Commit graph

29158 commits

Author SHA1 Message Date
MarcoFalke
576300afb0
Merge bitcoin/bitcoin#21856: doc: add OSS-Fuzz section to fuzzing.md doc
47c3ea021e doc: add OSS-Fuzz section to fuzzing.md doc (Adam Jonas)

Pull request description:

  This adds documentation about [Bitcoin Core's participation](https://github.com/google/oss-fuzz/pull/5699/files) in Google's OSS-Fuzz program and adds the caveat that the project may not disclose vulnerabilities within the 90-day window described in the [program's disclosure guidelines](https://google.github.io/oss-fuzz/getting-started/bug-disclosure-guidelines/).

ACKs for top commit:
  jonatack:
    ACK 47c3ea021e

Tree-SHA512: 87bf0146fb74d1e4b3b8839e6c8f3d53046008a6d5b926ffe5b95be3c396a5e47e47967533422f60b04c4446482f49d210ada410b742f69781a7afde623d704d
2021-05-05 16:34:00 +02:00
Adam Jonas
47c3ea021e doc: add OSS-Fuzz section to fuzzing.md doc
Co-authored-by: Russell Yanofsky <russ@yanofsky.org>
2021-05-05 10:10:56 -04:00
W. J. van der Laan
54617fad99
Merge bitcoin/bitcoin#21709: doc: update reduce-memory.md and bitcoin.conf -maxconnections info
300234ab66 doc: update bitcoin.conf maxconnections info (Jon Atack)
926827065f doc: update reduce-memory.md peer connections info (Jon Atack)

Pull request description:

  This patch updates the documentation in `doc/reduce-memory.md` and `share/examples/bitcoin.conf` regarding the peer connections limits and `-maxconnections`

ACKs for top commit:
  jarolrod:
    re-ACK 300234ab66
  laanwj:
    ACK 300234ab66
  prayank23:
    ACK 300234ab66

Tree-SHA512: 90f53626124afb50706e6a3b644bc7bb800bb7cf41ae7062c20c17b3d9bdf4a8d73b4cf188faec9113d772596f7e4bc36a4a69481cacb92cc55d5956181d0c31
2021-05-05 16:10:55 +02:00
W. J. van der Laan
3275c6e578
Merge bitcoin/bitcoin#21727: refactor: Move more stuff to blockstorage
fa09a9eac8 style: Add { } to multi-line if (MarcoFalke)
fadafab833 move-only: Move functions to blockstorage (MarcoFalke)
fa7e64d586 move-only: Move constants to blockstorage (MarcoFalke)
fa247a327f refactor: Move block storage globals to blockstorage (MarcoFalke)
fa81c30c6f refactor: Move pruning/reindex/importing globals to blockstorage (MarcoFalke)

Pull request description:

  See #21575

ACKs for top commit:
  Sjors:
    ACK fa09a9eac8
  kiminuo:
    ACK fa09a9e
  laanwj:
    Code review ACK fa09a9eac8
  promag:
    Code review ACK fa09a9eac8. Since last review

Tree-SHA512: 2eb6962ff44da6b77f3058fc02ec66ab742e25ae8dcc8ec62b062896571910d43ca7c4bb16fb3ccb5e5245195b8dec6384b6c8d442fa97ca28d93bdff347d677
2021-05-05 16:03:03 +02:00
W. J. van der Laan
23109cc548
Merge bitcoin/bitcoin#21753: doc: add -addrinfo to tor docs
65f30e4c21 doc: add -addrinfo troubleshooting section to tor.md (Jon Atack)

Pull request description:

  Follow-up to #21595.

ACKs for top commit:
  jarolrod:
    ACK 65f30e4c21
  practicalswift:
    ACK 65f30e4c21
  0xB10C:
    ACK 65f30e4c21
  theStack:
    ACK 65f30e4c21

Tree-SHA512: d17fa007106b8f877d2632c99273c663a24f025febe52faec9b197c561df808fd6a92bb27992ccbf5c3cc0d82058a8c4b82a2f1b99325f0ddfdac5ef703ac7d7
2021-05-05 15:52:00 +02:00
W. J. van der Laan
75b3a32f03
Merge bitcoin/bitcoin#21821: test: Add missing test for empty P2WSH redeem
fa80a11c3b test: Add missing test for empty P2WSH redeem (MarcoFalke)

Pull request description:

ACKs for top commit:
  0xB10C:
    ACK fa80a11c3b

Tree-SHA512: 2d28fe2e80c0770d82e4164b235345a3a828e6b71445a82aa144b3efb3298e494a8bc456a329f175a3cb542fa1b669d869dc1fb1b711611feeb76ab312a661d5
2021-05-05 15:47:19 +02:00
W. J. van der Laan
fb43d7cb1e
Merge bitcoin/bitcoin#21787: test: fix off-by-ones in rpc_fundrawtransaction assertions
f09e6b2585 test: fix off-by-ones in rpc_fundrawtransaction (Jon Atack)

Pull request description:

  The variables in these assertions should be the same within each line.

ACKs for top commit:
  laanwj:
    ACK f09e6b2585
  theStack:
    ACK f09e6b2585

Tree-SHA512: 7ac754eaadd8cb00a725afa55bccbb8de7547dedac9350d79a9a470918245617e075c56a91adc36fb653bbe8a0a325d59b00443155a7e1a81ebf22e4e4cf56d9
2021-05-05 15:32:28 +02:00
W. J. van der Laan
df21e500d6
Merge bitcoin/bitcoin#21427: depends: Fix id_string invocations
fa872c9af3 depends: Fix id_string invocations (Carl Dong)

Pull request description:

  Closes: #21242

  ```
  Reproduced from depends/Makefile comment:

  When invoking a shell, GNU Make special-cases exit code 127 (command not
  found) by not capturing the output but instead passing it through. This
  is not done for any other exit code.

  Therefore, we require a "|| true" to avoid this behaviour when in an
  environment where the build_* or host_* may not exist yet.
  ```

ACKs for top commit:
  laanwj:
    Concept and light code review ACK fa872c9af3

Tree-SHA512: 9ce88381aec579d956572cf70c4f69dc5a3873f0d2af14a71cf24814192a89452b8280258bed8cca804e4bd2644db056d213ab733df46a10560a47079524d8ac
2021-05-05 14:32:12 +02:00
W. J. van der Laan
cdcf82622d
Merge bitcoin/bitcoin#21629: build: fix configuring when building depends with NO_BDB=1
a5491882a0 build: fix configuring when building depends with NO_BDB=1 (fanquake)

Pull request description:

  Currently, if you build depends using `NO_BDB=1` (only sqlite wallets), `./configure` will fail as it still tries to find bdb. i.e:
  ```bash
  make -C depends/ NO_QT=1 NO_BDB=1 NO_UPNP=1 NO_ZMQ=1 NO_NATPMP=1 -j8
  ...
  copying packages: native_b2 boost libevent sqlite

  ./autogen.sh
  ./configure --prefix=/home/ubuntu/bitcoin/depends/x86_64-pc-linux-gnu
  ...
  checking for Berkeley DB C++ headers... default
  configure: error: Found Berkeley DB other than 4.8, required for portable BDB wallets (--with-incompatible-bdb to ignore or --without-bdb to disable BDB wallet support)
  ```

  This PR fixes the build such that you can build depends, opting out of bdb, without opting out of wallets entirely, and still configure successfully. I think I've tested across most potential configurations. i.e:
  ```bash
   ./configure (bdb and sqlite on system)
  bdb & sqlite are both are available

  ./configure --without-bdb  (bdb and sqlite on system)
  only sqlite

  ./configure --without-sqlite  (bdb and sqlite on system)
  only bdb

  ./configure --disable-wallet  (bdb and sqlite on system)
  neither bdb or sqlite

  depends NO_WALLET=1
  ./configure --prefix=/bitcoin/depends/x86_64-apple-darwin19.6.0
  neither bdb or sqlite

  depends NO_BDB=1
  ./configure --prefix=/bitcoin/depends/x86_64-apple-darwin19.6.0
  only sqlite

  depends NO_SQLITE=1
  ./configure --prefix=/bitcoin/depends/x86_64-apple-darwin19.6.0
  only bdb

  depends
  ./configure --prefix=/bitcoin/depends/x86_64-apple-darwin19.6.0
  bdb and sqlite
  ```

ACKs for top commit:
  laanwj:
    Code review ACK a5491882a0
  jarolrod:
    ACK a5491882a0

Tree-SHA512: baf7d2543a401db0d846095415ff449c04ecfb4a74c734dc51e79453702f9051210daeef686970f11fcffd32cdfadbc58acd54f0706aceecfb3edb0ff17310d7
2021-05-05 13:29:05 +02:00
W. J. van der Laan
b7c2625703
Merge bitcoin/bitcoin#21664: contrib: use LIEF for macOS and Windows symbol & security checks
7fc5e865b9 test: install lief in CI (fanquake)
955140b326 contrib: consolidate PIE and NX security checks (fanquake)
2aa1631822 contrib: use LIEF in PE symbol checks (fanquake)
e93ac26b85 contrib: use LIEF in macOS symbol checks (fanquake)
a632cbcee5 contrib: use f strings in symbol-check.py (fanquake)
0f5d77c8e4 contrib: add PE PIE check to security checks (fanquake)
8e1f40dd9a contrib: use LIEF for PE security checks (fanquake)
a25b2e965c contrib: use LIEF for macOS security checks (fanquake)
7e7eae7aa8 contrib: use f strings in security-check.py (fanquake)
2e7a9f7ade guix: install LIEF in Guix container (fanquake)
465967b5ef gitian: install LIEF in gitian container (fanquake)

Pull request description:

  This PR is a proof of concept for using [LIEF](https://github.com/lief-project/LIEF) for the PE and MACHO symbol and security checks. It replaces our current approach of manually parsing the output of `objdump` & `otool`. If the consensus is that using LIEF is ok, then I also plan on replacing [pixie.py](https://github.com/bitcoin/bitcoin/blob/master/contrib/devtools/pixie.py), and using LIEF for all checks. LIEF for Linux is also currently blocked (on the next release, unless we want to build master) on one change for RISC-V that I [sent upstream](https://github.com/lief-project/LIEF/pull/562).

  LIEF is seemingly well maintained, and is the basis for a number of other tools. It also has some very nice documentation; i.e the [Python API for ELF](https://lief.quarkslab.com/doc/latest/api/python/elf.html). It also has many builtins we can take advantage of. i.e [`is_pie`](https://lief.quarkslab.com/doc/latest/api/python/macho.html#lief.MachO.Binary.is_pie), [`has_nx`](https://lief.quarkslab.com/doc/latest/api/python/macho.html#lief.MachO.Binary.has_nx) etc. This means we can [consolidate some of our checks](9c5eeb5484). If/when end up using LIEF for lightning then we can consolidate further, and cleanup these scripts. i.e to not parse the binary inside the checks, but once at the start of the script.

  Guix builds:
  ```bash
  # find guix-build-$(git rev-parse --short=12 HEAD)/output/ -type f -print0 | env LC_ALL=C sort -z | xargs -r0 sha256sum
  963a08638c46f9a3d75cd4b0c155d1ca091bbeba27167291adcd3dca03fd4c3d  guix-build-f51237d94d98/output/aarch64-linux-gnu/bitcoin-f51237d94d98-aarch64-linux-gnu-debug.tar.gz
  a3ce927c46b103789a010c41a6ebfafe4548d90ee7d88f2a735c9183b775da5c  guix-build-f51237d94d98/output/aarch64-linux-gnu/bitcoin-f51237d94d98-aarch64-linux-gnu.tar.gz
  2503ac8901068805d5e7251fd5cfeb7c1f8ba3528bdfcf3aa1e0c40bfd5c1cbc  guix-build-f51237d94d98/output/arm-linux-gnueabihf/bitcoin-f51237d94d98-arm-linux-gnueabihf-debug.tar.gz
  5798697e58e1788df85aa9e2e4d33fef0456169fcbd2521f13b3b5806ac0d84d  guix-build-f51237d94d98/output/arm-linux-gnueabihf/bitcoin-f51237d94d98-arm-linux-gnueabihf.tar.gz
  4185adebc6a0abe7241a3cd409a6ab7be031c26f1c4245e30bb5f87eef0925d2  guix-build-f51237d94d98/output/dist-archive/bitcoin-f51237d94d98.tar.gz
  9b4b8756c5c84295eb6b61b6b32a07a8d07723fb38aaa8f519b6133935061bda  guix-build-f51237d94d98/output/powerpc64-linux-gnu/bitcoin-f51237d94d98-powerpc64-linux-gnu-debug.tar.gz
  cbd821aa464a9c16f7979dbec1a5e66939e777a567f55f7081499a8d528d42c5  guix-build-f51237d94d98/output/powerpc64-linux-gnu/bitcoin-f51237d94d98-powerpc64-linux-gnu.tar.gz
  abed530a82e97e3cf621c90a13c0881b0e39ccce2a6f42a3ff80de76e2abc5f7  guix-build-f51237d94d98/output/powerpc64le-linux-gnu/bitcoin-f51237d94d98-powerpc64le-linux-gnu-debug.tar.gz
  8b6d2bdd8b58ff1f6072bf8693abe3ce773ff3a7d8d2b7218207e69945b9d31b  guix-build-f51237d94d98/output/powerpc64le-linux-gnu/bitcoin-f51237d94d98-powerpc64le-linux-gnu.tar.gz
  d99cc705032d22ae819975992216899ed960ba25871a05c8789d00b80418511f  guix-build-f51237d94d98/output/riscv64-linux-gnu/bitcoin-f51237d94d98-riscv64-linux-gnu-debug.tar.gz
  5240ca4f4ef7c62088185224ac319ad9a4a9b40075df10af18d8a6355bca32fb  guix-build-f51237d94d98/output/riscv64-linux-gnu/bitcoin-f51237d94d98-riscv64-linux-gnu.tar.gz
  adc16eaee4b51e8615ce8b3be9f6c018698237df4ad6e0886cf0d4ab6bc9e5c4  guix-build-f51237d94d98/output/x86_64-apple-darwin18/bitcoin-f51237d94d98-osx-unsigned.dmg
  b188af0572ee682d74cc82c7e6e464115205fc130a457cfe19d42ac9ddd267f8  guix-build-f51237d94d98/output/x86_64-apple-darwin18/bitcoin-f51237d94d98-osx-unsigned.tar.gz
  e764062fde144e6fb5d6dd776c10fc2daa8d775831f7e43247d17a6c6e060c97  guix-build-f51237d94d98/output/x86_64-apple-darwin18/bitcoin-f51237d94d98-osx64.tar.gz
  dab3d26ac94c669140f7329d14e57ef02b0fe92b8a8f9d96c32a416adea0da0f  guix-build-f51237d94d98/output/x86_64-linux-gnu/bitcoin-f51237d94d98-x86_64-linux-gnu-debug.tar.gz
  ca59d4379fbe2b9a52deebeaf88508e0eda4215f28d319aff0781289dd159712  guix-build-f51237d94d98/output/x86_64-linux-gnu/bitcoin-f51237d94d98-x86_64-linux-gnu.tar.gz
  52b7c35321a85c4f6c95bf0e687574454b71ede9bec1c9cf17f37c578c888a94  guix-build-f51237d94d98/output/x86_64-w64-mingw32/bitcoin-f51237d94d98-win-unsigned.tar.gz
  a543895a00f8ffb3ba50ca68396d52ad5a18dd8efe38730e0049dd70d283a092  guix-build-f51237d94d98/output/x86_64-w64-mingw32/bitcoin-f51237d94d98-win64-debug.zip
  aec050d03c65268a986148500f7341cceb8c5f85287e0e3cde8933ce4b4dee32  guix-build-f51237d94d98/output/x86_64-w64-mingw32/bitcoin-f51237d94d98-win64-setup-unsigned.exe
  57ba33ed6ee8d3a885e342471359301473e83037d5442895beb686921a4c50e9  guix-build-f51237d94d98/output/x86_64-w64-mingw32/bitcoin-f51237d94d98-win64.zip
  ```

  Gitian builds:
  ```bash
  # macOS:
  2f066e852bdd30ac46e5ecdf7619d19d408035c318a3edf0f1893ec2e25efb69  bitcoin-41a1b3d1b130-osx-unsigned.dmg
  8cf8ac4d21740f490262453c330b5f4a5c5b8139dfc1b322efefce3f3b93d1b2  bitcoin-41a1b3d1b130-osx-unsigned.tar.gz
  cf1b84efdd9d2588a1ce9513580fb56b38bfafe60e18f8adbeedf03521c6c2b2  bitcoin-41a1b3d1b130-osx64.tar.gz
  14995244b0bb3e80e7b79975c9c70fdfb3ee3c04fda3efd5358ce1c4efa3a312  src/bitcoin-41a1b3d1b130.tar.gz
  93881069d5e1dc385c08895a7b035a94eb010325afc2776c99b6aafa21096eb8  bitcoin-core-osx-22-res.yml

  # Windows:
  4d56dd7713121684b7eaa448679c65df2fd0aa5319bf8d12fb6cfa9f0b005cf7  bitcoin-f51237d94d98-win-unsigned.tar.gz
  4558f4173152b084bcba25aa1a53c605208a70fe20392141b63cefb476528c85  bitcoin-f51237d94d98-win64-debug.zip
  b63feaca010e86d514cfe38d716e3c8a8b8058e4f969b868aaaeb8a8a3d3dc81  bitcoin-f51237d94d98-win64-setup-unsigned.exe
  de7d8586cc91ba391fe911853a99d9fd15fc6f9a60f9b91a0447940173aac67a  bitcoin-f51237d94d98-win64.zip
  4185adebc6a0abe7241a3cd409a6ab7be031c26f1c4245e30bb5f87eef0925d2  src/bitcoin-f51237d94d98.tar.gz
  45efaca35b5fad0a04dfd06e44f7c00b990aa91c7bf2faea57e020d3491a6cf0  bitcoin-core-win-22-res.yml

  # Linux:
  055d646c5f8cf4708008374546176012ff758566a2645a3a01e1a33eab1002fe  bitcoin-f51237d94d98-aarch64-linux-gnu-debug.tar.gz
  bfc8b0efc36b0474c88546b12d2723c04b4dc629ae311082025c7e0b8f0d1aa9  bitcoin-f51237d94d98-aarch64-linux-gnu.tar.gz
  9dfaa5acfffadad8942b32996458013a155d12ed07be76601f232233627b5cb9  bitcoin-f51237d94d98-arm-linux-gnueabihf-debug.tar.gz
  54eb57905ff8513b9f628707b61aa4659c362fb2f6d17e0ee240b4da3674907d  bitcoin-f51237d94d98-arm-linux-gnueabihf.tar.gz
  ad98d876616eff578ad8cfd17dfbabe48ed14200823579687d66694bae3d2fe3  bitcoin-f51237d94d98-powerpc64-linux-gnu-debug.tar.gz
  fe1b421dd1cb6e04d5dc5d341459dc15fa6e15b80906e5d8e0405cf43495e0f7  bitcoin-f51237d94d98-powerpc64-linux-gnu.tar.gz
  9001d95cc7d2722d9d7dd83d9da8e5adf575fddf91b615b76b9bcfece30ecf6f  bitcoin-f51237d94d98-powerpc64le-linux-gnu-debug.tar.gz
  9e0650ad2aba70c0fd1608a077e95f335dc1bb4a79eab9b0b56ac87427a4fd4f  bitcoin-f51237d94d98-powerpc64le-linux-gnu.tar.gz
  fbfde0134944d3dbd32991455b0a8abdd334853ab8a4c1a1a4c060d9de071c50  bitcoin-f51237d94d98-riscv64-linux-gnu-debug.tar.gz
  2fa2cfddce98c44c65305326fc623a7f065129208337503d813a08d51580cb8a  bitcoin-f51237d94d98-riscv64-linux-gnu.tar.gz
  b2d6caeee0e3c350a43165c39876ebed8e588958007af0d06996e341c7060683  bitcoin-f51237d94d98-x86_64-linux-gnu-debug.tar.gz
  bfdb827e75d43d61462513c9a843620b93c9160d9d246cad13278baaa07f64ea  bitcoin-f51237d94d98-x86_64-linux-gnu.tar.gz
  4185adebc6a0abe7241a3cd409a6ab7be031c26f1c4245e30bb5f87eef0925d2  src/bitcoin-f51237d94d98.tar.gz
  34820a093916fa35b0fd98806a50092f46b20271af7422f43e2a4223ef6f9bb7  bitcoin-core-linux-22-res.yml
  ```

ACKs for top commit:
  laanwj:
    re-ACK 7fc5e865b9

Tree-SHA512: 0c30838413448ecfcf55e6273f607fdb01cb1acafa1d2762afad59360fca7d8efa78ec55064f50cba56cb2c9e98741e13665cba8e9b4b8e5b62b8a53f9bf8990
2021-05-05 13:22:59 +02:00
W. J. van der Laan
00a9b0647e
Merge bitcoin/bitcoin#21799: guix: Use gcc-8 across the board
c90f6e5109 guix: Consistently use gcc-8 for $HOST (Carl Dong)

Pull request description:

  Only non-base commit is the last commit: b5abb07d0d

  Right now, here's what we use in Gitian:
  - Linux: Focal's [`g++-8-<arch>-linux-gnu`](https://packages.ubuntu.com/focal/g++-8-aarch64-linux-gnu) (`8.4.0-3ubuntu1cross1`)
  - MinGW-w64: Focal's [`g++-mingw-w64`](https://packages.ubuntu.com/focal/g++-mingw-w64) (`9.3.0-7ubuntu1+22~exp1ubuntu4`)

  In Guix right now we use `gcc-9` across the board.

  I think it makes more sense to use `gcc-8` across the board, as it doesn't suffer from the `memcmp` bug, and is what debian buster (stable) does, meaning it will be well tested ([`g++-mingw-w64`](https://packages.debian.org/buster/g++-mingw-w64), [`g++-aarch64-linux-gnu`](https://packages.debian.org/buster/g++-aarch64-linux-gnu)).

  We can accomplish this somewhat easily using Guix as we have tighter control over the toolchain (see: b5abb07d0d).

  Let me know your thoughts!

ACKs for top commit:
  MarcoFalke:
    Approach ACK c90f6e5109, haven't reviewed
  laanwj:
    Code review ACK c90f6e5109
  hebasto:
    ACK c90f6e5109, I have reviewed the code and it looks OK, I agree it can be merged.

Tree-SHA512: 3e5b9297305232273323aa745ec417ed1be2418ead0e432db7742f5d5f45efe6e4a2ed44328731512cff4bfde80e5f2dc350a131b8b8fb9207a2ef66bce27ed2
2021-05-05 10:43:09 +02:00
MarcoFalke
779aaa7f03
Merge bitcoin/bitcoin#21754: test: Run feature_cltv with MiniWallet
fa066f1b66 test: Run feature_cltv with MiniWallet (MarcoFalke)
fa5591d38c test: Hide tx rehash in helper (MarcoFalke)
fa5f938cfe test: Remove new_tx reference (MarcoFalke)

Pull request description:

  Allows to run the test even with no wallet compiled in

ACKs for top commit:
  theStack:
    ACK fa066f1b66 💽

Tree-SHA512: 3f659a178ba3ee0baffd70fddf8b8a68e5551d85626c7f254b234d7f75e6a16430a32a7952037db358b579f045b4d296b46156f72e5d226f3e80334dc635ca10
2021-05-05 08:47:28 +02:00
fanquake
dc8da2a685
Merge bitcoin/bitcoin#21824: refactor: [index] Replace deprecated char with uint8_t in serialization
fafb880e88 refactor: [index] Replace deprecated char with uint8_t in serialization (MarcoFalke)

Pull request description:

  All char representations are serialized in the same way, however the `char` one is deprecated according to d22e7ee933/src/serialize.h (L227) . Also, using `uint8_t` directly avoids casts.

