bugfix: miner: fix addPackageTxs unsigned integer overflow #33475

pull ismaelsadeeq wants to merge 1 commits into bitcoin:master from ismaelsadeeq:09-2025-miner-infinite-loop-fix changing 1 files +2 −2
  1. ismaelsadeeq commented at 3:41 pm on September 24, 2025: member

    This PR fixes an unsigned integer overflow in the addPackageTxs method of the BlockAssembler.

    The overflow is a rare edge case that might occur on master when a miner reserves 2000 WU and wants to create an block to be empty.

    i.e, by starting with -blockmaxweight=2000, -blockreservedweight=2000, or just blockmaxweight=2000, and then calling the mining interface createNewBlock with blockReservedWeight set to 2000.

    Instead of bailing out after going through transactions equivalent to MAX_CONSECUTIVE_FAILURES, the loop never breaks until all mempool transactions are visited.

    See #33421 (comment)

    The fix avoids the overflow by using addition instead adding BLOCK_FULL_ENOUGH_WEIGHT_DELTA to the block weight and comparing it with m_options.nBlockMaxWeight.

    Another alternative that preserves the same structure is to use static_cast. See https://github.com/bitcoin/bitcoin/pull/33421/commits/c9530cf35d351628eea4992c66fc1df548d1b580.

    This fix can be tested by cherry-picking the commits from #33421 without the static cast fix and running:

    0echo "AQAAAAAAA
1AAnJycnAAAAAAAAAAAAAAAAAA" | base64 --decode > miner.crash
2
3FUZZ=block_template_cache ./build_fuzz/bin/fuzz miner.crash

    This is part of a larger inconsistency in how size/weight is represented in the codebase. It may be worth defining a dedicated type for size/weight.

  2. miner: fix `addPackageTxs` unsigned integer overflow b807dfcdc5
  3. DrahtBot commented at 3:41 pm on September 24, 2025: contributor

    The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

    Code Coverage & Benchmarks

    For details see: https://corecheck.dev/bitcoin/bitcoin/pulls/33475.

    Reviews

    See the guideline for information on the review process.

    Type Reviewers
    ACK glozow, furszy
    Concept ACK luke-jr

    If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update.

    Conflicts

    Reviewers, this pull request conflicts with the following ones:

    • #33421 (node: add BlockTemplateCache by ismaelsadeeq)
    • #28676 (Cluster mempool implementation by sdaftuar)

    If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

  4. glozow commented at 4:55 pm on September 24, 2025: member
    nice, utACK b807dfcdc5929c314d43b790c9e705d5bf0a86e8
  5. glozow added the label Bug on Sep 24, 2025
  6. furszy commented at 5:01 pm on September 24, 2025: member
    Code ACK b807dfcdc5929c314d43b790c9e705d5bf0a86e8
  7. glozow added the label Needs backport (29.x) on Sep 24, 2025
  8. glozow added the label Needs backport (30.x) on Sep 24, 2025
  9. luke-jr approved
  10. luke-jr commented at 10:37 am on September 25, 2025: member
    utACK
  11. luke-jr referenced this in commit aff95a8a60 on Sep 25, 2025
  12. fanquake merged this on Sep 25, 2025
  13. fanquake closed this on Sep 25, 2025
  14. fanquake referenced this in commit 45703931e5 on Sep 25, 2025
  15. fanquake removed the label Needs backport (30.x) on Sep 25, 2025
  16. fanquake commented at 12:20 pm on September 25, 2025: member
    Backported to 30.x in #33473.
  17. ismaelsadeeq deleted the branch on Sep 25, 2025


ismaelsadeeq DrahtBot glozow furszy luke-jr fanquake

Labels
Bug Needs backport (29.x)

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2025-09-26 15:13 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me