Bitcoin Core 28.99.0
P2P Digital Currency
coins_view.cpp
Go to the documentation of this file.
1// Copyright (c) 2020-2022 The Bitcoin Core developers
2// Distributed under the MIT software license, see the accompanying
3// file COPYING or http://www.opensource.org/licenses/mit-license.php.
4
5#include <coins.h>
6#include <consensus/amount.h>
7#include <consensus/tx_check.h>
8#include <consensus/tx_verify.h>
9#include <consensus/validation.h>
10#include <policy/policy.h>
11#include <primitives/transaction.h>
12#include <script/interpreter.h>
13#include <test/fuzz/FuzzedDataProvider.h>
14#include <test/fuzz/fuzz.h>
15#include <test/fuzz/util.h>
16#include <test/util/setup_common.h>
17#include <util/hasher.h>
18
19#include <cassert>
20#include <cstdint>
21#include <limits>
22#include <memory>
23#include <optional>
24#include <stdexcept>
25#include <string>
26#include <utility>
27#include <vector>
28
29namespace {
30const Coin EMPTY_COIN{};
31
32bool operator==(const Coin& a, const Coin& b)
33{
34 if (a.IsSpent() && b.IsSpent()) return true;
35 return a.fCoinBase == b.fCoinBase && a.nHeight == b.nHeight && a.out == b.out;
36}
37} // namespace
38
39void initialize_coins_view()
40{
41 static const auto testing_setup = MakeNoLogFileContext<>();
42}
43
44FUZZ_TARGET(coins_view, .init = initialize_coins_view)
45{
46 FuzzedDataProvider fuzzed_data_provider{buffer.data(), buffer.size()};
47 bool good_data{true};
48
49 CCoinsView backend_coins_view;
50 CCoinsViewCache coins_view_cache{&backend_coins_view, /*deterministic=*/true};
51 COutPoint random_out_point;
52 Coin random_coin;
53 CMutableTransaction random_mutable_transaction;
54 LIMITED_WHILE(good_data && fuzzed_data_provider.ConsumeBool(), 10'000)
55 {
56 CallOneOf(
57 fuzzed_data_provider,
58 [&] {
59 if (random_coin.IsSpent()) {
60 return;
61 }
62 Coin coin = random_coin;
63 bool expected_code_path = false;
64 const bool possible_overwrite = fuzzed_data_provider.ConsumeBool();
65 try {
66 coins_view_cache.AddCoin(random_out_point, std::move(coin), possible_overwrite);
67 expected_code_path = true;
68 } catch (const std::logic_error& e) {
69 if (e.what() == std::string{"Attempted to overwrite an unspent coin (when possible_overwrite is false)"}) {
70 assert(!possible_overwrite);
71 expected_code_path = true;
72 }
73 }
74 assert(expected_code_path);
75 },
76 [&] {
77 (void)coins_view_cache.Flush();
78 },
79 [&] {
80 (void)coins_view_cache.Sync();
81 },
82 [&] {
83 coins_view_cache.SetBestBlock(ConsumeUInt256(fuzzed_data_provider));
84 },
85 [&] {
86 Coin move_to;
87 (void)coins_view_cache.SpendCoin(random_out_point, fuzzed_data_provider.ConsumeBool() ? &move_to : nullptr);
88 },
89 [&] {
90 coins_view_cache.Uncache(random_out_point);
91 },
92 [&] {
93 if (fuzzed_data_provider.ConsumeBool()) {
94 backend_coins_view = CCoinsView{};
95 }
96 coins_view_cache.SetBackend(backend_coins_view);
97 },
98 [&] {
99 const std::optional<COutPoint> opt_out_point = ConsumeDeserializable<COutPoint>(fuzzed_data_provider);
100 if (!opt_out_point) {
101 good_data = false;
102 return;
103 }
104 random_out_point = *opt_out_point;
105 },
106 [&] {
107 const std::optional<Coin> opt_coin = ConsumeDeserializable<Coin>(fuzzed_data_provider);
108 if (!opt_coin) {
109 good_data = false;
110 return;
111 }
112 random_coin = *opt_coin;
113 },
114 [&] {
115 const std::optional<CMutableTransaction> opt_mutable_transaction = ConsumeDeserializable<CMutableTransaction>(fuzzed_data_provider, TX_WITH_WITNESS);
116 if (!opt_mutable_transaction) {
117 good_data = false;
118 return;
119 }
120 random_mutable_transaction = *opt_mutable_transaction;
121 },
122 [&] {
123 CoinsCachePair sentinel{};
124 sentinel.second.SelfRef(sentinel);
125 size_t usage{0};
126 CCoinsMapMemoryResource resource;
127 CCoinsMap coins_map{0, SaltedOutpointHasher{/*deterministic=*/true}, CCoinsMap::key_equal{}, &resource};
128 LIMITED_WHILE(good_data && fuzzed_data_provider.ConsumeBool(), 10'000)
129 {
130 CCoinsCacheEntry coins_cache_entry;
131 const auto dirty{fuzzed_data_provider.ConsumeBool()};
132 const auto fresh{fuzzed_data_provider.ConsumeBool()};
133 if (fuzzed_data_provider.ConsumeBool()) {
134 coins_cache_entry.coin = random_coin;
135 } else {
136 const std::optional<Coin> opt_coin = ConsumeDeserializable<Coin>(fuzzed_data_provider);
137 if (!opt_coin) {
138 good_data = false;
139 return;
140 }
141 coins_cache_entry.coin = *opt_coin;
142 }
143 auto it{coins_map.emplace(random_out_point, std::move(coins_cache_entry)).first};
144 if (dirty) CCoinsCacheEntry::SetDirty(*it, sentinel);
145 if (fresh) CCoinsCacheEntry::SetFresh(*it, sentinel);
146 usage += it->second.coin.DynamicMemoryUsage();
147 }
148 bool expected_code_path = false;
149 try {
150 auto cursor{CoinsViewCacheCursor(usage, sentinel, coins_map, /*will_erase=*/true)};
151 coins_view_cache.BatchWrite(cursor, fuzzed_data_provider.ConsumeBool() ? ConsumeUInt256(fuzzed_data_provider) : coins_view_cache.GetBestBlock());
152 expected_code_path = true;
153 } catch (const std::logic_error& e) {
154 if (e.what() == std::string{"FRESH flag misapplied to coin that exists in parent cache"}) {
155 expected_code_path = true;
156 }
157 }
158 assert(expected_code_path);
159 });
160 }
161
162 {
163 const Coin& coin_using_access_coin = coins_view_cache.AccessCoin(random_out_point);
164 const bool exists_using_access_coin = !(coin_using_access_coin == EMPTY_COIN);
165 const bool exists_using_have_coin = coins_view_cache.HaveCoin(random_out_point);
166 const bool exists_using_have_coin_in_cache = coins_view_cache.HaveCoinInCache(random_out_point);
167 if (auto coin{coins_view_cache.GetCoin(random_out_point)}) {
168 assert(*coin == coin_using_access_coin);
169 assert(exists_using_access_coin && exists_using_have_coin_in_cache && exists_using_have_coin);
170 } else {
171 assert(!exists_using_access_coin && !exists_using_have_coin_in_cache && !exists_using_have_coin);
172 }
173 // If HaveCoin on the backend is true, it must also be on the cache if the coin wasn't spent.
174 const bool exists_using_have_coin_in_backend = backend_coins_view.HaveCoin(random_out_point);
175 if (!coin_using_access_coin.IsSpent() && exists_using_have_coin_in_backend) {
176 assert(exists_using_have_coin);
177 }
178 if (auto coin{backend_coins_view.GetCoin(random_out_point)}) {
179 assert(exists_using_have_coin_in_backend);
180 // Note we can't assert that `coin_using_get_coin == *coin` because the coin in
181 // the cache may have been modified but not yet flushed.
