Commit Graph

23170 Commits

Author SHA1 Message Date
MarcoFalke
bdf36f952b Merge #17437: rpc: Expose block height of wallet transactions
a5e77959c8ff6a8bffa1621d7ea29ee8603c5a14 rpc: Expose block height of wallet transactions (João Barbosa)

Pull request description:

  Closes #17296.

ACKs for top commit:
  practicalswift:
    ACK a5e77959c8ff6a8bffa1621d7ea29ee8603c5a14 -- diff looks correct now (good catch @theStack!)
  theStack:
    ACK a5e77959c8ff6a8bffa1621d7ea29ee8603c5a14
  ryanofsky:
    Code review ACK a5e77959c8ff6a8bffa1621d7ea29ee8603c5a14. Changes since last review getblockhash python test fixes, and removing the last hardcoded height

Tree-SHA512: 57dcd0e4e7083f34016bf9cf8ef578fbfde49e882b6cd8623dd1c64716e096e62f6177a4c2ed94f5de304e751fe23fb9d11cf107a86fbf0a3c5f539cd2844916
2023-04-17 19:34:02 +03:00
Wladimir J. van der Laan
05ed3448d0 Merge #17388: Add missing newline in util_ChainMerge test
3645e4ca0033bb6365f41ef710111780c139370f Add missing newline in util_ChainMerge test (Russell Yanofsky)

Pull request description:

  This was causing a lot of test cases not not be very meaningful because
  multiple configuration options were combined into one line.

  The changes in test output with this fix make sense and look like:

  ```diff
  - testnet=1 regtest=1 || test
  + testnet=1 regtest=1 || error: Invalid combination of -regtest, -testnet and -chain. Can use at most one.
  ```

  Issue was reported and debugged by
  Wladimir J. van der Laan <laanwj@protonmail.com> in
  https://github.com/bitcoin/bitcoin/pull/17385#issuecomment-550033222

  <!--
  *** Please remove the following help text before submitting: ***

  Pull requests without a rationale and clear improvement may be closed
  immediately.
  -->

  <!--
  Please provide clear motivation for your patch and explain how it improves
  Bitcoin Core user experience or Bitcoin Core developer experience
  significantly:

  * Any test improvements or new tests that improve coverage are always welcome.
  * All other changes should have accompanying unit tests (see `src/test/`) or
    functional tests (see `test/`). Contributors should note which tests cover
    modified code. If no tests exist for a region of modified code, new tests
    should accompany the change.
  * Bug fixes are most welcome when they come with steps to reproduce or an
    explanation of the potential issue as well as reasoning for the way the bug
    was fixed.
  * Features are welcome, but might be rejected due to design or scope issues.
    If a feature is based on a lot of dependencies, contributors should first
    consider building the system outside of Bitcoin Core, if possible.
  * Refactoring changes are only accepted if they are required for a feature or
    bug fix or otherwise improve developer experience significantly. For example,
    most "code style" refactoring changes require a thorough explanation why they
    are useful, what downsides they have and why they *significantly* improve
    developer experience or avoid serious programming bugs. Note that code style
    is often a subjective matter. Unless they are explicitly mentioned to be
    preferred in the [developer notes](/doc/developer-notes.md), stylistic code
    changes are usually rejected.
  -->

  <!--
  Bitcoin Core has a thorough review process and even the most trivial change
  needs to pass a lot of eyes and requires non-zero or even substantial time
  effort to review. There is a huge lack of active reviewers on the project, so
  patches often sit for a long time.
  -->

ACKs for top commit:
  laanwj:
    ACK 3645e4ca0033bb6365f41ef710111780c139370f
  practicalswift:
    ACK 3645e4ca0033bb6365f41ef710111780c139370f -- diff looks correct

Tree-SHA512: ca5bde9b9f553811d4827113f4880d15d7b8f4f1455b95bbf34c9a1512fdd53062f1a2133c50d9b54f94160a1ee77a54bc82681a5f3bf25d2b0d01f8a8e95165
2023-04-17 19:34:02 +03:00
Samuel Dobson
2ea5283cf8 Merge #16766: wallet: Make IsTrusted scan parents recursively
4671fc3d9e669da8b8781f0cbefee43cb9acd527 Expand on wallet_balance.py comment from https://github.com/bitcoin/bitcoin/pull/16766\#issuecomment-527563982 (Jeremy Rubin)
91f3073f08aff395dd813296bf99fd8ccc81bb27 Update release notes to mention changes to IsTrusted and impact on wallet (Jeremy Rubin)
8f174ef112199aa4e98d756039855cc561687c2e Systematize style of IsTrusted single line if (Jeremy Rubin)
b49dcbedf79613f0e0f61bfd742ed265213ed280 update variable naming conventions for IsTrusted (Jeremy Rubin)
5ffe0d144923f365cb1c2fad181eca15d1668692 Update comment in test/functional/wallet_balance.py (Jeremy Rubin)
a550c58267f50c59c2eea1d46edaa5019a8ad5d8 Update wallet_balance.py test to reflect new behavior (Jeremy Rubin)
5dd7da4ccd1354f09e2d00bab29288db0d5665d0 Reuse trustedParents in looped calls to IsTrusted (Jeremy Rubin)
595f09d6de7f1b94428cdd1310777aa6a4c584e5 Cache tx Trust per-call to avoid DoS (Jeremy Rubin)
dce032ce294fe0d531770f540b1de00dc1d13f4b Make IsTrusted scan parents recursively (Jeremy Rubin)

Pull request description:

  This slightly modifies the behavior of IsTrusted to recursively check the parents of a transaction. Otherwise, it's possible that a parent is not IsTrusted but a child is. If a parent is not trusted, then a child should not be either.

  This recursive scan can be a little expensive, so ~it might be beneficial to have a way of caching IsTrusted state, but this is a little complex because various conditions can change between calls to IsTrusted (e.g., re-org).~ I added a cache which works per call/across calls, but does not store the results semi-permanently. Which reduces DoS risk of this change. There is no risk of untrusted parents causing a resource exploitation, as we immediately return once that is detected.

  This is a change that came up as a bug-fix esque change while working on OP_SECURETHEBAG. You can see the branch where this change is important here: https://github.com/bitcoin/bitcoin/compare/master...JeremyRubin:stb-with-rpc?expand=1. Essentially, without this change, we can be tricked into accepting an OP_SECURETHEBAG output because we don't properly check the parents. As this was a change which, on its own, was not dependent on OP_SECURETHEBAG, I broke it out as I felt the change stands on its own by fixing a long standing wallet bug.

  The test wallet_balance.py has been corrected to meet the new behavior. The below comment, reproduced, explains what the issue is and the edge cases that can arise before this change.

