From ce8094246ee95232e9d84f7e37f3c0a43ef587ce Mon Sep 17 00:00:00 2001
From: Pieter Wuille <pieter@wuille.net>
Date: Fri, 31 May 2024 10:39:23 -0400
Subject: [PATCH] random: replace construct/assign with explicit Reseed()

---
 src/random.cpp               | 16 +++++------
 src/random.h                 | 53 ++++++++++++++----------------------
 src/test/fuzz/addrman.cpp    |  2 +-
 src/test/orphanage_tests.cpp |  2 +-
 src/test/prevector_tests.cpp |  2 +-
 src/test/random_tests.cpp    |  2 +-
 src/test/util/random.cpp     |  2 +-
 7 files changed, 32 insertions(+), 47 deletions(-)

diff --git a/src/random.cpp b/src/random.cpp
index 4f930fdaa3..7cb6098d54 100644
--- a/src/random.cpp
+++ b/src/random.cpp
@@ -704,6 +704,13 @@ void FastRandomContext::fillrand(Span<std::byte> output) noexcept
 
 FastRandomContext::FastRandomContext(const uint256& seed) noexcept : requires_seed(false), rng(MakeByteSpan(seed)) {}
 
+void FastRandomContext::Reseed(const uint256& seed) noexcept
+{
+    FlushCache();
+    requires_seed = false;
+    rng = {MakeByteSpan(seed)};
+}
+
 bool Random_SanityCheck()
 {
     uint64_t start = GetPerformanceCounter();
@@ -759,15 +766,6 @@ FastRandomContext::FastRandomContext(bool fDeterministic) noexcept : requires_se
     // use.
 }
 
-FastRandomContext& FastRandomContext::operator=(FastRandomContext&& from) noexcept
-{
-    requires_seed = from.requires_seed;
-    rng = from.rng;
-    from.requires_seed = true;
-    static_cast<RandomMixin<FastRandomContext>&>(*this) = std::move(from);
-    return *this;
-}
-
 void RandomInit()
 {
     // Invoke RNG code to trigger initialization (if not already performed)
diff --git a/src/random.h b/src/random.h
index ea517d2d2e..8a6ef13d5e 100644
--- a/src/random.h
+++ b/src/random.h
@@ -184,27 +184,21 @@ private:
      */
     RandomNumberGenerator auto& Impl() noexcept { return static_cast<T&>(*this); }
 
-public:
-    RandomMixin() noexcept = default;
+protected:
+    constexpr void FlushCache() noexcept
+    {
+        bitbuf = 0;
+        bitbuf_size = 0;
+    }
 
-    // Do not permit copying an RNG.
+public:
+    constexpr RandomMixin() noexcept = default;
+
+    // Do not permit copying or moving an RNG.
     RandomMixin(const RandomMixin&) = delete;
     RandomMixin& operator=(const RandomMixin&) = delete;
-
-    RandomMixin(RandomMixin&& other) noexcept : bitbuf(other.bitbuf), bitbuf_size(other.bitbuf_size)
-    {
-        other.bitbuf = 0;
-        other.bitbuf_size = 0;
-    }
-
-    RandomMixin& operator=(RandomMixin&& other) noexcept
-    {
-        bitbuf = other.bitbuf;
-        bitbuf_size = other.bitbuf_size;
-        other.bitbuf = 0;
-        other.bitbuf_size = 0;
-        return *this;
-    }
+    RandomMixin(RandomMixin&&) = delete;
+    RandomMixin& operator=(RandomMixin&&) = delete;
 
     /** Generate a random (bits)-bit integer. */
     uint64_t randbits(int bits) noexcept
@@ -394,13 +388,8 @@ public:
     /** Initialize with explicit seed (only for testing) */
     explicit FastRandomContext(const uint256& seed) noexcept;
 
-    // Do not permit copying a FastRandomContext (move it, or create a new one to get reseeded).
-    FastRandomContext(const FastRandomContext&) = delete;
-    FastRandomContext(FastRandomContext&&) = delete;
-    FastRandomContext& operator=(const FastRandomContext&) = delete;
-
-    /** Move a FastRandomContext. If the original one is used again, it will be reseeded. */
-    FastRandomContext& operator=(FastRandomContext&& from) noexcept;
+    /** Reseed with explicit seed (only for testing). */
+    void Reseed(const uint256& seed) noexcept;
 
     /** Generate a random 64-bit integer. */
     uint64_t rand64() noexcept
@@ -440,14 +429,12 @@ public:
     constexpr explicit InsecureRandomContext(uint64_t seedval) noexcept
         : m_s0(SplitMix64(seedval)), m_s1(SplitMix64(seedval)) {}
 
