From 76c5ea703e77d580b6962e60398f4988cbd9b58b Mon Sep 17 00:00:00 2001 From: Murch Date: Fri, 2 Jun 2023 14:20:33 -0400 Subject: fuzz: Fix mini_miner_selection running out of coin Fixes a bug in the mini_miner_selection fuzz test found by fuzzing: It was possible for the mini_miner_selection fuzz test to generated transactions that created fewer new spendable outputs than the two inputs they each spend. If the fuzz seed did so consistently, eventually it would cause a `pop_front()` on an empty available_coins. Fixed by: - asserting that available_coins is not empty before generating tx - allowing to build tx with a single coin if only one is available --- src/test/fuzz/mini_miner.cpp | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'src') diff --git a/src/test/fuzz/mini_miner.cpp b/src/test/fuzz/mini_miner.cpp index f49d940393..2b371f6d5f 100644 --- a/src/test/fuzz/mini_miner.cpp +++ b/src/test/fuzz/mini_miner.cpp @@ -118,10 +118,11 @@ FUZZ_TARGET_INIT(mini_miner_selection, initialize_miner) LIMITED_WHILE(fuzzed_data_provider.ConsumeBool(), 100) { CMutableTransaction mtx = CMutableTransaction(); - const size_t num_inputs = 2; + assert(!available_coins.empty()); + const size_t num_inputs = std::min(size_t{2}, available_coins.size()); const size_t num_outputs = fuzzed_data_provider.ConsumeIntegralInRange(2, 5); for (size_t n{0}; n < num_inputs; ++n) { - auto prevout = available_coins.front(); + auto prevout = available_coins.at(0); mtx.vin.push_back(CTxIn(prevout, CScript())); available_coins.pop_front(); } -- cgit v1.2.3