          # Before `test_balance()`, we have had two nodes with a balance of 50
          # each and then we:
          #
          # 1) Sent 40 from node A to node B with fee 0.01
          # 2) Sent 60 from node B to node A with fee 0.01
          #
          # Then we check the balances:
          #
          # 1) As is
          # 2) With transaction 2 from above with 2x the fee
          #
          # Prior to #16766, in this situation, the node would immediately report
          # a balance of 30 on node B as unconfirmed and trusted.
          #
          # After #16766, we show that balance as unconfirmed.
          #
          # The balance is indeed "trusted" and "confirmed" insofar as removing
          # the mempool transactions would return at least that much money. But
          # the algorithm after #16766 marks it as unconfirmed because the 'taint'
          # tracking of transaction trust for summing balances doesn't consider
          # which inputs belong to a user. In this case, the change output in
          # question could be "destroyed" by replace the 1st transaction above.
          #
          # The post #16766 behavior is correct; we shouldn't be treating those
          # funds as confirmed. If you want to rely on that specific UTXO existing
          # which has given you that balance, you cannot, as a third party
          # spending the other input would destroy that unconfirmed.
          #
          # For example, if the test transactions were:
          #
          # 1) Sent 40 from node A to node B with fee 0.01
          # 2) Sent 10 from node B to node A with fee 0.01
          #
          # Then our node would report a confirmed balance of 40 + 50 - 10 = 80
          # BTC, which is more than would be available if transaction 1 were
          # replaced.

  The release notes have been updated to note the new behavior.

ACKs for top commit:
  ariard:
    Code Review ACK 4671fc3, maybe extend DoS protection in a follow-up PR.
  fjahr:
    Code review ACK 4671fc3d9e669da8b8781f0cbefee43cb9acd527
  ryanofsky:
    Code review ACK 4671fc3d9e669da8b8781f0cbefee43cb9acd527. Changes since last review: 2 new commits adding suggested release note and python test comment, also a clean rebase with no changes to the earlier commits. The PR description is more comprehensive now, too. Looks good!
  promag:
    Code review ACK 4671fc3d9e669da8b8781f0cbefee43cb9acd527.

Tree-SHA512: 6b183ff425304fef49724290053514cb2770f4a2350dcb83660ef24af5c54f7c4c2c345b0f62bba60eb2d2f70625ee61a7fab76a7f491bb5a84be5c4cc86b92f
2023-04-17 19:34:02 +03:00
PastaPastaPasta
8a6cf45674
Merge pull request #5331 from PastaPastaPasta/develop-trivial-2023-04-16
backport: trivial 2023 04 16
2023-04-17 11:20:42 -05:00
fanquake
d65ac30e77 Merge bitcoin/bitcoin#24129: build: Fix xargs warnings for Guix builds
c73415bc10c1baa7988e1c55a0e9201df73a6c22 build: Fix xargs warnings for Guix builds (Hennadii Stepanov)

Pull request description:

  On master (e3ce019667fba2ec50a59814a26566fb67fa9125) there are warnings in `./contrib/guix/guix-build` logs:
  ```
  xargs: warning: options --max-args and --replace/-I/-i are mutually exclusive, ignoring previous --max-args value
  ```

  This PR fixes such warnings.

ACKs for top commit:
  prusnak:
    utACK c73415b

Tree-SHA512: a7b55f59afbb19b78f795cea64acacf29903cfcd5fd7c37a771b073c1f2ff54555a26f3d00c1c73a8ef588396217ddf598e32b2ae961559042cc051b0aad162a
2023-04-17 11:17:34 -05:00
MarcoFalke
cd201d2d6c Merge bitcoin/bitcoin#24054: test: rest /tx with an invalid/unknown txid
bd52684508ca2964e6a3af503d21ff99675380c7 test: rest /tx with an invalid/unknown txid (brunoerg)

Pull request description:

  This PR adds test coverage to the endpoint `/tx` (rest) passing an invalid and an unknown txid to test its return.
  Invalid -> should return status code 400 (bad request)
  Unknown -> should return status code 404 (not found)

ACKs for top commit:
  kallewoof:
    ACK bd52684508ca2964e6a3af503d21ff99675380c7

Tree-SHA512: a7fbb63f30d06fc0855133a36e8317c7930ba13aa2b4a2dd1fc35079d59eacace72e1ffe7ae1b3e067066fe51792415940d72d923e83a659a0d5965e4110b32a
2023-04-17 11:17:34 -05:00
MarcoFalke
c8f34ce2d9 Merge bitcoin/bitcoin#24033: log: Remove GetAdjustedTime from IBD header progress estimation
fac22fd36b2d9f55dada31cc0da55520431b972a log: Remove GetAdjustedTime from IBD header progress estimation (MarcoFalke)

Pull request description:

  This is a "refactor" that shouldn't change behaviour, because the two times are most likely equal. A minimum of 5 outbound peers are needed to adjust the time. And if the time is adjusted, it will be by at most 70 minutes (`DEFAULT_MAX_TIME_ADJUSTMENT`). Thus, the progress estimate should differ by at most 7 blocks.

ACKs for top commit:
  laanwj:
    Code review ACK fac22fd36b2d9f55dada31cc0da55520431b972a
  vincenzopalazzo:
    ACK fac22fd36b

Tree-SHA512: bf9f5eef66db0110dd268cf6dbfab64b9c11ba776924f5b386ceae3f2d005272cceb87ebcc96e0c8b854c051514854a2a5af39ae43bad008fac685b5aafaabd0
2023-04-17 11:17:34 -05:00
MarcoFalke
32aed5dfa0 Merge bitcoin/bitcoin#23963: test: run feature_pruning.py without wallet compiled
0754e9c01bd3d57aa241e313ba34c18c4897ba98 test: run feature_pruning.py without wallet compiled (Sebastian Falbesoner)

Pull request description:

  Only one small part of the pruning test (sub-test `wallet_test`) is wallet-related, hence we can run all other parts without wallet compiled.

ACKs for top commit:
  MarcoFalke:
    cr ACK 0754e9c01bd3d57aa241e313ba34c18c4897ba98

Tree-SHA512: 856856903d21d64953ed0102cc2a96f55975c4b7d8e93e57b82c266024967160df64df2b6068be089efc05e883e8d6d12e7327053420d4c640b9d8cc5bcb1c58
2023-04-17 11:17:34 -05:00
MarcoFalke
08227ba83d Merge bitcoin/bitcoin#23760: util: move MapIntoRange() for reuse in fuzz tests
df2307cdc3d08233d17beb9a50c144baaef1f44e util: move MapIntoRange() for reuse in fuzz tests (fanquake)

Pull request description:

ACKs for top commit:
  shaavan:
    ACK df2307cdc3d08233d17beb9a50c144baaef1f44e

Tree-SHA512: 31bf18f50a82e442ff025d6be0db5666b463a1fc16ec6b2112c77bb815515d27f8a537a0c9934c7daa3f4d526b47e8d6333f75a13b271e6efa550f8e71504b0a
2023-04-17 11:17:34 -05:00
fanquake
8157dfcc60 Merge bitcoin/bitcoin#23929: doc: fix undo data filename (s/undo???.dat/rev???.dat/)
2e42050b7fc61201f202438e8cd4383a06eb98d5 doc: fix undo data filename (s/undo???.dat/rev???.dat/) (Sebastian Falbesoner)

Pull request description:

  This typo was discovered in the course of a review club to #20827, see https://bitcoincore.reviews/20827#l-31.

ACKs for top commit:
  shaavan:
    ACK 2e42050b7fc61201f202438e8cd4383a06eb98d5

Tree-SHA512: 0c7a00dce24c03bee6d37265d5b4bc97e976c3f3910af1113f967f6298940f892d6fb517f7b154f32ccedb365060314d4d78d5eb2a9c68b25f0859a628209cd3
2023-04-17 11:17:34 -05:00
fanquake
e1b30d4a03 Merge bitcoin/bitcoin#23616: build: Bump AX_PTHREAD macro to the latest version
d796091b04f3b02d2280aaa761c2b94950199da8 build: Bump AX_PTHREAD macro to the latest version (Hennadii Stepanov)

Pull request description:

  This PR silents autoconf >2.69 (this [one](https://formulae.brew.sh/formula/autoconf), for instance) warnings about the obsolete `$as_echo`:

  ```
  % ./autogen.sh
  ...
  configure.ac:847: warning: $as_echo is obsolete; use AS_ECHO(["message"]) instead
  lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from...
  lib/m4sugar/m4sh.m4:699: AS_IF is expanded from...
  ./lib/autoconf/general.m4:2249: AC_CACHE_VAL is expanded from...
  ./lib/autoconf/general.m4:2270: AC_CACHE_CHECK is expanded from...
  build-aux/m4/ax_pthread.m4:89: AX_PTHREAD is expanded from...
  configure.ac:847: the top level
  ...
  ```

  No other behavior changes.

ACKs for top commit:
  fanquake:
    ACK d796091b04f3b02d2280aaa761c2b94950199da8 - matches upstream at serial 31.

Tree-SHA512: aa9b60698f453427221444a5a63420d833c4c5dd23f8b0c74e5bd4639daec9c6cff0907a5281c00103ccb030e394998cf05653be750d4a3bf0f37ca41ff6fbe1
2023-04-17 11:17:34 -05:00
MarcoFalke
7aea2e0955 Merge bitcoin/bitcoin#23644: wallet: Replace confusing getAdjustedTime() with GetTime()
fa37e798b2660d8e44e31c944a257b55aeef5de2 wallet: Replace confusing getAdjustedTime() with GetTime() (MarcoFalke)

Pull request description:

  Setting `nTimeReceived` to the adjusted time has several issues:

  * `m_best_block_time` is set to the "unadjusted" time, thus a comparison of the two times is like comparing apples to oranges. In the worst case this opens up an attack vector where remote peers can force a premature re-broadcast of wallet txs.
  * The RPC documentation for `"timereceived"` doesn't mention that the network adjusted time is used, possibly confusing users when the time reported by RPC is off by a few seconds compared to their local timestamp.

  Fix all issues by replacing the call with `GetTime()`. Also a style fix: Use non-narrowing integer conversion in the RPC method.

ACKs for top commit:
  theStack:
    Code-review ACK fa37e798b2660d8e44e31c944a257b55aeef5de2
  shaavan:
    crACK fa37e798b2660d8e44e31c944a257b55aeef5de2

Tree-SHA512: 8d020ba400521246b7aed4b6c41319fc70552e8c69e929a5994500375466a9edac02a0ae64b803dbc6695df22276489561a23bd6e030c44c97d288f7b9b2b3fa
2023-04-17 11:17:34 -05:00
W. J. van der Laan
b34db33a69 Merge bitcoin/bitcoin#17160: refactor: net: subnet lookup: use single-result LookupHost()
a989f98d240a84b5c798252acaa4a316ac711189 refactor: net: subnet lookup: use single-result LookupHost() (Sebastian Falbesoner)

Pull request description:

  plus describe single IP subnet case for more clarity

ACKs for top commit:
  jonatack:
    utACK a989f98d240a84b5c798252acaa4a316ac711189 the patch rebases cleanly to master, the debug build is green, and it is essentially the same patch as c8991f0251dd2a modulo local variable naming, braced initialization, and a comment
  vasild:
    ACK a989f98d240a84b5c798252acaa4a316ac711189

Tree-SHA512: 082d3481b1fa5e5f3267b7c4a812954b67b36d1f94c5296fe20110699f053e5042dfa13f728ae20249e9b8d71e930c3b119410125d0faeccdfbdc259223ee3a6
2023-04-17 11:17:34 -05:00
W. J. van der Laan
076e0528ef Merge bitcoin/bitcoin#23370: test: Add ios_base::width tsan suppression
96c7db9373014ce232ab01d11333650c9ddf9ee5 test: Add ios_base::width tsan suppression (Hennadii Stepanov)

Pull request description:

  This PR:
  - adds tsan suppression for intermittent failures in CI
  ```
  SUMMARY: ThreadSanitizer: data race /usr/lib/llvm-12/bin/../include/c++/v1/ios:523:12 in std::__1::ios_base::width() const
  ```

  - fixes #23366

ACKs for top commit:
  laanwj:
    Concept and code review ACK 96c7db9373014ce232ab01d11333650c9ddf9ee5

Tree-SHA512: fcad296e8da4a6d94dcbb011c3d9b3d07f6983818be16cfff8341a035fa6abe2777ae72409c9bc83083097660408a850c1e9cd6f0ad3ea7976e4a4768f1e1858
2023-04-17 11:17:34 -05:00
fanquake
0c52db6174 Merge bitcoin/bitcoin#23214: Replace stoul with ToIntegral in dbwrapper
fa165e954579436fe4b636e4222d8ce0c1269786 Replace stoul with ToIntegral in dbwrapper (MarcoFalke)

Pull request description:

  The string is created with `%llu`. See: 7fcf53f7b4/src/leveldb/db/db_impl.cc (L1436-L1437)

  So it seems odd to silently accept when parsing: whitespace, a sign character, trailing chars, overflow, ....

  Fix that by using the stricter ToIntegral.

ACKs for top commit:
  laanwj:
    Code review ACK fa165e954579436fe4b636e4222d8ce0c1269786
  practicalswift:
    cr ACK fa165e954579436fe4b636e4222d8ce0c1269786
  theStack:
    Code-review ACK fa165e954579436fe4b636e4222d8ce0c1269786

Tree-SHA512: b87f01431ca0b971ff84610022da8679d3c33470b88cfc3f4a337e6e176a0455715588aefd40e8e2bbe7459d902dc89d7bfe34e7fd66755f631cc18dc039fa2f
2023-04-17 11:17:34 -05:00
fanquake
3233445aa7 Merge bitcoin/bitcoin#23168: build: no-longer fail default configure if BDB isn't available
747cd17404832604c50d03d58e11ba816bb229f7 build: no-longer fail default configure if BDB isn't available (fanquake)

Pull request description:

  Inline with moving to descriptor (sqlite) wallets by default for 0.23,
  this adapts the build system so that a default `./configure` invocation
  no-longer fails if BDB isn't present. Currently, if configure is run
  with no options, and no BDB is present, we'll fail with:
  ```bash
  checking for Berkeley DB C++ headers... no
  configure: error: libdb_cxx headers missing, Bitcoin Core requires this library for BDB wallet support (--without-bdb to disable BDB wallet support)
  ```

  If descriptor wallets are to be the default, this behaviour no longer
  makes sense, as a builder should be able to configure and build, to use
  a wallet, without BDB installed, and without passing additional
  arguments, i.e `--without-bdb` or `--with-incompatible-bdb`, to
  configure.

  With this change, running configure will no-longer fail, but will
  instead print:
  ```bash
  checking for Berkeley DB C++ headers... no
  configure: WARNING: libdb_cxx headers missing
  configure: WARNING: Bitcoin Core requires this library for BDB (legacy) wallet support
  configure: WARNING: Passing --without-bdb will suppress this warning
  checking for sqlite3 >= 3.7.17... yes
  checking whether to build wallet with support for sqlite... yes
  ```

ACKs for top commit:
  hebasto:
    ACK 747cd17404832604c50d03d58e11ba816bb229f7, tested on Linux Mint 20.2 (x86_64) with the (un)installed system packages `libdb-dev` and `libdb++-dev`.

Tree-SHA512: ae316d71ad0803c9d4b02a5fedcade08242650d987cc047840493ba4a881e71ff48b099075bb7c325307d44744fcdeccb57f7fa8db4135c81a5835841f562afa
2023-04-17 11:17:34 -05:00
fanquake
90440af61c Merge bitcoin/bitcoin#22914: util: remove libevent <= 2.0.18 back-compat code
6045a1464252075f4135bd4a69d202d55d124eb2 util: remove libevent <= 2.0.18 back-compat code (fanquake)

Pull request description:

  Now that we require libevent >=2.0.21, remove backwards compatibility code for older versions.

ACKs for top commit:
  kristapsk:
    ACK 6045a1464252075f4135bd4a69d202d55d124eb2

Tree-SHA512: 49a237ee3cef78b105f8ea91dc3e541fe700fe3a3d02a88f85ec91772068ffbe508dbe196a4d693399b2bcf903251b9bc2573f04cb8f2e21a2ea481f35bfde32
2023-04-17 11:17:34 -05:00
PastaPastaPasta
026d3f5fd5
build: add --hardened-runtime for macos detached signature creation to enable notarization (#5332)
## Issue being fixed or feature implemented
Slightly changes the detached signature creation code 

## What was done?
Investigated what exactly needed to be done for notarization (docs to
come), tried it again, then when it failed as expected trying to figure
it out, then figuring it out :) simple change in the end.

## How Has This Been Tested?
created macOS detached sigs and notarized 19.0.0-rc.10 binaries and
ensured that all worked as expected. See binary attached here (sha256
3829e863831b05c3d76785540183bee556c4bab03dac98f5872df06668b9cb20)

[dashcore-19.0.0-rc.10-osx.dmg.zip](https://github.com/dashpay/dash/files/11246273/dashcore-19.0.0-rc.10-osx.dmg.zip).
You can also do a signed gitian-build for rc.10 and should replicate
these hashes.


## Breaking Changes
Should be none; I would like to backport this to 19 as a 19.0.1

## Checklist:
- [x] I have performed a self-review of my own code
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have added or updated relevant unit/integration/functional/e2e
tests
- [ ] I have made corresponding changes to the documentation
- [x] I have assigned this pull request to a milestone _(for repository
code-owners and collaborators only)_
2023-04-17 11:12:21 -05:00
PastaPastaPasta
03b0acd7d0
Merge pull request #5309 from knst/bc-bp-v20-missing-2
backport: bitcoin#15921, #16507, #16524, #16889, #16911, #17004, #17195, #17624, partial #17212
2023-04-17 10:43:36 -05:00
MarcoFalke
e2d1171423 partial Merge #17212: refactor: Remove unused CExt{Pub,}Key (de)serialization methods
5b44a75493a1a098404d5e21dc384e74eae1892e refactor: Remove unused CExt{Pub,}Key (de)serialization methods (Sebastian Falbesoner)

Pull request description:

  As pointed out in issue #17130, the serialization/deserialization methods for the classes `CExtKey` and
  `CExtPubKey` are only used in the BIP32 unit tests and hence can be removed (see comments https://github.com/bitcoin/bitcoin/issues/17130#issuecomment-543750290, https://github.com/bitcoin/bitcoin/issues/17130#issuecomment-543794408 and https://github.com/bitcoin/bitcoin/issues/17130#issuecomment-543814727).

ACKs for top commit:
  practicalswift:
    ACK 5b44a75493a1a098404d5e21dc384e74eae1892e -- -60 LOC diff looks correct :)
  promag:
    ACK 5b44a75493a1a098404d5e21dc384e74eae1892e.
  MarcoFalke:
    unsigned ACK 5b44a75493a1a098404d5e21dc384e74eae1892e
  fjahr:
    ACK 5b44a75
  jonatack:
    Light ACK 5b44a75493a1a098404d5e21dc384e74eae1892e. Built, ran tests and bitcoind. `git blame` shows most of the last changes are from commit 90604f16af in 2015 to add bip32 pubkey serialization.

Tree-SHA512: 6887573b76b9e54e117a076557407b6f7908719b2202fb9eea498522baf9f30198b3f78b87a62efcd17ad1ab0886196f099239992ce7cbbaee79979ffe9e5f2c
2023-04-17 10:42:25 -05:00
Wladimir J. van der Laan
27ecb07c8a Merge #17624: net: Fix an uninitialized read in ProcessMessage(…, "tx", …) when receiving a transaction we already have
73b96c94cb6c2afdee7f151768a96944ecaf9d9b net: Fix uninitialized read in ProcessMessage(...) (practicalswift)

Pull request description:

  Fix an uninitialized read in `ProcessMessage(…, "tx", …)` when receiving a transaction we already have.

  The uninitialized value is read and used on [L2526 in the case of `AlreadyHave(inv) == true`](d8a66626d6/src/net_processing.cpp (L2494-L2526)).

  Proof of concept being run against a `bitcoind` built with MemorySanitizer (`-fsanitize=memory`):

  ```
  $ ./p2p-uninit-read-in-conditional-poc.py
  Usage: ./p2p-uninit-read-in-conditional-poc.py <dstaddr> <dstport> <net>
  $ bitcoind -regtest &
  $ ./p2p-uninit-read-in-conditional-poc.py 127.0.0.1 18444 regtest
  SUMMARY: MemorySanitizer: use-of-uninitialized-value
  [1]+  Exit 77                 bitcoind -regtest
  $
  ```

  Proof of concept being run against a `bitcoind` running under Valgrind (`valgrind --exit-on-first-error`):

  ```
  $ valgrind -q --exit-on-first-error=yes --error-exitcode=1 bitcoind -regtest &
  $ ./p2p-uninit-read-in-conditional-poc.py 127.0.0.1 18444 regtest
  ==27351== Conditional jump or move depends on uninitialised value(s)
  [1]+  Exit 1                  valgrind -q --exit-on-first-error=yes --error-exitcode=1 bitcoind -regtest
  $
  ```

  Proof of concept script:

  ```
  #!/usr/bin/env python3

  import sys

  from test_framework.mininode import NetworkThread
  from test_framework.mininode import P2PDataStore
  from test_framework.messages import CTransaction, CTxIn, CTxOut, msg_tx

  def send_duplicate_tx(dstaddr="127.0.0.1", dstport=18444, net="regtest"):
      network_thread = NetworkThread()
      network_thread.start()

      node = P2PDataStore()
      node.peer_connect(dstaddr=dstaddr, dstport=dstport, net=net)()
      node.wait_for_verack()

      tx = CTransaction()
      tx.vin.append(CTxIn())
      tx.vout.append(CTxOut())
      node.send_message(msg_tx(tx))
      node.send_message(msg_tx(tx))
      node.peer_disconnect()
      network_thread.close()

  if __name__ == "__main__":
      if len(sys.argv) != 4:
          print("Usage: {} <dstaddr> <dstport> <net>".format(sys.argv[0]))
          sys.exit(0)
      send_duplicate_tx(sys.argv[1], int(sys.argv[2]), sys.argv[3])
  ```

  Note that the transaction in the proof of concept is the simplest possible, but really any transaction can be used. It does not have to be a valid transaction.

