Splice fixes for chanmon_consistency fuzz target#4655
Open
wpaulino wants to merge 4 commits into
Open
Conversation
If the input ends immediately after `tx_signatures`, the corresponding `SpliceNegotiated` event may still be pending, leaving the valid interactive funding transaction in the test broadcaster.
Now that the fuzz target supports canceling splice funding attempts, we may see failed signing attempts due to the cancellation.
LDK and the chanmon_consistency fuzz target have grown in complexity recently and thus require more iterations than previously assumed to fully settle the state of all active channels.
This replicates what a node in production would see, and is necessary to replay certain actions within LDK that happened prior to the reload.
|
👋 Thanks for assigning @TheBlueMatt as a reviewer! |
Comment on lines
+2016
to
+2021
| for (idx, node) in nodes.iter().enumerate() { | ||
| if node.broadcaster.txn_broadcasted.borrow().is_empty() { | ||
| continue; | ||
| } | ||
|
|
||
| let pending_events = node.get_and_clear_pending_events(); |
Collaborator
There was a problem hiding this comment.
The verification is one-directional: for each broadcast tx, you check a matching SpliceNegotiated event exists, but you don't verify the reverse — that every pending SpliceNegotiated event has a corresponding broadcast tx. A node with no broadcasts (skipped at line 2017) but with dangling SpliceNegotiated events passes silently.
Consider also checking nodes that have no broadcasts but do have pending SpliceNegotiated events, as that would indicate the splice tx was not broadcast despite an event being generated.
Suggested change
| for (idx, node) in nodes.iter().enumerate() { | |
| if node.broadcaster.txn_broadcasted.borrow().is_empty() { | |
| continue; | |
| } | |
| let pending_events = node.get_and_clear_pending_events(); | |
| for (idx, node) in nodes.iter().enumerate() { | |
| let pending_events = node.get_and_clear_pending_events(); | |
| if node.broadcaster.txn_broadcasted.borrow().is_empty() { | |
| assert!( | |
| !pending_events.iter().any(|e| matches!(e, events::Event::SpliceNegotiated { .. })), | |
| "node {} has pending SpliceNegotiated event(s) but no broadcast tx", | |
| idx, | |
| ); | |
| continue; | |
| } |
Collaborator
Review Summary1 inline comment posted:
No other issues found. The remaining changes are correct:
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
While this target found several issues in our production code, there were also issues with the fuzz target itself, which this PR addresses. It fixes the following payloads from #4363: