fae4eb9 in sqlite3Malloc /home/ubuntu/ci_scratch/depends/work/build/x86_64-pc-linux-gnu/sqlite/3380500-f816a3e2d52/sqlite3.c:28876:5 #4 0x56060faf9e19 in sqlite3DbMallocRaw /home/ubuntu/ci_scratch/depends/work/build/x86_64-pc-linux-gnu/sqlite/3380500-f816a3e2d52/sqlite3.c:29176:7 #5 0x56060fb0fc67 in sqlite3PagerOpen /home/ubuntu/ci_scratch/depends/work/build/x86_64-pc-linux-gnu/sqlite/3380500-f816a3e2d52/sqlite3.c:57938:17 #6 0x56060fb0f48b in sqlite3BtreeOpen /home/ubuntu/ci_scratch/depends/work/build/x86_64-pc-linux-gnu/sqlite/3380500-f816a3e2d52/sqlite3.c:68679:10 #7 0x56060fb01384 in openDatabase /home/ubuntu/ci_scratch/depends/work/build/x86_64-pc-linux-gnu/sqlite/3380500-f816a3e2d52/sqlite3.c:171911:8 #8 0x56060fb016ca in sqlite3_open_v2 /home/ubuntu/ci_scratch/depends/work/build/x86_64-pc-linux-gnu/sqlite/3380500-f816a3e2d52/sqlite3.c:172034:10 #9 0x56060e8a94db in wallet::SQLiteDatabase::Open() src/wallet/sqlite.cpp:250:19 #10 0x56060e8a30fd in wallet::SQLiteDatabase::SQLiteDatabase(fs::path const&, fs::path const&, wallet::DatabaseOptions const&, bool) src/wallet/sqlite.cpp:133:9 #11 0x56060e8b78f5 in std::__1::__unique_if<wallet::SQLiteDatabase>::__unique_single std::__1::make_unique[abi:v160006]<wallet::SQLiteDatabase, std::__1::__fs::filesystem::path, fs::path&, wallet::DatabaseOptions const&>(std::__1::__fs::filesystem::path&&, fs::path&, wallet::DatabaseOptions const&) /home/ubuntu/ci_scratch/ci/scratch/msan/cxx_build/include/c++/v1/__memory/unique_ptr.h:686:30 #12 0x56060e8b5240 in wallet::MakeSQLiteDatabase(fs::path const&, wallet::DatabaseOptions const&, wallet::DatabaseStatus&, bilingual_str&) src/wallet/sqlite.cpp:641:19 #13 0x56060e83560b in wallet::MakeDatabase(fs::path const&, wallet::DatabaseOptions const&, wallet::DatabaseStatus&, bilingual_str&) src/wallet/walletdb.cpp:1261:16 #14 0x56060e7546e9 in wallet::MakeWalletDatabase(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, wallet::DatabaseOptions const&, wallet::DatabaseStatus&, bilingual_str&) src/wallet/wallet.cpp:2905:12 #15 0x56060e4bc03f in wallet::TestLoadWallet(wallet::WalletContext&) src/wallet/test/util.cpp:68:21 #16 0x56060e349ad4 in wallet::wallet_tests::ZapSelectTx::test_method() src/wallet/test/wallet_tests.cpp:897:19 #17 0x56060e348598 in wallet::wallet_tests::ZapSelectTx_invoker() src/wallet/test/wallet_tests.cpp:891:1 #18 0x56060cfec325 in boost::detail::function::void_function_invoker0<void (*)(), void>::invoke(boost::detail::function::function_buffer&) /home/ubuntu/ci_scratch/depends/x86_64-pc-linux-gnu/include/boost/function/function_template.hpp:117:11 #19 0x56060ced3a7e in boost::function0<void>::operator()() const /home/ubuntu/ci_scratch/depends/x86_64-pc-linux-gnu/include/boost/function/function_template.hpp:763:14 #20 0x56060ced3a7e in boost::detail::forward::operator()() /home/ubuntu/ci_scratch/depends/x86_64-pc-linux-gnu/include/boost/test/impl/execution_monitor.ipp:1388:32 #21 0x56060ced3a7e in boost::detail::function::function_obj_invoker0<boost::detail::forward, int>::invoke(boost::detail::function::function_buffer&) /home/ubuntu/ci_scratch/depends/x86_64-pc-linux-gnu/include/boost/function/function_template.hpp:137:18 SUMMARY: MemorySanitizer: use-of-uninitialized-value /home/ubuntu/ci_scratch/depends/work/build/x86_64-pc-linux-gnu/sqlite/3380500-f816a3e2d52/sqlite3.c:32670:28 in sqlite3Strlen30 ``` as opposed to unsymbolized: https://cirrus-ci.com/task/6005512018329600?logs=ci#L3245. ACKs for top commit: MarcoFalke: lgtm ACK 682274a Tree-SHA512: 8f3e7636761c956537a472989bf07529f5afbd988c5e7e1f07ece8b2599608fa4fe9e1efdc6e302cf0f7f44dec3cf9a3c1e68b758af81a8a8b476a43d3220807
