A couple miscellaneous fixes for fuzztests #1391
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
delta1
reviewed
Feb 6, 2025
There was a problem hiding this comment.
Seeing a number of functional test failures with this change
example_elements_code_tutorial.py | ✖ Failed | 64 s
feature_confidential_transactions.py --legacy-wallet | ✖ Failed | 3 s
feature_dynafed.py --legacy-wallet | ✖ Failed | 30 s
feature_fedpeg.py --legacy-wallet | ✖ Failed | 14 s
feature_fedpeg.py --post_transition --legacy-wallet | ✖ Failed | 12 s
feature_fedpeg.py --pre_transition --legacy-wallet | ✖ Failed | 11 s
feature_initial_reissuance_token.py --legacy-wallet | ✖ Failed | 63 s
feature_issuance.py --legacy-wallet | ✖ Failed | 64 s
feature_taphash_pegins_issuances.py | ✖ Failed | 7 s
feature_tapscript_opcodes.py | ✖ Failed | 15 s
wallet_balance.py --descriptors | ✖ Failed | 69 s
wallet_balance.py --legacy-wallet | ✖ Failed | 78 s
wallet_elements_21million.py | ✖ Failed | 64 s
|
|
|
|
|
Yeah, I see. The issue is that we do parse null values -- as part of null issuances. |
In Bitcoin Core the notion of a "null" amount (and therefore a "null" txout) is one which cannot be serialized or deserialized. In Core this is implemented using a value of -1. In Elements we use the CT notion of "nullness" which is that the flag on the confidential value is 0. See d53479c which implemented this. This is reasonable, but because we don't have checks on deserialization, we can deserialize objects that cannot be reserialized. In particular, in coins.h, we deserialize a coin by deserializing its txout. When reserializing we assert that !out.IsNull(). This assertion is hit by the `coins_deserialize` fuzztest. There are a few potential fixes here: * Remove the assertion from coins.h, which is there to catch logic bugs in Core, on the assumption that if they have no bugs then we don't either. This seems like a bad idea. * Change "nullness" for amounts to be an encoding of -1, like in Core. This seems dangerous because we call `GetAmount` all over the place, and if this could return the -1 amount, this will likely blow something up. Probably this is safe for the same reason it is in Core -- that is, we never create null txouts except as sentinel values. But do you wanna bet that this is true now? That it'll always be true? * Same as above, but assert that the amount is not null. This is safer than just blindly hoping that no overflows will occur but still not obviously safe. * Refuse to deserialize null CT objects. This is impossible because we use null nonce values in txouts. * Refuse to deserialize null CT values. Similarly, this is impossible because we use null values in null asset issuances, which are legal. * Refused to deserialize CTxOuts with null values or assets. We are going with the latter solution, because it is narrowly scoped, does not increase the "crash surface" (we throw an exception, and we already throw exceptions for other kinds of invalid serializations), and is very unlikely to cause bugs (null values are invalid on the network anyway; this is the first check in VerifyAmounts) (so are null assets for that matter, which we maybe also should refuse to deserialize).
We cannot fuzz RBF (or do anything mempool-related, really) without chainparams. This has been true since 2019 at least. I suspect this fuzz test has never really been run.
apoelstra
force-pushed
the
2025-02--misc-fuzz-fixes
branch
from
4767065 to
ff6482f
Compare
|
Tried an alternate solution. |
psgreco
added a commit
to psgreco/elements
that referenced
this pull request
Feb 11, 2025
…02--misc-fuzz-fixes" This reverts commit acbb8b5.
Merged
delta1
added a commit
to delta1/elements
that referenced
this pull request
Feb 13, 2025
Adds a FIXME in wallet_sendall.py
apoelstra
added a commit
to ElementsProject/qa-assets
that referenced
this pull request
Feb 14, 2025
4466c89 fuzz: update seeds for `simplicity_tx` target (Andrew Poelstra) 71dc820 fuzz: update seeds for `simplicity` target (Andrew Poelstra) Pull request description: Updates the seeds for the `simplicity` and `simplicity_tx` targets. This is again a 45000-file diff but that seems to be inherent to generating a minimal set of fuzz seeds. These seeds came primarily from three places: * I took the original `simplicity_tx` seeds and replaced any null values/assets in txouts with non-null ones, since these are now rejected by the transaction parser since ElementsProject/elements#1391 before getting to the Simplicity interpreter, reducing coverage * I also used an external Rust tool to generate a ton of programs of the form comp(witness, comp(jet, unit)) for every jet and for a variety of witnesses, both freeform from the fuzzer and structured in various ways (e.g. to be valid signatures or pairs of Ges that add to zero) * A similar Rust tool, but this one, before composing the witness, would iterate `x -> pair(x, x)` a bunch of times, leading to an exponential blowup in execution time. I did this before and after composing with `unit`; when done before, it would also blowup the output type, and when done after, it would only blow up the execution time. I believe this gives us all of the coverage we expect and want for a Simplicity launch. ACKs for top commit: delta1: utACK 4466c89 Tree-SHA512: 731ef978fb126d5046b0f937878bd77c067aa7c10808a1109daaedd6f74f2d64459146bc3d522649f8ff50480d73bbb6ea762bac84f0421e909985f328abb0ff
Mixa84
added a commit
to SequentiaSEQ/sequentia
that referenced
this pull request
May 17, 2025