  This bug was introduced in #15921 ("validation: Tidy up ValidationState interface") which was merged in to `master` 28 days ago.

  Luckily this bug was caught before being part of any Bitcoin Core release :)

ACKs for top commit:
  jnewbery:
    utACK 73b96c94cb6c2afdee7f151768a96944ecaf9d9b
  laanwj:
    ACK 73b96c94cb6c2afdee7f151768a96944ecaf9d9b, thanks for discovering and reporting this before it ended up in a release.

Tree-SHA512: 7ce6b8f260bcdd9b2ec4ff4b941a891bbef578acf4456df33b7a8d42b248237ec4949e65e2445b24851d1639b10681c701ad500b1c0b776ff050ef8c3812c795
2023-04-17 10:42:25 -05:00
Wladimir J. van der Laan
eec81f7b33 Merge #15921: validation: Tidy up ValidationState interface
3004d5a12d09d94bfc4dee2a8e8f2291996a4aaf [validation] Remove fMissingInputs from AcceptToMemoryPool() (John Newbery)
c428622a5bb1e37b2e6ab2c52791ac05d9271238 [validation] Remove unused first_invalid parameter from ProcessNewBlockHeaders() (John Newbery)
7204c6434b944f6ad51b3c895837729d3aa56eea [validation] Remove useless ret parameter from Invalid() (John Newbery)
1a37de4b3174d19a6d8691ae07e92b32fdfaef11 [validation] Remove error() calls from Invalid() calls (John Newbery)
067981e49246822421a7bcc720491427e1dba8a3 [validation] Tidy Up ValidationResult class (John Newbery)
a27a2957ed9afbe5a96caa5f0f4cbec730d27460 [validation] Add CValidationState subclasses (John Newbery)

Pull request description:

  Carries out some remaining tidy-ups remaining after PR 15141:

  - split ValidationState into TxValidationState and BlockValidationState (commit from ajtowns)
  - various minor code style tidy-ups to the ValidationState class
  - remove the useless `ret` parameter from `ValidationState::Invalid()`
  - remove the now unused `first_invalid` parameter from `ProcessNewBlockHeaders()`
  - remove the `fMissingInputs` parameter from `AcceptToMemoryPool()`, and deal with missing inputs the same way as other errors by using the `TxValidationState` object.

  Tip for reviewers (thanks ryanofsky!): The first commit ("[validation] Add CValidationState subclasses" ) is huge and can be easier to start reviewing if you revert the rote, mechanical changes:

  Substitute the commit hash of commit "[validation] Add CValidationState subclasses" for <CommitHash> in the commands below.

  ```sh
  git checkout <CommitHash>
  git grep -l ValidationState | xargs sed -i 's/BlockValidationState\|TxValidationState/CValidationState/g'
  git grep -l ValidationResult | xargs sed -i 's/BlockValidationResult\|TxValidationResult/ValidationInvalidReason/g'
  git grep -l MaybePunish | xargs sed -i 's/MaybePunishNode\(ForBlock\|ForTx\)/MaybePunishNode/g'
  git diff HEAD^
  ```

  After that it's possible to easily see the mechanical changes with:

  ```sh
  git log -p -n1 -U0 --word-diff-regex=. <CommitHash>
  ```

ACKs for top commit:
  laanwj:
    ACK 3004d5a12d09d94bfc4dee2a8e8f2291996a4aaf
  amitiuttarwar:
    code review ACK 3004d5a12d09d94bfc4dee2a8e8f2291996a4aaf. Also built & ran tests locally.
  fjahr:
    Code review ACK 3004d5a12d09d94bfc4dee2a8e8f2291996a4aaf . Only nit style change and pure virtual destructor added since my last review.
  ryanofsky:
    Code review ACK 3004d5a12d09d94bfc4dee2a8e8f2291996a4aaf. Just whitespace change and pure virtual destructor added since last review.

Tree-SHA512: 511de1fb380a18bec1944ea82b513b6192df632ee08bb16344a2df3c40811a88f3872f04df24bc93a41643c96c48f376a04551840fd804a961490d6c702c3d36
2023-04-17 10:42:25 -05:00
Wladimir J. van der Laan
091d813e00 Merge #17004: validation: Remove REJECT code from CValidationState
9075d13153ce06cd59a45644831ecc43126e1e82 [docs] Add release notes for removal of REJECT reasons (John Newbery)
04a2f326ec0f06fb4fce1c4f93500752f05dede8 [validation] Fix REJECT message comments (John Newbery)
e9d5a59e34ff2d538d8f5315efd9908bf24d0fdc [validation] Remove REJECT code from CValidationState (John Newbery)
0053e16714323c1694c834fdca74f064a1a33529 [logging] Don't log REJECT code when transaction is rejected (John Newbery)
a1a07cfe99fc8cee30ba5976dc36b47b1f6532ab [validation] Fix peer punishment for bad blocks (John Newbery)

Pull request description:

  We no longer send BIP 61 REJECT messages, so there's no need to set
  a REJECT code in the CValidationState object.

  Note that there is a minor bug fix in p2p behaviour here. Because the
  call to `MaybePunishNode()` in `PeerLogicValidation::BlockChecked()` only
  previously happened if the REJECT code was > 0 and < `REJECT_INTERNAL`,
  then there are cases were `MaybePunishNode()` can get called where it
  wasn't previously:

  - when `AcceptBlockHeader()` fails with `CACHED_INVALID`.
  - when `AcceptBlockHeader()` fails with `BLOCK_MISSING_PREV`.

  Note that `BlockChecked()` cannot fail with an 'internal' reject code. The
  only internal reject code was `REJECT_HIGHFEE`, which was only set in
  ATMP.

  This reverts a minor bug introduced in 5d08c9c579.

ACKs for top commit:
  ariard:
    ACK 9075d13, changes since last reviewed are splitting them in separate commits to ease understanding and fix nits
  fjahr:
    ACK 9075d13153ce06cd59a45644831ecc43126e1e82, confirmed diff to last review was fixing nits in docs/comments.
  ryanofsky:
    Code review ACK 9075d13153ce06cd59a45644831ecc43126e1e82. Only changes since last review are splitting the main commit and updating comments

Tree-SHA512: 58e8a1a4d4e6f156da5d29fb6ad6a62fc9c594bbfc6432b3252e962d0e9e10149bf3035185dc5320c46c09f3e49662bc2973ec759679c0f3412232087cb8a3a7
2023-04-17 10:42:25 -05:00
Wladimir J. van der Laan
97b1f6875e Merge #16911: wallet: Only check the hash of transactions loaded from disk
cd68594dcdadc195bd2ea9394fa04edfdbdf1149 Only check the hash of transactions loaded from disk (Andrew Chow)

Pull request description:

  It feels unnecessary to do a full `CheckTransaction` for every transaction saved in the wallet. It should not be possible for an invalid transaction to get into the wallet in the first place, and if there is any disk corruption, the hash check will catch it.

ACKs for top commit:
  MarcoFalke:
    ACK cd68594dcdadc195bd2ea9394fa04edfdbdf1149
  laanwj:
    ACK cd68594dcdadc195bd2ea9394fa04edfdbdf1149
  promag:
    ACK cd68594dcdadc195bd2ea9394fa04edfdbdf1149, AFAICT the check is not needed, hash comparison gives data integrity.