ACKs for top commit:
  jonatack:
    Approach ACK fafb880e88
  laanwj:
    Code review ACK fafb880e88
  practicalswift:
    cr ACK fafb880e88: patch looks correct

Tree-SHA512: ed08fb1b18cb75a695e15924bcaa30ff8746bcd5f17cc83e79f94fe5ff8d9f2083435cb49b8245e3341ede2512140940d864299f4746bc40c8ed8bfdbdacac24
2021-05-05 09:59:46 +08:00
MarcoFalke
3f8f238deb
Merge bitcoin/bitcoin#21849: fuzz: Limit toxic test globals to their respective scope
cf83b82cf0 fuzz: Limit toxic test globals to their respective scope (MarcoFalke)

Pull request description:

  Globals in one fuzz target are toxic to all other fuzz targets, because we link all fuzz targets into one binary. Any code called by constructing the global will affect all other targets. This leads to incorrect coverage stats, false-positive crashes, ...

ACKs for top commit:
  practicalswift:
    cr ACK cf83b82cf0: non-toxic is better than toxic!
  laanwj:
    Code review ACK cf83b82cf0

Tree-SHA512: 5b3a37bcb36fce4160c94f877b2c07704527e3e1842092375c793d2eca77b996ae62889326094020855666bb34fa019fcfe92e8ff8430ce0372227f03ab2b907
2021-05-04 17:21:43 +02:00
MarcoFalke
a1c6434e19
Merge bitcoin/bitcoin#21852: ci: Add msan fuzz config
fa0422c251 ci: Add msan fuzz config (MarcoFalke)
fa399a76c6 ci: Use clang-12 in msan task (MarcoFalke)
fab30174af ci: Set BASE_SCRATCH_DIR early, so that it can be used in test configs (MarcoFalke)

Pull request description:

  Similar to the valgrind config, this config is not run by any ci task in this repo, but it can be used by other repos or self-hosted infrastructure.

ACKs for top commit:
  practicalswift:
    cr ACK fa0422c251: patch looks correct

Tree-SHA512: 2122ac0948978a7b952efc80d4aa3674b27d48c6166e0ce917c61ac4ee6b68d701a83e5f71ee6868c208885ee45aae409ca022ebcb23ccbe37819a8c36e34872
2021-05-04 17:04:49 +02:00
MarcoFalke
fa0422c251
ci: Add msan fuzz config 2021-05-04 15:06:00 +02:00
MarcoFalke
fa399a76c6
ci: Use clang-12 in msan task 2021-05-04 15:04:11 +02:00
MarcoFalke
fab30174af
ci: Set BASE_SCRATCH_DIR early, so that it can be used in test configs
Can be reviewed with --color-moved=dimmed-zebra
2021-05-04 15:03:14 +02:00
fanquake
7fc5e865b9
test: install lief in CI 2021-05-04 20:48:53 +08:00
fanquake
955140b326
contrib: consolidate PIE and NX security checks 2021-05-04 20:48:00 +08:00
fanquake
2aa1631822
contrib: use LIEF in PE symbol checks 2021-05-04 20:48:00 +08:00
fanquake
e93ac26b85
contrib: use LIEF in macOS symbol checks 2021-05-04 20:48:00 +08:00
fanquake
a632cbcee5
contrib: use f strings in symbol-check.py 2021-05-04 20:48:00 +08:00
fanquake
0f5d77c8e4
contrib: add PE PIE check to security checks 2021-05-04 20:48:00 +08:00
fanquake
8e1f40dd9a
contrib: use LIEF for PE security checks 2021-05-04 20:47:59 +08:00
fanquake
a25b2e965c
contrib: use LIEF for macOS security checks 2021-05-04 20:47:59 +08:00
fanquake
7e7eae7aa8
contrib: use f strings in security-check.py 2021-05-04 20:47:59 +08:00
fanquake
2e7a9f7ade
guix: install LIEF in Guix container
Co-authored-by: Carl Dong <contact@carldong.me>
2021-05-04 20:47:59 +08:00
fanquake
465967b5ef
gitian: install LIEF in gitian container 2021-05-04 20:47:58 +08:00
fanquake
0ca8b7e7ec
Merge bitcoin/bitcoin#21812: ci: Enable D_GLIBCXX_DEBUG for multiprocess task
fa44f5119a ci: Clarify that previous_releases task is using DEBUG (MarcoFalke)
fad0f21c3c ci: Use clang in multiprocess task to avoid OOM (MarcoFalke)
faeabef4f3 ci: Enable D_GLIBCXX_DEBUG for multiprocess task (MarcoFalke)

Pull request description:

  Enable `-D_GLIBCXX_DEBUG` via the depends `DEBUG` flag. Also `--enable-debug` to get debug symbols in traces.

ACKs for top commit:
  hebasto:
    ACK fa44f5119a, I have reviewed the code and it looks OK, I agree it can be merged, and CI is green.