Squashed commit of the following: commit 0a03b2f44b1ccba775ea38f99193a650f0462386 Merge: 73338ab753 1effb58936 Author: Byron Hambly <[email protected]> Date: Mon May 12 07:21:39 2025 +0200 Merge pull request #1454 from psgreco/elem-23.3.0 Prepare 23.3.0 commit 1effb589365c3161d26abe85a9d8dae7889d8344 Author: Pablo Greco <[email protected]> Date: Sun May 11 16:05:39 2025 -0700 Bump version to 23.3.0 commit 2dfe268f532fdda8fff179a62b21679682aecd3c Author: Pablo Greco <[email protected]> Date: Sun May 11 16:05:10 2025 -0700 Update copyright year to 2025 commit 73338ab75337d0df34e428d15703e7b20a36aa0a Merge: b26d38f7f2 cf961fff2e Author: Byron Hambly <[email protected]> Date: Wed Apr 16 18:10:27 2025 +0200 Merge pull request #1449 from psgreco/elem-23.3.0rc7 Prepare 23.3.0rc7 commit cf961fff2e728136d5a7e31bf920c702ee6b3f08 Author: Pablo Greco <[email protected]> Date: Wed Apr 16 05:01:21 2025 -0700 Bump version to 23.3.0-rc7 commit f004773e6a443b1f9383000c49eef0f36a74e626 Merge: b26d38f7f2 ea5d6fdf81 Author: Pablo Greco <[email protected]> Date: Wed Apr 16 05:00:04 2025 -0700 Merge branch 'master' into elem-23.3.0rc7 commit ea5d6fdf8171ccd7cc1aa95f976071bb2982e3c8 Merge: fe48feb32d 308a393239 Author: Pablo Greco <[email protected]> Date: Tue Apr 15 10:35:59 2025 -0700 Merge pull request #1427 from apoelstra/2025-03--simplicity-activation simplicity: activate on first week of unanimous signalling after block 3333333 commit 308a3932395ebbda15fcfa5e6b8750ff82865ab7 Author: Andrew Poelstra <[email protected]> Date: Mon Apr 14 16:19:00 2025 +0000 simplicity: activate on first week of unanimous signalling after block 3333333 This block passed on April 14 (so we will activate as soon as this is merged and there is a week of unaminous signalling), and its a nice memorable number. commit fe48feb32dd29fdff3a2f540e567b3d596b4bdd3 Merge: 246a764f23 b54db2aec2 Author: Byron Hambly <[email protected]> Date: Tue Apr 15 07:53:17 2025 +0200 Merge pull request #1447 from psgreco/master-fixdummyseed Avoid adding invalid seeds to liquidtestnet commit b54db2aec25f846653791dc0c5ac6c4406be8811 Author: Pablo Greco <[email protected]> Date: Mon Apr 14 03:51:06 2025 -0700 Avoid adding invalid seeds to liquidtestnet commit 246a764f23e597f9ae0cb136ac19a0597bff9430 Merge: 811d835960 5d82808b61 Author: Byron Hambly <[email protected]> Date: Sat Apr 12 17:54:57 2025 +0200 Merge pull request #1446 from wiz/wiz/add-liquid-dot-network-seed Add liquid.network DNS seed commit 5d82808b617db647cb995f1f88fc61b69a5a6b80 Author: wiz <[email protected]> Date: Sat Apr 12 13:54:21 2025 +0900 Add liquid.network DNS seed commit b26d38f7f2dad76bbb72a741412344b426fa4c21 Merge: 1b7ea4cd06 06880d6b43 Author: Byron Hambly <[email protected]> Date: Wed Mar 26 17:14:37 2025 +0200 Merge pull request #1441 from psgreco/elem-23.3.0rc6 Prepare 23.3.0rc6 commit 06880d6b4304fd8b04be3c300b5668f57300c593 Author: Pablo Greco <[email protected]> Date: Wed Mar 26 05:18:32 2025 -0700 Bump version to 23.3.0-rc6 commit 4a51d82d4b15c87786debed82102f9d13764f60e Merge: 1b7ea4cd06 811d835960 Author: Pablo Greco <[email protected]> Date: Wed Mar 26 05:17:41 2025 -0700 Merge branch 'master' into elem-23.3.0rc6 commit 811d8359600477b38088d12f7a686291fdad211f Merge: 3c1782e3ce 51f81f3286 Author: Pablo Greco <[email protected]> Date: Wed Mar 26 05:11:02 2025 -0700 Merge pull request #1439 from tomt1664/fix/check-missing-proofs Add missing proof checks and tests commit 51f81f32863be31d1e5baf4ef2317322c84afeaf Author: Thomas Trevethan <[email protected]> Date: Wed Mar 26 10:30:43 2025 +0000 add missing proof checks and tests commit 3c1782e3ceb10d4a0fa7012a887f266947ed83b3 Merge: 0e644ad7ab 1bb6c424c2 Author: Pablo Greco <[email protected]> Date: Wed Mar 26 04:17:30 2025 -0700 Merge pull request #1438 from delta1/simplicity-activation-dynafed fix: simplicity activation when dynafed is active commit 1bb6c424c24ef032deb962de8c3be37eceb347a2 Author: Byron Hambly <[email protected]> Date: Tue Mar 25 09:29:04 2025 +0200 simplicity: change deployment to version bit 21 commit 4b5c6e578bb236a7e8c29b306350de53c0dd8920 Author: Byron Hambly <[email protected]> Date: Mon Mar 24 14:45:28 2025 +0200 test: failing test for simplicity activation when dynafed is active commit 0e644ad7abe3011b6deb739b95de15612086656c Merge: 8dac144f0f 8cde3cd308 Author: Pablo Greco <[email protected]> Date: Mon Mar 24 08:57:19 2025 -0700 Merge pull request #1436 from delta1/test-dust test: add dust relay output value test commit 8dac144f0fb35e59384470c5915a48be55332199 Merge: b63f7ab9b5 2ec75af8d3 Author: Pablo Greco <[email protected]> Date: Mon Mar 24 07:07:20 2025 -0700 Merge pull request #1437 from delta1/security docs: update security.md commit 2ec75af8d320aa2919a79c412305d307c15ef04d Author: Byron Hambly <[email protected]> Date: Mon Mar 24 09:09:02 2025 +0200 docs: update security.md commit 8cde3cd30879369fdcb7b416b9450356936a9989 Author: Byron Hambly <[email protected]> Date: Wed Mar 19 14:40:43 2025 +0200 test: add dust relay output value test commit b63f7ab9b5e710fcd4e87f92c1981ea5f9c71bd1 Merge: abbc17048a 32390d1552 Author: Pablo Greco <[email protected]> Date: Thu Mar 13 08:00:07 2025 -0700 Merge pull request #1433 from kilrau/reduce-default-dust-relay-fee feat: reduce default dust relay fee commit 32390d15521311c49bdce4256dc8576ae142f734 Author: Byron Hambly <[email protected]> Date: Tue Mar 11 09:40:00 2025 +0200 test: use bitcoin default dustrelayfee in mempool_accept.py commit 721d55b9f374fcce2a67836b80703cc7981202a4 Author: Byron Hambly <[email protected]> Date: Tue Mar 11 09:23:26 2025 +0200 test: use bitcoin default dustrelayfee in transaction_tests commit 1b7ea4cd06a271b1626a4e6758fd439fcadf5c3f Merge: 5c0fb8fc2b 6fded6f927 Author: Byron Hambly <[email protected]> Date: Thu Mar 13 09:01:42 2025 +0200 Merge pull request #1435 from psgreco/elements-23.x-sync-1432 Sync 23.x with master after #1432 commit 6fded6f927d3af104b5d60d8a6de80457ab1307b Merge: 5c0fb8fc2b abbc17048a Author: Pablo Greco <[email protected]> Date: Wed Mar 12 08:47:53 2025 -0700 Merge branch 'master' into elements-23.x-test commit abbc17048a320910e68e347fa3ebbea770539cda Merge: 0eb2ea5cbe 9483c0a065 Author: Pablo Greco <[email protected]> Date: Wed Mar 12 08:44:10 2025 -0700 Merge pull request #1432 from tomt1664/merged-master_23.x-pick merged-master vs. elements-23.x cherry pick commit 9483c0a065e803b1fa6531086e47ba7b01cf4838 Author: Thomas Trevethan <[email protected]> Date: Tue Mar 11 23:49:01 2025 +0000 Revert "Apply acc06bc91f80ddf4e015dcdf0b984bbdbfcb5ca3 fix also to pip upgrade" This reverts commit 49f151f0133790fcd2bd2261e881d43b7b30fb35. commit c2694cf426be0cbedd39e77dd918a80aeecf2a34 Author: Byron Hambly <[email protected]> Date: Wed Sep 27 10:02:33 2023 +0200 lint: fix trailing windows whitespace in win-codesign.cert commit d74af31c9e5030d58abb5caa9209bf3bb99ec967 Author: Thomas Trevethan <[email protected]> Date: Mon Mar 10 23:02:16 2025 +0000 use elements regtest address for derive test commit 0cb8f113df33932c4df068f860270150f29b54c3 Author: muxator <[email protected]> Date: Thu Oct 6 12:03:36 2022 +0200 rpc: add non-regression test about deriveaddresses crash when index is 2147483647 This test would cause a crash in bitcoind (see #26274) if the fix given in the previous commit was not applied. Github-Pull: #26275 Rebased-From: 9153ff3e274953ea0d92d53ddab4c72deeace1b1 commit 5a43eac4d3558432b8aa3292bcbbcaf4e1cc66f1 Author: muxator <[email protected]> Date: Thu Oct 6 22:17:49 2022 +0200 rpc: fix crash in deriveaddresses when derivation index is 2147483647 2147483647 is the maximum positive value of a signed int32, and - currently - the maximum value that the deriveaddresses bitcoin RPC call accepts as derivation index due to its input validation routines. Before this change, when the derivation index (and thus range_end) reached std::numeric_limits<int_32_t>::max(), the "i" variable in the for cycle (which is declared as int, and as such 32 bits in size on most platforms) would be incremented at the end of the first iteration and then warp back to -2147483648. This caused SIGABRT in bitcoind and a core dump. This change assigns "i" an explicit size of 64 bits on every platform, sidestepping the problem. Fixes #26274. Github-Pull: #26275 Rebased-From: addf9d6502db12cebcc5976df3111cac1a369b82 commit be7b6c7990ca782e04ff897d03fccb187e00bc3f Author: fanquake <[email protected]> Date: Fri Sep 2 14:37:26 2022 +0100 Revert "build: Use Homebrew's sqlite package if it is available" This reverts ee7b84e63cbeadd5e680d69ff0548275581e9241 from #20527. This change was made without any rationale, maybe other than a brew installed version might be newer, and that's "better". However when building from source on macOS, it just results in drastically worse perofrmance, and results in issues / confusions like #25724. Resolves the "build from source" portion of #25724. Building from depends is still not ideal, however I have some other changes that might help improve things in that case. The difference in performance can be observed using the example from https://github.com/bitcoin/bitcoin/issues/25724#issuecomment-1213554922, but minified to only 10 descriptors. i.e: ```bash time src/bitcoin-cli createwallet speedy true time src/bitcoin-cli importdescriptors '[ {"desc":"raw(00145846369f3d6ba366d6f5a903fb5cf4dca3763c0e)#k9wh6v62","timestamp":"now"}, {"desc":"raw(001420800aabf13f3a4c4ce3ce4c66cecf1d17f21a6e)#6m0hlfh4","timestamp":"now"}, {"desc":"raw(0014c6bf9715e06d73ebf9b3b02d5cc48d24d8bbabc1)#wyavh36r","timestamp":"now"}, {"desc":"raw(00141ba7807b3f46af113beaea5c698428ce7138cd8a)#jctdsups","timestamp":"now"}, {"desc":"raw(00140c1bd27f10fff01b36ddf3c1febaa1acff19b080)#9s6nc3pk","timestamp":"now"}, {"desc":"raw(00141226e31987e4bc2e63c0ee12908f675e40464b20)#9pp7qm39","timestamp":"now"}, {"desc":"raw(0014f73f149f7503960a5e849c6ee7a8a8c336f631cb)#qtkxv9fc","timestamp":"now"}, {"desc":"raw(0014c8ccb4d81ffc769fc5fdd8d7eed69b0e0cae5749)#hn39qayv","timestamp":"now"}, {"desc":"raw(001498565aead2d67a22a6021d55210f2a917fc22169)#6ar3vwsx","timestamp":"now"}, {"desc":"raw(001403013248ac0cd9eabe176cad162cda2a19f771e1)#4m47mukd","timestamp":"now"} ]' ``` Running master, when building from souce and using brew installed sqlite, this takes ~3.4s. With this PR, the same operation takes ~0.3s. Github-Pull: #25985 Rebased-From: d216d714aae36e6f1c95f82aef81a0be74dee2f3 commit 5def1b2a98c09e51eec3d6d0e7e5c8a82acfb501 Author: Hennadii Stepanov <[email protected]> Date: Fri Sep 2 12:50:12 2022 +0100 Prevent data race for `pathHandlers` Github-Pull: bitcoin/bitcoin#25983 Rebased-From: 4296dde28757d88a7076847484669fb202b47bc8 commit cd457a5212283376caea9d9b080a338c1ce9a456 Author: fanquake <[email protected]> Date: Wed Aug 17 12:18:57 2022 +0100 guix: use --build={arch}-guix-linux-gnu in cross toolchain Technically we are always cross-compiling, so make that explicit. Fixes: #22458. Github-Pull: #25861 Rebased-From: 56e79fe683d36c1944e52326fae3bcc4cb7deec7 commit f12ddd1a5c9ffdd6f0b0ef98a71662622299ed4a Author: fanquake <[email protected]> Date: Fri Aug 5 11:48:15 2022 +0100 guix: patch NSIS to remove .reloc sections from install stubs With the release of binutils/ld 2.36, ld swapped to much improved default settings when producing windows binaries with mingw-w64. One of these changes was to stop stripping the .reloc section from binaries, which is required for working ASLR. .reloc section stripping is something we've accounted for previously, see #18702. The related upstream discussion is in this thread: https://sourceware.org/bugzilla/show_bug.cgi?id=19011. When we switched to using a newer Guix time-machine in #23778, we begun using binutils 2.37 to produce releases. Since then, our windows installer (produced with makensis) has not functioned correctly when run on a Windows system with the "Force randomization for images (Mandatory ASLR)" option enabled. Note that all of our other release binaries, which all contain .reloc sections, function fine under the same option, so it cannot be just the presence of a .reloc section that is the issue. For now, restore makensis to it's pre-binutils-2.36 behaviour, which fixes the produced installer. The underlying issue can be further investigated in future. Github-Pull: #25788 Rebased-From: 7a0b129c41d9fefdbc20d6d04983dd87bb8379e7 commit 8821acdace4b06072394b80f146a176deae61024 Author: fanquake <[email protected]> Date: Mon Aug 1 12:06:07 2022 +0100 bdb: disable Werror for format-security This is causing build failures in some build environments, like NixOS. I don't think we are going to patch bdb at this point, and this warning has existed for as long as we've used bdb. Fixes #25211. Tested (in Docker) with: ```bash docker run -it nixos/nix nix-shell -p gitMinimal gcc12 libtool pkg-config curl gnumake patch autoconf automake git clone https://github.com/bitcoin/bitcoin make -C bitcoin/depends bdb ``` Co-authored-by: Ryan Ofsky <[email protected]> Github-Pull: #25763 Rebased-From: b46c6ec52e1501b8c4337cead0301ef2c3777dd6 commit b682cac34cdbb264094bafc67c2cc73522e6da41 Author: Andrew Chow <[email protected]> Date: Fri Jul 15 11:34:21 2022 -0400 Disallow encryption of watchonly wallets Watchonly wallets do not have any private keys to encrypt. It does not make sense to encrypt such wallets, so disable the option to encrypt them. This avoids an assertion that can be hit when encrypting watchonly descriptor wallets. Github-Pull: bitcoin-core/gui#631 Rebased-From: 4c495413e138ec1dd6874e41b44e689f0c15e0e3 commit ebc21211b4b213492dfc34b23f824f3359e49018 Author: fanquake <[email protected]> Date: Tue Jun 21 10:06:15 2022 +0100 build: suppress array-bounds errors in libxkbcommon These occur when building with GCC 12.1. It might be the case that these would be suppressed by updating the package, but that would also require installing new build tools (meson), as well as potentially more dependencies (wayland). ```bash In function 'ExprCreateBoolean', inlined from 'BoolVarCreate' at src/xkbcomp/ast-build.c:316:19: src/xkbcomp/ast-build.c:119:23: error: array subscript 'ExprDef[0]' is partly outside array bounds of 'unsigned char[32]' [-Werror=array-bounds] 119 | expr->boolean.set = set; | ~~~~~~~~~~~~~~~~~~^~~~~ In function 'ExprCreate', inlined from 'ExprCreateBoolean' at src/xkbcomp/ast-build.c:118:5, inlined from 'BoolVarCreate' at src/xkbcomp/ast-build.c:316:19: src/xkbcomp/ast-build.c:75:21: note: object of size 32 allocated by 'malloc' 75 | ExprDef *expr = malloc(size); | ^~~~~~~~~~~~ ``` Github-Pull: #25436 Rebased-From: 1bdbbbdc46c4e50bf07bc362e7e391ea1a53ea2f commit 33c7e406626e3f01fc26b76bddeea9e1e3b38096 Author: Martin Zumsande <[email protected]> Date: Wed Jun 8 15:22:41 2022 -0400 p2p: always set nTime for self-advertisements If we self-advertised to an inbound peer with the address they gave us, nTime was left default-initialized, so that our peer wouldn't relay it any further along. Github-Pull: #25314 Rebased-From: 99b9e5f3a9fa29bbc1e45fc958470fbcc207ef23 commit 2f9042a96785976d17caf98d61a57fa355fa3c15 Author: brunoerg <[email protected]> Date: Wed May 25 15:17:12 2022 -0300 test: ensure createmultisig and addmultisigaddress are not returning any warning for expected cases Github-Pull: #25220 Rebased-From: 3a9b9bb38e653c8ff7220b9af6e337a90c2c22dc commit 063ab84097b225fe613c7543ba8d575ba70f491c Author: brunoerg <[email protected]> Date: Wed May 25 15:16:22 2022 -0300 rpc: fix inappropriate warning for address type p2sh-segwit in createmultisig and addmultisigaddress Github-Pull: #25220 Rebased-From: eaf6f630c0190c634b5f1c85f749437f4209cc36 commit 0a9b960d32cf8739de1c62a62ad1335761aff2f2 Author: Martin Zumsande <[email protected]> Date: Sun May 29 14:36:53 2022 +0200 rpc: Capture potentially large UniValue by ref for rpcdoccheck Github-Pull: 25237 Rebased-From: 20ff4991e548630d7bb5e491fa4d69ec49369872 commit 078731cd463eed75fa75873073e722ff6073898a Author: Andrew Chow <[email protected]> Date: Tue May 24 12:55:03 2022 -0400 windeploy: Renewed windows code signing certificate Github-Pull: #25201 Rebased-From: 7e9fe6d800ee8f3381e8f6ad2371f7775c68fad9 commit e4c4890d09ea882b19f985da42669134be8d19eb Author: Kilian <[email protected]> Date: Mon Mar 10 17:00:40 2025 +0100 feat: reduce default dust relay fee commit 0f68c548acd275c3578228fd5ee8adf557cfd8ad Author: fanquake <[email protected]> Date: Wed Apr 13 11:41:45 2022 +0100 guix: fix GCC 10.3.0 + mingw-w64 setjmp/longjmp issues This commit backports a patch to the GCC 10.3.0 we build for Windows cross-compilation in Guix. The commit has been backported to the GCC releases/gcc-10 branch, but hasn't yet made it into a release. The patch corrects a regression from an earlier GCC commit, see: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=357c4350680bf29f0c7a115424e3da11c53b5582 and https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=074226d5aa86cd3de517014acfe34c7f69a2ccc7, related to the way newer versions of mingw-w64 implement setjmp/longjmp. Ultimately this was causing a crash for us when Windows users were viewing the network traffic tab inside the GUI. After some period, long enough that a buffer would need reallocating, a call into FreeTypes gray_record_cell() would result in a call to ft_longjmp (longjmp), which would then trigger a crash. Fixes: https://github.com/bitcoin-core/gui/issues/582. See also: https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=e8d1ca7d2c344a411779892616c423e157f4aea8. https://bugreports.qt.io/browse/QTBUG-93476. Github-Pull: #24842 Rebased-From: 457148a803cee02897b7428fa7b3eb93eed71e4c commit ae24ae306c5da9ee2a423952159c9eebb0cf099c Author: Luke Dashjr <[email protected]> Date: Wed Feb 9 01:10:39 2022 +0000 RPC: Switch getblockfrompeer back to standard param name blockhash This commit partially reverts 923312fbf6a89efde1739da0b7209694d4f892ba. Github-Pull: #24806 Rebased-From: 88917f93cc01b5e881072b0e476b74d20b7673c4 commit 7470961fb05af6227b3308dcfdd2d9bc9c71744f Author: Pavol Rusnak <[email protected]> Date: Fri Mar 25 10:32:32 2022 +0100 build, qt: bump Qt5 version to 5.15.3 Qt 5.15.3 release is a patch release made on the top of Qt 5.15.2. As a patch release, Qt 5.15.3 does not add any new functionality but provides bug fixes and other improvements. https://code.qt.io/cgit/qt/qtreleasenotes.git/about/qt/5.15.3/release-note.md * dropped patches: - patches/qt/dont_use_avx_android_x86_64.patch - patches/qt/fix_bigsur_style.patch * adjusted patches: - patches/qt/fix_android_jni_static.patch - patches/qt/fix_limits_header.patch - patches/qt/use_android_ndk23.patch Co-authored-by: Hennadii Stepanov <[email protected]> Github-Pull: bitcoin/bitcoin#24668 Rebased-From: ef20add4c98674183720d9631ac780f9a248b487 commit d572cdf7593f4db61e62f0d5b32af721e15c4ae0 Author: fanquake <[email protected]> Date: Fri Apr 1 10:43:32 2022 +0100 guix: fix vmov alignment issues with gcc 10.3.0 & mingw-w64 This introduces a patch to our GCC (10.3.0) mingw-w64 compiler, in Guix, to make it avoid using aligned vmov instructions. This works around a longstanding issue in GCC, https://gcc.gnu.org/bugzilla/show_bug.cgi?id=54412, which was recently discovered to be causing issues, see #24726. Note that distros like Debian are also patching around this issue, and that is where this patch comes from. This would also explain why we haven't run into this problem earlier, in development builds. See: https://salsa.debian.org/mingw-w64-team/gcc-mingw-w64/-/blob/master/debian/patches/vmov-alignment.patch. Fixes #24726. Alternative to #24727. See also: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939559 Github-Pull: #24736 Rebased-From: d6fae988eff78e28756d9b6219ec0239c420f51b commit 8bde23c8e7577afd5bd0106eec407bdebee2ed16 Author: Hennadii Stepanov <[email protected]> Date: Fri Apr 1 10:28:10 2022 +0200 build: Fix "ERR: Unsigned tarballs do not exist" Github-Pull: #24733 Rebased-From: 7762c5683f91a066cf833a19e7c0153942395cb1 commit cc323e0d95347dc57c8e927b15270af47b729ebc Author: Hennadii Stepanov <[email protected]> Date: Tue Mar 29 22:28:42 2022 +0200 wallet: Postpone NotifyWalletLoaded() for encrypted wallets Too early NotifyWalletLoaded() call in CWallet::Create() results the notification goes before DescriptorScriptPubKeyMans were created and added to an encrypted wallet. Co-authored-by: Andrew Chow <[email protected]> Github-Pull: bitcoin/bitcoin#24711 Rebased-From: 0c12f0116ca802f55f5ab43e6c4842ac403b9889 commit 92a518c4f3357a29dc56557a97a588505cd46a6a Author: Hennadii Stepanov <[email protected]> Date: Tue Mar 29 22:08:26 2022 +0200 wallet, refactor: Add wallet::NotifyWalletLoaded() function This change is a prerequisite for the following bugfix. Github-Pull: bitcoin/bitcoin#24711 Rebased-From: aeee419c6aae085cacd75343c1ce23486b2b8916 commit 17562c0a583c83a66a8d1fc0e71475eec09e92e6 Author: Hennadii Stepanov <[email protected]> Date: Mon Mar 28 09:14:29 2022 +0200 util: Add inotify_rm_watch to syscall sandbox (AllowFileSystem) Github-Pull: bitcoin#24690 Rebased-From: f05a4cd commit fb888905f50c719fba82d8ee86e8a587f3dd6906 Author: Andrew Chow <[email protected]> Date: Tue Mar 1 09:09:10 2022 -0500 tests: Calculate input weight more accurately The external input test with specifying input weight would make a pessimistic estimate of the input weight. However this would result in a test failure as it is sometimes too pessimistic when an ECDSA signature ends up being smaller than usual. To correct this, we can calculate the input weight more accurately. Github-Pull: #24454 Rebased-From: 8a04a386f75d099f4b9864b0cdf7f26442b5801f commit ba78a0a8cb76d12bf40ae3f920c10486d79a5157 Author: fanquake <[email protected]> Date: Thu Mar 24 11:48:36 2022 +0000 util: add linkat to syscall sandbox (AllowFileSystem) Github-Pull: bitcoin#24659 Rebased-From: 9809db3 commit ff3e02f606eb20fdbf350ccf1c8ab5eef1f6353a Author: Vasil Dimov <[email protected]> Date: Wed Mar 23 11:25:19 2022 +0100 options: flip listenonion to false if not listening If the user has unchecked "Allow incoming connections" in `Settings->Options...->Network` then `fListen=false` is saved in `~/.config/Bitcoin/Bitcoin-Qt.conf`. This flips `-listen` to `false` during startup, but leaves `-listenonion` to `true`. This flipping of `-listen` is done in `OptionsModel::Init()` after `InitParameterInteraction()` has been executed which would have flipped `-listenonion`, should it have seen `-listen` being `false` (this is a difference between `bitcoind` and `bitcoin-qt`). Fixes: https://github.com/bitcoin-core/gui/issues/567 Github-Pull: bitcoin-core/gui#568 Rebased-From: 7f90dc26c8938f348938929b6d8bf1ea6f149209 commit 218360bb7120bc0ffdeefc9bdfd878530fb82b1f Author: Thomas Trevethan <[email protected]> Date: Mon Mar 10 14:39:32 2025 +0000 fix prefix commit e8941f064a96a584583b4d4c02af57441a5c12db Author: MarcoFalke <[email protected]> Date: Tue Mar 22 11:49:58 2022 +0100 rpc: Exclude descriptor when address is excluded Github-Pull: bitcoin#24636 Rebased-From: faf37c2 commit ccb3a3e63688b01b246125b3702e0ab42a5bf675 Author: Jon Atack <[email protected]> Date: Fri Mar 18 01:18:14 2022 +0100 Clarify in -maxtimeadjustment that only outbound peers influence time data Github-Pull: bitcoin#24609 Rebased-From: 1bba72d commit d5746d466e1b17590dd4d79521822a871b65c1cb Author: Andrew Chow <[email protected]> Date: Tue Mar 15 14:02:27 2022 -0400 Update signapple for platform identifier fix Github-Pull: #24573 Rebased-From: 3c74f775ac956de4da4fc076b2360b687531cd63 commit e182058ad083bb839a96dc2ccb68324a69006688 Author: Hennadii Stepanov <[email protected]> Date: Wed Mar 16 12:03:22 2022 +0100 guix: Use "win64" for Windows artifacts consistently Github-Pull: #24549 Rebased-From: 53dd6165b8994301d638298906b006032e0bbe48 commit 45fdd42927883941472af2c38b8b6bc06761f549 Author: Thomas Trevethan <[email protected]> Date: Mon Mar 10 13:03:15 2025 +0000 fixed tests commit 513c001fab62d717d1a3d0f99a78c46bacc22fff Author: Hennadii Stepanov <[email protected]> Date: Wed Mar 16 07:37:35 2022 +0100 guix: Drop "-signed" suffix for signed macOS .dmg files This change makes naming of the signed artifacts consistent