-    // no copy - that is dangerous, we don't want accidentally copy the RNG and then have two streams
-    // with exactly the same results.
-    InsecureRandomContext(const InsecureRandomContext&) = delete;
-    InsecureRandomContext& operator=(const InsecureRandomContext&) = delete;
-
-    // allow moves
-    InsecureRandomContext(InsecureRandomContext&&) = default;
-    InsecureRandomContext& operator=(InsecureRandomContext&&) = default;
+    constexpr void Reseed(uint64_t seedval) noexcept
+    {
+        FlushCache();
+        m_s0 = SplitMix64(seedval);
+        m_s1 = SplitMix64(seedval);
+    }
 
     constexpr uint64_t rand64() noexcept
     {
diff --git a/src/test/fuzz/addrman.cpp b/src/test/fuzz/addrman.cpp
index 8a54cc656d..dbec2bc858 100644
--- a/src/test/fuzz/addrman.cpp
+++ b/src/test/fuzz/addrman.cpp
@@ -124,7 +124,7 @@ public:
     explicit AddrManDeterministic(const NetGroupManager& netgroupman, FuzzedDataProvider& fuzzed_data_provider)
         : AddrMan(netgroupman, /*deterministic=*/true, GetCheckRatio())
     {
-        WITH_LOCK(m_impl->cs, m_impl->insecure_rand = FastRandomContext{ConsumeUInt256(fuzzed_data_provider)});
+        WITH_LOCK(m_impl->cs, m_impl->insecure_rand.Reseed(ConsumeUInt256(fuzzed_data_provider)));
     }
 
     /**
diff --git a/src/test/orphanage_tests.cpp b/src/test/orphanage_tests.cpp
index 450bf6a4fc..3459aa9f0e 100644
--- a/src/test/orphanage_tests.cpp
+++ b/src/test/orphanage_tests.cpp
@@ -106,7 +106,7 @@ BOOST_AUTO_TEST_CASE(DoS_mapOrphans)
     // ecdsa_signature_parse_der_lax are executed during this test.
     // Specifically branches that run only when an ECDSA
     // signature's R and S values have leading zeros.
-    g_insecure_rand_ctx = FastRandomContext{uint256{33}};
+    g_insecure_rand_ctx.Reseed(uint256{33});
 
     TxOrphanageTest orphanage;
     CKey key;
diff --git a/src/test/prevector_tests.cpp b/src/test/prevector_tests.cpp
index 9abdd84c5a..1ac7abf492 100644
--- a/src/test/prevector_tests.cpp
+++ b/src/test/prevector_tests.cpp
@@ -212,7 +212,7 @@ public:
     prevector_tester() {
         SeedRandomForTest();
         rand_seed = InsecureRand256();
-        rand_cache = FastRandomContext(rand_seed);
+        rand_cache.Reseed(rand_seed);
     }
 };
 
diff --git a/src/test/random_tests.cpp b/src/test/random_tests.cpp
index b7479d310c..9fa7135b77 100644
--- a/src/test/random_tests.cpp
+++ b/src/test/random_tests.cpp
@@ -253,7 +253,7 @@ BOOST_AUTO_TEST_CASE(xoroshiro128plusplus_reference_values)
     BOOST_TEST(0x6ea7c59f89bbfc75 == rng());
 
     // seed with a random number
-    rng = InsecureRandomContext(0x1a26f3fa8546b47a);
+    rng.Reseed(0x1a26f3fa8546b47a);
     BOOST_TEST(0xc8dc5e08d844ac7d == rng());
     BOOST_TEST(0x5b5f1f6d499dad1b == rng());
     BOOST_TEST(0xbeb0031f93313d6f == rng());
diff --git a/src/test/util/random.cpp b/src/test/util/random.cpp
index aa8c16e837..47d03055e2 100644
--- a/src/test/util/random.cpp
+++ b/src/test/util/random.cpp
@@ -34,5 +34,5 @@ void SeedRandomForTest(SeedRand seedtype)
     const uint256& seed{seedtype == SeedRand::SEED ? ctx_seed : uint256::ZERO};
     LogPrintf("%s: Setting random seed for current tests to %s=%s\n", __func__, RANDOM_CTX_SEED, seed.GetHex());
     MakeRandDeterministicDANGEROUS(seed);
-    g_insecure_rand_ctx = FastRandomContext(GetRandHash());
+    g_insecure_rand_ctx.Reseed(GetRandHash());
 }