domob1812
pushed a commit
that referenced
this issue
Dec 4, 2023
…allet_notifications fuzz target fab164f fuzz: Avoid signed-integer-overflow in wallet_notifications fuzz target (MarcoFalke) Pull request description: Should avoid ``` policy/feerate.cpp:29:63: runtime error: signed integer overflow: 77600710321911316 * 149 cannot be represented in type 'int64_t' (aka 'long') #0 0x563a1775ed66 in CFeeRate::GetFee(unsigned int) const src/policy/feerate.cpp:29:63 #1 0x563a15913a69 in wallet::COutput::COutput(COutPoint const&, CTxOut const&, int, int, bool, bool, bool, long, bool, std::optional<CFeeRate>) src/./wallet/coinselection.h:91:57 #2 0x563a16fa6a6d in wallet::FetchSelectedInputs(wallet::CWallet const&, wallet::CCoinControl const&, wallet::CoinSelectionParams const&) src/wallet/spend.cpp:297:17 #3 0x563a16fc4512 in wallet::CreateTransactionInternal(wallet::CWallet&, std::vector<wallet::CRecipient, std::allocator<wallet::CRecipient>> const&, int, wallet::CCoinControl const&, bool) src/wallet/spend.cpp:1105:33 #4 0x563a16fbec74 in wallet::CreateTransaction(wallet::CWallet&, std::vector<wallet::CRecipient, std::allocator<wallet::CRecipient>> const&, int, wallet::CCoinControl const&, bool) src/wallet/spend.cpp:1291:16 #5 0x563a16fcf6df in wallet::FundTransaction(wallet::CWallet&, CMutableTransaction&, long&, int&, bilingual_str&, bool, std::set<int, std::less<int>, std::allocator<int>> const&, wallet::CCoinControl) src/wallet/spend.cpp:1361:16 #6 0x563a1597b7b9 in wallet::(anonymous namespace)::FuzzedWallet::FundTx(FuzzedDataProvider&, CMutableTransaction) src/wallet/test/fuzz/notifications.cpp:162:15 #7 0x563a15958240 in wallet::(anonymous namespace)::wallet_notifications_fuzz_target(Span<unsigned char const>)::$_0::operator()() const src/wallet/test/fuzz/notifications.cpp:228:23 #8 0x563a15958240 in unsigned long CallOneOf<wallet::(anonymous namespace)::wallet_notifications_fuzz_target(Span<unsigned char const>)::$_0, wallet::(anonymous namespace)::wallet_notifications_fuzz_target(Span<unsigned char const>)::$_1>(FuzzedDataProvider&, wallet::(anonymous namespace)::wallet_notifications_fuzz_target(Span<unsigned char const>)::$_0, wallet::(anonymous namespace)::wallet_notifications_fuzz_target(Span<unsigned char const>)::$_1) src/./test/fuzz/util.h:43:27 #9 0x563a15958240 in wallet::(anonymous namespace)::wallet_notifications_fuzz_target(Span<unsigned char const>) src/wallet/test/fuzz/notifications.cpp:196:9 #10 0x563a15fdef0c in std::function<void (Span<unsigned char const>)>::operator()(Span<unsigned char const>) const /usr/bin/../lib/gcc/x86_64-linux-gnu/13/../../../../include/c++/13/bits/std_function.h:591:9 #11 0x563a15fdef0c in LLVMFuzzerTestOneInput src/test/fuzz/fuzz.cpp:178:5 #12 0x563a158032a4 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/ci_container_base/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x19822a4) (BuildId: 8acb42ad599d7f6d25b6f93e18fd564d80df7c06) #13 0x563a15802999 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool, bool*) (/ci_container_base/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x1981999) (BuildId: 8acb42ad599d7f6d25b6f93e18fd564d80df7c06) #14 0x563a15804586 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::vector<fuzzer::SizedFile, std::allocator<fuzzer::SizedFile>>&) (/ci_container_base/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x1983586) (BuildId: 