182 } else {
183 assert(!exists_using_have_coin_in_backend);
184 }
185 }
186
187 {
188 bool expected_code_path = false;
189 try {
190 (void)coins_view_cache.Cursor();
191 } catch (const std::logic_error&) {
192 expected_code_path = true;
193 }
194 assert(expected_code_path);
195 (void)coins_view_cache.DynamicMemoryUsage();
196 (void)coins_view_cache.EstimateSize();
197 (void)coins_view_cache.GetBestBlock();
198 (void)coins_view_cache.GetCacheSize();
199 (void)coins_view_cache.GetHeadBlocks();
200 (void)coins_view_cache.HaveInputs(CTransaction{random_mutable_transaction});
201 }
202
203 {
204 std::unique_ptr<CCoinsViewCursor> coins_view_cursor = backend_coins_view.Cursor();
205 assert(!coins_view_cursor);
206 (void)backend_coins_view.EstimateSize();
207 (void)backend_coins_view.GetBestBlock();
208 (void)backend_coins_view.GetHeadBlocks();
209 }
210
211 if (fuzzed_data_provider.ConsumeBool()) {
212 CallOneOf(
213 fuzzed_data_provider,
214 [&] {
215 const CTransaction transaction{random_mutable_transaction};
216 bool is_spent = false;
217 for (const CTxOut& tx_out : transaction.vout) {
218 if (Coin{tx_out, 0, transaction.IsCoinBase()}.IsSpent()) {
219 is_spent = true;
220 }
221 }
222 if (is_spent) {
223 // Avoid:
224 // coins.cpp:69: void CCoinsViewCache::AddCoin(const COutPoint &, Coin &&, bool): Assertion `!coin.IsSpent()' failed.
225 return;
226 }
227 bool expected_code_path = false;
228 const int height{int(fuzzed_data_provider.ConsumeIntegral<uint32_t>() >> 1)};
229 const bool possible_overwrite = fuzzed_data_provider.ConsumeBool();
230 try {
231 AddCoins(coins_view_cache, transaction, height, possible_overwrite);
232 expected_code_path = true;
233 } catch (const std::logic_error& e) {
234 if (e.what() == std::string{"Attempted to overwrite an unspent coin (when possible_overwrite is false)"}) {
235 assert(!possible_overwrite);
236 expected_code_path = true;
237 }
238 }
239 assert(expected_code_path);
240 },
241 [&] {
242 (void)AreInputsStandard(CTransaction{random_mutable_transaction}, coins_view_cache);
243 },
244 [&] {
245 TxValidationState state;
246 CAmount tx_fee_out;
247 const CTransaction transaction{random_mutable_transaction};
248 if (ContainsSpentInput(transaction, coins_view_cache)) {
249 // Avoid:
250 // consensus/tx_verify.cpp:171: bool Consensus::CheckTxInputs(const CTransaction &, TxValidationState &, const CCoinsViewCache &, int, CAmount &): Assertion `!coin.IsSpent()' failed.
251 return;
252 }
253 TxValidationState dummy;
254 if (!CheckTransaction(transaction, dummy)) {
255 // It is not allowed to call CheckTxInputs if CheckTransaction failed
256 return;
257 }
258 if (Consensus::CheckTxInputs(transaction, state, coins_view_cache, fuzzed_data_provider.ConsumeIntegralInRange<int>(0, std::numeric_limits<int>::max()), tx_fee_out)) {
259 assert(MoneyRange(tx_fee_out));
260 }
261 },
262 [&] {
263 const CTransaction transaction{random_mutable_transaction};
264 if (ContainsSpentInput(transaction, coins_view_cache)) {
265 // Avoid:
266 // consensus/tx_verify.cpp:130: unsigned int GetP2SHSigOpCount(const CTransaction &, const CCoinsViewCache &): Assertion `!coin.IsSpent()' failed.
267 return;
268 }
269 (void)GetP2SHSigOpCount(transaction, coins_view_cache);
270 },
271 [&] {
272 const CTransaction transaction{random_mutable_transaction};
273 if (ContainsSpentInput(transaction, coins_view_cache)) {
274 // Avoid:
275 // consensus/tx_verify.cpp:130: unsigned int GetP2SHSigOpCount(const CTransaction &, const CCoinsViewCache &): Assertion `!coin.IsSpent()' failed.
276 return;
277 }
278 const auto flags{fuzzed_data_provider.ConsumeIntegral<uint32_t>()};
279 if (!transaction.vin.empty() && (flags & SCRIPT_VERIFY_WITNESS) != 0 && (flags & SCRIPT_VERIFY_P2SH) == 0) {
280 // Avoid:
281 // script/interpreter.cpp:1705: size_t CountWitnessSigOps(const CScript &, const CScript &, const CScriptWitness *, unsigned int): Assertion `(flags & SCRIPT_VERIFY_P2SH) != 0' failed.
282 return;
283 }
284 (void)GetTransactionSigOpCost(transaction, coins_view_cache, flags);
285 },
286 [&] {
287 (void)IsWitnessStandard(CTransaction{random_mutable_transaction}, coins_view_cache);
288 });
289 }
290}
MoneyRange
bool MoneyRange(const CAmount &nValue)
Definition: amount.h:27
CAmount
int64_t CAmount
Amount in satoshis (Can be negative)
Definition: amount.h:12
catch
catch(const std::exception &e)
Definition: bitcoin-cli.cpp:1346
flags
int flags
Definition: bitcoin-tx.cpp:536
CCoinsViewCache
CCoinsView that adds a memory cache for transactions to another CCoinsView.
Definition: coins.h:363
CCoinsView
Abstract view on the open txout dataset.
Definition: coins.h:310
CCoinsView::GetCoin
virtual std::optional< Coin > GetCoin(const COutPoint &outpoint) const
Retrieve the Coin (unspent transaction output) for a given outpoint.
Definition: coins.cpp:16
CCoinsView::HaveCoin
virtual bool HaveCoin(const COutPoint &outpoint) const
Just check whether a given outpoint is unspent.
Definition: coins.cpp:22
COutPoint
An outpoint - a combination of a transaction hash and an index n into its vout.
Definition: transaction.h:29
CTransaction
The basic transaction that is broadcasted on the network and contained in blocks.
Definition: transaction.h:296
CTxOut
An output of a transaction.
Definition: transaction.h:150
Coin
A UTXO entry.
Definition: coins.h:33
Coin::out
CTxOut out
unspent transaction output
Definition: coins.h:36
Coin::IsSpent
bool IsSpent() const
Either this coin never existed (see e.g.
Definition: coins.h:81
Coin::nHeight
uint32_t nHeight
at which height this containing transaction was included in the active block chain
Definition: coins.h:42
Coin::fCoinBase
unsigned int fCoinBase
whether containing transaction was a coinbase
Definition: coins.h:39
AddCoins
void AddCoins(CCoinsViewCache &cache, const CTransaction &tx, int nHeight, bool check_for_overwrite)
Utility function to add all of a transaction's outputs to a cache.
Definition: coins.cpp:119
CoinsCachePair
std::pair< const COutPoint, CCoinsCacheEntry > CoinsCachePair
Definition: coins.h:91
CCoinsMap
std::unordered_map< COutPoint, CCoinsCacheEntry, SaltedOutpointHasher, std::equal_to< COutPoint >, PoolAllocator< CoinsCachePair, sizeof(CoinsCachePair)+sizeof(void *) *4 > > CCoinsMap
PoolAllocator's MAX_BLOCK_SIZE_BYTES parameter here uses sizeof the data, and adds the size of 4 poin...
