laantungir
/
bitcoin
mirror of https://github.com/bitcoin/bitcoin.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fuzz: drop `Flush()` workaround in `coins_view` and keep overwrite assertion 

The accounting bug in `AddCoin()`/`Flush()` was fixed in an earlier commit, so the fuzzer no longer needs `coins_view_cache.Flush()` to realign `cachedCoinsUsage` after an exception.
Replace the prior `expected_code_path` tracking with direct assertions: if `possible_overwrite` is false and the entry is unspent, `AddCoin()` must throw with the documented message, otherwise it must succeed, which preserves the overwrite invariant while simplifying control flow.
This commit is contained in:
Lőrinc 2025-10-08 16:32:27 -05:00
parent 33a8150315
commit c4293c7b21
1 changed files with 3 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
src/test/fuzz/coins_view.cpp
View File

@ -62,24 +62,13 @@ void TestCoinsView(FuzzedDataProvider& fuzzed_data_provider, CCoinsView& backend
COutPoint outpoint{random_out_point}; COutPoint outpoint{random_out_point};
Coin coin{random_coin}; Coin coin{random_coin};
if (fuzzed_data_provider.ConsumeBool()) { if (fuzzed_data_provider.ConsumeBool()) {
bool expected_code_path = false; const bool possible_overwrite{fuzzed_data_provider.ConsumeBool()};
const bool possible_overwrite = fuzzed_data_provider.ConsumeBool();
try { try {
coins_view_cache.AddCoin(outpoint, std::move(coin), possible_overwrite); coins_view_cache.AddCoin(outpoint, std::move(coin), possible_overwrite);
expected_code_path = true;
} catch (const std::logic_error& e) { } catch (const std::logic_error& e) {
if (e.what() == std::string{"Attempted to overwrite an unspent coin (when possible_overwrite is false)"}) { assert(e.what() == std::string{"Attempted to overwrite an unspent coin (when possible_overwrite is false)"});
assert(!possible_overwrite); assert(!possible_overwrite);
expected_code_path = true;
// AddCoin() decreases cachedCoinsUsage by the memory usage of the old coin at the beginning and
// increases it by the value of the new coin at the end. If it throws in the process, the value
// of cachedCoinsUsage would have been incorrectly decreased, leading to an underflow later on.
// To avoid this, use Flush() to reset the value of cachedCoinsUsage in sync with the cacheCoins
// mapping.
(void)coins_view_cache.Flush();
}
} }
assert(expected_code_path);
} else { } else {
coins_view_cache.EmplaceCoinInternalDANGER(std::move(outpoint), std::move(coin)); coins_view_cache.EmplaceCoinInternalDANGER(std::move(outpoint), std::move(coin));
} }