f899674639 test: script: boundary at exactly 65535 bytes must use OP_PUSHDATA2 (Bruno Garcia)
Pull request description:
I noticed that the following mutant is not killed by any current test (can be tested with: `cmake --build build -j $(nproc) && ./build/bin/test_bitcoin && ./build/test/functional/test_runner.py -j $(nproc) -F`):
```diff
diff --git a/src/script/script.cpp b/src/script/script.cpp
index 3f764aaf21..5cff51d2cf 100644
--- a/src/script/script.cpp
+++ b/src/script/script.cpp
@@ -387,7 +387,7 @@ bool CheckMinimalPush(const std::vector<unsigned char>& data, opcodetype opcode)
} else if (data.size() <= 255) {
// Must have used OP_PUSHDATA.
return opcode == OP_PUSHDATA1;
- } else if (data.size() <= 65535) {
+ } else if (data.size() < 65535) {
// Must have used OP_PUSHDATA2.
return opcode == OP_PUSHDATA2;
}
```
This PR addresses it by adding a new test case to ensure that the boundary at exactly 65535 bytes must use OP_PUSHDATA2 as well.
ACKs for top commit:
kevkevinpal:
tACK [f899674](f899674639)
danielabrozzoni:
tACK f899674639
darosior:
utACK f899674639
w0xlt:
ACK f899674639
Tree-SHA512: ad35cc992aa351d26151cb79d1b1d5d960b1d80a98b3076a709aa19f7b5135edb87a957d2c84f359e86da8a15f7f0196301bfaff5ae554aecc65d81c97f8af3e
261d229455 test: Replace DEBUG_LOG_OUT with -printtoconsole=1 (Hodlinator)
Pull request description:
`-printtoconsole=1` has the same functionality but works in more cases than `DEBUG_LOG_OUT`, so remove the latter (`-printtoconsole` is already used when fuzzing). This means we can drop `G_TEST_LOG_FUN`.
---
Behavior can be verified through
```shell
ctest --test-dir build --debug
```
and checking for:
```
142: Test command: /home/hodlinator/bc/2/build/bin/test_bitcoin "--run_test=coinselector_tests" "--catch_system_error=no" "--log_level=test_suite" "--" "-printtoconsole=1"
...
142: 2026-03-26T13:40:02.169392Z [test] [../src/kernel/context.cpp:20] [operator()] Using the 'sse4(1way);sse41(4way);avx2(8way)' SHA256 implementation
```
---
Inspired by: https://github.com/bitcoin/bitcoin/pull/34918#discussion_r2994780532
ACKs for top commit:
nkatha23:
ACK 261d229
maflcko:
review ACK 261d229455📬
kevkevinpal:
crACK [261d229](261d229455)
janb84:
cr ACK 261d229455
Tree-SHA512: f4c793b4a00730ade113241baeaaef08ae0333df15ada5929dd46aacd1ac875733e58aa341fac8fb5875eb5ebca735d40c664bf0ef62132094e0c993da5b20e5
fa1ebde1ad fuzz: Use time helpers in node_eviction (MarcoFalke)
Pull request description:
The `node_eviction` fuzz test has many issues:
* It uses the full `int64_t` range (in seconds) as input, which is absurdly large (millions of years) and also violates https://en.cppreference.com/w/cpp/chrono/duration.html:
> Each of the predefined duration types up to hours covers a range of at least ±292 years.
* It does not use the existing `ConsumeDuration` and `ConsumeTime` helpers, which makes specifying a proper range difficult.
So fix all issues by using `ConsumeTime` for time points with default arguments, and `ConsumeDuration` with the same precision, as well as possibly negative values.
