3cb9ce85d0c6d01217babf0df7efc2eabde1b12f Document strenghtening (Pieter Wuille)
1d207bc46f995ad3b5ae89bb504affaca09d10b1 Add hash strengthening to the RNG (Pieter Wuille)
Pull request description:
This patch improves the built-in RNG using hash strengthening.
At startup, and once every minute, 32 bytes of entropy are produced from the RNG, repeatedly hashed using SHA512 for 10ms, and then fed back into the RNG, together with high-precision timestamps obtained every 1000 iterations.
ACKs for commit 3cb9ce:
pstratem:
utACK 3cb9ce85d0c6d01217babf0df7efc2eabde1b12f
Tree-SHA512: 4fb6f61639b392697beb81c5f0903f79f10dd1087bed7f34de2abb5c22704a671e37b2d828ed141492491863efb1e7d1fa04408a1d32c9de2f2cc8ac406bbe57
b2ff500fb3e4fa05de366ab1900825bea1f70377 test: add "diamond" unit test to MempoolAncestryTests (Sebastian Falbesoner)
Pull request description:
Approaches #17271 (_Missing Unit Test for Ancestors "diamond"_).
If ancestors are represented more than once (in this case `ta` and `tb`), check that those are not overcounted.
ACKs for top commit:
laanwj:
ACK b2ff500fb3e4fa05de366ab1900825bea1f70377
Tree-SHA512: 82a6573cc7f0e82bf6fcfe207d7ddecbf297d2a203d22e95b73d887e3cb280f45a3c5f649161561c1be1eb560ff81b9b385868f205d1c12284211c2377e5ad99
8734c856f85cb506fa97596383dd7e7b9edd7e03 Replace the LogPrint function with a macro (Jeffrey Czyz)
Pull request description:
Calling `LogPrint` with a category that is not enabled results in
evaluating the remaining function arguments, which may be arbitrarily
complex (and possibly expensive) expressions. Defining `LogPrint` as a
macro prevents this unnecessary expression evaluation.
This is a partial revert of #14209. The decision to revert is discussed
in #16688, which adds verbose logging for validation event notification.
ACKs for top commit:
jnewbery:
ACK 8734c856f85cb506fa97596383dd7e7b9edd7e03
Tree-SHA512: 19e995eaef0ff008a9f8c1fd6f3882f1fbf6794dd7e2dcf5c68056be787eee198d2956037d4ffba2b01e7658b47eba276cd7132feede78832373b3304203961e
1cf9b35c0dac5f685b7ae62ded16284803816570 doc: Add developer note on c_str() (Wladimir J. van der Laan)
Pull request description:
Add a note when to use and when not to use `c_str()`.
ACKs for top commit:
elichai:
ACK 1cf9b35c0dac5f685b7ae62ded16284803816570
MarcoFalke:
Looking nice ACK 1cf9b35c0dac5f685b7ae62ded16284803816570
Tree-SHA512: 38cb5e54695782c23a82d03db214a8999b5bb52553f4fbe5322281686f42616981a217ba987feb6d87f3e6b95919cadd8484efe69ecc364ba1731aaf173626c9
cc3b5289ef648dca30469ee4afa615a1ed5b4e04 gui: remove OpenSSL PRNG seeding (Windows, Qt only) (fanquake)
Pull request description:
This removes the code introduced in [#4399](https://github.com/bitcoin/bitcoin/pull/4399) that attempts to add additional entroy to the OpenSSL PRNG using `RAND_event()`. This is specific to bitcoin-qt running on Windows.
```
RAND_event() collects the entropy from Windows events such as mouse movements and other user interaction.
It should be called with the iMsg, wParam and lParam arguments of all messages sent to the window procedure.
It will estimate the entropy contained in the event message (if any), and add it to the PRNG.
The program can then process the messages as usual.
```
Besides BIP70, this is the last place we are directly using OpenSSL in the GUI code. All other OpenSSL usage is in [random.cpp](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp).
Note that we are still also still doing other Windows specific gathering using [RandAddSeedPerfmon](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L268) and [RAND_screen()](https://github.com/bitcoin/bitcoin/blob/master/src/random.cpp#L600) on top of the other generation we do.
