/root/bitcoin/src/test/fuzz/utxo_total_supply.cpp

Source
// Copyright (c) 2020 The Bitcoin Core developers
// Distributed under the MIT software license, see the accompanying
// file COPYING or http://www.opensource.org/licenses/mit-license.php.

#include <chainparams.h>
#include <consensus/consensus.h>
#include <consensus/merkle.h>
#include <kernel/coinstats.h>
#include <node/miner.h>
#include <script/interpreter.h>
#include <streams.h>
#include <test/fuzz/FuzzedDataProvider.h>
#include <test/fuzz/fuzz.h>
#include <test/fuzz/util.h>
#include <test/util/mining.h>
#include <test/util/setup_common.h>
#include <util/chaintype.h>
#include <util/time.h>
#include <validation.h>

using node::BlockAssembler;

FUZZ_TARGET(utxo_total_supply)
{
    SeedRandomStateForTest(SeedRand::ZEROS);
    FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size());
    SetMockTime(ConsumeTime(fuzzed_data_provider, /*min=*/1296688602)); // regtest genesis block timestamp
    /** The testing setup that creates a chainman only (no chainstate) */
    ChainTestingSetup test_setup{
        ChainType::REGTEST,
        {
            .extra_args = {
                "-testactivationheight=bip34@2",
            },
        },
    };
    // Create chainstate
    test_setup.LoadVerifyActivateChainstate();
    auto& node{test_setup.m_node};
    auto& chainman{*Assert(test_setup.m_node.chainman)};

    const auto ActiveHeight = [&]() {
        LOCK(chainman.GetMutex());
        return chainman.ActiveHeight();
    };
    BlockAssembler::Options options;
    options.coinbase_output_script = CScript() << OP_FALSE;
    const auto PrepareNextBlock = [&]() {
        // Use OP_FALSE to avoid BIP30 check from hitting early
        auto block = PrepareBlock(node, options);
        // Replace OP_FALSE with OP_TRUE
        {
            CMutableTransaction tx{*block->vtx.back()};
            tx.nLockTime = 0; // Use the same nLockTime for all as we want to duplicate one of them.
            tx.vout.at(0).scriptPubKey = CScript{} << OP_TRUE;
            block->vtx.back() = MakeTransactionRef(tx);
        }
        return block;
    };

    /** The block template this fuzzer is working on */
    auto current_block = PrepareNextBlock();
    /** Append-only set of tx outpoints, entries are not removed when spent */
    std::vector<std::pair<COutPoint, CTxOut>> txos;
    /** The utxo stats at the chain tip */
    kernel::CCoinsStats utxo_stats;
    /** The total amount of coins in the utxo set */
    CAmount circulation{0};


    // Store the tx out in the txo map
    const auto StoreLastTxo = [&]() {
        // get last tx
        const CTransaction& tx = *current_block->vtx.back();
        // get last out
        const uint32_t i = tx.vout.size() - 1;
        // store it
        txos.emplace_back(COutPoint{tx.GetHash(), i}, tx.vout.at(i));
        if (current_block->vtx.size() == 1 && tx.vout.at(i).scriptPubKey[0] == OP_RETURN) {
            // also store coinbase
            const uint32_t i = tx.vout.size() - 2;
            txos.emplace_back(COutPoint{tx.GetHash(), i}, tx.vout.at(i));
        }
    };
    const auto AppendRandomTxo = [&](CMutableTransaction& tx) {
        const auto& txo = txos.at(fuzzed_data_provider.ConsumeIntegralInRange<size_t>(0, txos.size() - 1));
        tx.vin.emplace_back(txo.first);
        tx.vout.emplace_back(txo.second.nValue, txo.second.scriptPubKey); // "Forward" coin with no fee
    };
    const auto UpdateUtxoStats = [&]() {
        LOCK(chainman.GetMutex());
        chainman.ActiveChainstate().ForceFlushStateToDisk();
        utxo_stats = std::move(
            *Assert(kernel::ComputeUTXOStats(kernel::CoinStatsHashType::NONE, &chainman.ActiveChainstate().CoinsDB(), chainman.m_blockman, {})));
        // Check that miner can't print more money than they are allowed to
        assert(circulation == utxo_stats.total_amount);
    };


    // Update internal state to chain tip
    StoreLastTxo();
    UpdateUtxoStats();
    assert(ActiveHeight() == 0);
    // Get at which height we duplicate the coinbase
    // Assuming that the fuzzer will mine relatively short chains (less than 200 blocks), we want the duplicate coinbase to be not too high.
    // Up to 300 seems reasonable.
    int64_t duplicate_coinbase_height = fuzzed_data_provider.ConsumeIntegralInRange(0, 300);
    // Always pad with OP_0 at the end to avoid bad-cb-length error
    const CScript duplicate_coinbase_script = CScript() << duplicate_coinbase_height << OP_0;
    // Mine the first block with this duplicate
    current_block = PrepareNextBlock();
    StoreLastTxo();

    {
        // Create duplicate (CScript should match exact format as in CreateNewBlock)
        CMutableTransaction tx{*current_block->vtx.front()};
        tx.vin.at(0).scriptSig = duplicate_coinbase_script;

        // Mine block and create next block template
        current_block->vtx.front() = MakeTransactionRef(tx);
    }
    current_block->hashMerkleRoot = BlockMerkleRoot(*current_block);
    assert(!MineBlock(node, current_block).IsNull());
    circulation += GetBlockSubsidy(ActiveHeight(), Params().GetConsensus());

    assert(ActiveHeight() == 1);
    UpdateUtxoStats();
    current_block = PrepareNextBlock();
    StoreLastTxo();

    // Limit to avoid timeout, but enough to cover duplicate_coinbase_height
    // and CVE-2018-17144.
    LIMITED_WHILE(fuzzed_data_provider.remaining_bytes(), 2'00)
    {
        CallOneOf(
            fuzzed_data_provider,
            [&] {
                // Append an input-output pair to the last tx in the current block
                CMutableTransaction tx{*current_block->vtx.back()};
                AppendRandomTxo(tx);
                current_block->vtx.back() = MakeTransactionRef(tx);
                StoreLastTxo();
            },
            [&] {
                // Append a tx to the list of txs in the current block
                CMutableTransaction tx{};
                AppendRandomTxo(tx);
                current_block->vtx.push_back(MakeTransactionRef(tx));
                StoreLastTxo();
            },
            [&] {
                // Append the current block to the active chain
                node::RegenerateCommitments(*current_block, chainman);
                const bool was_valid = !MineBlock(node, current_block).IsNull();

                const uint256 prev_hash_serialized{utxo_stats.hashSerialized};
                if (was_valid) {
                    if (duplicate_coinbase_height == ActiveHeight()) {
                        // we mined the duplicate coinbase
                        assert(current_block->vtx.at(0)->vin.at(0).scriptSig == duplicate_coinbase_script);
                    }

                    circulation += GetBlockSubsidy(ActiveHeight(), Params().GetConsensus());
                }

                UpdateUtxoStats();

                if (!was_valid) {
                    // utxo stats must not change
                    assert(prev_hash_serialized == utxo_stats.hashSerialized);
                }

                current_block = PrepareNextBlock();
                StoreLastTxo();
            });
    }
}