ACKs for top commit:
marcofleon:
crACK fa1ebde1ad
brunoerg:
reACK fa1ebde1ad
w0xlt:
ACK fa1ebde1ad
Tree-SHA512: 22045e6c563a9169327737895ea2f3a7b1dcb4fd24fce56d91caa1e132d03a85cbaaa5f78218d23cfa203fe2ee4b147894c02870eb20ae1c232ad55ccdb6f7f7
0d1301b47a test: functional: drop rmtree usage and add lint check (David Gumberg)
8bfb422de8 test: functional: drop unused --keepcache argument (David Gumberg)
a7e4a59d6d qa: Remove all instances of `remove_all` except test cleanup (David Gumberg)
Pull request description:
Both `fs::remove_all` and `shutil::rmtree()` are a bit dangerous, and most of their uses are not necessary, this PR removes most instances of both.
`remove_all()` is still used in in `src/test/util/setup_common.cpp` as part of `BasicTestingSetup::BasicTestingSetup`'s constructor and destructor, and it is used in the kernel test code's [`TestDirectory`](4ae00e9a71/src/test/kernel/test_kernel.cpp (L100-L112)):
734899a4c4/src/test/kernel/test_kernel.cpp (L100-L112)
In both cases, `remove_all` is likely necessary, but the kernel's test code is RAII, ideally `BasicTestingSetup` could be made similar in a follow-up or in this PR if reviewers think it is important.
Similarly in the python code, most usage was unnecessary, but there are a few places where `rmtree()` was necessary, I have added sanity checks to make sure these are inside of the `tmpdir` before doing recursive delete there.
ACKs for top commit:
achow101:
ACK 0d1301b47a
hodlinator:
ACK 0d1301b47a
sedited:
ACK 0d1301b47a
Tree-SHA512: da8ca23846b73eff0eaff61a5f80ba1decf63db783dcd86b25f88f4862ae28816fc9e2e9ee71283ec800d73097b1cfae64e3c5ba0e991be69c200c6098f24d6e
These are unused and removing them avoids clang warnings like:
src/test/fuzz/deserialize.cpp:42:26: error: variable g_setup set but not used [-Werror,-Wunused-but-set-variable]
Adds a lint check for `remove_all()`
`fs::remove_all()`/`std::filesystem::remove_all()` is extremely
dangerous, all user-facing instances of it have been removed, and it
also deserves to be removed from the places in our test code where it is
being used unnecessarily.
69baddc910 validation: do not add the snapshot block to candidates of bg chainstate (Martin Zumsande)
Pull request description:
The snapshot block needs to be added to the candidates set of the assumed-valid chain because it will be the tip of that chainstate right after snapshot activation.
However, adding it also to the background chainstate is not necessary for anything. Before, the index would be in the set without being connectable. It will be eventually added to the set as part of the normal block download - no extra logic is necessary here.
This simplifies a unit test which had a comment that having the block in the set is "not intended".
This was suggested [here](https://github.com/bitcoin/bitcoin/pull/34521#discussion_r2849281299) and [here](https://github.com/bitcoin/bitcoin/pull/34521#discussion_r2883024248) in #34521
Note that adding the snapshot block was harmless, since `FindMostWorkChain()` lazily removes blocks without data from the set, so this does not fix a bug but just simplifies some code.
ACKs for top commit:
achow101:
ACK 69baddc910
Bortlesboat:
Concept ACK 69baddc910. Removing `TargetBlock()` correctly limits the snapshot-block special-case to cs2 where it's actually needed — the test's own "not intended" comment was the tell.
sedited:
ACK 69baddc910
fjahr:
ACK 69baddc910
stratospher:
ACK 69baddc.
Tree-SHA512: 8942fc422f1898369dd486e37da11758f2ebd4a488d092aa1637ef5bfb85766c4be9ad0718797fb2080f5e8d61383b2ee932bf2bc2f7abc2fb07fe3d72e070c3
c68e3d2c57 doc: add release notes for Tor PoW defenses (Vasil Dimov)
4bae84c94a doc: add a hint to enable PoW defenses to manual hidden services (Vasil Dimov)
4c6798a3d3 tor: enable PoW defenses for automatically created hidden services (Vasil Dimov)
fb993f7604 tor, fuzz: reuse constants instead of duplicating (Vasil Dimov)
Pull request description:
Enable [PoW defenses](https://tpo.pages.torproject.net/onion-services/ecosystem/technology/security/pow/) for hidden services that we create via Tor Control using the [`ADD_ONION` command](https://spec.torproject.org/control-spec/commands.html#add_onion).
The ability to do that has been added in [tor-0.4.9.2-alpha](02c1804446). Previous versions return a syntax error to the `ADD_ONION` command with `PoWDefensesEnabled=1`, so the approach here is to try with PoW and if we get syntax error, then retry without PoW.
Also update `doc/tor.md` with a hint on enabling PoW on manually configured Tor hidden services.
ACKs for top commit:
willcl-ark:
ACK c68e3d2c57
fjahr:
tACK c68e3d2c57
sedited:
ACK c68e3d2c57
Tree-SHA512: 56f57bc770b89389c35a4c0bc2a28804d17b1479ecd4d9b764695d6c9d2994425aee759e71658d7b57088bbe43ce90b94fb972f66d79ef903e0c1a4d6c4562f3
0fe6fccec2 doc: Document rationale for using `IWYU pragma: export` (Hennadii Stepanov)
cfa3b10d50 iwyu, doc: Document `IWYU pragma: export` for `<logging/categories.h>` (Hennadii Stepanov)
015bea05e6 iwyu, doc: Document `IWYU pragma: export` for `<chrono>` (Hennadii Stepanov)
48bfcfedec iwyu, doc: Document `IWYU pragma: export` for `<threadsafety.h>` (Hennadii Stepanov)
179abb387f refactor: Move `StdMutex` to its own header (Hennadii Stepanov)
6d2952c3c3 serialize: Add missing `<span>` header (Hennadii Stepanov)
Pull request description:
This PR is a prerequisite for https://github.com/bitcoin/bitcoin/pull/34448. It was split into a separate PR to limit the scope and minimize potential merge conflicts.
The first commit improves the accuracy of IWYU suggestions within our heavily templated code. Note that, for now, the `serialize.h` header itself is excluded from IWYU inspection because it lacks a corresponding source file.
The remaining commits follow the Developer Notes [guidance](https://github.com/bitcoin/bitcoin/blob/master/doc/developer-notes.md#using-iwyu):
> Use `IWYU pragma: export` very sparingly, as this enforces transitive inclusion of headers and undermines the specific purpose of IWYU.
ACKs for top commit:
maflcko:
review ACK 0fe6fccec2👤
ajtowns:
utACK 0fe6fccec2
Tree-SHA512: dc2d4e3ff78b9707a1a26cb9b1c0a456de0d33c59e773bbf692344c2fceaff8936317479c5e898038f29134bc0e5d9d1ef7350e53512dd8e262f46ede578c4f9
a1f22a0a6b test: Suppress another unsolicited `mock_process/*` output (Hennadii Stepanov)
Pull request description:
This is a follow-up to https://github.com/bitcoin/bitcoin/pull/33929.
The[ `mock_process/*`](390e7d61bd/src/test/mock_process.cpp (L10)) test cases, which serve as helpers for [`system_tests`](390e7d61bd/src/test/system_tests.cpp (L23)) rather than actual tests, are invoked in a way that suppresses unsolicited output to stdout or stderr to keep the test results reproducible.
However, in debug builds, the Windows CRT still prints false-positive memory leak dumps to stderr.
This PR handles this specific case and documents the other suppressions.
ACKs for top commit:
maflcko:
lgtm ACK a1f22a0a6b
sedited:
ACK a1f22a0a6b
Tree-SHA512: 480f0f74ce50b6fb315bfeb6f6d3a4a4791557a6177aa995197c002bf871f878573df0f313344206f82e4d54c7a62d7cea2fdcb8cd96475b4b6cc7d4ffaf0538
658e68f95b scripted-diff: Rename `WAIT_TIMEOUT` to `TEST_WAIT_TIMEOUT` (Hennadii Stepanov)
Pull request description:
On Windows, the `winerror.h` header defines `WAIT_TIMEOUT` as a macro.
This introduces a fragile dependency on header inclusion order: if Windows headers happen to be included before using `WAIT_TIMEOUT`, the preprocessor expands it into a numeric literal, causing syntax errors.
Rename the variable to `TEST_WAIT_TIMEOUT` to remove this fragility and avoid the collision entirely.
Split from https://github.com/bitcoin/bitcoin/pull/34448.
Similar to https://github.com/bitcoin/bitcoin/pull/34454.
ACKs for top commit:
w0xlt:
ACK 658e68f95b
Tree-SHA512: 90cf8927e4e41dee24d51fb2ea3335526ff5da4180c24d776d59b642794715b3c6558628088fbc28236d6ac4fffb9a27167fe309cb94ebf04f04c6e5cf957ad5
d8f4e7caf0 doc: add release notes (ismaelsadeeq)
248c175e3d test: ensure `ValidateInputsStandardness` optionally returns debug string (ismaelsadeeq)
d2716e9e5b policy: update `AreInputsStandard` to return error string (ismaelsadeeq)
Pull request description:
This PR is another attempt at #13525.
Transactions that fail `PreChecks` Validation due to non-standard inputs now returns invalid validation state`TxValidationResult::TX_INPUTS_NOT_STANDARD` along with a debug error message.
Previously, the debug error message for non-standard inputs do not specify why the inputs were considered non-standard.
Instead, the same error string, `bad-txns-nonstandard-inputs`, used for all types of non-standard input scriptSigs.
This PR updates the `AreInputsStandard` to include the reason why inputs are non-standard in the debug message.
This improves the `Precheck` debug message to be more descriptive.
Furthermore, I have addressed all remaining comments from #13525 in this PR.
ACKs for top commit:
instagibbs:
ACK d8f4e7caf0
achow101:
ACK d8f4e7caf0
sedited:
Re-ACK d8f4e7caf0
Tree-SHA512: 19b1a73c68584522f863b9ee2c8d3a735348667f3628dc51e36be3ba59158509509fcc1ffc5683555112c09c8b14da3ad140bb879eac629b6f60b8313cfd8b91
fa4ec13b44 build: Enable -Wcovered-switch-default (MarcoFalke)
fa2670bd4b refactor: Enable -Wswitch in exhaustive switch (MarcoFalke)
Pull request description:
The compiler flag `-Wswitch` is enabled. However, it can not fire when a `default:` case exists. Fix that by removing the default case where a switch is already handling all cases exhaustively.
Also, enable `-Wcovered-switch-default` to catch those cases at compile time in the future.
Also, apply the comment according to the dev notes.
Can be reviewed via `--ignore-all-space`
ACKs for top commit:
stickies-v:
re-ACK fa4ec13b44, no changes except for addressing silent merge conflict from d339884f1d
l0rinc:
ACK fa4ec13b44
achow101:
ACK fa4ec13b44
sedited:
ACK fa4ec13b44
Tree-SHA512: 8dd9e71a8cd338255f43448a59a1a4d40a9fc16e19a707cc10fb71442d4df9f82a0e5fae77868ef49cd0ea27fdd972687572c1a50b6aba7e08c6ce87576afc6a
9f28120a5b kernel: Add API function for getting a tx input's nSequence (Sebastian Falbesoner)
6b64b181d5 kernel: Add API function for getting a tx's nLockTime (Sebastian Falbesoner)
Pull request description:
This PR introduces two new C API functions to libbitcoinkernel:
* `btck_transaction_get_locktime` to access a transaction's `nLockTime` value
* `btck_transaction_input_get_sequence` to access a transaction input's `nSequence` value
Inspired by https://bnoc.xyz/t/forward-compatible-coinbase-locktimes-for-bip-54. After reading this I thought it would be a nice/useful showcase to check BIP54 compliance of (historical) blocks using bitcoinkernel, without having to manually deserialize the transaction (this is just about one of the four BIP54 rules though, especially the sigops limit is much more involved).
ACKs for top commit:
sedited:
ACK 9f28120a5b
yuvicc:
ACK 9f28120a5b
stickies-v:
ACK 9f28120a5b
Tree-SHA512: 9eae795d6e4b9b367bbfe2665b916121ef64031e8d10667c71741344b5eea4c2562862a937bdf1363cc66b67bb5d48392c9f44e52f0d92d2a5a65e10d061b703
On Windows, the `winerror.h` header defines `WAIT_TIMEOUT` as a macro.
This introduces a fragile dependency on header inclusion order: if
Windows headers happen to be included before using `WAIT_TIMEOUT`, the
preprocessor expands it into a numeric literal, causing syntax errors.
Rename the variable to `TEST_WAIT_TIMEOUT` to remove this fragility and
avoid the collision entirely.
-BEGIN VERIFY SCRIPT-
sed -i 's/\<WAIT_TIMEOUT\>/TEST_WAIT_TIMEOUT/g' $(git grep -l 'WAIT_TIMEOUT' ./src/)
-END VERIFY SCRIPT-
faea12ecd9 test: Fixup docs for NodeClockContext and SteadyClockContext (MarcoFalke)
eeeeb2a0b9 fuzz: Use NodeClockContext (MarcoFalke)
fa4fae6227 test: Add NodeClockContext (MarcoFalke)
Pull request description:
Iterating over fuzz inputs will usually be done in the same process. As the mocktime is global, it can theoretically leak from one fuzz input run into the next run, making it less deterministic.
Fix this issue, by adding and using a context manager to handle the mocktime and reset it before the end.
This refactor should not change any behavior.
ACKs for top commit:
seduless:
re-ACK faea12ecd9
dergoegge:
utACK faea12ecd9
brunoerg:
code review ACK faea12ecd9
Tree-SHA512: e222c4e4217a504d058b30f1e975dfdfff019363c82385bd62f368b16fb029c46a5d1b43cd773dbdd9efcd7f968d46dbe2c75812971696b1b879b8f081fc6b1b
32debfa1ed fuzz: set whitelist permissions on connman target (Bruno Garcia)
Pull request description:
I noticed that `AddWhitelistPermissionFlags` was always being called with an empty `ranges` (whitelist permissions). This function is called when connecting to a node (`ConnectNode`), and if the connection is a manual one, it uses the `vWhitelistedRangeOutgoing` to populate the permissions. However, since we were not setting any whitelist permission on the target, this vector is always empty. This PR improves this target by populating both `vWhitelistedRangeIncoming` and `vWhitelistedRangeOutgoing`.
ACKs for top commit:
Crypt-iQ:
utACK 32debfa1ed
maflcko:
lgtm ACK 32debfa1ed
frankomosh:
crACK 32debfa1ed
Tree-SHA512: 400ce780b9ae41d849ccad04258da4ad92d9bf780bfdeb9bb9c1684722bcc02ae45f13081b809f9e16b28078bd4efb928c6c7e1c3da638307b6c11b193d6dc04
685a44c601 fuzz: set fSuccessfullyConnected in connman harness (frankomosh)
Pull request description:
The connman fuzz harness never sets `fSuccessfullyConnected=true` on nodes added through `AddTestNode()`. `NodeFullyConnected()` gates `ForEachNode()` on that flag, making its callback unreachable in the current harness.
Set `fSuccessfullyConnected=true` before `AddTestNode()` to simulate a node that has completed the version handshake.
ACKs for top commit:
maflcko:
lgtm ACK 685a44c601
sedited:
ACK 685a44c601
marcofleon:
ACK 685a44c601
Tree-SHA512: 2c696b8674cb465f468642b5fd37a467bc34dcbf61dc901d784fd2fe0dd13ced5cd6bd9873bcce0f8e60e25d450052e9a562ece08abeb2ab6472e584dba65c40
6202acd284 test: addrman: successive failures in the last week for IsTerrible (brunoerg)
f611d3bdaf refactor: addrman: move consts to .h (brunoerg)
Pull request description:
This PR adds test coverage for the case that an address is considered terrible if we had N successive failures in the last week.
It kills the following mutant (https://corecheck.dev/mutation/src/addrman.cpp#L88):
```diff
diff --git a/src/addrman.cpp b/src/addrman.cpp
index e3981e6a40..f8045491c1 100644
--- a/src/addrman.cpp
+++ b/src/addrman.cpp
@@ -65,7 +65,7 @@ bool AddrInfo::IsTerrible(NodeSeconds now) const
}
if (now - m_last_success > ADDRMAN_MIN_FAIL && nAttempts >= ADDRMAN_MAX_FAILURES) { // N successive failures in the last week
- return true;
+ return false;
}
return false;
```
ACKs for top commit:
frankomosh:
re-ACK 6202acd284
naiyoma:
tACK 6202acd284
danielabrozzoni:
tACK 6202acd284
sedited:
ACK 6202acd284
Tree-SHA512: b4736ef91b75ba4c060dc18a2b796aee94d0d8be5ca58b9b873156248cd0dc6910595595e0f56d75bffff4f94c035319ac8428f7d79f07fe685bdba27a188829
Without this, NodeFullyConnected() filters out every fuzz-constructed node, making ForEachNode's callback unreachable (0/1.13M branch hits from my end).
The `mock_process/*` test cases, which serve as helpers for
`system_tests` rather than actual tests, are invoked in a way that
suppresses unsolicited output to stdout or stderr to keep the test
results reproducible.
However, in debug builds, the Windows CRT still prints false-positive
memory leak dumps to stderr.
This change handles this specific case and documents the other
suppressions.
20fb7618b0 args: make most ArgsManager members private (w0xlt)
22b40f34f3 args: replace cs_args RecursiveMutex with Mutex (w0xlt)
3a16ec8582 test: scope cs_args locks to avoid recursive locking (w0xlt)
70b51fef7a args: eliminate all recursive locking of cs_args (w0xlt)
7d61e03c70 args: extract lock-requiring internal helpers (w0xlt)
Pull request description:
Part of #19303.
Replace `ArgsManager::cs_args` from `RecursiveMutex` to `Mutex`.
The conversion follows the pattern established in prior `RecursiveMutex` removals (e.g. `CAddrMan` in #19238, `CBlockPolicyEstimator` in #22014): extract private lock-held helpers with trailing underscore naming (`GetSetting_()`, `GetArgFlags_()`, `GetPathArg_()`), then replace recursive calls in methods that already hold `cs_args` with those helpers.
ACKs for top commit:
l0rinc:
ACK 20fb7618b0
rkrux:
Concept ACK 20fb7618b0
sedited:
Re-ACK 20fb7618b0
hebasto:
ACK 20fb7618b0, only rebased and suggested changes since my recent [review](https://github.com/bitcoin/bitcoin/pull/34745#pullrequestreview-3916715262).
Tree-SHA512: 7ab4278737f00deaa3f3da75e08469f91e95aa31e916820d02af737c754751ae4f73c1c8650f120eeff142a134f9209cf581499696a7b88ffc83d296515e40f2
Also, apply the comment according to the dev notes.
Also, modify the dev notes to give a lambda-wrapped example.
Can be reviewed via --ignore-all-space
Co-authored-by: Lőrinc <pap.lorinc@gmail.com>
79571b9181 threadpool: add ranged Submit overload (Andrew Toth)
Pull request description:
The current `ThreadPool::Submit` is not very efficient when we have a use case where we need to submit multiple tasks immediately. The `Submit` method must take the lock for each task, and notifies only a single worker thread. This will cause lock contention with the awakened worker thread trying to take the lock and the caller trying to submit the next task.
Introduce a `Submit` overload, which takes the lock once and submits a range of tasks, then notifies all worker threads after the lock is released.
This is needed for #31132 to be able to use `ThreadPool`.
ACKs for top commit:
l0rinc:
ACK 79571b9181
rkrux:
ACK 79571b9
sedited:
Re-ACK 79571b9181
willcl-ark:
ACK 79571b9181
Tree-SHA512: 1fbe0c150f01b9ea5be3459cd10b817045af52eaf6f14a1a298a68853890da4033c1b21bdc6f995bb55029fb4ab536e9dbf58d98e2e1e12b25298fa3470b4ba6
b503768819 fuzz: register PeerManager in process_message(s) (Eugene Siegel)
Pull request description:
This lets CValidationInterface callbacks be hit (just `BlockChecked` using the corpus from qa-assets). Also remove no-op SyncWithValidationInterfaceQueue since there are no validation interfaces registered in ResetChainman.
ACKs for top commit:
marcofleon:
code review ACK b503768819
dergoegge:
utACK b503768819
Tree-SHA512: 51c0c9a3396ee898b1dce2c65c2fc7b61ea6d04342d181b1b60be1677bc0c2828b9d970673f67501e3579ae002392cd5f0e3268aae1b216ff332e2654fd1fe14
02d047fd5b refactor: add overflow-safe `CeilDiv` helper (Lőrinc)
Pull request description:
### Problem
The codebase has many open-coded ceiling-division expressions (for example `(x+y-1)/y`) scattered across files.
These are less readable, duplicate logic, and can be overflow-prone in edge cases.
### Fix
Introduce a small overflow-safe integer helper, `CeilDiv()`, and use it in existing **unsigned** callsites where the conversion is straightforward and noise-free.
### What this PR does
* Adds `CeilDiv()` to `src/util/overflow.h` for unsigned integral inputs.
* Keeps the precondition check `assert(divisor > 0)`.
* Replaces selected unsigned ceiling-division expressions with `CeilDiv(...)`.
* Adds focused unit tests in `src/test/util_tests.cpp` for the migrated patterns.
---
This is a pure refactor with no intended behavioral change.
Signed arithmetic callsites are intentionally left unchanged in this PR.
This PR changed a few more things originally but based on feedback reverted to the simplest cases only.
ACKs for top commit:
rustaceanrob:
ACK 02d047fd5b
hodlinator:
ACK 02d047fd5b
sedited:
ACK 02d047fd5b
Tree-SHA512: b09336031f487e6ce289822e0ffeb8cfc8cfe8a2f4f3f49470748dfbd0a6cbab97498674cb8686dd2bd4ab6dd0b79cfdf2da00041fee12d109892e1bc5dde0ff
Move the first `protected` block (struct Arg, cs_args, m_settings, and
all other member variables) to `private`. Only `ReadConfigStream` and
`ReadConfigString` remain `protected` for test access.
Changes:
- Move `ReadConfigString` from `TestArgsManager` into `ArgsManager`
itself (declared in args.h, defined in config.cpp) so tests no longer
need direct access to `cs_args` or `m_settings` for config parsing.
- Replace test-only `SetNetworkOnlyArg` helper with the existing
`NETWORK_ONLY` flag passed through `SetupArgs`/`AddArg`.
- Remove `TestArgsManager` constructor that cleared
`m_network_only_args`.
- Remove `using` declarations for `cs_args`, `m_settings`, `GetSetting`,
and `GetSettingsList` from `TestArgsManager`.
- Clear `m_config_sections` in `ClearArgs()`.
Co-authored-by: Anthony Towns <aj@erisian.com.au>
Restructure argsman tests to use scoped LOCK(cs_args) blocks only
around direct protected member access (m_settings, m_network), keeping
public method calls outside lock scopes. This avoids recursive lock
acquisitions that would deadlock with a non-recursive Mutex.
- util_ParseParameters: scope locks around m_settings checks
- util_GetBoolArg: scope lock around m_settings size check
- util_ReadConfigStream: scope lock around m_settings checks
- util_GetArg: scope lock around m_settings writes
- util_ArgsMerge: use SelectConfigNetwork() instead of m_network
- util_ChainMerge: remove unnecessary lock
This lets CValidationInterface callbacks be hit. Also remove
no-op SyncWithValidationInterfaceQueue since there are no validation
interfaces registered in ResetChainman.
This refactor does not change any behavior.
However, it is nice to know that no global mocktime leaks from the fuzz
init step to the first fuzz input, or from one fuzz input execution to
the next.
With the clock context, the global is re-set at the end of the context.
89386e700e kernel: Use fs:: namespace and unicode path in kernel tests (sedited)
Pull request description:
Add support for unicode characters in paths to the kernel tests by using our fs:: wrappers for std::filesystem calls and adding the windows application manifest to the binary. This exercises their handling through the kernel API.
ACKs for top commit:
hebasto:
ACK 89386e700e.
w0xlt:
ACK 89386e700e
Tree-SHA512: 7b541f482d84a66c89eec63aea0e7f7626bbbd62082ad7a7fb2c7a517296c291a6ff301c628e5e9e1d7b850ead89005141481a2bfd06d8a9081622e32f7340cc
The snapshot block needs to be added to the candidates set of the
assumed-valid chain because it will be the tip of that chainstate
right after snapshot activation.
However, adding it also to the background chainstate is not necessary
for anything. Before, the index would linger in the set without being
connectable. It will be eventually added to the set as part of the
normal block download - no extra logic is necessary here.
20ae9b98ea Extend functional test for setBlockIndexCandidates UB (marcofleon)
854a6d5a9a validation: fix UB in LoadChainTip (marcofleon)
9249e6089e validation: remove LoadChainTip call from ActivateSnapshot (marcofleon)
Pull request description:
Addresses https://github.com/bitcoin/bitcoin/issues/34503. See this issue for more details as well.
Fixes a bug where, under certain conditions, `setBlockIndexCandidates` had blocks in it that were worse than the tip. The block index candidate set uses `nSequenceId` as a sort key, so modifying this field while blocks are in the set results in undefined behavior. This PR populates `setBlockIndexCandidates` after the `nSequenceId` modifications, avoiding the UB.
ACKs for top commit:
achow101:
ACK 20ae9b98ea
sedited:
Re-ACK 20ae9b98ea
sipa:
Code review ACK 20ae9b98ea
Tree-SHA512: 121c170bb70fb6365089d578db63c811e7926e129d7206e569947f7a1f6c5ddc8d5f4937b80f1ba1b7d7daa42789b143ca5b56f154b7ab968a1cd55f925f378d
97e7e79435 test: Enable `system_tests/run_command` "stdin" test on Windows (Hennadii Stepanov)
a4324ce095 test: Remove `system_tests/run_command` runtime dependencies (Hennadii Stepanov)
Pull request description:
`system_tests` currently rely on `cat`, `echo`, `false` and `sh` being available in `PATH` at runtime.
This PR:
1. Removes these dependencies.
2. Reduces the number of platform-specific code paths.
The change is primarily motivated by my work on maintaining the [`bitcoin-core`](https://packages.guix.gnu.org/packages/bitcoin-core) package in Guix. It enables the removal of the existing `bash` and `coreutils` native inputs, which in turn makes it possible to drop the implicit dependency on `qtbase@5` (see https://codeberg.org/guix/guix/pulls/4386#issuecomment-8613333).
ACKs for top commit:
maflcko:
re-ACK 97e7e79435👓
janb84:
ACK 97e7e79435
sedited:
ACK 97e7e79435
Tree-SHA512: 1375c676f85c75d571df1ddfc3a4405767dbf0ed7bfea2927c93ec01b29f9f7ae3383e546d2658f595e8ffafa9ab20bba6fcc628a9f5ebdb288bbef03b645fb6
The removal of the chain tip from setBlockIndexCandidates was
happening after nSequenceId was modified. Since the set uses
nSequenceId as a sort key, modifying it while the element is in the
set is undefined behavior, which can cause the erase to fail.
With assumeutxo, a second form of UB exists: two chainstates each
have their own candidate set, but share the same CBlockIndex
objects. Calling LoadChainTip on one chainstate mutates nSequenceIds
that are also in the other chainstate's set.
Fix by populating setBlockIndexCandidates after all changes to
nSequenceId.
Add support for unicode characters in paths to the kernel tests by using
our fs:: wrappers for std::filesystem calls and adding the windows
application manifest to the binary. This exercises their handling
through the kernel API.