Also note that if RAND_event returns `0` here (PRNG has **NOT** been seeded with enough data), we're just logging a single message and continuing, which also seems less than ideal.
ACKs for top commit:
laanwj:
ACK cc3b5289ef648dca30469ee4afa615a1ed5b4e04
MarcoFalke:
unsigned ACK cc3b5289ef648dca30469ee4afa615a1ed5b4e04
theuni:
ACK cc3b5289ef648dca30469ee4afa615a1ed5b4e04.
Tree-SHA512: 0bb18779cf37f6670e3e5ac6a6a38e5f95199491b2684f9e56391c76f030fe1621d6df064239c2a398f228129fdf3f2220fc8cd15b2b92ecf2ea6d98a79b2175
3284e6c09a84e9557ec72723ad636053d3ef7122 scripts: search for next position of magic bytes rather than fail (Tim Akinbo)
Pull request description:
When using the `linearize-data.py` contrib script to export block data, there are edge cases where the script fails with an `Invalid magic: 00000000` error. This error occurs due to the presence of padding bytes that occasionally appears between consecutive blocks in the block data file.
There's an ongoing conversation about this in #14986. sipa also admitted that it is a bug in #5028. Fortunately, this is not an issue in bitcoin core as it handles this type of situation gracefully and so no fix in bitcoin core is required.
This PR is an improvement on how the script handles these "invalid magic bytes". Rather than failing, this patch allows the script to search for the next occurrence of the magic bytes and then starts reading the block from there.
ACKs for top commit:
laanwj:
ACK 3284e6c09a84e9557ec72723ad636053d3ef7122
Tree-SHA512: 18067ae0b4b62e822dfc558a86439ad6acaf939b98479e38e8e4248536574643b26eb48e96ec7139375c88b42cbe7705a64deb13a3c239e16025a6aad3d69bfa
73aaf4ecf825a4d18c802ca5dd3856ce9096915e Make SignatureExtractorChecker private to its own file (Ben Woosley)
Pull request description:
~If we add a CTxIn constructor to SignatureData, then constructing the
SignatureData directly is no more verbose than calling DataFromTransaction,
and grants the caller additional flexibiliy in how to provide the CTxIn.~
A simple change to enhance encapsulation.
ACKs for top commit:
MarcoFalke:
utACK 73aaf4ecf825a4d18c802ca5dd3856ce9096915e
laanwj:
ACK 73aaf4ecf825a4d18c802ca5dd3856ce9096915e
Tree-SHA512: f7eafbce22b0e9917a8487e88d1f5a1061f2a0959ae1a097cbd9c8ea0d774edfb807da56813cb5fb26f6ca98499a0604a8ff024c198a7c8dc755164de66d972a
bd3b0361d Add stop_block out arg to ScanForWalletTransactions (Ben Woosley)
3002d6cf3 Return a status enum from ScanForWalletTransactions (Ben Woosley)
bb24d6865 Make CWallet::ScanForWalletTransactions args and return value const (Ben Woosley)
Pull request description:
Return the failed block as an out arg.
Fixes#11450.
/cc #12275
Tree-SHA512: 6a523e5425ebfe24e664a942ae21c797ccc1281c25b1bf8d02ad95c19dae343fd8051985ef11853474de7628fd6bed5f15190fbc087c3466ce6fdecab37d72a9
bd6a24307564a56d54d98331d5e1680d27ddc09e script: Add Keyserver to verify-commits README (Emil Engler)
Pull request description:
When I use the option with the default keyserver on `gpg (GnuPG) 2.2.12` from the Debian repositories only the keys from meshcollider and fanquake are actually found. Using the ubuntu keyserver works without any problems and all keys are getting found.
As this keyserver is also suggested on [https://bitcoincore.org/en/download/](), it would be good to have a common keyserver.
ACKs for top commit:
laanwj:
ACK bd6a24307564a56d54d98331d5e1680d27ddc09e, better to be explicit here
Tree-SHA512: d4127c42490390bed4e0074ebb1f8a6cc983f96bbea0ec1da011a93bed325a7f465ed9936e4bc2ef7c4b2e4501a2868d00b67ceb7bf85f2a902db9c6173a6c61
eafd2593674b6890418a50eadf69425071b824e4 build: Add NX workaround for RV64 (Wladimir J. van der Laan)
f6e42256fe8900ed90f9644906b77f97e1600952 build: Allow export of environ symbols (Wladimir J. van der Laan)
Pull request description:
This export was introduced in #17270 which added
```
//! Necessary on some platforms
extern char** environ;
```
This should (finally) make the gitian build pass again (fix issue #17525.).
Built on top of #17538 which should be merged first.
Top commit has no ACKs.
Tree-SHA512: 5c2054d52d0957aec3dc945b76d8e219187d22dc03889e7a88fb76049bf8e4a3e9f4da00dd1e9dd0351211f8e70d1a1b8ad7244f0348dab698e9d14b9d0c0bd4
d9d8984270dbb004ec94f8dbb289be2bc9e4dbc3 wallet: Use wallet name instead of pointer on unload/release (João Barbosa)
Pull request description:
Fixes#16668. Wallet name is unique so it can be used instead of pointer.
ACKs for top commit:
meshcollider:
utACK d9d8984270dbb004ec94f8dbb289be2bc9e4dbc3
instagibbs:
utACK d9d8984270
ryanofsky:
utACK d9d8984270dbb004ec94f8dbb289be2bc9e4dbc3. Alternately I think it might be possible to use an intptr_t set instead of a string set to get around the undefined behavior described in the issue.
Tree-SHA512: eccd4d260cd4c02b52c30deeb32dbfd190a1151a5340eb3aa4ece0dc6ae3b3ed746ce5617336461f6f27c437c435629cd07d20beb1c5450f23b75edde6728598
fa852f0e8d test: Bump timeout on tests that timeout on windows (MarcoFalke)
Pull request description:
Those tests build a ton of blocks and time out for me on Windows with:
```
test_framework.authproxy.JSONRPCException: 'generatetoaddress' RPC took longer than 60.000000 seconds. Consider using larger timeout for calls that take longer to return. (-344)
Tree-SHA512: a8fffeaddd02c051fbcc04bfac69f6ed826b8f16616e3b2e210a469d07c3e5706baab8121f1cd7ed265481de3a6197cf371513e2afbe506cf13b1dabfe3a0005
8e4b4f683a0b342cec24cd51b1e98433034ea2ea Address test todos by removing -txindex to nodes. Originally added when updating getrawtransaction to stop searching unspent utxos. (Amiti Uttarwar)
Pull request description:
Original todos added when removing getrawtransaction default behavior of searching unspent utxos.
Tree-SHA512: d080953c3b0d2e5dca2265a15966dc25985a614c9cc86271ecd6276178ce428c85e262c24df92501695c32fed7beec0339b989f03cce91b57fb2efba201b7809
543ef7d626 tests: Add missing cs_main locks required when accessing pcoinsdbview, pcoinsTip or pblocktree (practicalswift)
Pull request description:
Add missing `cs_main` locks required when accessing `pcoinsdbview`, `pcoinsTip` or `pblocktree`.
This is a subset of #15192: split up requested by MarcoFalke in https://github.com/bitcoin/bitcoin/pull/15192#issuecomment-462827372.
The end goal is to get the corresponding `GUARDED_BY(...)`:s in (see #15192).
Tree-SHA512: 0eb1987dba1a2f1faf0910c421f6d90a20b8a253486eb3301d5bca66d128b19120664e3a8580bdce7b428df817284faf94243250bf561f91d2d31a52d134aa67
50e647210d Move ParseConfirmTarget from rpc/mining to rpc/util (Russell Yanofsky)
Pull request description:
Util is a better home since it's called both by wallet and mining code.
Suggested https://github.com/bitcoin/bitcoin/pull/15288#discussion_r254449444
Tree-SHA512: 4320caf2a3f70d2885c421de04f2ec68ff3f6519258c5155fc46e245dc1765fd15c81f260af5096318f24ff9deb88fc3c5ef40eec8b7393f467f5b963d17215b
fae8b8bb1a qa: Add tool-prefix to functional test readme (MarcoFalke)
faf3d22725 test_runner: Remove unused --force option (MarcoFalke)
Pull request description:
When someone calls the script they already have all intention to call it, no need to specify a redundant `--force`.
The functional tests are still disabled on the travis windows cross builds, where they'd run into issues when run under Wine.