8acb42ad599d7f6d25b6f93e18fd564d80df7c06) #15 0x563a15804aa7 in fuzzer::Fuzzer::Loop(std::vector<fuzzer::SizedFile, std::allocator<fuzzer::SizedFile>>&) (/ci_container_base/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x1983aa7) (BuildId: 8acb42ad599d7f6d25b6f93e18fd564d80df7c06) #16 0x563a157f21fb in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/ci_container_base/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x19711fb) (BuildId: 8acb42ad599d7f6d25b6f93e18fd564d80df7c06) #17 0x563a1581c766 in main (/ci_container_base/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x199b766) (BuildId: 8acb42ad599d7f6d25b6f93e18fd564d80df7c06) #18 0x7f499e17b0cf (/lib/x86_64-linux-gnu/libc.so.6+0x280cf) (BuildId: 96ab1a8f3b2c9a2ed37c7388615e6a726d037e89) #19 0x7f499e17b188 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x28188) (BuildId: 96ab1a8f3b2c9a2ed37c7388615e6a726d037e89) #20 0x563a157e70c4 in _start (/ci_container_base/ci/scratch/build/bitcoin-x86_64-pc-linux-gnu/src/test/fuzz/fuzz+0x19660c4) (BuildId: 8acb42ad599d7f6d25b6f93e18fd564d80df7c06) SUMMARY: UndefinedBehaviorSanitizer: signed-integer-overflow policy/feerate.cpp:29:63 in MS: 0 ; base unit: 0000000000000000000000000000000000000000 0x3f,0x0,0x2f,0x5f,0x5f,0x5f,0x7d,0x7d,0x7d,0x7d,0x7d,0x7d,0x7d,0x7d,0x7d,0x7d,0x7d,0x7d,0x7d,0x7d,0x7d,0x7d,0x7d,0x7d,0x7d,0x7d,0xff,0xff,0xff,0xff,0xff,0x53,0xff,0xff,0xff,0xff,0xff,0x0,0x0,0x0,0x0,0x0,0x0,0x13,0x5e,0x5f,0x5f,0x8,0x25,0x0,0x5f,0x5f,0x5f,0x5f,0x5f,0x5f,0x8,0x25,0xca,0x7f,0x5f,0x5f,0x5f,0x13,0x13,0x5f,0x5f,0x5f,0x2,0xdb,0xca,0x0,0x0,0xe7,0xe6,0x66,0x65,0x0,0x0,0x0,0x0,0x44,0x3f,0xa,0xa,0xff,0xff,0xff,0xff,0xff,0x61,0x76,0x6f,0x69,0x0,0xb5,0x15, ?\000/___}}}}}}}}}}}}}}}}}}}}\377\377\377\377\377S\377\377\377\377\377\000\000\000\000\000\000\023^__\010%\000______\010%\312\177___\023\023___\002\333\312\000\000\347\346fe\000\000\000\000D?\012\012\377\377\377\377\377avoi\000\265\025 artifact_prefix='./'; Test unit written to ./crash-4d3bac8a64d4e58b2f0943e6d28e6e1f16328d7d Base64: PwAvX19ffX19fX19fX19fX19fX19fX19fX3//////1P//////wAAAAAAABNeX18IJQBfX19fX18IJcp/X19fExNfX18C28oAAOfmZmUAAAAARD8KCv//////YXZvaQC1FQ== ACKs for top commit: dergoegge: ACK fab164f brunoerg: ACK fab164f Tree-SHA512: f416828f4394aa7303ee437f141e9bbd23c0e0f1b830e4ef3932338858249ba68a811b9837c5b7ad8c6ab871b6354996434183597c1a910a8d8e8d829693e4b2
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello @domob1812,
I have a question regarding to the security of auxpow.
Auxpow is not part of the CPureBlockHeader, so it will not be hashed.
Is there a security mechanism, that protects it against forgery?
What I think now is: Is it possible to manipulate a block and insert different auxpow?
I mean there would be no sence to do it, but there is no hash mechanism which validates, if this auxpow was the one, that was included in this block?
So if you would modify block X with a new auxpow, it is still valid, because the blockhash will not change.
Then you have a different auxpow for block X then all other nodes, and if someone syncs from you, you distribute the "wrong" auxpow. The requirement must be, that the auxpow is valid. But its a completly different auxpow, than it was at the beginning.
I hope you can understand what I mean, it would be nice to discuss.
Thank you.
The text was updated successfully, but these errors were encountered: