168e5e4a50 Merge bitcoin/bitcoin#28877: bench: Update nanobench to 4.3.11 (fanquake)
417c86b949 Merge bitcoin/bitcoin#28105: doc: Clarify that -fstack-reuse=all bugs exist on all versions of GCC (fanquake)
a620cccd81 Merge bitcoin/bitcoin#26970: test: fix immediate tx relay in wallet_groups.py (merge-script)
f115d9c27f Merge bitcoin/bitcoin#27061: doc: Document affected gcc versions for -fstack-reuse=none workaround (fanquake)
6889a8db29 Merge bitcoin/bitcoin#27056: doc: use arch agnostic clang path in fuzzing doc (macOS) (MarcoFalke)
97858384ec Merge bitcoin/bitcoin#21995: build: Make dependency package archive timestamps deterministic (fanquake)
c4760bb32e Merge bitcoin/bitcoin#27030: Update nanobench to version v4.3.10 (fanquake)
a7e3c2c916 Merge bitcoin-core/gui#705: doc: Fix comment about how wallet txs are sorted (Hennadii Stepanov)
44e6c9e902 Merge bitcoin/bitcoin#27004: test: Use std::unique_ptr over manual delete in coins_tests (fanquake)
2ab1989a39 Merge bitcoin/bitcoin#27010: refactor: use `Hash` helpers for double-SHA256 calculations (MarcoFalke)
c681aaad30 Merge bitcoin/bitcoin#22811: build: Fix depends build system when working with subtargets (fanquake)
d1b7386374 Merge bitcoin/bitcoin#26930: fuzz: Actually use mocked mempool in tx_pool target (MarcoFalke)
cd53a195a6 Merge bitcoin/bitcoin#26873: doc: add databases/py-sqlite3 to FreeBSD test suite deps (fanquake)
8cc5f11a2f Merge bitcoin/bitcoin#26506: refactor: rpc: use convenience fn to auto parse non-string parameters (MarcoFalke)
662302c42b Merge bitcoin/bitcoin#26805: tests: Use unique port for ZMQ tests to allow for multiple test instances (MarcoFalke)
66a3981a7a Merge bitcoin/bitcoin#24279: build: Make `$(package)_*_env` available to all `$(package)_*_cmds` (fanquake)
3261092f85 Merge bitcoin/bitcoin#26520: doc: test: update/fix TestShell example instructions (fanquake)
5f78859562 Merge bitcoin/bitcoin#25248: refactor: Add LIFETIMEBOUND / -Wdangling-gsl to Assert() (fanquake)
459425776c Merge bitcoin/bitcoin#26229: test: Use proper Boost macros instead of assertions (MacroFake)
3be81a2d4c Merge bitcoin/bitcoin#25915: test: Fix wallet_balance intermittent issue (Andrew Chow)
da1d3f2654 Merge bitcoin/bitcoin#25663: tracing: do not use `coin` after move in `CCoinsViewCache::AddCoin` (MacroFake)
Pull request description:
## Issue being fixed or feature implemented
Batch of trivial backports
## What was done?
See commits
## How Has This Been Tested?
built locally; large combined merge passed tests locally
## Breaking Changes
Should be none
## Checklist:
- [ ] I have performed a self-review of my own code
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have added or updated relevant unit/integration/functional/e2e tests
- [ ] I have made corresponding changes to the documentation
- [x] I have assigned this pull request to a milestone _(for repository code-owners and collaborators only)_
ACKs for top commit:
UdjinM6:
utACK 168e5e4a50
Tree-SHA512: 3099e09bc500a86bffafea0db136e3213f69b69e7af74304c171780e56ff1ff4c973a228962cf80aec62158ded19365d6f8506ef202a15751a43851574f082e2
b49e19ccd9a50053c69cd42bae1b44df07890cfd doc: use arch agnostic clang path in fuzzing doc (macOS) (fanquake)
Pull request description:
The current path will only work for clang installed via brew on x86_64 macOS.
ACKs for top commit:
hebasto:
ACK b49e19ccd9a50053c69cd42bae1b44df07890cfd, similar to 702836530ffa351e863b1b1300fd2e559a14ef23.
Tree-SHA512: 8ae4845e1953d5a7178f2b422e2241af1057d8cce1ab79da65df0cd068456dbf85da3489355f81fc4ee09ba602a4b53e989e2dc02476b4abf6c5b3bc3e96473b
47c3ea021e867206172cdb6546a76d23baa958bb doc: add OSS-Fuzz section to fuzzing.md doc (Adam Jonas)
Pull request description:
This adds documentation about [Bitcoin Core's participation](https://github.com/google/oss-fuzz/pull/5699/files) in Google's OSS-Fuzz program and adds the caveat that the project may not disclose vulnerabilities within the 90-day window described in the [program's disclosure guidelines](https://google.github.io/oss-fuzz/getting-started/bug-disclosure-guidelines/).
ACKs for top commit:
jonatack:
ACK 47c3ea021e867206172cdb6546a76d23baa958bb
Tree-SHA512: 87bf0146fb74d1e4b3b8839e6c8f3d53046008a6d5b926ffe5b95be3c396a5e47e47967533422f60b04c4446482f49d210ada410b742f69781a7afde623d704d
fd0be92cff6a4b5e343e6ddae7481868354b9869 doc: Add instructions on how to fuzz the P2P layer using Honggfuzz NetDriver (practicalswift)
Pull request description:
Add instructions on how to fuzz the P2P layer using [Honggfuzz NetDriver](http://blog.swiecki.net/2018/01/fuzzing-tcp-servers.html).
Honggfuzz NetDriver allows for very easy fuzzing of TCP servers such as Bitcoin Core without having to write any custom fuzzing harness. The `bitcoind` server process is largely fuzzed without modification.
This makes the fuzzing highly realistic: a bug reachable by the fuzzer is likely also remotely triggerable by an untrusted peer.
Top commit has no ACKs.
Tree-SHA512: 9e98cb30f00664c00c8ff9fd224ff9822bff3fd849652172df48dbaeade1dd1a5fc67ae53203f1966a1d4210671b35656009a2d8b84affccf3ddf1fd86124f6e
00124713912ead4ce610d519bb3ebab7e31cbea7 build: turn on --enable-c++17 by --enable-fuzz (Vasil Dimov)
Pull request description:
Fuzzing code uses C++17 specific code (e.g. std::optional), so it is not
possible to compile with --enable-fuzz and without --enable-c++17.
Thus, turn on --enable-c++17 whenever --enable-fuzz is used.
ACKs for top commit:
hebasto:
ACK 00124713912ead4ce610d519bb3ebab7e31cbea7, tested on Linux Mint 19.3 (x86_64); verified that it fails to compile with `--enable-fuzz` and without `--enable-c++17` on master.
Tree-SHA512: 290531ea8d79de3b9251ea4ad21e793478b18150cc0124eea1e50c3a4ed92bab89c3e70ed0aa526906f8723ea952cdba4268f1560ae4be9bd25b9e4f9b97436c
fab633d2dbfed1efcc3a02061685d56327ae51fd doc: Update fuzzing docs for afl-clang-lto (MarcoFalke)
Pull request description:
Update the docs to default to `afl-clang-lto`. The afl-gcc (and other afl legacy fuzz engines) are still supported, though discouraged.
ACKs for top commit:
fanquake:
ACK fab633d2dbfed1efcc3a02061685d56327ae51fd - seems to work for me. Compiled and ran some fuzzers using Clang 11 on Bionic. Set `llvm-config` so that `clang-11` would be used over `clang` (10).
jarolrod:
ACK fab633d2dbfed1efcc3a02061685d56327ae51fd, tested on Ubuntu Focal
Tree-SHA512: 3d1969c167bea45a9d691f3b757f51213d550c9c1b895bed1fcf3c2f7345791787cfb13c376291b94eb3181caf4ae3126f4d01c7cebda7b2bb1c40a1294e9a68
8a4f0fcd3fc1a35c1482975114555b0fed75a1c0 Document faster throughput configuration (Alex Groce)
Pull request description:
This is a small change to the fuzzing doc that I think might help more people improve the corpus coverage, which I think is low partly just due to lack of long, low-overhead, runs, in addition to the need to apply a more diverse set of fuzzers and coverage notions.