Tree-SHA512: ada0dd9b3c0cd28c5832a12c5e04c029dc3bfe5ddf366fd0abc24fb7914d2e0f0a873fe756ade7ba780a561abe9bc731838c289accc421deda481269e08514cd
faa46475d7 wallet: Add lock annotation for mapAddressBook (MarcoFalke)
Pull request description:
This adds lock annotations for `mapAddressBook` and also moves one lock from inside `GetDestValues` to the caller to be in line with the other methods (`eraseDestData`, `addDestData`, ...)
Tree-SHA512: cef9397523e2f5717d4a9a6b2da1fe07042484a51b3c067ae64425768637f334350a2c3db4ab7e00af99b2a587f6b656b68ee1195f6a3db6d47298d0b2b6174a
0c78e49be3a258695b7f363f2d5b1cfdb93f9522 tests: Switch one of the Travis jobs to an unsigned char environment (-funsigned-char) (practicalswift)
Pull request description:
Switch one of the Travis jobs to an unsigned char environment (`-funsigned-char`).
This will help us catch errors due to code written under the assumption that `char` has the same value range as `signed char`.
The signedness of `char` is implementation-defined.
Example:
```
$ uname -a
Linux […] x86_64 x86_64 x86_64 GNU/Linux
$ cat foo.cpp
#include <iostream>
int main() {
char c;
std::cin >> c;
int i = (unsigned char)c;
std::cout << i << "\n";
}
$ clang++ -o foo foo.cpp
$ echo -e "\xff" | ./foo
255
$ clang++ -fsigned-char -o foo foo.cpp
$ echo -e "\xff" | ./foo
255
$ clang++ -funsigned-char -o foo foo.cpp
$ echo -e "\xff" | ./foo
255
$ cat bar.cpp
#include <iostream>
int main() {
char c;
std::cin >> c;
int i = c;
std::cout << i << "\n";
}
$ clang++ -o bar bar.cpp
$ echo -e "\xff" | ./bar
-1
$ clang++ -fsigned-char -o bar bar.cpp
$ echo -e "\xff" | ./bar
-1
$ clang++ -funsigned-char -o bar bar.cpp
$ echo -e "\xff" | ./bar
255
```
`gcc` chars:
* signed: alpha, hppa, ia64, m68k, mips, sh, sparc, x86
* unsigned: arm, powerpc, s390
About `-funsigned-char`:
> Let the type "char" be unsigned, like "unsigned char".
>
> Each kind of machine has a default for what "char" should be. It is either like "unsigned char" by default or like "signed char" by default.
>
> Ideally, a portable program should always use "signed char" or "unsigned char" when it depends on the signedness of an object. But many programs have been written to use plain "char" and expect it to be signed, or expect it to be unsigned, depending on the machines they were written for.
>
> This option, and its inverse, let you make such a program work with the opposite default. The type "char" is always a distinct type from each of "signed char" or "unsigned char", even though its behavior is always just like one of those two.
ACKs for top commit:
laanwj:
ACK 0c78e49be3a258695b7f363f2d5b1cfdb93f9522
Tree-SHA512: ba04590415c0bb9a0bbd348623e57068f75274f53da7247d5c5ecad82e365a5b45893a4a491d318e82a8feb6a25f019d46e01990afb33162e2c9740d33a343d7
62d3f5057f2ed0c8646839f38dbe29adf4601502 qa: fix deprecated log.warn in feature_dbcrash test (Jon Atack)
Pull request description:
This clears up the following deprecation message when running test/functional/feature_dbcrash.py:
```
test/functional/feature_dbcrash.py:270:
DeprecationWarning: The 'warn' method is deprecated, use 'warning' instead
self.log.warn("Node %d never crashed during utxo flush!", i)
```
Git grepping indicates that this was the last remaining use of `log.warn` in the functional tests.
ACKs for top commit:
fanquake:
ACK 62d3f5057f2ed0c8646839f38dbe29adf4601502 - checked that there were no more occurrences.
