-
Notifications
You must be signed in to change notification settings - Fork 35.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
'std::out_of_range' crash in I2P fuzz test #28665
Comments
Is |
As far as I can tell, the merging process was the only thing running that touched this data. I’m not sure how I would be running the target in tsan. |
See the So if you are using |
I'm also not able to reproduce. Running with tsan also doesn't yield anything so far (I'm not even sure there are any threads involved?). |
Jup, could be a single thread, and given that tsan doesn't complain, seems good to close this for now. |
Steps to reproduce:
|
cc @vasild |
|
Tried a bisect, but I guess that didn't work, because the fuzz input format was changed at some point in 2021, so likely the fuzz inputs trigger something else when going back further than 549c82a |
This cannot be reproduced by running a single seed, only by a combination of two seeds from the qa-assets mentioned in #28665 (comment): I think the problem is that one seed (
|
On a general note I wonder how useful this target is at all, given that it can't even reach basic coverage in its own test code, despite years of fuzzing: https://drahtbot.space/host_reports/DrahtBot/reports/coverage_fuzz/monotree/77f0ceb7175dbd00/7c13430491b21dca/fuzz.coverage/src/test/fuzz/i2p.cpp.gcov.html Not sure whether the lack of coverage is due to this bug here, but that also makes me question why no one (including oss-fuzz) reported this bug earlier over the years? |
dd4dcbd [fuzz] Delete i2p target (dergoegge) Pull request description: closes bitcoin#28665 The target is buggy and doesn't reach basic coverage. ACKs for top commit: maflcko: lgtm ACK dd4dcbd glozow: ACK dd4dcbd, agree it's better to delete this test until somebody wants to write a better one Tree-SHA512: b6ca6cad1773b1ceb6e5ac0fd501ea615f66507ef811745799deaaa4460f1700d96ae03cf55b740a96ed8cd2283b3d6738cd580ba97f2af619197d6c4414ca21
Is there an existing issue for this?
Current behaviour
I got a
std::out_of_range
crash during merging fuzz outputs in thei2p
target (see log below.) I was not able to reproduce the crash when re-running the seed with the fuzz executable in the regular build, but I figured I’d share it here if someone else wants to take a look. The binaries used for the merge and the reproduction were both built from the latest master:738ef44abb6895dad016d8f32f7d7fa1c251b354
.Expected behaviour
If this issue can be reproduced, it may point at a bug in the I2P fuzzer or the I2P code.
Steps to reproduce
You can recreate the seed with:
echo "wIA9ID0gUkVTVUxUPU9LClBSSVY9gD0gPSBSRVNVTFQ9T0sKUFJJVj0CAAD//13/GhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoAEBoaGhoaGhoaGhoaGhouGhoaGhoaGhoaGhoaGn4aGhoaGhoaGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaABoaGhoaGhpXGhoAGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGhoaGurq6mrqUFBQUFBQUFBQUFBQUOrq6gAAAABbAAAAAAAAAAAAAAAAAAAAAgAAeHh4eHh4eHgpeHh4eHh4eHh4eHgaGhoaGhoaGhoaGho=" | base64 -d crash-946784c8f03d9aeeef70e22b346a069e6940e186
Relevant log output
How did you obtain Bitcoin Core
Compiled from source
What version of Bitcoin Core are you using?
738ef44
Operating system and version
Ubuntu 23.04
Machine specifications
No response
The text was updated successfully, but these errors were encountered: