From 444dcb2f9944ad5208bf00c9f197da7b2c98063c Mon Sep 17 00:00:00 2001 From: Sebastian Falbesoner Date: Mon, 4 Aug 2025 01:34:04 +0200 Subject: [PATCH] fuzz: txgraph: fix `real_is_optimal` flag propagation in `CommitStaging` In the `txgraph` fuzz test, the `CommitStaging` step updates the `SimTxGraph` levels simply by erasing the front (=main) one in the `sims` vector, i.e. the staging level instance takes the place of the main level instance. This also includes the `real_is_optimal` flag (reflecting whether the corresponding real graph is known to be optimally linearized), without taking into account that this flag should only be set if _both_ levels before the commiting are optimal. E.g. in case of #33097, the main level is not optimally linearized, while the staging level is, and due to the incorrect propagation of the latter to the simulation incorrectly assumes that the main level is optimal, leading to the assertion fail. Fix this by setting the flag in the resulting main level explicitly. Resolves the fuzzing assertion fail in issue #33097. --- src/test/fuzz/txgraph.cpp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/test/fuzz/txgraph.cpp b/src/test/fuzz/txgraph.cpp index e48d9852942..50af38db57b 100644 --- a/src/test/fuzz/txgraph.cpp +++ b/src/test/fuzz/txgraph.cpp @@ -668,7 +668,10 @@ FUZZ_TARGET(txgraph) } else if (block_builders.empty() && sims.size() > 1 && command-- == 0) { // CommitStaging. real->CommitStaging(); + // Resulting main level is only guaranteed to be optimal if all levels are + const bool main_optimal = std::all_of(sims.cbegin(), sims.cend(), [](const auto &sim) { return sim.real_is_optimal; }); sims.erase(sims.begin()); + sims.front().real_is_optimal = main_optimal; break; } else if (sims.size() > 1 && command-- == 0) { // AbortStaging.