across different OSes, including Windows. Github-Pull: #24549 Rebased-From: 4b4b04a66d8f088f6aa9ec6398db49d40481910f commit 62b5e053d8677268aa67fba07bea4c182166249f Author: Sebastian Falbesoner <[email protected]> Date: Sun Mar 13 21:44:28 2022 +0100 contrib: fix signet miner (sighash mismatch) PSBT signing was changed to use SIGHASH_DEFAULT by default in #22514. The signet miner script sets the sighash type of the created PSBT to SIGHASH_ALL, hence this leads to a sighash mismatch when the `walletprocesspsbt` RPC is called. Fix this by explicitly passing the correct sighash type. Note that the same change was needed in one of our functional tests, see commit d3992669df826899a3de78a77a366dab46028026. Reported by gruve-p. Github-Pull: bitcoin#24553 Rebased-From: 12cc020 commit fd2a5b7a4e980be6cfd0de3720494ebe3fa222be Author: Hennadii Stepanov <[email protected]> Date: Sun Mar 13 09:59:41 2022 +0100 guix: Use $HOST instead of generic osx{64} for macOS artifacts Github-Pull: #24549 Rebased-From: 933a43018f0f1c0b72acbfa9de5e0f84bf49d0a2 commit 608381c1e8f4c62e3948815b015cf29e90a729f6 Author: Jon Atack <[email protected]> Date: Fri Mar 11 10:21:48 2022 +0100 rpc: rename getdeploymentinfo status-next to status_next Github-Pull: bitcoin#24528 Rebased-From: 5d7c69b commit b6702135795ee42a1c2f002266aa64935e01bcc2 Author: Martin Zumsande <[email protected]> Date: Thu Mar 10 20:24:11 2022 +0100 test: set segwit height back to 0 on regtest This was changed in #22818 from 0 to 1. Since it changes BLOCK_OPT_WIT of the genesis block, older versions of bitcoin core would not read regtest directories created with newer versions without a reindex. Github-Pull: bitcoin#24527 Rebased-From: 5ce3057 commit 141288d44d8d0682ffb06dad7ca2ffe4a0487ff2 Author: Andrew Chow <[email protected]> Date: Wed Mar 9 09:09:40 2022 -0500 build, mac: Include arch in codesignature tarball Github-Pull: #24506 Rebased-From: 0189df1d3171082caf743ef3b0968f43c71303f5 commit 638095e8112112509316f56600df02322d65ea34 Author: Andrew Chow <[email protected]> Date: Wed Mar 9 09:50:53 2022 -0500 guix: use latest signapple Github-Pull: #24506 Rebased-From: 6e9308c6d4ed9fbf909c7234ae31245747183be3 commit 7e7dbadf448e5bdfd8721de22d06e6e3e724466d Author: Ryan Ofsky <[email protected]> Date: Mon Mar 7 13:29:46 2022 -0500 test: Add tests for GetArg methods / settings.json type coercion Just add tests. No changes to application behavior. Tests will be updated in the next commit changing & improving current behavior. Include a Qt test for GUI startup crash reported by Rspigler in https://github.com/bitcoin/bitcoin/issues/24457 caused by GetArg behavior that happens if settings.json contains an integer value for any of the configuration options which GUI settings can currently clash with (-dbcache, -par, -spendzeroconfchange, -signer, -upnp, -natpmp, -listen, -server, -proxy, -proxy, -onion, -onion, -lang, and -prune). Github-Pull: bitcoin/bitcoin#24498 Rebased-From: 84b0973e35dae63cd1b60199b481e24d54e58c97 commit 33fe2da55e8853cdb79ef275799fdcea3de6214c Author: fanquake <[email protected]> Date: Sun Mar 6 10:16:58 2022 +0000 guix: use same commit for codesigning time-machine The time machines should be updated in lockstep. Github-Pull: #24484 Rebased-From: 29862bdd402112a98d5da08cb9909bd427b955ad commit 5c0fb8fc2bfb8ed81a5ae184eaef82fefc6a0968 Merge: f4e65b1aa9 30eeffdfaf Author: Byron Hambly <[email protected]> Date: Wed Mar 5 09:41:18 2025 +0200 Merge pull request #1431 from psgreco/elem-23.3.0rc5 Prepare 23.3.0rc5 commit 30eeffdfafe3f057066ab7fc7bc1558380fef426 Author: Pablo Greco <[email protected]> Date: Tue Mar 4 08:54:23 2025 -0800 Bump version to 23.3.0-rc5 commit 54fa255b8569753053a62e969543e5111f468cc3 Merge: f4e65b1aa9 0eb2ea5cbe Author: Pablo Greco <[email protected]> Date: Tue Mar 4 08:53:38 2025 -0800 Merge branch 'master' into elem-23.3.0rc5 commit 0eb2ea5cbec2e5624876867b043a506b022ef78c Merge: df4e99dca3 3a80782963 Author: Byron Hambly <[email protected]> Date: Tue Mar 4 14:53:57 2025 +0200 Merge pull request #1425 from ElementsProject/simplicity Avoid double free in simplicity pointer when copying PrecomputedTrans… commit 3a80782963e3d7bd5b5b6acdd4236bdc75ddadbb Author: Russell O'Connor <[email protected]> Date: Mon Mar 3 17:35:07 2025 -0500 Avoid double free in simplicity pointer when copying PrecomputedTransactionData We cannot put a raw pointer into a class that has a default copy constructor. commit df4e99dca3b9f4a49592b98fed3af8aeed6035ae Merge: 7ed2768dca 59c30c0779 Author: Byron Hambly <[email protected]> Date: Wed Feb 26 14:50:20 2025 +0200 Merge pull request #1423 from psgreco/master-win64-fixassert Fix Assert crash in win64 native builds commit 59c30c077964474940459731fc5a2f8f1a0a419a Author: Pablo Greco <[email protected]> Date: Tue Feb 25 13:50:40 2025 -0800 Blinding: update change_position after calling fillBlindDetails commit 4058bd114b43c45dfcc10a85f7db2d4793a44236 Author: Pablo Greco <[email protected]> Date: Tue Feb 25 14:56:58 2025 -0800 Remove extra ; in confidential.h commit 7ed2768dca2a2c77c0a71bb24947aedbc1302dc2 Merge: 1ded38874e b92a3ceda2 Author: Byron Hambly <[email protected]> Date: Mon Feb 24 15:58:18 2025 +0200 Merge pull request #1421 from psgreco/master-fixlock Fix tests and build warnings commit b92a3ceda298737aa1ec217c26b67280ad2944bc Author: Pablo Greco <[email protected]> Date: Thu Feb 20 05:13:24 2025 -0800 TSAN: Avoid unlocked access to pindexBestHeader commit 38065e11594497ed9fb6eea3df5390ffff400f01 Author: Pablo Greco <[email protected]> Date: Tue Feb 18 15:57:43 2025 -0800 Fix warning about mixing enum and int commit d973e36ffacf8aebd1df692d92cb3f77c338fa75 Author: Pablo Greco <[email protected]> Date: Thu Feb 20 21:01:10 2025 -0800 Win64 Native: Fix PACKAGE_NAME and bug report url commit 73c542ea58a376d07bd24d6a461e0d7651c4d883 Author: Pablo Greco <[email protected]> Date: Sun Feb 23 14:30:07 2025 -0800 Fix error