Tree-SHA512: 5b2e719f76097cfbf125392db6cc6c764355c81f0b7a5b60aee4b06af1afcca80cfd38a3cf5307fd9e2c1afc405f8321929a4552943099a8161e6762965451fb
2023-04-17 10:42:25 -05:00
Wladimir J. van der Laan
4052f1e548 Merge #17195: gui: send amount placeholder value
57e2edea0bfea664e3f12dad2508139eb7f461bc Send amount shows minimum amount placeholder (JeremyCrookshank)

Pull request description:

  Noticed that there wasn't a default value for the send amount. However if you put a value in or click the up and down arrows you're unable to get it blank again, so it makes sense that it has a default value. I hope this also makes it more clear that users can send less than 1 BTC if it shows the 8 decimal places

  PR:
  ![Capture](https://user-images.githubusercontent.com/46864828/67132088-549c6180-f1ff-11e9-9ba5-67fdcd6db894.PNG)

ACKs for top commit:
  promag:
    ACK 57e2edea0bfea664e3f12dad2508139eb7f461bc.
  GChuf:
    ACK 57e2edea0bfea664e3f12dad2508139eb7f461bc
  laanwj:
    ACK 57e2edea0bfea664e3f12dad2508139eb7f461bc, this is a surprisingly compact solution too

Tree-SHA512: 354590d2a88231b8649f7ae985c8a7864d74ca0e1f8603cb1730ba46747084de90ee6285ce4d39ee04b054fb9cd2d78ebc71146f3af694c37a8a3aff7f051800
2023-04-17 10:42:25 -05:00
MarcoFalke
d8f96924f8 Merge #16889: Add some general std::vector utility functions
7d8d3e6a2ad827fa916e3909a18dedb9f7fdce43 Add tests for util/vector.h's Cat and Vector (Pieter Wuille)
e65e61c812df90a56e3ce4a8e76c4b746766f387 Add some general std::vector utility functions (Pieter Wuille)

Pull request description:

  This is another general improvement extracted from #16800 .

  Two functions are added are:

  * Vector(arg1,arg2,arg3,...) constructs a vector with the specified arguments as elements. The vector's type is derived from the arguments. If some of the arguments are rvalue references, they will be moved into place rather than copied (which can't be achieved using list initialization).
  * Cat(vector1,vector2) returns a concatenation of the two vectors, efficiently moving elements when relevant.

  Vector generalizes (and replaces) the `Singleton` function in src/descriptor.cpp, and `Cat` replaces the function in bech32.cpp

ACKs for top commit:
  laanwj:
    ACK 7d8d3e6a2ad827fa916e3909a18dedb9f7fdce43
  MarcoFalke:
    ACK 7d8d3e6a2ad827fa916e3909a18dedb9f7fdce43 (enjoyed reading the tests, but did not compile)

Tree-SHA512: 92325f14e90d7e7d9d920421979aec22bb0d730e0291362b4326cccc76f9c2d865bec33a797c5c0201773468c3773cb50ce52c8eee4c1ec1a4d10db5cf2b9d2a
2023-04-17 10:42:25 -05:00
MarcoFalke
5d8f250270 Merge #16524: Wallet: Disable -fallbackfee by default
ea4cc3a7b36a9c77dbf0aff439da3ef0ea58e6e4 Truly decouple wallet from chainparams for -fallbackfee (Jorge Timón)

Pull request description:

  Before it was 0 by default for main and 20000 for test and regtest.
  Now it is 0 by default for all chains, thus there's no need to call Params().

  Also now the default for main is properly documented.

  Suggestion for release notes:

  -fallbackfee was 0 (disabled) by default for the main chain, but 20000 by default for the test chains. Now it is 0 by default for all chains. Testnet and regtest users will have to add fallbackfee=20000 to their configuration if they weren't setting it and they want it to keep working like before.

  Should I propose them to the wiki for the release notes or only after merge?

  For more context, see https://github.com/bitcoin/bitcoin/pull/16402#issuecomment-515701042

ACKs for top commit:
  MarcoFalke:
    ACK ea4cc3a7b36a9c77dbf0aff439da3ef0ea58e6e4

Tree-SHA512: fdfaba5d813da4221e405e0988bef44f3856d10f897a94f9614386d14b7716f4326ab8a6646e26d41ef3f4fa61b936191e216b1b605e9ab0520b0657fc162e6c

----

Co-Authored-By: UdjinM6 <UdjinM6@users.noreply.github.com>
2023-04-17 10:42:25 -05:00
fanquake
c2df9366f0 Merge #16507: feefilter: Compute the absolute fee rather than stored rate
eb7b78165966f2c79da71b993c4c4d793e37297f modify p2p_feefilter test to catch rounding error (Gregory Sanders)
6a51f7951716d6d6fc0f9b56028f3a0dd02b61c8 Disallow implicit conversion for CFeeRate constructor (Gregory Sanders)
8e59af55aaf1b196575084bce2448af02d97d745 feefilter: Compute the absolute fee rather than stored rate to match mempool acceptance logic (Gregory Sanders)

Pull request description:

  This means we will use the rounding-down behavior in `GetFee` to match both mempool acceptance and wallet logic, with minimal changes.

  Fixes https://github.com/bitcoin/bitcoin/issues/16499

  Replacement PR for https://github.com/bitcoin/bitcoin/pull/16500

ACKs for top commit:
  ajtowns:
    ACK eb7b78165966f2c79da71b993c4c4d793e37297f code review only
  naumenkogs:
    utACK eb7b78165966f2c79da71b993c4c4d793e37297f
  achow101:
    re ACK eb7b78165966f2c79da71b993c4c4d793e37297f
  promag:
    ACK eb7b78165966f2c79da71b993c4c4d793e37297f.

Tree-SHA512: 484a11c8f0e825f0c983b1f7e71cf6252b1bba6858194abfe4c088da3bae8a418ec539ef6c4181bf30940e277a95c08d493595d59dfcc6ddf77c65b05563dd7e
2023-04-17 10:42:25 -05:00
PastaPastaPasta
37a4a30b54
Merge pull request #5329 from kittywhiskers/dashcli_bps
backport: merge bitcoin#18574, #18653, #18691, #18724, #18594, #19991, #19133, #19643, #20002, #19354, partial #19998 (cli backports)
2023-04-17 09:51:53 -05:00
Kittywhiskers Van Gogh
55621afe59 merge bitcoin#19354: add release note for -getinfo displaying multiwallet balances 2023-04-17 08:38:46 +00:00
Kittywhiskers Van Gogh
f4eaad0bb9 merge bitcoin#20002: expose peer network in getpeerinfo; simplify/improve -netinfo 2023-04-17 08:36:33 +00:00
Kittywhiskers Van Gogh
742d3a195d merge bitcoin#19643: Add -netinfo peer connections dashboard 2023-04-17 08:36:33 +00:00
Kittywhiskers Van Gogh
247c7dfcb2 partial bitcoin#19998: Add CNode::ConnectedThroughNetwork member function
excludes
- 3984b78cd7f49e409377f2175a56e8e4bd71d1d8
2023-04-17 08:30:49 +00:00
Kittywhiskers Van Gogh
1fab09d8fa merge bitcoin#19133: add bitcoin-cli -generate command 2023-04-17 08:30:49 +00:00
Kittywhiskers Van Gogh
c89cac5783 merge bitcoin#19991: Use alternative port for incoming Tor connections 2023-04-17 08:30:49 +00:00
Kittywhiskers Van Gogh
95d462d01d merge bitcoin#18594: display multiwallet balances in -getinfo 2023-04-17 08:30:49 +00:00
Kittywhiskers Van Gogh
50b4901bce merge bitcoin#18724: add coverage for -rpcwallet cli option 2023-04-17 08:30:49 +00:00
Kittywhiskers Van Gogh
0d8932c979 merge bitcoin#18691: add wait_for_cookie_credentials() to framework for rpcwait tests 2023-04-17 08:30:49 +00:00
Kittywhiskers Van Gogh
6c5eda9ad8 merge bitcoin#18653: add coverage for bitcoin-cli -rpcwait 2023-04-17 08:30:49 +00:00
Kittywhiskers Van Gogh
668baf262f merge bitcoin#18574: call getbalances.ismine.trusted instead of getwalletinfo.balance 2023-04-17 08:30:49 +00:00
UdjinM6
a91eace041
chore/feat: few tweaks for "Check Potential Conflicts" action (#5330)
## Issue being fixed or feature implemented
small cleanups and improvements