Tree-SHA512: ab2a216bb44ee462f9dd181ec9025962502bd4201a1118ff52b6a193398e7ea3ca465a45a5eb341e308758fc3ef34ea3521f8a1f85ed64478ef3c1f6c1b8b141
2021-05-04 19:18:35 +08:00
John Newbery
39e19713cd [net processing] Add internal _RelayTransactions()
Callers of the external RelayTransactions() no longer need to lock cs_main.
2021-05-04 09:31:03 +01:00
W. J. van der Laan
ab9a566ab3
Merge bitcoin/bitcoin#21825: net: add I2P hardcoded seeds
142e2da440 net: add I2P seeds to chainparamsseeds (Jon Atack)
e01f173fb9 contrib: add a few I2P seed nodes (Jon Atack)
ea269c7ef1 contrib: parse I2P addresses in generate-seeds.py (Jon Atack)

Pull request description:

  Follow-up to #21560 that updated the fixed seeds infra for BIP155 addresses and then added Tor v3 ones:

  - Update contrib/generate-seeds.py to parse I2P addresses

  - Add a few I2P nodes to contrib/seeds/nodes_main.txt

  - Run generate-seeds.py and add the I2P seeds to chainparamsseeds.h

  Reviewers, see contrib/seeds/README.md for more info and feel free to use the following CLI one-liner to check for and propose additional seeds for contrib/seeds/nodes_main.txt. You can also see how many I2P peers your node knows with cli -addrinfo.

  ```rake
  bitcoin-cli getnodeaddresses 0 | jq '.[] | (select(.address | contains(".b32.i2p"))) | .address' | sort
  ```

  I verified the I2P addresses are correctly BIP155-serialized/deserialized by building with all seeds removed from chainparamsseeds.h except those added here, restarting with `-datadir=newdir -dnsseed=0` and running rpc ` getnodeaddresses 0` that initially returns only the new I2P addresses.

ACKs for top commit:
  laanwj:
    ACK 142e2da440
  vasild:
    ACK 142e2da440

Tree-SHA512: 040576012d5f1f034e2bd566ad654a6fdfd8ff7f6b12fa40c9fda1e948ebf8417fcea64cfc14938a41439370aa4669bab3e97274f9d4f9a6906fa9520afa9cf8
2021-05-04 09:44:46 +02:00
MarcoFalke
cf83b82cf0
fuzz: Limit toxic test globals to their respective scope 2021-05-04 09:24:17 +02:00
MarcoFalke
fac30eec42
refactor: Replace &foo[0] with foo.data() 2021-05-04 06:55:31 +02:00
MarcoFalke
faece47c47
refactor: Avoid &foo[0] on C-Style arrays
This is confusing at best when parts of a class use the
redundant operators and other parts do not.
2021-05-04 06:55:30 +02:00
MarcoFalke
face961109
refactor: Use only one temporary buffer in CreateObfuscateKey 2021-05-04 06:53:37 +02:00
MarcoFalke
fa05dddc42
refactor: Use CPubKey vector constructor where possible 2021-05-04 06:53:32 +02:00
Guido Vranken
fabb6dfe6e
script: Replace address-of idiom with vector data() method 2021-05-04 06:53:20 +02:00
MarcoFalke
e2d4e67a8f
Merge bitcoin/bitcoin#21840: test: Misc refactor to get rid of &foo[0] raw pointers
fa8a88849c bench: Remove duplicate constants (MarcoFalke)
000098f964 test: Use throwing variant accessor (MarcoFalke)
fa2197c8b3 test: Use loop to register RPCs (MarcoFalke)

Pull request description:

  Simplify test code

ACKs for top commit:
  Empact:
    Code Review ACK fa8a88849c
  practicalswift:
    cr ACK fa8a88849c
  promag:
    Code review ACK fa8a88849c.

Tree-SHA512: 6a5bebaa9a3f43e9c332f4fbff606e9ece6dc8b95a769980082cc022f8e9bde6083c1e4a0145dcbf3741f514d6e97b4198f201a1bf1370ebf43bd3a5c0f85981
2021-05-04 06:49:22 +02:00
Carl Dong
d420e5c1c0 guix-attest: Avoid incomplete sigdirs with ERR traps
Sometimes GPG connects to the wrong agent... or you don't have your
smartcard handy...
2021-05-03 16:50:59 -04:00
MarcoFalke
bf5e6a7771
Merge bitcoin/bitcoin#21846: fuzz: Add -fsanitize=integer suppression needed for RPC fuzzer (generateblock)
575792e6ff fuzz: Add -fsanitize=integer suppression needed for RPC fuzzer (practicalswift)

Pull request description:

  Add `-fsanitize=integer` suppression needed for RPC fuzzer (`generateblock`).

  Context: https://github.com/bitcoin-core/qa-assets/pull/59/checks?check_run_id=2494624259

  ```
  miner.cpp:130:21: runtime error: implicit conversion from type 'int64_t' (aka 'long') of value 244763573890 (64-bit, signed) to type 'uint32_t' (aka 'unsigned int') changed the value to 4245405314 (32-bit, unsigned)
      #0 0x56143974eaf3 in BlockAssembler::CreateNewBlock(CScript const&) miner.cpp:130:21
      #1 0x56143993690d in generateblock()::$_4::operator()(RPCHelpMan const&, JSONRPCRequest const&) const rpc/mining.cpp:370:127
  ```

ACKs for top commit:
  practicalswift:
    > review ACK [575792e](575792e6ff), but this function shouldn't be called by the rpc fuzzer, at least not without sanitizing num_blocks
  MarcoFalke:
    review ACK 575792e6ff

