9ad085bd83 validation: correct lifetime of precomputed tx data (Antoine Poinsot)
Pull request description:
This backports #35209 to the version 29 branch.
ACKs for top commit:
achow101:
ACK 9ad085bd83
theuni:
ACK 9ad085bd83
Tree-SHA512: e9dd4d43ee348015d3b7b485bef4617c69ad8e0c70589f84a16eb2b1d97bdefd21ce5d72ad6a2d8d25bc90d98f65d53374ca921210cab3b0db773072126459f6
This makes sure `txsdata` always outlives the Script check queue (since local
objects are destructed in reverse order of construction).
This is the root cause for a security vulnerability reported by Cory Fields in
2024 that could be exploited by crafting an invalid block to cause nodes to
read freed memory. The vulnerability was covertly fixed in commit
`492e1f09943fcb6145c21d470299305a19e17d8b`.
See security advisory for CVE-2024-52911 for more details.
Github-Pull: #35209
Rebased-From: 1ed799fb21
This effectively reverts a3cb309e7c from PR #30194.
That PR reduced the multi_index type signatures as recommended upstream, but
this is no longer supported as of boost 1.91 because it is no longer necessary.
1.91 drops support for the pre-c++11 work-arounds that bloated the type
signatures to begin with.
The upstream `BOOST_MULTI_INDEX_ENABLE_MPL_SUPPORT` define is meant to provide
compatibility with removed features, but it does not work for this case. Using
`indexed_by` directly when defining the `multi_index` (as opposed to inheriting
from it) works with all versions, and avoids the use of the back-compat define.
This is a slight regression when building against boost < 1.91 because the
bloated type signatures are reintroduced in that case, but it's not significant
enough to go to the trouble of introducing version detection and ifdefs.
Github-Pull: #35175
Rebased-From: 0bc9d354df
CMake version 4.3 deprecated the imported target `Sqlite::Sqlite3`.
Use the preferred name `Sqlite3::Sqlite3` instead and provide an
alias for older versions of CMake. Also define the same alias when
using vcpkg.
Github-Pull: #34848
Rebased-From: 498b6eb6b5
The function signature for the `send` RPC is:
```
send [{"address":amount,...},{"data":"hex"},...] ( conf_target "estimate_mode" fee_rate options version )
```
The last example in the manpage is missing the `fee_rate` arg, but is trying to specify the `options` arg, by index.
The parser confuses the intended `options` arg as the missing `fee_rate` arg.
See:
```
$ bitcoin-cli -rpcuser=doggman -rpcpassword=donkey -rpcport=18554 -regtest send '{"bcrt1qusm48zmlzwr32csxdw4ar7atw260h22c9ten9l": 0.1}' 1 economical '{"add_to_wallet": false, "inputs": [{"txid":"0b7e1a471dc948b7a6187936b16e6d7d9833629b2f9dd8a392eb89928f63aaad", "vout":0}]}'
error code: -8
error message:
Cannot specify both conf_target and fee_rate. Please provide either a confirmation target in blocks for automatic fee estimation, or an explicit fee rate.
```
vs
```
$ bitcoin-cli -rpcuser=doggman -rpcpassword=donkey -rpcport=18554 -regtest send '{"bcrt1qusm48zmlzwr32csxdw4ar7atw260h22c9ten9l": 0.1}' 1 economical null '{"add_to_wallet": false, "inputs": [{"txid":"0b7e1a471dc948b7a6187936b16e6d7d9833629b2f9dd8a392eb89928f63aaad", "vout":0}]}'
{
"psbt": "cHNidP8BAHECAAAAAa2qY4+SieuSo9idL5tiM5h9bW6xNnkYprdIyR1HGn4LAAAAAAD9////AkR2DwQAAAAAFgAUpLDwJu+wFRHLQAgKAb0psk7UVd2AlpgAAAAAABYAFOQ3U4t/E4cVYgZrq9H7q3K0+6lYAAAAAAABAIUCAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/////wQC4wMA/////wLIF6gEAAAAABYAFLMY1zihXrefAA0DA5nld4MCPjkrAAAAAAAAAAAmaiSqIant4vYcP3HR3v0/qZnfo2lTdVxpBol5mWK0i+vYNpdOjPkAAAAAAQEfyBeoBAAAAAAWABSzGNc4oV63nwANAwOZ5XeDAj45KwEIawJHMEQCIElTV4pbUrsPR9qHWcioowVv3QVWHizxwevfD0u/I8YyAiBCY3OzF81PSLM00h4ueQkehYuxDFZu7Jk51iejphKnnwEhA0VKdYVSyBpWoxBwTDOupB58Fi3mEBs+u+OOqEYVd2sZACICA98YLWyH7dBCfXVxe7woiLSTgV1mJN8Zc8KgZ77pVSg+GNBMeT5UAACAAQAAgAAAAIABAAAAbAAAAAAA",
"txid": "625b71b314a6ac4f738634e29dc007cd5edc0427c1ae96ab706d06a62910cea2",
"hex": "02000000000101adaa638f9289eb92a3d89d2f9b6233987d6d6eb1367918a6b748c91d471a7e0b0000000000fdffffff0244760f0400000000160014a4b0f026efb01511cb40080a01bd29b24ed455dd8096980000000000160014e437538b7f13871562066babd1fbab72b4fba9580247304402204953578a5b52bb0f47da8759c8a8a3056fdd05561e2cf1c1ebdf0f4bbf23c6320220426373b317cd4f48b334d21e2e79091e858bb10c566eec9939d627a3a612a79f012103454a758552c81a56a310704c33aea41e7c162de6101b3ebbe38ea84615776b1900000000",
"complete": true
}
```
Github-Pull: #34561
Rebased-From: 50cf6838e6
The bpftrace project moved from iovisor/bpftrace to bpftrace/bpftraceand
removed the separate INSTALL.md file. Installation instructionsare now
in the README.md Quick Start section.
Github-Pull: #34510
Rebased-From: 42ee31e80c
c9a7bd90eb doc: Update man pages for v29.3 (sedited)
ea6af54a63 doc: Update release notes for 29.3 (sedited)
824de1e6b3 build: Bump version to 29.3 (sedited)
Pull request description:
Bump version in build and doc, and regenerate the man pages in preparation for the release of v29.3.
ACKs for top commit:
fanquake:
ACK c9a7bd90eb
willcl-ark:
ACK c9a7bd90eb
Tree-SHA512: ff05dcb829fb2d9e7a8053cd275415c53148db0b826845a556fff4d3ef04320ef063188c50c5dd24e62142e15763cbabe68ce1cb8eac9d78ccb605ec10519f9a
65173944ed QA: tool_wallet: Check that db.log is deleted with a lone legacy wallet, but not with a shared db environment (Luke Dashjr)
69a6b9b115 Bugfix: Wallet/Migration: Move backup into wallet directory when migrating from non-directory (Luke Dashjr)
cef01d0be5 Wallet/Migration: Skip moving the backup file back and forth for no reason (Luke Dashjr)
60f529027c Wallet/Migration: If loading the new watchonly or solvables wallet fails, log the correct wallet name in error message (Luke Dashjr)
7475d134f6 Wallet/bdb: Safely and correctly list files only used by the single wallet (Luke Dashjr)
Pull request description:
ACKs for top commit:
achow101:
ACK 65173944ed
furszy:
light ACK 65173944ed
Tree-SHA512: c10fe00dde512ca78cd6939a748b3875d0b40e9714997aedfd939a1dffdc7eaa2fd1779f3972a34b1c1d9a97d8f1ee1e082c970de15ac0e2ef5d9bbf3dc1d89a
We can use vswhere.exe directly to create a vs developer
prompt and so can remove this third party dependency.
Co-authored-by: David Gumberg <davidzgumberg@gmail.com>
Github-Pull: #32513
Rebased-From: 7ae0497eef
Since we no longer delete the wallet directory, there's no need to vacate it
The moving only served to risk errors by crossing filesystem boundaries (which fs::rename can't handle)
If any other files exist in the directory, we cannot assume the sharable files are exclusively for this wallet.
But if they are, this also cleans up other log.* files
b834447fb2 [doc] generate manpages 29.3rc1 (glozow)
e9c978391f [build] bump version to 29.3rc1 (glozow)
e973b61dbb [doc] update release notes for 29.3rc1 (glozow)
f4b78c42e5 test: Add a test for anchor outputs in the wallet (Ava Chow)
c6e7765c0a wallet: Throw an error in sendall if the tx size cannot be calculated (Ava Chow)
bab1ac827b wallet: Determine IsFromMe by checking for TXOs of inputs (Ava Chow)
71633a9b5c test: Test wallet 'from me' status change (Ava Chow)
daef5852f0 guix: Fix `osslsigncode` tests (Hennadii Stepanov)
7a71850a6d Remove unreliable seed from chainparams.cpp, and the associated README (SatsAndSports)
2e4688618b miner: fix `addPackageTxs` unsigned integer overflow (ismaelsadeeq)
Pull request description:
Backports:
- #34227
- #33723
- #33475
- #33268
And final changes for 29.3rc1
ACKs for top commit:
achow101:
ACK b834447fb2
janb84:
ACK b834447fb2
sedited:
ACK b834447fb2
Tree-SHA512: 68e02fbde7162f728229f4bfc803bedda6d269e54593ebe40da607f6bd25b2b10bc4297bfa0bc977ce2dc6b558efe6571a7f875090e0f916fc09e5b67432ba30
Instead of checking whether the total amount of inputs known by the
wallet is greater than 0, we should be checking for whether the input is
known by the wallet. This enables us to determine whether a transaction
spends an of output with an amount of 0, which is necessary for marking
0-value dust outputs as spent.
Github-Pull: #33268
Rebased-From: 39a7dbdd27
If something is imported into the wallet, it can change the 'from me'
status of a transaction. This status is only visible through
gettransaction's "fee" field which is only shown for transactions that
are 'from me'.
Github-Pull: #33268
Rebased-From: e76c2f7a41
76cdeb7b06 wallet: test: Failed migration cleanup (David Gumberg)
9405e915e7 test: coverage for migration failure when last sync is beyond prune height (furszy)
5e8ad98163 wallet: migration, fix watch-only and solvables wallets names (furszy)
a7e2d106db wallet: improve post-migration logging (furszy)
9ea84c08d7 test: restorewallet, coverage for existing dirs, unnamed wallet and prune failure (furszy)
833848e9b8 test: add coverage for unnamed wallet migration failure (furszy)
a074d36254 wallet: fix unnamed wallet migration failure (furszy)
d91f56e1e3 wallet: RestoreWallet failure, erase only what was created (furszy)
cc324aa2be wallettool: do not use fs::remove_all in createfromdump cleanup (Ava Chow)
01c04d32aa wallet: introduce method to return all db created files (furszy)
abaf1e37a7 refactor: remove sqlite dir path back-and-forth conversion (furszy)
Pull request description:
Backports:
* #34215
* #34156
* #34226
* 2 required commits from #31423
Note that this backport is unclean and several changes have to be made to most commits to accommodate BDB and the differences in migration cleanup behavior.
ACKs for top commit:
furszy:
Code review ACK 76cdeb7b06
brunoerg:
light code review ACK 76cdeb7b06 + backported the functional tests without the fixes and all of them failed accordingly.
glozow:
light review ACK 76cdeb7b06.
Tree-SHA512: 432268117783fc9a221d895a6f6601b6a2a5031c76d1443cf804cc1d486b40fcded982409d548acd1c01a13c7b378b840fcc3fbe823d6ba5ffc4ebe017d4e13c
Refactor a common way to perform the failed migration test that exists
for default wallets, and add relative-path wallets and absolute-path
wallets.
Github-Pull: 34226
Rebased-From: eeaf28dbe0
Because the default wallet has no name, the watch-only and solvables
wallets created during migration end up having no name either.
This fixes it by applying the same prefix name we use for the backup
file for an unnamed default wallet.
Before: watch-only wallet named "_watchonly"
After: watch-only wallet named "default_wallet_watchonly"
Github-Pull: bitcoin/bitcoin#34156
Rebased-From: 82caa8193a
Right now, after migration the last message users see is "migration completed",
but the migration isn't actually finished yet. We still need to load the new wallets
to ensure consistency, and if that fails, the migration will be rolled back. This
can be confusing for users.
This change logs the post-migration loading step and if a wallet fails to load and
the migration will be rolled back.
Github-Pull: bitcoin/bitcoin#34156
Rebased-From: d70b159c42
The first test verifies that restoring into an existing empty directory
or a directory with no .dat db files succeeds, while restoring into a
dir with a .dat file fails.
The second test covers restoring into the default unnamed wallet
(wallet.dat), which also implicitly exercises the recovery path used
after a failed migration.
The third test covers failure during restore on a prune node. When
the wallet last sync was beyond the pruning height.
Github-Pull: bitcoin/bitcoin#34156
Rebased-From: f011e0f068
