Currently it's possible for ReleaseWallet to delete the CWallet pointer while
it is processing BlockConnected, etc chain notifications.
To fix this, unregister from notifications earlier in UnloadWallet instead of
ReleaseWallet, and use a new RegisterSharedValidationInterface function to
prevent the CValidationInterface shared_ptr from being deleted until the last
notification is actually finished.
dcda81c471 test: add coverage for script parse error in ParseScript (pierrenn)
Pull request description:
Follow up on this suggestion : https://github.com/bitcoin/bitcoin/pull/18416#issuecomment-603966799
This adds a test case to raise the `script parse error` in `ParseScript`.
ACKs for top commit:
instagibbs:
utACK dcda81c471
Tree-SHA512: ae0ef2c00f34cee818c83582f190d5f4043159e922862f2b442b7b895b8ff3ca421533699247c12c367be77813b5205830a771cd47a18e8932807ccace2d6a1c
faf7d4fa86 build: Add cov_fuzz target (MarcoFalke)
fac71e364e build: link fuzz/test_runner.py for out-of-tree builds (MarcoFalke)
faf2c5aca0 build: Remove unused USE_COVERAGE (MarcoFalke)
Pull request description:
Only libFuzzer is supported right now, so clang is required. Thus, this needs a workaround such as https://github.com/bitcoin/bitcoin/issues/12602#issuecomment-562788247
Can be tested with:
```
mkdir build && cd build
../configure --enable-fuzz --with-sanitizers=fuzzer --enable-lcov --enable-lcov-branch-coverage CC=clang CXX=clang++
make $MAKEJOBS
make cov_fuzz
ACKs for top commit:
practicalswift:
ACK faf7d4fa86
Tree-SHA512: 6828f8f81d95f6781713d0b09d7eba2ffdb50217e09ca839db61791a4ed70024859c7a0cb01d9eede79166d574dd57ece01f9d9fe2610d4a72a4ca4a4ce0b838
ef35604c9c rpc: fix broken RPCExamples for waitforblock(height) (Sebastian Falbesoner)
Pull request description:
This PR fixes several broken RPCExamples from the "blockchain" category:
- `HelpExampleCli` for `waitforblock` (disturbing comma between arguments)
- `HelpExampleCli` for `waitforblockheight` (disturbing comma between arguments)
- `HelpExampleRpc` for `waitforblockheight` (disturbing quotation marks around integer argument)
Note that the CLI example for `waitforblockheight` would also work with the first argument in quotation marks (in contrast to the RPC example), but I removed them as well as they are not needed.
Outputs for the non-working examples in the master branch:
```
$ ./bitcoin-cli waitforblock "0000000000079f8ef3d2c688c244eb7a4570b24c9ed7b4a8c619eb02596f8862", 1000
error code: -8
error message:
blockhash must be of length 64 (not 65, for '0000000000079f8ef3d2c688c244eb7a4570b24c9ed7b4a8c619eb02596f8862,')
```
```
$ ./bitcoin-cli waitforblockheight "100", 1000
error: Error parsing JSON:100,
```
```
$ curl --user __cookie__ --data-binary '{"jsonrpc": "1.0", "id": "curltest", "method": "waitforblockheight", "params": ["100", 1000]}' -H 'content-type: text/plain;' http://127.0.0.1:8332/
Enter host password for user '__cookie__':
{"result":null,"error":{"code":-1,"message":"JSON value is not an integer as expected"},"id":"curltest"}
```
Outputs for the fixed examples in the PR branch:
```
$ ./bitcoin-cli waitforblock "0000000000079f8ef3d2c688c244eb7a4570b24c9ed7b4a8c619eb02596f8862" 1000
{
"hash": "0000000000000000000910ae4d56120e0ddd55c0552e80ed12dba147abc68080",
"height": 622416
}
```
```
$ ./bitcoin-cli waitforblockheight 100 1000
{
"hash": "0000000000000000000910ae4d56120e0ddd55c0552e80ed12dba147abc68080",
"height": 622416
}
```
```
$ curl --user __cookie__ --data-binary '{"jsonrpc": "1.0", "id": "curltest", "method": "waitforblockheight", "params": [100, 1000]}' -H 'content-type: text/plain;' http://127.0.0.1:8332/
Enter host password for user '__cookie__':
{"result":{"hash":"0000000000000000000910ae4d56120e0ddd55c0552e80ed12dba147abc68080","height":622416},"error":null,"id":"curltest"}
```
ACKs for top commit:
fanquake:
ACK ef35604c9c
Tree-SHA512: b98c6681d1aa24b3ee3ef4ef450cb630082a9f8695af18f3b6d418e5b0b1e472b787ccf6397cd719b4d5fe0082ea5f1d0ca553c1cc56066ee2d288be34c601e3
9ab14e4d21 Limit decimal range of numbers ParseScript accepts (pierrenn)
Pull request description:
Following up on this suggestion : https://github.com/bitcoin/bitcoin/pull/18413#issuecomment-602966490, prevent the output of `atoi64` in the `core_read.cpp:ParseScript` helper to send to `CScriptNum::serialize` values wider than 32-bit.
Since the `ParseScript` helper is only used by the tool defined in `bitcoin-tx.cpp`, this only prevents users to provide too much unrealistic values.
ACKs for top commit:
laanwj:
ACK 9ab14e4d21
Tree-SHA512: ee228269d19d04e8fee0aa7c0ae2bb0a2b437b8e574356e8d9b2279318242057d51fcf39a842aa3afe27408d0f2d5276df245d07a3f4828644a366f80587b666
2b0fcff7f2 Make VerifyWitnessProgram use a Span stack (Pieter Wuille)
Pull request description:
Here is a follow-up to #18002, again with the goal of simplifying (potential) BIP341 code.
Instead of passing a begin and end iterator of the initial stack to `ExecuteWitnessScript`, they are turned into a `Span<const valtype>`, representing a span of `valtype`s in memory. This allows `VerifyWitnessProgram` to operate on that span directly, instead of juggling iterators around (which would be exacerbated by #17977 if trying to avoid copying the stack).
ACKs for top commit:
ajtowns:
ACK 2b0fcff7f2
elichai:
ReACK on the diff 2b0fcff7f2
instagibbs:
re-ACK 2b0fcff7f2
theStack:
re-ACK 2b0fcff7f2
Empact:
ACK 2b0fcff7f2
jnewbery:
utACK 2b0fcff7f2
Tree-SHA512: 38eb4ce17f1947674c1c274caa40feb6ea8266bd96134d9cf1bc41e6fbf1114d4dde6c7a9e26e1ca8f3d0155429ef0911cc8ec0c1037d8fe7d6ec7f9e7184e93
7834c3b9ec tests: Add fuzzing harness for functions/classes in chain.h (practicalswift)
d7930c4326 tests: Add fuzzing harness for functions/classes in protocol.h (practicalswift)
Pull request description:
Add fuzzing harnesses for functions/classes in `chain.h` and `protocol.h`.
Top commit has no ACKs.
Tree-SHA512: ac2d66bc678ebba0ffbbc42e77806eaf3bb07413ff19219c7a83b171ccd4601e0aa8546ee7ffe8018ca4de12d080f79f693d184cc337c234cde641803279f00c
c3857c5fcb wallet: remove CreateTotalBumpTransaction() (Jon Atack)
4a0b27bb01 wallet: remove totalfee from createBumpTransaction() (Jon Atack)
e347cfa9a7 rpc: remove deprecated totalFee arg from RPC bumpfee (Jon Atack)
bd05f96d79 test: delete wallet_bumpfee_totalfee_deprecation.py (Jon Atack)
a6d1ab8caa test: update bumpfee testing from totalFee to fee_rate (Jon Atack)
Pull request description:
Since 0.19, fee-bumping using `totalFee` was deprecated in #15996 and replaced by `fee_rate` in #16727. This changeset removes it.
