nit(coderabbit): doc-comment + test + error-wrap polish

QuantumExplorer · claude · QuantumExplorer · commit b1027dcb4f00 · 2026-05-12T04:35:16.000+07:00
Four low-value but clean tweaks from CodeRabbit on PR #661: - `grovedb-query/src/query_item/mod.rs`: refresh the stale `NonAggregateInner::deserialize` inline comment to mention both excluded aggregate variants (Count + Sum), matching the struct-level doc and `NON_AGGREGATE_VARIANTS`. - `grovedb/src/tests/aggregate_sum_query_tests.rs`: drop the redundant disjunction `msg.contains("must be a ProvableSumTree") || msg.contains("ProvableSumTree")` — the first clause already implies the second; pin the exact phrase. - `grovedb/src/tests/aggregate_sum_query_tests.rs`: harden `provable_sum_tree_overflow_at_i64_max_is_rejected` so it no longer silently passes when insert AND prove AND verify all accept an overflow. Replace the early-return-on-both-inserts-accepted with an explicit "at least one stage must reject" assertion. - `grovedb/src/operations/get/query.rs`: wrap the MerkError from `Merk::sum_aggregate_on_range` (and the count sibling) with contextual `CorruptedData(format!("query_aggregate_{sum,count} at path {:?}: {}", path_slices, e))` per the repo error-wrapping convention. Two test assertions updated from `MerkError(_)` to `CorruptedData(_)` to match. Workspace `cargo test --all-features`: 3102 pass / 0 fail (unchanged). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
diff --git a/grovedb-query/src/query_item/mod.rs b/grovedb-query/src/query_item/mod.rs
@@ -317,9 +317,9 @@ impl<'de> Deserialize<'de> for NonAggregateInner {
     where
         D: Deserializer<'de>,
     {
-        // Field set excludes "AggregateCountOnRange"; encountering that tag
-        // produces a serde "unknown variant" error before any inner
-        // recursion can happen.
+        // Field set excludes both `AggregateCountOnRange` and
+        // `AggregateSumOnRange`; encountering either tag produces a serde
+        // "unknown variant" error before any inner recursion can happen.
         #[derive(Deserialize)]
         #[serde(field_identifier, rename_all = "snake_case")]
         enum Field {
diff --git a/grovedb/src/operations/get/query.rs b/grovedb/src/operations/get/query.rs
@@ -663,7 +663,10 @@ where {
             &mut cost,
             subtree
                 .sum_aggregate_on_range(&inner_range, grove_version)
-                .map_err(Error::MerkError)
+                .map_err(|e| Error::CorruptedData(format!(
+                    "query_aggregate_sum at path {:?}: {}",
+                    path_slices, e
+                )))
         );
 
         Ok(sum).wrap_with_cost(cost)
@@ -818,7 +821,10 @@ where {
             &mut cost,
             subtree
                 .count_aggregate_on_range(&inner_range, grove_version)
-                .map_err(Error::MerkError)
+                .map_err(|e| Error::CorruptedData(format!(
+                    "query_aggregate_count at path {:?}: {}",
+                    path_slices, e
+                )))
         );
 
         Ok(count).wrap_with_cost(cost)
diff --git a/grovedb/src/tests/aggregate_count_query_tests.rs b/grovedb/src/tests/aggregate_count_query_tests.rs
@@ -1584,12 +1584,14 @@ mod tests {
             .query_aggregate_count(&path_query, None, v)
             .unwrap()
             .expect_err("NormalTree must be rejected by the merk-level entry");
-        // The merk-level error gets wrapped in Error::MerkError; we just
-        // require *some* error rather than asserting on the exact variant
-        // since the merk layer's InvalidProofError formatting is internal.
+        // The merk-level error gets wrapped with contextual `CorruptedData`
+        // (callsite-specific path info — see `query_aggregate_count` in
+        // `operations/get/query.rs`). We just require *some* error rather
+        // than asserting on the exact variant since the merk layer's
+        // `InvalidProofError` formatting is internal.
         match err {
-            crate::Error::MerkError(_) => {}
-            other => panic!("expected MerkError, got {:?}", other),
+            crate::Error::CorruptedData(_) => {}
+            other => panic!("expected CorruptedData wrapper, got {:?}", other),
         }
     }
 