Coverage Report

Created: 2025-09-19 18:21

Line	Count	Source
1		// Copyright (c) 2020 The Bitcoin Core developers
2		// Distributed under the MIT software license, see the accompanying
3		// file COPYING or http://www.opensource.org/licenses/mit-license.php.
4
5		#include <chainparams.h>
6		#include <consensus/consensus.h>
7		#include <consensus/merkle.h>
8		#include <kernel/coinstats.h>
9		#include <node/miner.h>
10		#include <script/interpreter.h>
11		#include <streams.h>
12		#include <test/fuzz/FuzzedDataProvider.h>
13		#include <test/fuzz/fuzz.h>
14		#include <test/fuzz/util.h>
15		#include <test/util/mining.h>
16		#include <test/util/setup_common.h>
17		#include <util/chaintype.h>
18		#include <util/time.h>
19		#include <validation.h>
20
21		using node::BlockAssembler;
22
23		FUZZ_TARGET(utxo_total_supply)
24	0	{
25	0	SeedRandomStateForTest(SeedRand::ZEROS);
26	0	FuzzedDataProvider fuzzed_data_provider(buffer.data(), buffer.size());
27	0	SetMockTime(ConsumeTime(fuzzed_data_provider, /min=/1296688602)); // regtest genesis block timestamp
28		/** The testing setup that creates a chainman only (no chainstate) */
29	0	ChainTestingSetup test_setup{
30	0	ChainType::REGTEST,
31	0	{
32	0	.extra_args = {
33	0	"-testactivationheight=bip34@2",
34	0	},
35	0	},
36	0	};
37		// Create chainstate
38	0	test_setup.LoadVerifyActivateChainstate();
39	0	auto& node{test_setup.m_node};
40	0	auto& chainman{*Assert(test_setup.m_node.chainman)};
41
42	0	const auto ActiveHeight = [&]() {
43	0	LOCK(chainman.GetMutex());
44	0	return chainman.ActiveHeight();
45	0	};
46	0	BlockAssembler::Options options;
47	0	options.coinbase_output_script = CScript() << OP_FALSE;
48	0	const auto PrepareNextBlock = [&]() {
49		// Use OP_FALSE to avoid BIP30 check from hitting early
50	0	auto block = PrepareBlock(node, options);
51		// Replace OP_FALSE with OP_TRUE
52	0	{
53	0	CMutableTransaction tx{*block->vtx.back()};
54	0	tx.nLockTime = 0; // Use the same nLockTime for all as we want to duplicate one of them.
55	0	tx.vout.at(0).scriptPubKey = CScript{} << OP_TRUE;
56	0	block->vtx.back() = MakeTransactionRef(tx);
57	0	}
58	0	return block;
59	0	};
60
61		/** The block template this fuzzer is working on */
62	0	auto current_block = PrepareNextBlock();
63		/** Append-only set of tx outpoints, entries are not removed when spent */
64	0	std::vector<std::pair<COutPoint, CTxOut>> txos;
65		/** The utxo stats at the chain tip */
66	0	kernel::CCoinsStats utxo_stats;
67		/** The total amount of coins in the utxo set */
68	0	CAmount circulation{0};
69
70
71		// Store the tx out in the txo map
72	0	const auto StoreLastTxo = [&]() {
73		// get last tx
74	0	const CTransaction& tx = *current_block->vtx.back();
75		// get last out
76	0	const uint32_t i = tx.vout.size() - 1;
77		// store it
78	0	txos.emplace_back(COutPoint{tx.GetHash(), i}, tx.vout.at(i));
79	0	if (current_block->vtx.size() == 1 && tx.vout.at(i).scriptPubKey[0] == OP_RETURN) {
80		// also store coinbase
81	0	const uint32_t i = tx.vout.size() - 2;
82	0	txos.emplace_back(COutPoint{tx.GetHash(), i}, tx.vout.at(i));
83	0	}
84	0	};
85	0	const auto AppendRandomTxo = [&](CMutableTransaction& tx) {
86	0	const auto& txo = txos.at(fuzzed_data_provider.ConsumeIntegralInRange<size_t>(0, txos.size() - 1));
87	0	tx.vin.emplace_back(txo.first);
88	0	tx.vout.emplace_back(txo.second.nValue, txo.second.scriptPubKey); // "Forward" coin with no fee
89	0	};
90	0	const auto UpdateUtxoStats = [&]() {
91	0	LOCK(chainman.GetMutex());
92	0	chainman.ActiveChainstate().ForceFlushStateToDisk();
93	0	utxo_stats = std::move(
94	0	*Assert(kernel::ComputeUTXOStats(kernel::CoinStatsHashType::NONE, &chainman.ActiveChainstate().CoinsDB(), chainman.m_blockman, {})));
95		// Check that miner can't print more money than they are allowed to
96	0	assert(circulation == utxo_stats.total_amount);
97	0	};
98
99
100		// Update internal state to chain tip
101	0	StoreLastTxo();
102	0	UpdateUtxoStats();
103	0	assert(ActiveHeight() == 0);
104		// Get at which height we duplicate the coinbase
105		// Assuming that the fuzzer will mine relatively short chains (less than 200 blocks), we want the duplicate coinbase to be not too high.
106		// Up to 300 seems reasonable.
107	0	int64_t duplicate_coinbase_height = fuzzed_data_provider.ConsumeIntegralInRange(0, 300);
108		// Always pad with OP_0 at the end to avoid bad-cb-length error
109	0	const CScript duplicate_coinbase_script = CScript() << duplicate_coinbase_height << OP_0;
110		// Mine the first block with this duplicate
111	0	current_block = PrepareNextBlock();
112	0	StoreLastTxo();
113
114	0	{
115		// Create duplicate (CScript should match exact format as in CreateNewBlock)
116	0	CMutableTransaction tx{*current_block->vtx.front()};
117	0	tx.vin.at(0).scriptSig = duplicate_coinbase_script;
118
119		// Mine block and create next block template
120	0	current_block->vtx.front() = MakeTransactionRef(tx);
121	0	}
122	0	current_block->hashMerkleRoot = BlockMerkleRoot(*current_block);
123	0	assert(!MineBlock(node, current_block).IsNull());
124	0	circulation += GetBlockSubsidy(ActiveHeight(), Params().GetConsensus());
125
126	0	assert(ActiveHeight() == 1);
127	0	UpdateUtxoStats();
128	0	current_block = PrepareNextBlock();
129	0	StoreLastTxo();
130
131		// Limit to avoid timeout, but enough to cover duplicate_coinbase_height
132		// and CVE-2018-17144.
133	0	LIMITED_WHILE(fuzzed_data_provider.remaining_bytes(), 2'00)
134	0	{
135	0	CallOneOf(
136	0	fuzzed_data_provider,
137	0	[&] {
138		// Append an input-output pair to the last tx in the current block
139	0	CMutableTransaction tx{*current_block->vtx.back()};
140	0	AppendRandomTxo(tx);
141	0	current_block->vtx.back() = MakeTransactionRef(tx);
142	0	StoreLastTxo();
143	0	},
144	0	[&] {
145		// Append a tx to the list of txs in the current block
146	0	CMutableTransaction tx{};
147	0	AppendRandomTxo(tx);
148	0	current_block->vtx.push_back(MakeTransactionRef(tx));
149	0	StoreLastTxo();
150	0	},
151	0	[&] {
152		// Append the current block to the active chain
153	0	node::RegenerateCommitments(*current_block, chainman);
154	0	const bool was_valid = !MineBlock(node, current_block).IsNull();
155
156	0	const uint256 prev_hash_serialized{utxo_stats.hashSerialized};
157	0	if (was_valid) {
158	0	if (duplicate_coinbase_height == ActiveHeight()) {
159		// we mined the duplicate coinbase
160	0	assert(current_block->vtx.at(0)->vin.at(0).scriptSig == duplicate_coinbase_script);
161	0	}
162
163	0	circulation += GetBlockSubsidy(ActiveHeight(), Params().GetConsensus());
164	0	}
165
166	0	UpdateUtxoStats();
167
168	0	if (!was_valid) {
169		// utxo stats must not change
170	0	assert(prev_hash_serialized == utxo_stats.hashSerialized);
171	0	}
172
173	0	current_block = PrepareNextBlock();
174	0	StoreLastTxo();
175	0	});
176	0	}
177	0	}