Tree-SHA512: 2fe87400f82488e44391f4897876003a98736013e819a7dbc3b3e87a5ffbfba8d5ccab81cf2b7577f40135c95e4db96e93bb8cb24de396efb4ad814fbda09559
fa4010e1129f2a4f3348f7a02896021df9270ee0 travis: Print memory and number of cpus (MarcoFalke)
Pull request description:
For some reason it shows a different value than the one they advertise. This might be related to the flood of sanitizer warnings we see.
https://docs.travis-ci.com/user/reference/overview/#virtualisation-environment-vs-operating-system
Top commit has no ACKs.
Tree-SHA512: 285bdf6e7fe29990b980acf64ca658f4319d17c770f45cfd4339244e6b7ec11b7a39b9c4a54e71415c32fef08ee5da75ab7171861905494d633631779480c146
0e01e4522e devtools: Fetch and display ACKs at sign-off time in github-merge (Wladimir J. van der Laan)
Pull request description:
- Fetch the ACKs only at sign-off time. This makes sure that any last-minute ACKs are included (fixes#16200)
- Show a list of ACKs that will be included and their author before signing off, and warn if there are none
![1](https://user-images.githubusercontent.com/126646/59605250-ad070980-910e-11e9-9f9a-d789c7f06ebb.png)
![2](https://user-images.githubusercontent.com/126646/59605255-b1332700-910e-11e9-80a5-d1e244f48264.png)
There's a slight change to the merge commit format—before it was
```
ACKs for commit 88884c:
(list of ACKs, could be empty)
```
now it is
```
ACKs for top commit:
jnewbery:
ACK 5ebc6b0eb
... (list of ACKs cannot be empty)
```
or
```
Top commit has no ACKs.
```
I don't think there's a reason to have the abbreviated commit ID there, after all the full commit id is already in the beginning of the merge commit message, and at least the abbreviated one is in every single ACK message.
ACKs for commit 0e01e4:
fanquake:
ACK 0e01e4522e0f9e2e994f80fc61f40d61a4a70d79
Tree-SHA512: 8576de016137d71cfc101747e9bb6779c13e0953cf2babee7afc9972bf2bd46f6912be4982b54fa5abf4d91e98e8fdae6b4ca3eef7d6892b7a5f04a7017b6882
fb434159d1 Remove global symbols: Avoid using the global namespace if possible (practicalswift)
Pull request description:
Remove global symbols: Avoid using the global namespace if possible.
Partially resolves#15612 ("Reduce the number of global symbols used").
Change in global symbols as reported by `nm bitcoind` before vs after:
```
$ diff -u <(nm src/bitcoind-before | c++filt | grep -E '^[0-9a-f]+ [A-Z] ' | cut -f3- -d' ' | sort -u) \
<(nm src/bitcoind-after | c++filt | grep -E '^[0-9a-f]+ [A-Z] ' | cut -f3- -d' ' | sort -u) \
| grep -E '^[+-][^+-]'
-boundSockets
-cs_warnings
-eventHTTP
-fFeeEstimatesInitialized
-fLargeWorkForkFound
-fLargeWorkInvalidChainFound
-pathHandlers
-strMiscWarning[abi:cxx11]
-threadHTTP
```
ACKs for commit fb4341:
Tree-SHA512: d2f78f6188a992b0e0de8d107e2c494cfa0faa2de4fda634a1d3606d6515633bec86289cf2a2e78ffe467b17b795e2243cc459fb44e0dfe2fc69899506ff61c9
faede747b3 doc: Explain how to pass in non-fundamental types into functions (MarcoFalke)
Pull request description:
There is a common misconception in C++ that one ampersand is better than no ampersand and two ampersands are better than one.
ACKs for commit faede7:
practicalswift:
ACK faede747b3493544f25d601b8e02c833e54c8751
jonasschnelli:
ACK faede747b3493544f25d601b8e02c833e54c8751
Tree-SHA512: be12c23287398e4525f16e13de30e51a42d9e38284644eed5b67fa23197b09436d75a3aa8db08555ee91a38a0f159d2722b8a9927ce0bc906e600d2a7976086b
a407b6fdf3 [tests] Make random seed logged and settable (John Newbery)
Pull request description:
This allows tests which use randomness to be reproducibly run on failure.