reading cookie file on windows when path contains UTF-8 commit fe044838753aa5b972cd79bdc1ecd78af10b5985 Author: Pablo Greco <[email protected]> Date: Sun Feb 23 14:29:27 2025 -0800 Avoid concatenating default path when mainchainrpccookiefile is an absolute path commit 258d9d3c87043fbc82d7c0e91b089a99b0e77812 Author: Pablo Greco <[email protected]> Date: Sat Feb 22 14:41:44 2025 -0800 feature_fedpeg: Use os.join instead of hardcoded separator commit 305de6d265f2861dd7510b2f71add6dff6f83d4d Author: Pablo Greco <[email protected]> Date: Sat Feb 22 06:02:50 2025 -0800 feature_confidential_transactions: Use system temp dir instead of hardcoded /tmp commit cd67236c127a84d51f160723b584e1e6676f64b1 Author: Pablo Greco <[email protected]> Date: Thu Feb 20 05:13:49 2025 -0800 feature_discount_ct: some txs can return 2 different weights, adapt the test to it commit 1ded38874e0b159f59fc1364db67749714156de2 Merge: 12c586a3bf c211d1a4d9 Author: Byron Hambly <[email protected]> Date: Wed Feb 19 10:01:05 2025 +0200 Merge pull request #1420 from ElementsProject/simplicity Simplicity commit f4e65b1aa910599c6313ac1b01e86470de254239 Merge: dd4703ab30 5fb1cea0a1 Author: Byron Hambly <[email protected]> Date: Wed Feb 19 09:57:41 2025 +0200 Merge pull request #1419 from psgreco/elem-23.3.0rc4 Prepare 23.3.0rc4 commit c211d1a4d967e52257684ffaeeaebfff0ea53ee7 Merge: 12c586a3bf 37adf7d72d Author: Russell O'Connor <[email protected]> Date: Tue Feb 18 13:11:04 2025 -0500 Merge commit '37adf7d72df079b97e622f5d9a61dd029c71afa1' into simplicity commit 37adf7d72df079b97e622f5d9a61dd029c71afa1 Author: Russell O'Connor <[email protected]> Date: Tue Feb 18 13:11:04 2025 -0500 Squashed 'src/simplicity/' changes from 4858b89526..b549192109 b549192109 codespell: fix typos git-subtree-dir: src/simplicity git-subtree-split: b5491921095b28bc554c325a7d05274690483a6f commit 5fb1cea0a19d1fc7bd7d0c0df50f0852683b2857 Author: Pablo Greco <[email protected]> Date: Tue Feb 18 06:49:37 2025 -0800 Bump version to 23.3.0-rc4 commit 69b18d4bef2baaa6726d2be424bfcbdd2afeb7e9 Merge: dd4703ab30 12c586a3bf Author: Pablo Greco <[email protected]> Date: Tue Feb 18 06:42:25 2025 -0800 Merge branch 'master' into elem-23.3.0rc4 commit 12c586a3bf5dd8effe95832cf6f7d8ef83839082 Merge: c9c21cf7df 7f56623441 Author: Byron Hambly <[email protected]> Date: Tue Feb 18 16:05:44 2025 +0200 Merge pull request #1417 from psgreco/master-fix-win64native Fix Win64 native unit test commit c9c21cf7df4fe922ac20bb6e93c0f3807ddf34f2 Merge: e343610b99 0bff9b06f7 Author: Byron Hambly <[email protected]> Date: Tue Feb 18 15:06:38 2025 +0200 Merge pull request #1416 from apoelstra/2025-02--psbt-fix pset: fix NULL pointer dereference when deserializing malformed PSETs over RPC commit 7f56623441aeb04c5a2f8c32b95d5f828f52feac Author: Jon Atack <[email protected]> Date: Fri Apr 1 12:23:01 2022 +0200 Put lock logging behind DEBUG_LOCKCONTENTION preprocessor directive commit 0bff9b06f7086e83aca2fb00dabe35a68eb61eae Author: Andrew Poelstra <[email protected]> Date: Fri Feb 14 02:30:18 2025 +0000 psbt: guard against empty PSBT transaction There is a crashing bug in psbt.h which works as follows. This occurs in the psbt_deserialize_input fuzz test, which deserializes an input and then tries to reserialize it. Here a PSET input may contain a mainchain transaction, which is where our trouble is. The process is as follows: 1. On line 901, we create a CTransactionRef, which is a newtype around std::shared_ptr<CTransaction> which defaults to being null. 2. On line 903 we then call `UnserializeFromVector` to populate this, where this is a helper function which attempts to read some number of objects from a byte vector, i.e. a length-prefixed blob. 3. HOWEVER, `UnserializeFromVector` when given an empty vector, decides that it has successfully deserialized zero elements, and returns. 4. Then, on line 904 we assign the CTransactionRef, which is a valid std::shared_ptr whose internal pointer is NULL, to `m_peg_in_tx`, which is a variant of monostate, Bitcoin::CTransactionRef, and CTransactionRef. Its variant changes from the default monostate to CTransactionRef. 5. Then, on line 419, we call `std::get_if<CTransactionRef>` on this object, which returns a std::optional<CTransactionRef>. Because `m_peg_in_tx` is in the `CTransactionRef` variant, this succeeds, returning a true std::optional containing a valid std::shared_ptr which contains a NULL pointer. 6. Then, on line 420, we call `if (peg_in_tx)`, which is true, because we have a true std::optional. We then dereference it on line 423, which is perfectly legal, to get our std::shared_ptr, and pass this shared pointer to SerializeToVector. 7. SerializeToVector passes through like 6 layers of serialize.h obfuscation and eventually dereferences the shared pointer, but because it's NULL, this is a NULL pointer dereference, and we get a crash. There are two lessons here: 1. Don't use C++. As I say in acf709b3ab4bf992482b6bbb93ed46681765638d, where I introduced some of the offending code here (but only by replacing boost stuff with their STL equivalents; the bug existed before I did this), "what a trainwreck of a language". 