Definition: coins.h:229
CCoinsMapMemoryResource
CCoinsMap::allocator_type::ResourceType CCoinsMapMemoryResource
Definition: coins.h:231
FUZZ_TARGET
FUZZ_TARGET(coins_view,.init=initialize_coins_view)
Definition: coins_view.cpp:44
initialize_coins_view
void initialize_coins_view()
Definition: coins_view.cpp:39
LIMITED_WHILE
#define LIMITED_WHILE(condition, limit)
Can be used to limit a theoretically unbounded loop.
Definition: fuzz.h:22
SCRIPT_VERIFY_P2SH
@ SCRIPT_VERIFY_P2SH
Definition: interpreter.h:49
SCRIPT_VERIFY_WITNESS
@ SCRIPT_VERIFY_WITNESS
Definition: interpreter.h:108
Consensus::CheckTxInputs
bool CheckTxInputs(const CTransaction &tx, TxValidationState &state, const CCoinsViewCache &inputs, int nSpendHeight, CAmount &txfee)
Check whether all inputs of this transaction are valid (no double spends and amounts) This does not m...
Definition: tx_verify.cpp:164
operator==
bool operator==(const CNetAddr &a, const CNetAddr &b)
Definition: netaddress.cpp:607
AreInputsStandard
bool AreInputsStandard(const CTransaction &tx, const CCoinsViewCache &mapInputs)
Check transaction inputs to mitigate two potential denial-of-service attacks:
Definition: policy.cpp:189
IsWitnessStandard
bool IsWitnessStandard(const CTransaction &tx, const CCoinsViewCache &mapInputs)
Check if the transaction is over standard P2WSH resources limit: 3600bytes witnessScript size,...
Definition: policy.cpp:223
TX_WITH_WITNESS
static constexpr TransactionSerParams TX_WITH_WITNESS
Definition: transaction.h:195
setup_common.h
CCoinsCacheEntry
A Coin in one level of the coins database caching hierarchy.
Definition: coins.h:109
CCoinsCacheEntry::coin
Coin coin
Definition: coins.h:147
CCoinsCacheEntry::SetFresh
static void SetFresh(CoinsCachePair &pair, CoinsCachePair &sentinel) noexcept
Definition: coins.h:178
CCoinsCacheEntry::SetDirty
static void SetDirty(CoinsCachePair &pair, CoinsCachePair &sentinel) noexcept
Definition: coins.h:177
CMutableTransaction
A mutable version of CTransaction.
Definition: transaction.h:378
CoinsViewCacheCursor
Cursor for iterating over the linked list of flagged entries in CCoinsViewCache.
Definition: coins.h:266
ContainsSpentInput
bool ContainsSpentInput(const CTransaction &tx, const CCoinsViewCache &inputs) noexcept
Definition: util.cpp:240
ConsumeUInt256
uint256 ConsumeUInt256(FuzzedDataProvider &fuzzed_data_provider) noexcept
Definition: util.h:171
CallOneOf
size_t CallOneOf(FuzzedDataProvider &fuzzed_data_provider, Callables... callables)
Definition: util.h:35
CheckTransaction
bool CheckTransaction(const CTransaction &tx, TxValidationState &state)
Definition: tx_check.cpp:11
tx_check.h
GetTransactionSigOpCost
int64_t GetTransactionSigOpCost(const CTransaction &tx, const CCoinsViewCache &inputs, uint32_t flags)
Compute total signature operation cost of a transaction.
Definition: tx_verify.cpp:143
GetP2SHSigOpCount
unsigned int GetP2SHSigOpCount(const CTransaction &tx, const CCoinsViewCache &inputs)
Count ECDSA signature operations in pay-to-script-hash inputs.
Definition: tx_verify.cpp:126
tx_verify.h
assert
assert(!tx.IsCoinBase())
Generated on Wed Dec 18 2024 20:00:13 for Bitcoin Core by doxygen 1.9.4