ACKs for commit a407b6:
jonatack:
re-ACK a407b6fdf34f77eb347378674da9cf80394897de
jb55:
great! utACK a407b6fdf34f77eb347378674da9cf80394897de
Tree-SHA512: e1e89e6e76d11ddec71a8f0f077227e4b46303f80461b170900d3f95d4dcc4187b0d1decfd63562ea970aaaf530ef032a3e64ed1669aac29033d95161855fda3
e0bb279999 Doc: remove text about txes always relayed from -whitelist (David A. Harding)
Pull request description:
Updates text since -whitelistforcerelay was set to false by default in PR #15193.
ACKs for commit e0bb27:
fanquake:
utACK e0bb279
MarcoFalke:
utACK e0bb2799992afe88e6f4efc6d90ed82ddf1ec5ec
Tree-SHA512: cf0c9321d72692d573039a04f8f1d048cbdf67ed86cc781523dabd3c45d2731b788f53749e6bb29d7da1ab44eb04030f352469b20489bb2a26c2c38fb61f6489
fac174e2d1 lint: Check that all wallet args are hidden (MarcoFalke)
Pull request description:
Can be tested by calling `git revert 765d5890be` and then running the script
ACKs for commit fac174:
fanquake:
utACK fac174e
practicalswift:
tACK fac174e2d17e06b63aa5eb20b404af00d38db26e
Tree-SHA512: f7d40dc3d9f471c0cf77bc2746c1ef09b9df093b24508e72bfc50114c338e5dcb4a17741cf97566aeddc6d608f13e4eb1c986ae9935cebad1d589495ac16e0b2
70c1cf8c1c wallet: Avoid logging no_such_file_or_directory error (João Barbosa)
Pull request description:
Avoid logging `IsBerkeleyBtree: No such file or directory ...`. The result of `IsBerkeleyBtree` is the same since `fs::file_size()` returns 0 for non existent files.
Fix#15912.
ACKs for commit 70c1cf:
practicalswift:
utACK 70c1cf8c1c07091544d060191715027282e87b57
jonasschnelli:
utACK 70c1cf8c1c07091544d060191715027282e87b57
Empact:
utACK 70c1cf8c1c
Tree-SHA512: 964a64fff9a17b805a1570884cdb2beb82283498f790b0464e011791803ae7f37dba213320c76a920dd92b2b972a7640e6277ecf470400734149dc8f9f9f1d6d
942ff2054b41fe3f78f1b3d88cfd032bc95fd62f contrib: gh-merge: Use pagination to fetch all review comments (nkostoulas)
Pull request description:
Use GitHub API pagination to do multiple requests if required.
Tested with some PRs that have a large number of comments.
For issue #15816
ACKs for commit 942ff2:
MarcoFalke:
utACK 942ff2054b41fe3f78f1b3d88cfd032bc95fd62f
laanwj:
utACK 942ff2054b41fe3f78f1b3d88cfd032bc95fd62f
Tree-SHA512: cf0dcdc40212a7c5cfcd1afe873e068399bc6499fd2e32207c5516595c93e5cb478178b04185ce21c3de0312621e05fda268411e59864d51046fb7a049989f42
8a33f4d63f9944f4877b3e2814b1582e72ceaa71 GUI: Options: Remove the upper-bound limit from pruning size setting (Luke Dashjr)
4ddeb2f860eee98fbe94725ea8885368068a03f2 GUI: Options: Set the range of pruning size before loading its value (Luke Dashjr)
Pull request description:
This fixes two bugs:
1. The prune setting range was set *after* loading the current value. If users had a prune of (eg) 200, it would get limited to 99 before the range was raised. This is fixed by setting the range first.
2. The prune setting was limited to <= the chainparams' "assumed blockchain size". There's no reason for this limit (the UX is the same either way), and there are use cases it breaks (eg, setting a prune size such that it begins pruning at some future point). Therefore, I raised it to the max value.
This is a daggy fix, so should cleanly merge to both master and 0.18 branches.
ACKs for commit 8a33f4:
MarcoFalke:
utACK 8a33f4d63f9944f4877b3e2814b1582e72ceaa71
laanwj:
utACK 8a33f4d63f9944f4877b3e2814b1582e72ceaa71
promag:
utACK 8a33f4d.
Tree-SHA512: 480570fa243ab5cc76af76fded18cb8cb2d3194b9f050fec5e03ca551edeeda72ee8b06312e200a9e49404ec1cdffa62f7150cf9982ec1b282f17d90879ce438