## What was done?
pls see individual commits

## How Has This Been Tested?
see
https://github.com/dashpay/dash/actions/runs/4715728701/jobs/8362893373?pr=5330

## Breaking Changes
n/a

## Checklist:
- [x] I have performed a self-review of my own code
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have added or updated relevant unit/integration/functional/e2e
tests
- [ ] I have made corresponding changes to the documentation
- [x] I have assigned this pull request to a milestone _(for repository
code-owners and collaborators only)_
2023-04-17 01:41:18 +03:00
UdjinM6
47e45810a9
Merge pull request #5326 from PastaPastaPasta/develop-trivial-2023-04-15
backport: trivial 2023 04 15
2023-04-17 00:57:54 +03:00
W. J. van der Laan
8ca3005a91 Merge bitcoin/bitcoin#22645: scripts: prevent GCC optimising test symbols in test-symbol-check
5449d44e37982fcd5251fd47873c5f7d34c39fc9 scripts: prevent GCC optimising test symbols in test-symbol-check (fanquake)

Pull request description:

  I noticed in #22381 that when the test-symbol-check target was being built with Clang and run in the CI it would fail due to using a too-new version of `pow` (used [here](d67330d112/contrib/devtools/test-symbol-check.py (L85))). Our CIs use Focal (glibc 2.31) and the version of `pow` was the optimized version introduced in [glibc 2.29](https://lwn.net/Articles/778286/):
  ```bash
  * Optimized generic exp, exp2, log, log2, pow, sinf, cosf, sincosf and tanf.
  ```
  This made sense, except for that if it was failing when built using Clang, why hadn't it also been failing when being built with GCC?

  Turns out GCC is optimizing away that call to `pow` at all optimization levels, including `-O0`, see: https://godbolt.org/z/53MhzMxT7, and this has been the case forever, or at least since GCC 5.x. Clang on the other hand, will only optimize away the `pow` call at `-O1` and `-O2`, not `-O0`: https://godbolt.org/z/Wbnqj3q6c. Thus when this test was built with Clang (we don't pass `-O` so we default to `-O0`) it was failing in the CI environment, because it would actually have a call to the "new" `pow`.

  Avoid this issue by using a symbol that won't be optimized away, or that we are unlikely to ever have versioning issues with.

ACKs for top commit:
  laanwj:
    ACK 5449d44e37982fcd5251fd47873c5f7d34c39fc9

Tree-SHA512: 3a26c5c3a5f2905fd0dd90892470e241ba625c0af3be2629d06d5da3a97534c1d6a55b796bbdd41e2e6a26a8fab7d981b98c45d4238565b0eb7edf3c5da02007
2023-04-16 23:40:59 +03:00
fanquake
a4e5458daa Merge bitcoin/bitcoin#22215: refactor: Add FoundBlock.found member
5c5d0b62648e1b144b7b93c199f45265dac100e5 Add FoundBlock.found member (Russell Yanofsky)

Pull request description:

  This change lets IPC serialization code handle FoundBlock arguments more simply and efficiently. Without this change there was no way to determine from a FoundBlock object whether a block was found or not. So in order to correctly implement behavior of leaving FoundBlock output variables unmodified when a block was not found, IPC code would have to read preexisting output variable values from the local process, send them to the remote process, receive output values back from the remote process, and save them to output variables unconditionally. With FoundBlock.found method, the process is simpler. There's no need to read or send preexisting local output variable values, just to read final output values from the remote process and set them conditionally if the block was found.

  ---

  This PR is part of the [process separation project](https://github.com/bitcoin/bitcoin/projects/10). The commit was first part of larger PR #10102.

ACKs for top commit:
  fjahr:
    Code review ACK 5c5d0b62648e1b144b7b93c199f45265dac100e5
  theStack:
    Concept and code review ACK 5c5d0b62648e1b144b7b93c199f45265dac100e5
  jamesob:
    ACK 5c5d0b62648e1b144b7b93c199f45265dac100e5 ([`jamesob/ackr/22215.1.ryanofsky.refactor_add_foundblock`](https://github.com/jamesob/bitcoin/tree/ackr/22215.1.ryanofsky.refactor_add_foundblock))
  Zero-1729:
    crACK 5c5d0b6

Tree-SHA512: d906e1b7100ff72c3aa06d80bd77673887b2db670ebd52dce7c4f6f557a23a1744c6109308228a37fda6c6ea74f05ba0efecff0ef235ab06ea8acd861fbb8675
2023-04-16 23:40:59 +03:00
MarcoFalke
76141fe8a8 Merge bitcoin/bitcoin#22453: fuzz: Limit max ops in rolling_bloom_filter fuzz target
faa86b71acefc8f2e366746a1c251888e6e686dd fuzz: Use ConsumeUInt256 helper to simplify rolling_bloom_filter fuzz test (MarcoFalke)
aaaa61fd306e25379e6222e31bf160a6eb04f74e fuzz: Speed up rolling_bloom_filter fuzz test (MarcoFalke)

Pull request description:

  Without a size limit on the input data, the runtime is unbounded. Fix this by picking an upper bound on the maximum number of fuzz operations.

  Reproducer from OSS-Fuzz (without bug report):
  [clusterfuzz-testcase-rolling_bloom_filter-5980807721254912.log](https://github.com/bitcoin/bitcoin/files/6822159/clusterfuzz-testcase-rolling_bloom_filter-5980807721254912.log)

ACKs for top commit:
  practicalswift:
    cr ACK faa86b71acefc8f2e366746a1c251888e6e686dd
  theStack:
    Concept and code review ACK faa86b71acefc8f2e366746a1c251888e6e686dd

Tree-SHA512: eace588509dfddb2ba97baf86379fa713fa6eb758184abff676cb95807ff8ff36905eeaddeba05665b8464c35c57e2138f88caec71cbfb255e546bbe76558da0
2023-04-16 23:40:59 +03:00
MarcoFalke
8135f43588 Merge bitcoin/bitcoin#22444: fuzz: Limit max ops in prevector fuzz target
faafda232e1d4f79ee64dbfee699a8018f25b0bc fuzz: Speed up prevector fuzz target (MarcoFalke)

Pull request description:

  Without a size limit on the input data, the runtime is unbounded. Fix this by picking an upper bound on the maximum number of fuzz operations.