diff --git a/grovedb/src/tests/aggregate_sum_query_tests.rs b/grovedb/src/tests/aggregate_sum_query_tests.rs
@@ -362,26 +362,39 @@ mod tests {
             )
             .unwrap()
             .is_ok();
-        if !ok1 || !ok2 {
-            // Insertion already rejected the overflow — that's the
-            // healthiest end state. Bail out.
-            return;
-        }
+        let either_insert_rejected = !ok1 || !ok2;
+
+        // If both inserts succeeded, the overflow must be caught later —
+        // either by the prover or by the verifier. If both inserts AND
+        // the prover succeed AND the verifier accepts, that's the
+        // silent-no-op regression we explicitly want to fail on.
         let pq = PathQuery::new_aggregate_sum_on_range(
             vec![TEST_LEAF.to_vec(), b"st".to_vec()],
             QueryItem::RangeInclusive(b"a".to_vec()..=b"b".to_vec()),
         );
-        let prove_result = db.grove_db.prove_query(&pq, None, v).unwrap();
-        match prove_result {
-            Err(_) => { /* prover detected overflow — fine */ }
-            Ok(proof) => {
-                let verify_result = GroveDb::verify_aggregate_sum_query(&proof, &pq, v);
-                assert!(
-                    verify_result.is_err(),
-                    "verifier must reject a sum that doesn't fit in i64"
-                );
+        let (prover_rejected, verifier_rejected) = if either_insert_rejected {
+            // The insert side already detected the overflow; no need to
+            // exercise prove/verify (they'd never reach the i128->i64
+            // gate without inputs that overflow).
+            (false, false)
+        } else {
+            match db.grove_db.prove_query(&pq, None, v).unwrap() {
+                Err(_) => (true, false),
+                Ok(proof) => {
+                    let verify_result = GroveDb::verify_aggregate_sum_query(&proof, &pq, v);
+                    (false, verify_result.is_err())
+                }
             }
-        }
+        };
+
+        // Exactly the silent-no-op branch must NEVER be reached: at least
+        // one of {insert, prove, verify} must reject the i64::MAX +
+        // i64::MAX overflow.
+        assert!(
+            either_insert_rejected || prover_rejected || verifier_rejected,
+            "BUG: i64::MAX + i64::MAX silently produced a wrong sum — insert, \
+             prove, and verify all accepted the overflow"
+        );
     }
 
     // ---------- 7. i64::MAX + i64::MIN = -1 (intermediate overflows i64 but final fits) ----------
@@ -1036,7 +1049,7 @@ mod tests {
                 // names ProvableSumTree explicitly so we pin it.
                 let msg = format!("{e}");
                 assert!(
-                    msg.contains("must be a ProvableSumTree") || msg.contains("ProvableSumTree"),
+                    msg.contains("must be a ProvableSumTree"),
                     "verifier rejected as expected but with an unrelated message: {msg}"
                 );
             }
@@ -1463,9 +1476,12 @@ mod tests {
             .query_aggregate_sum(&path_query, None, v)
             .unwrap()
             .expect_err("NormalTree leaf must be rejected by merk-level gate");
+        // The merk-level error gets wrapped with contextual `CorruptedData`
+        // by `query_aggregate_sum` (callsite-specific path info — see
+        // `operations/get/query.rs`).
         match err {
-            crate::Error::MerkError(_) => {}
-            other => panic!("expected MerkError, got {:?}", other),
+            crate::Error::CorruptedData(_) => {}
+            other => panic!("expected CorruptedData wrapper, got {:?}", other),
         }
     }
 
