fix: Amendment Guard TokenEscrow preclaim

[dangell7]

High Level Overview of Change

Context of Change

Type of Change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Refactor (non-breaking change that only restructures code)
• Performance (increase or change in throughput and/or latency)
• Tests (you added tests for code that already exists, or your new feature included in this PR)
• Documentation update
• Chore (no impact to binary, e.g. .gitignore, formatting, dropping support for older tooling)
• Release

API Impact

• Public API: New feature (new methods and/or new fields)
• Public API: Breaking change (in general, breaking changes should only impact the next api_version)
• libxrpl change (any change that may affect libxrpl or dependents of libxrpl)
• Peer protocol change (must be backward compatible or bump the peer protocol version)

[mvadari]

This error needs to be thrown in doApply in both transactions

[dangell7]

It is already thrown in doApply for Cancel & Finish. It wasn't "moved" but rather copied.

[mvadari]

In that case, should the doApply one return tecINTERNAL if the amendment is enabled?

[dangell7]

sure: dacc539

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 79.1%. Comparing base (11edaa4) to head (efb8800).
Report is 1 commits behind head on develop.

Additional details and impacted files

@@            Coverage Diff            @@
##           develop   #5473     +/-   ##
=========================================
+ Coverage     79.0%   79.1%   +0.1%     
=========================================
  Files          817     817             
  Lines        71739   71697     -42     
  Branches      8311    8240     -71     
=========================================
+ Hits         56695   56708     +13     
+ Misses       15043   14989     -54     
+ Partials         1       0      -1     

Files with missing lines	Coverage Δ
src/libxrpl/protocol/STAmount.cpp	90.5% <ø> (+0.2%)	⬆️
src/xrpld/app/tx/detail/Escrow.cpp	93.6% <100.0%> (+1.0%)	⬆️
src/xrpld/app/tx/detail/InvariantCheck.cpp	91.5% <100.0%> (+0.9%)	⬆️
src/xrpld/app/tx/detail/MPTokenIssuanceDestroy.cpp	90.0% <ø> (+2.9%)	⬆️
src/xrpld/ledger/detail/View.cpp	92.0% <ø> (+2.9%)	⬆️

... and 8 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[mvadari]

I think it's fine to keep these blocks in just in case

[dangell7]

fixed: 55d03e2

[bthomee]

@dangell7 can you please ensure that all the new code you added as part of the Token Escrow change are fully tested? For instance, the newly added logic in GatewayBalances.cpp was only tested to 20%.

@Bronek can you please list the additional issues you identified?

[shawnxie999]

👍

[dangell7]

@dangell7 can you please ensure that all the new code you added as part of the Token Escrow change are fully tested? For instance, the newly added logic in GatewayBalances.cpp was only tested to 20%.

@Bronek can you please list the additional issues you identified?

This should bring it to 100% except for the JLOG in View.cpp? I can wrap those paths with a full LCOV? I didn't realize the log would trigger a non testable coverage.

1180a24

[Bronek]

@dangell7 can you please ensure that all the new code you added as part of the Token Escrow change are fully tested? For instance, the newly added logic in GatewayBalances.cpp was only tested to 20%.
@Bronek can you please list the additional issues you identified?

This should bring it to 100% except for the JLOG in View.cpp? I can wrap those paths with a full LCOV? I didn't realize the log would trigger a non testable coverage.

1180a24

@dangell7 we normally use // LCOV_EXCL_START . . . // LCOV_EXCL_STOP for multi-line defensive blocks of code, for example see isVaultPseudoAccountFrozen . Also, depending on the nature of the check, we would sometimes prefer UNREACHABLE e.g. when condition is related to SLE object integrity. In cases like canAdd, canSubtract I think logging is better.

If you are uncertain if a line should be UNREACHABLE then do not put this macro there.

[Bronek]

@dangell7 can you please ensure that all the new code you added as part of the Token Escrow change are fully tested? For instance, the newly added logic in GatewayBalances.cpp was only tested to 20%.
@Bronek can you please list the additional issues you identified?

This should bring it to 100% except for the JLOG in View.cpp? I can wrap those paths with a full LCOV? I didn't realize the log would trigger a non testable coverage.

1180a24

Re. already merged #5185 , I see the following deficiencies in unit tests coverage:

• missing 6 lines from Escrow.cpp where 2 lines are badly marked defensive code, 1 line (return temINVALID_FLAG; in preflight) should be very easy to test but wasn’t , remaining 3 lines (return tecINSUFFICIENT_FUNDS; in escrowCreatePreclaimHelper<MPTIssue> , return ret; after check escrowLockApplyHelper in doApply() and finally return tecOBJECT_NOT_FOUND; in escrowFinishPreclaimHelper<MPTIssue> might or might not be difficult to add. Overall it seems like test coverage was slightly less for MPTs than it was for IOUs and I can certainly sympathise with this.

• missing 5 lines in InvariantCheck.cpp and I have no idea how difficult (or not) would it be to trigger these invariant violations but then we do all kind of shady things in Invariants_test.cpp to put invalid SLEs in place, so it is certainly possible to test most invariants.

• missing 2 lines in STAmount.cpp which are return false; in both canAdd and canSubtract (newly added functions). Both functions do have unit tests (nice!) but both are missing this last line; perhaps it is unreachable ? In which case they should be preceded by UNREACHABLE and inside a // LCOV_EXCL... block (see isVaultPseudoAccountFrozen to which I refereed above for example). If you are uncertain if a line should be UNREACHABLE then do not use this macro, but we have means (fuzzing) of finding such unwarranted UNREACHABLE and removing them, so it's not such a big deal.

We have merge conflicts with other major features in flight (e.g. Lending #5270 ) and I would prefer if we had better assurance than "it compiles, all unit tests pass, but not all cases are tested" as an proof of good conflict resolution.

[dangell7]

• escrowLockApplyHelper

Thank you for this review.

tecINSUFFICIENT_FUNDS fixed

The return from escrowLockApplyHelper cannot be tested because rippleCredit only returns tefBAD_LEDGER errors. Unless someone has found a test for that and not included it in the repo its probably a very difficult test to write. For the MPT its the same scenario, defensive overflow/underflow checks that can only be tested by creating isolated function tests...

Do you want me to create functional tests for this?

tecOBJECT_NOT_FOUND. You cannot delete the issuance if there is an EscrowAmount.

But... I believe it is possible inject a Escrow object into the open ledger and potentially write a test for this... I will work on that now but I did mark it excluded in case my idea doesn't work.

InvariantCheck.cpp fixed

STAmount.cpp fixed

[Bronek]

nice, thank you for unit tests coverage cleanup !

[Bronek]

The return from escrowLockApplyHelper cannot be tested because rippleCredit only returns tefBAD_LEDGER errors.
Do you want me to create functional tests for this?

No, it's cool.

PS. apologies for editing your comment, I somehow confused the "reply" and "edit comment" function in Github, unintentionally abusing my maintainer privileges. 🙈 😳 Really sorry for this !

[bthomee]

@dangell7 is the PR ready to merge?

[dangell7]

@dangell7 is the PR ready to merge?

Ready

@Bronek I was able to test tecOBJECT_NOT_FOUND by injecting an Escrow object into the ledger: efb8800

Might be useful for later amendments