  Should fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35981

ACKs for top commit:
  practicalswift:
    cr ACK faafda232e1d4f79ee64dbfee699a8018f25b0bc

Tree-SHA512: 1bf166c4a99a8ce88bdc030cd6a32ce1da5251b73873772e0e9c001ec2bacafebb183f7c8c88806d0ab633aada2cff8b78791f5c9c0c6f2cc8ef5f0875c4b2ef
2023-04-16 23:40:59 +03:00
MarcoFalke
c9d4607ff7 Merge bitcoin/bitcoin#22493: fuzz: Extend addrman fuzz test with deserialize
aaaa9c6019790a1a21a7b4ef01693ac9390ae6d0 fuzz: Extend addrman fuzz test with deserialize (MarcoFalke)

Pull request description:

  Requested on IRC:

  ```
  [18:01] <vasild> => I think there is a good chance fuzzing addrman unserialize will find more bugs
  [18:04] <sipa> definitely

ACKs for top commit:
  jonatack:
    ACK aaaa9c6019790a1a21a7b4ef01693ac9390ae6d0 per `git diff fa74025 aaaa9c6`
  vasild:
    ACK aaaa9c6019790a1a21a7b4ef01693ac9390ae6d0

Tree-SHA512: f57d0aecf22a933e48d3181d7398218949588dd0de31218d1d28c825649e55fd60b0de6fbc92d2497cf5639a4adc2061c9bf8216546a2be916feac4f03f16e8f
2023-04-16 23:40:59 +03:00
fanquake
48b1186ce1 Merge bitcoin/bitcoin#22234: build: Mark print-% target as phony.
fb7be92b094477131140b58a4e3ae98366b93e76 Mark print-% target as phony. (Dmitry Goncharov)

Pull request description:

  .PHONY does not take patterns (such as print-%) as prerequisites.
  Have print-% depend on force and mark force as phony.

  This change ensures print-% rule works even when there is a file that matches the target.

  ```
  $ # on master
  $ make print-host
  host=x86_64-pc-linux-gnu
  $ touch print-host
  $ make print-host
  make: 'print-host' is up to date.
  $
  $ git co mark_print_as_phony
  Switched to branch 'mark_print_as_phony'
  $ make print-host
  host=x86_64-pc-linux-gnu
  $ touch force
  $ make print-host
  host=x86_64-pc-linux-gnu
  ```

ACKs for top commit:
  hebasto:
    ACK fb7be92b094477131140b58a4e3ae98366b93e76, tested on Linux Mint 20.2 (x86_64).

Tree-SHA512: b89ae66aa8c7aa6a7ab5f0956f9eb3b3ef9d56994b60dc2a97d498d4c1bba537845c190723e8a10310280b1b35df2cd935cc30aeb76735cac2dc621ad7823772
2023-04-16 23:40:59 +03:00
MarcoFalke
3f86297810 Merge bitcoin/bitcoin#22279: fuzz: add missing ECCVerifyHandle to base_encode_decode
906d7913117c8f10934b37afa27ae8ac565da042 fuzz: add missing ECCVerifyHandle to base_encode_decode (Andrew Poelstra)

Pull request description:

  It is possible to trigger a fuzztest failure in the `base_encode_decode` by asking it to decode any PSBT that has HD keypaths in it. For example, this one

  ```
  cHNidP8BAFUCAAAAASeaIyOl37UfxF8iD6WLD8E+HjNCeSqF1+Ns1jM7XLw5AAAAAAD/////AaBa6gsAAAAAGXapFP/pwAYQl8w7Y28ssEYPpPxCfStFiKwAAAAAAAEBIJVe6gsAAAAAF6kUY0UgD2jRieGtwN8cTRbqjxTA2+uHIgIDsTQcy6doO2r08SOM1ul+cWfVafrEfx5I1HVBhENVvUZGMEMCIAQktY7/qqaU4VWepck7v9SokGQiQFXN8HC2dxRpRC0HAh9cjrD+plFtYLisszrWTt5g6Hhb+zqpS5m9+GFR25qaAQEEIgAgdx/RitRZZm3Unz1WTj28QvTIR3TjYK2haBao7UiNVoEBBUdSIQOxNBzLp2g7avTxI4zW6X5xZ9Vp+sR/HkjUdUGEQ1W9RiED3lXR4drIBeP4pYwfv5uUwC89uq/hJ/78pJlfJvggg71SriIGA7E0HMunaDtq9PEjjNbpfnFn1Wn6xH8eSNR1QYRDVb1GELSmumcAAACAAAAAgAQAAIAiBgPeVdHh2sgF4/iljB+/m5TALz26r+En/vykmV8m+CCDvRC0prpnAAAAgAAAAIAFAACAAAA=
  ```

  which I took straight from the PSBT test vectors. The reason is that in src/psbt.h we call `DeserializeHDKeypaths`, which in turn calls `CPubKey::IsFullyValid`, which in turn asserts that a secp context has been created.

  The error appears to be masked on many systems by the definition of `instance_of_eccryptoclosure` in src/script/bitcoinconsensus.cpp, which defines a static object which contains an `ECCVerifyHandle`. If you just comment out that line you can reliably trigger the fuzz test failure, e.g. by creating a file `crash` with the above PSBT, and runnnig

  ```
  ASAN_OPTIONS=symbolize=0:detect_stack_use_after_return=1:check_initialization_order=1:strict_init_order=1 UBSAN_OPTIONS=suppressions=./test/sanitizer_suppressions/ubsan:print_stacktrace=1:halt_on_error=1:report_error_type=1 FUZZ=base_encode_decode ./src/test/fuzz/fuzz -seed_inputs=crash
  ```

ACKs for top commit:
  practicalswift:
    cr ACK 906d7913117c8f10934b37afa27ae8ac565da042

Tree-SHA512: b98b60573c21efe28503fe351883c6f0d9ac99d0dd6f100537b16ac53476617b8a3f899faf0c23d893d34a01b3bbe4a784499ec6f9c7000292e850bed449bd85
2023-04-16 23:40:59 +03:00
MarcoFalke
77eb105456 Merge bitcoin/bitcoin#22271: fuzz: Assert roundtrip equality for CPubKey
9550dffa0c61df6d1591c62d09629b4c5731e1b7 fuzz: Assert roundtrip equality for `CPubKey` (Sebastian Falbesoner)

Pull request description:

  This PR is a (quite late) follow-up to #19237 (https://github.com/bitcoin/bitcoin/pull/19237#issuecomment-642203251). Looking at `CPubKey::Serialize` and `CPubKey::Unserialize` I can't think of a scenario where the roundtrip (serialization/deserialization) equality wouldn't hold.

ACKs for top commit:
  jamesob:
    crACK 9550dffa0c pending CI

Tree-SHA512: 640fb9e777d249769b22ee52c0b15a68ff0645b16c986e1c0bce9742155d14f1be601e591833e1dc8dcffebf271966c6b861b90888a44aae1feae2e0248e2c55
2023-04-16 23:40:59 +03:00