Tree-SHA512: c2133d1064bf17df0e7749ef4a0f7664b5c8082040491a1035d39f0c6e5d96997b347ef2354411e285c7f1f973e34515f1c3c88eb3de60fab64ca4d2adf6dd74
2021-05-03 22:18:05 +02:00
practicalswift
575792e6ff fuzz: Add -fsanitize=integer suppression needed for RPC fuzzer 2021-05-03 19:33:46 +00:00
Carl Dong
c90f6e5109 guix: Consistently use gcc-8 for $HOST 2021-05-03 14:42:25 -04:00
MarcoFalke
8e1c06846e
Merge bitcoin/bitcoin#21662: build: update Boost download URL
36c10b9f4b build,boost: update download url. (fdov)

Pull request description:

  - bintray is closing.
      - updated to jfrog.io.

  For reference:
  https://github.com/boostorg/boost/issues/502

ACKs for top commit:
  Sjors:
    ACK 36c10b9
  hebasto:
    ACK 36c10b9f4b

Tree-SHA512: 6746781296c3f395a2824750cf1a578ef9a2d6b8d5c4da196a8da5d084aea01f7f2583b41b2aade7bb94dd02be71efcfd6edf7491a1a25f2d36240b18322a68e
2021-05-03 19:57:43 +02:00
MarcoFalke
ea71726a54
Merge bitcoin/bitcoin#21810: fuzz: Various RPC fuzzer follow-ups
5252f86eb6 fuzz: Reduce maintenance requirements by allowing RPC annotations also for conditionally available RPC commands (such as wallet commands) without the fragility of #ifdef forests (practicalswift)
54549dda31 fuzz: RPC fuzzer post-merge follow-ups. Remove unused includes. Update list of fuzzed RPC commands. (practicalswift)

Pull request description:

  Various RPC fuzzer follow-ups:
  * Remove unused includes.
  * Update list of fuzzed RPC commands.
  * Reduce maintenance requirements by allowing RPC annotations also for conditionally available RPC commands (such as wallet commands) without the fragility of `#ifdef` forests.

  Context: https://github.com/bitcoin/bitcoin/pull/21169#pullrequestreview-646723483

ACKs for top commit:
  MarcoFalke:
    Concept ACK 5252f86eb6

Tree-SHA512: 286d70798131706ffb157758e1c73f7f00ed96ce120c7d9dc849e672b283f1362df47b206cfec9da44d5debb5869225e721761dcd5c38a7d5d1019dc6c912ab2
2021-05-03 19:47:18 +02:00
Carl Dong
feda2c8e31 guix: Skip attesting to dist-archive
We already attest to the relevant dist-archive in inputs.SHA256SUMS,
which is recorded at build-time.

We use a SKIPATTEST.TAG file to indicate output directories which do not
require attestation (much like the CACHEDIR.TAG specification).
Generally, it's better to have build scripts declare properties of
directories instead of introducing name-based special cases in attest
scripts since build scripts have a more detailed context of what is
going on.
2021-05-03 13:18:19 -04:00
Carl Dong
d522d8006b guix: Attest to inputs in inputs.SHA256SUMS
At build/codesigning-time, hash build inputs and output the digest to
${OUTDIR}/inputs.SHA256SUMS, which gets included in the final SHA256SUMS
constructed by guix-attest.

Example final SHA256SUMS:
ee832d2a35b7701bff581dea05a536118b118e3ad0a587a2855b6ee8cd6fba20  inputs/bitcoin-78199266af7b.tar.gz
ca765e70a0c12866dd63c0be228b675278a26329e5f8f5b5c52fd09200fedf21  bitcoin-78199266af7b-powerpc64le-linux-gnu-debug.tar.gz
dae95327d7f2c324e2728c4b73627be6cb2c0d2f2e5bea940d1d5e6463939327  bitcoin-78199266af7b-powerpc64le-linux-gnu.tar.gz
2021-05-03 13:18:19 -04:00
Carl Dong
f9e2960c01 guix: Construct $OUTDIR in ${DISTSRC}/output
While files are being output to $OUTDIR, it will be under
${DISTSRC}/output, and only when everything is done, will
${DISTSRC}/output be moved to the actual $OUTDIR.

This makes it so that a Ctrl-C in the middle of a build is less likely
to result in a partially-constructed $OUTDIR. In fact, if I understand
correctly, if $OUTDIR and $DISTSRC reside on the same filesystem, the
move (rename) is likely atomic.

Also, since the "working $OUTDIR" is under ${DISTSRC}/output, it will be
cleaned properly by the guix-clean script.
2021-05-03 13:18:19 -04:00
Carl Dong
022abc85fc guix: Minor quoting fix in libexec/build.sh 2021-05-03 13:18:19 -04:00
Carl Dong
c83c4fa5b7 guix-attest: Allow skipping GPG signing with NO_SIGN 2021-05-03 13:18:19 -04:00