ACKs for top commit:
laanwj:
ACK c3857c5fcb
Tree-SHA512: c1bb15d664baf4d2dea06981f36384af02057d125c51fcbc8640b9d5563532187c7b84aa952f7b575255a88ce383ed4d7495bec920a47b05b6fc0d432dce1f00
d831831822 lockedpool: When possible, use madvise to avoid including sensitive information in core dumps (Luke Dashjr)
Pull request description:
If we're mlocking something, it's because it's sensitive information. Therefore, don't include it in core dump files, ~~and unmap it from forked processes~~.
The return value is not checked because the madvise calls might fail on older kernels as a rule (unsure).
ACKs for top commit:
practicalswift:
Code review ACK d831831822 -- patch looks correct
laanwj:
ACK d831831822
jonatack:
ACK d831831822
vasild:
ACK d831831822
Tree-SHA512: 9a6c1fef126a4bbee0698bfed5a01233460fbcc86380d984e80dfbdfbed3744fef74527a8e3439ea226167992cff9d3ffa8f2d4dbd5ae96ebe0c12f3eee0eb9e
cd04286825 build: Fix typo in EVENT_CFLAGS variable (Hennadii Stepanov)
f709ad0c90 build: Fix libevent linking for bench_bitcoin binary (Hennadii Stepanov)
Pull request description:
This change fixes `libevent` linking error for the `bench_bitcoin` binary.
This PR is an alternative to #18377.
Fix#18373.
Also fixed a typo in `EVENT_CFLAGS` variable noted by **brakmic**.
ACKs for top commit:
fanquake:
ACK cd04286825
Tree-SHA512: a62f7457e86b11d3a55d603ea5d83f3a413792e2f28a0c72300e54d12591bd6f0acc1d76a4bd4b591e0223bc6d530e7a4b9a8b939fe2fdbf2dddfda5b1b537be
d056df033a Replace std::to_string with locale-independent alternative (Ben Woosley)
Pull request description:
Addresses #17866 following practicalswift's suggestion:
https://github.com/bitcoin/bitcoin/issues/17866#issuecomment-584287299
~Used ::ToString to avoid aliasing issues. Left uses in QT and test.~
ACKs for top commit:
practicalswift:
ACK d056df033a
laanwj:
ACK d056df033a
Tree-SHA512: 9e6966a9cdd14f4a1a40d9f0fa7c402aed22b2f1ad8681708e22b050d51a91c5d62220a9ec4c425be2d57acf5c964fca87a5e981b5cbff048bc3b6720dae92b7
fae1e99289 ci: Only clone bitcoin-core/qa-assets when fuzzing (MarcoFalke)
Pull request description:
Currently the only content of that repo are some seeds, so we can speed up some ci builds
ACKs for top commit:
laanwj:
ACK fae1e99289 (provided this passes travis)
Tree-SHA512: ed813738e7f24bb56a2f12aa3b398e414eb4f0ba98379836a33ff3e5602cbf42a28e89aad10e346468191ecddc03e60d5b236097112e27c07cb1c2293533ea58
3e0df92bf2 Update with new Windows code signing certificate (Andrew Chow)
Pull request description:
The current Windows code signing certificate is about expire (on March 26th 2020). As I have volunteered to take over the Windows code signing duties, I've purchased a new Windows code signing certificate with the same CA and under the same organization (Bitcoin Core Code Signing Association).
A signature by the old certificate over the new certificate has been provided to me. This signature can be verified using
```
openssl cms -verify -inform pem -purpose any -content path/to/new/win-codesign.cert -CAfile path/to/old/win-codesign.cert -certfile path/to/old/win-codesign.cert
```
The verification should succeed and the new certificate will be printed out. This can be compared to the contents of `win-codesign.cert`.
