phantom/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2025-04-29 14:59:39 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge bitcoin/bitcoin#32141: fuzz: extract unsequenced operations with side-effects

Browse source 
b1de59e896 fuzz: extract unsequenced operations with side-effects (Lőrinc)

Pull request description:

  https://github.com/bitcoin/bitcoin/pull/30746#discussion_r1817851827 introduced unsequenced operations with side-effects - which is undefined behavior, i.e. the right hand side can be evaluated before the left hand side, which happens to mutate it.

  <details>
  <summary>Tried to find other occurrences</summary>

  ```bash
  clang++ --analyze -std=c++20 -I./src -I./src/test -I./src/test/fuzz src/test/fuzz/base_encode_decode.cpp src/psbt.cpp
  ```
  but it didn't warn about UB.

  Grepped for similar ones, but could find any other one in the codebase:
  ```bash
  > grep -rnE --include='*.cpp' --include='*.h' '\b(\w+)\(([^)]*\b(\w+)\b[^)]*)\)\s*==\s*\3\.' .

  ./src/test/arith_uint256_tests.cpp:373:    BOOST_CHECK(R1L.GetHex() == R1L.ToString());
  ./src/test/arith_uint256_tests.cpp:374:    BOOST_CHECK(R2L.GetHex() == R2L.ToString());
  ./src/test/arith_uint256_tests.cpp:375:    BOOST_CHECK(OneL.GetHex() == OneL.ToString());
  ./src/test/arith_uint256_tests.cpp:376:    BOOST_CHECK(MaxL.GetHex() == MaxL.ToString());
  ./src/test/fuzz/cluster_linearize.cpp:565:        assert(depgraph.FeeRate(best_anc.transactions) == best_anc.feerate);
  ./src/test/fuzz/cluster_linearize.cpp:646:        assert(depgraph.FeeRate(found.transactions) == found.feerate);
  ./src/test/fuzz/cluster_linearize.cpp:765:            assert(depgraph.FeeRate(chunk_info.transactions) == chunk_info.feerate);
  ./src/test/fuzz/base_encode_decode.cpp:95:    assert(DecodeBase64PSBT(psbt, random_string, error) == error.empty());
  ./src/test/fuzz/key.cpp:102:        assert(pubkey.data() == pubkey.begin());
  ./src/test/skiplist_tests.cpp:42:        BOOST_CHECK(vIndex[from].GetAncestor(0) == vIndex.data());
  ./src/script/signingprovider.cpp:535:                   ComputeTapbranchHash(node.sub[1]->hash, node.sub[1]->hash) == node.hash) {
  ./src/pubkey.h:78:      return vch.size() > 0 && GetLen(vch[0]) == vch.size();
  ./src/cluster_linearize.h:881:            Assume(elem.inc.feerate.IsEmpty() == elem.pot_feerate.IsEmpty());
  ```

  </details>

  Hodlinator deduced the UB on Windows in https://github.com/bitcoin/bitcoin/issues/32135#issuecomment-2751723855

  Fixes #32135

ACKs for top commit:
  maflcko:
    lgtm ACK b1de59e896
  hodlinator:
    ACK b1de59e896
  marcofleon:
    Nice, ACK b1de59e896
  brunoerg:
    code review ACK b1de59e896

Tree-SHA512: d66524424c7f749eba870f5bd6038da79666ac638047b31dd8ff15a77d927facb54b4735e8afb7984648fdc9e2dd59ea213996c352301fa05978f041511361d4
This commit is contained in:
merge-script 2025-03-27 15:37:36 +08:00
commit b413b088ae
No known key found for this signature in database
GPG key ID: 2EEB9F5CC09526C1
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
src/test/fuzz/base_encode_decode.cpp
View file

@ -92,5 +92,6 @@ FUZZ_TARGET(psbt_base64_decode)
PartiallySignedTransaction psbt; PartiallySignedTransaction psbt;
std::string error; std::string error;
assert(DecodeBase64PSBT(psbt, random_string, error) == error.empty()); const bool ok{DecodeBase64PSBT(psbt, random_string, error)};
assert(ok == error.empty());
} }