ACKs for top commit:
practicalswift:
ACK 8a4f0fcd3fc1a35c1482975114555b0fed75a1c0
tryphe:
ACK 8a4f0fcd3fc1a35c1482975114555b0fed75a1c0
Tree-SHA512: 0f1802f5c551d6ade7393cd2ac439ffd485786b17c4fd0f1a321f69f8ed0db1167ae04b5cae7bf904e89aba03e89b6d974bff564bfc6a78a571893719f323434
d8f1ea7227260e51c340271fc9a43866799b8ac4 doc: describe in fuzzing.md how to reproduce a CI crash (Jon Atack)
Pull request description:
Not sure if this is 100% accurate or missing any pertinent info, but I misremembered how to do this today and it seems like useful information to provide.
ACKs for top commit:
practicalswift:
ACK d8f1ea7227260e51c340271fc9a43866799b8ac4
Tree-SHA512: 1b74e4187e6ea13b04eb03b3c6e2615c4eb18cc38cce215ad1645f8b135c5c31a243748eb313ccec05f1f62187ba33d550119acf07088968d2d2c1c09bc4c653
2b78a11b48bad1fa30120ce851269ca9ce8833a5 doc: afl fuzzing comment about afl-gcc and afl-g++ (nsa)
Pull request description:
When trying to build the fuzz tests with `--enable-lcov` on a Ubuntu machine, noticed that the documentation was lacking with regards to the afl-gcc and afl-g++ options. `afl-clang-fast` and `afl-clang-fast++` in the examples just need to be replaced with `afl-gcc` and `afl-g++`. I also had to set the `-m` flag as well to get the fuzzers to run.
ACKs for top commit:
practicalswift:
ACK 2b78a11b48bad1fa30120ce851269ca9ce8833a5
MarcoFalke:
Concept ACK 2b78a11b48bad1fa30120ce851269ca9ce8833a5, haven't tested
Tree-SHA512: d8151afd79de949e8c6da49b69bbbf1470eb478c8ddcbc69b30e86bf9396c0f13835a655d4ae658f7dc4f36c35b02cd23b08358fb73a71e15bf14e76c1f365a4
872aa25fa1d71aa022cdfa02e5927d851d73b3a8 doc: add c++17-enable to fuzzing instructions (Martin Zumsande)
Pull request description:
Update the fuzzing doc because after the merge of #18901, C++17 is required for compilation.
ACKs for top commit:
practicalswift:
ACK 872aa25fa1d71aa022cdfa02e5927d851d73b3a8
MarcoFalke:
ACK 872aa25fa1d71aa022cdfa02e5927d851d73b3a8
Tree-SHA512: 47e37c033690de1d1fa644bf0cebb256036b32a5784021cc0d3b32e6188822d7f517d4342990dc7ec98de6d650794aeb85483157e69e141d6bd011993e124575
84edfc72e5eba3dde824ebd0626e97929a0b1bca Update doc and CI config (qmma)
48bcb2ac249e0e666ce638bb29124558b3283c16 Disable other targets when enable-fuzz is set (qmma)
Pull request description:
This is to fix https://github.com/bitcoin/bitcoin/issues/16094
When the `enable-fuzz` flag is set, disable all other binary targets.
ACKs for top commit:
MarcoFalke:
ACK 84edfc72e5eba3dde824ebd0626e97929a0b1bca (only checked that travis compiled this)
Tree-SHA512: f4ac80526388a67709986b22de88b00bf93ab44ae31a20bd4d8923a4982ab97e015a9f13010081d6ecf6c23ae8afeac7ca9d849d198ce6ebe239aa3127151efc
693247b [test] Speed up fuzzing by ~200x when using afl-fuzz (practicalswift)
Tree-SHA512: 95922fc2616b8cb00dd531ed1140a52bbda4e04292dd8c1c60a8f49dbf6ccb797a18b61180b3fb68d695456b478a1f5ae7fda47e8ecee41dd65555487aef40a3