```
-----BEGIN PKCS7-----
MIIC3AYJKoZIhvcNAQcCoIICzTCCAskCAQExDzANBglghkgBZQMEAgEFADALBgkq
hkiG9w0BBwExggKkMIICoAIBATCBkTB8MQswCQYDVQQGEwJHQjEbMBkGA1UECBMS
R3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRgwFgYDVQQKEw9T
ZWN0aWdvIExpbWl0ZWQxJDAiBgNVBAMTG1NlY3RpZ28gUlNBIENvZGUgU2lnbmlu
ZyBDQQIRALWcUnSOxv9FQW3xdaMDO6swDQYJYIZIAWUDBAIBBQCggeQwGAYJKoZI
hvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMjAwMzI0MjA0ODM3
WjAvBgkqhkiG9w0BCQQxIgQgtLkmnuSQyczDlJSnJeqbi61p3iJ/rpFABrY8JWBO
o74weQYJKoZIhvcNAQkPMWwwajALBglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsG
CWCGSAFlAwQBAjAKBggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcN
AwICAUAwBwYFKw4DAgcwDQYIKoZIhvcNAwICASgwDQYJKoZIhvcNAQEBBQAEggEA
XaCl3Q8HwI9VpLCb9OY9eQh0QOPyl1KWEc3TP3UvwZwR4/gXkfPOKKf19UnS8eRB
48SgUKRMYWoDYfSVUJRMda9BLkbJbQlHG3LFXhSY2alajpPXEHcMto/XPhVAmqzL
w6aSNY0Gaorow696JHpetpKqAAlL1r2GjeaPYi2aZyIAifuhay/qwA+ig0SqzGOw
UdgFZWMyS5yanq8/WlLCCql6kKOzT4tEqUaleD7R1q8BTcG2+fmhWR8WwJLpIV6y
7GAqt0Cocu8sYpTNBNk8iKHxzZ2hMZKJpH9lHZuiJ/9vSercrvDy2R4/MG+KnBWb
OyiFAt2mC51+63RhLOMJfg==
-----END PKCS7-----
```
ACKs for top commit:
laanwj:
ACK 3e0df92bf2
theuni:
ACK 3e0df92bf2.
Tree-SHA512: 4210f4db1e805ab11231fbae49ea197257c6f7e44f1f6219685b63831704984d824ac2f9e0a3b1bd2655953af72636a474f077cb859fb35852551f5a9f8fbde3
76db4b260e gui: avoid QT Designer/Form Editor re-formatting (Jon Atack)
aae26053f9 gui: display Mapped AS in peers info window (Jon Atack)
Pull request description:
Continuing the asmap integration of #16702 which added `mapped_as` to the rpc getpeerinfo output, this adds the mapped AS to the Peers detail window in the GUI wallet.
`$ src/qt/bitcoin-qt -asmap=<path-to-asmap-file>` (asmap on)
`$ src/qt/bitcoin-qt` (asmap off)
Added a tooltip and a couple of minor fixups.
ACKs for top commit:
laanwj:
ACK 76db4b260e
Tree-SHA512: 5f44c05c247bfabc9c161884d3af47c50a571cd02777b320ce389e61efa47706adbf0ea5e6644ae40423cb579d8bd0bb3c84fc6b618293a7add8e4327f07f63f
e4d366788b build: Drop needless EXTRA_DIST content (Hennadii Stepanov)
6c4da59f5b build: Drop SOURCEDIST reordering (Hennadii Stepanov)
5e6b8b3912 build: Use git archive as source tarball (Hennadii Stepanov)
Pull request description:
This PR:
- is an alternative to #17104
- closes#16734
- closes#6753
The idea is clear described by some developers:
- [MarcoFalke](https://github.com/bitcoin/bitcoin/pull/17097#issuecomment-540691850):
> This whole concept of explicitly listing each and every file manually (or with a fragile wildcard) is an obvious sisyphean task. I'd say all we need to do is run git archive and be done with it forever, see #16734, #6753, #11530 ...
- [laanwj](https://github.com/bitcoin/bitcoin/pull/17097#issuecomment-540706025):
> I agree, I've never been a fan of it. I don't think we have any files in the git repository we don't want to ship in the source tarball.
---
The suggested changes have a downside which is pointed by [**luke-jr**](https://github.com/bitcoin/bitcoin/pull/17104#issuecomment-540828045):
> ... but the distfile needs to include autogen-generated files.
This means that a user is not able to run `./configure && make` right away. One must run `./autogen.sh` at first.
Here are opinions about mandatory use of `./autogen.sh`:
- [ryanofsky](https://github.com/bitcoin/bitcoin/issues/16734#issuecomment-534139356):
> It's probably ok to require autogen. I think historically configure scripts were supposed to work on obscure unix systems that would just have a generic shell + make tool + c compiler, and not necessarily need gnu packages like m4 which are needed for autogen.
- [laanwj](https://github.com/bitcoin/bitcoin/issues/16734#issuecomment-540729483):
> I also think it's fine to require autogen. What is one dependency more, if you're building from source.
---
~Also this PR provides Windows users with ZIP archives of the sources. Additionally the commit ID is stored in these ZIP files as a file comment:~
---
Note for reviewers: please verify is `git archive` output deterministic?
ACKs for top commit:
MarcoFalke:
re-ACK e4d366788b, only change is adding two dots in a the path 🛳
laanwj:
ACK e4d366788b
Tree-SHA512: d1153d3ca4a580696019b92be3555ab004d197d9a2146aacff9d3150eb7093b7d40eebd6eea12d861d93ff62d62b68706e04e64dbe5ea796ff6757486e462193
before:
------------------------------------------------------------
$ contrib/devtools/previous_release.sh -r -b v0.9.5
[...]
gzip: stdin: not in gzip format
tar: Child returned status 1
tar: Error is not recoverable: exiting now
------------------------------------------------------------
now:
------------------------------------------------------------
$ contrib/devtools/previous_release.sh -r -b v0.9.5
[...]
curl: (22) The requested URL returned error: 404 Not Found
Download failed.
------------------------------------------------------------
33dd764984 doc: Add fuzzing quickstart guides for libFuzzer and afl-fuzz. Simplify instructions. (practicalswift)
Pull request description:
Add fuzzing quickstart guide to make it trivial to start fuzzing Bitcoin Core.
Fuzzing is fun and having more people contributing coverage-increasing inputs to https://github.com/bitcoin-core/qa-assets would be awesome :)
ACKs for top commit:
MarcoFalke:
ACK 33dd764984
fanquake:
ACK 33dd764984 - ran through the quick start and process message instructions. macOS users might see issues with afl-fuzz.
Tree-SHA512: f3ca972ce6ed0df8bb8177bdbb1e16d8a235941ffe4fa7b95ce9520b6454694ee26d2c545eac0b8b81856a77e26befda0922a9121a445dd936a0e9f9dd034160
This is in preparation for adding different signature verification rules,
specifically tapscript (BIP 342), which interprets opcode 0xac and 0xad
as Schnorr signature verifications.
4308aa67e3 tests: Add fuzzing harness for functions in net_permissions.h (practicalswift)
43ff0d91f8 tests: Add fuzzing harness for functions in timedata.h (practicalswift)
a8695db785 tests: Add fuzzing harness for functions in addrdb.h (practicalswift)
Pull request description:
Add fuzzing harnesses for functions in `addrdb.h`, `net_permissions.h` and `timedata.h`.
Top commit has no ACKs.
Tree-SHA512: ea41431e7f1944ecd0c102e6ea04e70d6763dc9b6e3a0949a4f7299897a92fa3e8e7139f9f65b9508ce8d45613ea24ec0fd6d4a8be3cfd7c23136512b17770eb
5aab011805 test: add unit test for non-standard "scriptsig-not-pushonly" txs (Sebastian Falbesoner)
Pull request description:
Approaches another missing unit test of issue #17394: Checks that the function `IsStandardTx()` returns rejection reason "scriptsig-not-pushonly" if any one of the input's scriptSig consists of any other ops than just PUSHs.
ACKs for top commit:
MarcoFalke:
ACK 5aab011805🍟
practicalswift:
ACK 5aab011805 -- patch looks correct
Tree-SHA512: fbe25bcf57e5f0c8d2397eb67e61fe8d9145ba83032789adb2b67d6fcbcd87e6427e9d965e8cd7bbaaea482e39ec2f110f71ef2de079c7d1fba2712848caa9ba