2. Don't use `UnserializeFromVector` and expect it to throw if the data you're deserializing is malformed. If it's malformed in the sense of being empty, it will "succeed" and silently do nothing. I glanced at every other instance of UnserializeFromVector to check what will happen when it's passed an empty string. I believe there are no other cases where it will fail to initialize a NULL pointer, so I believe that this will not cause other crashes. But I also believe that the behavior in this case is almost always wrong and that we parse malformed PSETs in crazy and incorrect ways all over the place. If anybody has a problem with this, I encourage you to go review the Bitcoin PSBT2 PRs, which this stuff is based on, which have been languishing in rebase hell for the better part of a decade. Don't blame the author for not writing perfect code in a hostile language with no support. After this PR I ran the fuzzer for 16 hours on a 192-thread machine (so 3072 CPU-hours) and didn't see any more crashes. commit f7826f919906e0cb34f9a838ab5e40bec96e27dd Author: Andrew Poelstra <[email protected]> Date: Fri Feb 14 00:43:36 2025 +0000 psbt: avoid assigning non-boolean values to bool (ubsan) ubsan doesn't like assigning arbitrary uint8_t values to bool. It's easy to avoid doing, so do it. (We do this specifically in PSET since that's Elements-specific code, but the same issue is present in Bitcoin in the Unserialize impl for bool in serialize.h. Upstream this is only used in the wallet database, where it may be that non 0/1 values are impossible (absent a corrupt wallet). commit e343610b994b9ef2613887815af1627e0dcd1182 Merge: 0397d22941 a2d24eff9e Author: Byron Hambly <[email protected]> Date: Fri Feb 14 16:23:16 2025 +0200 Merge pull request #1414 from apoelstra/2025-02--fuzz-update fuzz: minor updates to the Simplicity fuzz tests commit a2d24eff9ea5f56607c8b3fa828cdca8c297640d Author: Andrew Poelstra <[email protected]> Date: Thu Feb 13 15:55:28 2025 +0000 fuzz: remove dead code from simplicity_tx.cpp commit 69c241592f458a88c90c33b31026811db157edd8 Author: Andrew Poelstra <[email protected]> Date: Thu Feb 13 23:08:57 2025 +0000 fuzz: update simplicity_tx target to hit simplicity CMR error commit 0397d22941289bf0a2d00418c9179eb8001e95ef Merge: 24b43eaa66 b475a32abd Author: Pablo Greco <[email protected]> Date: Thu Feb 13 10:07:47 2025 -0800 Merge pull request #1409 from ElementsProject/simplicity Simplicity commit 24b43eaa6634f7b8507d24da26bec1f8a57d0142 Merge: b8cf7b768d 2f1b86e84a Author: Pablo Greco <[email protected]> Date: Thu Feb 13 06:51:24 2025 -0800 Merge pull request #1413 from delta1/lint-merge-prs lint: fix shellcheck, spelling, and locale commit b8cf7b768d2a627fc1ecbca04ea12d49fac782fd Merge: 8a948be6df 49f151f013 Author: Byron Hambly <[email protected]> Date: Thu Feb 13 16:34:20 2025 +0200 Merge pull request #1412 from psgreco/master-fix-macos CI: Fix macos native build commit 2f1b86e84a6087be5aa4bd0f61d3c2f44a60abd5 Author: Byron Hambly <[email protected]> Date: Thu Feb 13 15:59:05 2025 +0200 lint: fix shellcheck, spelling, and locale commit 49f151f0133790fcd2bd2261e881d43b7b30fb35 Author: Pablo Greco <[email protected]> Date: Sat Feb 8 07:05:42 2025 -0800 Apply acc06bc91f80ddf4e015dcdf0b984bbdbfcb5ca3 fix also to pip upgrade commit a121cf0e637eb88d6da29d50b9ef1b92d8e24e26 Author: Pablo Greco <[email protected]> Date: Mon Jan 27 11:54:40 2025 -0800 Manually pick acc06bc91f80ddf4e015dcdf0b984bbdbfcb5ca3 from bitcoin commit cde308e66756f502088e0cf8eaa568a8181bba85 Author: Hennadii Stepanov <[email protected]> Date: Tue Oct 25 09:49:16 2022 +0100 ci: Use `macos-ventura-xcode:14.1` image for "macOS native" task Github-Pull: #26388 Rebased-From: da168934741b776bce07d5503ca2344d300723b3 commit 93218750de7c36125e7245918aeded4d53458077 Author: Hennadii Stepanov <[email protected]> Date: Tue Oct 25 09:48:35 2022 +0100 ci: Make `getopt` path architecture agnostic Github-Pull: #26388 Rebased-From: 702836530ffa351e863b1b1300fd2e559a14ef23 commit d789538aab71c310235692934983426e1326cb85 Author: Hennadii Stepanov <[email protected]> Date: Tue May 17 20:57:55 2022 +0200 ci: Improve naming related to "macOS 12 native x86_64" task Github-Pull: #25444 Rebased-From: 0bb7a1f71db1d986ab824d114534fb7671024990 commit 6e6c6d07b78273abf473fb2e06ac5bde1795dede Author: Hennadii Stepanov <[email protected]> Date: Tue May 17 13:10:42 2022 +0200 ci, refactor: Add `MACOS_NATIVE_TASK_TEMPLATE` A native macOS task does not aware of Linux container settings, and it does not use the `depends_built_cache`. Github-Pull: #25444 Rebased-From: 8e017f32889e9536a436f40c91f34f24bfd10525 commit 8a948be6df26c924c9ecf1f6d47425704d5ab515 Merge: 5cb3acef29 443a8c8174 Author: Byron Hambly <[email protected]> Date: Thu Feb 13 09:48:39 2025 +0200 Merge pull request #1210 from gwillen/feature-andrew-merge-script Check in Andrew's script for merging changes into Elements integration branch commit 5cb3acef29bfb5379f1d80385c622a7b75df3b11 Merge: 077ae2d91a 662e11857f Author: Byron Hambly <[email protected]> Date: Thu Feb 13 09:47:55 2025 +0200 Merge pull request #1310 from GoodDaisy/master Fix typos commit 077ae2d91ac46a123d0544c10c2fe31efc85d41d Merge: e41b225107 5bff237cb4 Author: Byron Hambly <[email protected]> Date: Thu Feb 13 09:04:51 2025 +0200 Merge pull request #1408 from psgreco/master-fix-win64 Fix native win64 build (part 2) commit 5bff237cb428acfe78e1ee068bb5391a351c2621 Author: Pablo Greco <[email protected]> Date: Wed Feb 12 08:04:38 2025 -0800 CI: Win64 native: do not fail on functional tests Windows native builds are really a best effort, but not a blocker. Let's keep running them to see what we can fix, but keeping a green pipeline. Also disabled a couple of long-running tests due to being close to the timeout commit e3011270b85075ee5d8c8557ed4ff8ba8828eb07 Author: Pablo Greco <[email protected]> Date: Mon Feb 3 03:49:50 2025 -0800 Win64: set the right TargetName in native builds commit 9fc3797c7e214edf4236e9017dfb8702c2344d07 Author: Russell O'Connor <[email protected]> Date: Wed Feb 12 14:05:32 2025 -0500 Squashed 'src/simplicity/' changes from c2d4c3d07b..4858b89526 4858b89526 Remove unneed UBOUNDED_MAX checks git-subtree-dir: src/simplicity git-subtree-split: 4858b895261665cbe1b777c821e63c24ba3c625b commit b475a32abd38bae8a7b6a9899a2e8e7bccd61396 Merge: e41b225107 9fc3797c7e Author: Russell O'Connor <[email protected]> Date: Wed Feb 12 14:05:32 2025 -0500 Merge commit '9fc3797c7e214edf4236e9017dfb8702c2344d07' into simplicity commit e41b2251072c3dc0a8e4555411c6e3cb19479b7b Merge: a259bc3693 bd852baca6 Author: Byron Hambly <[email protected]> Date: Wed Feb 12 14:15:27 2025 +0200 Merge pull request #1384 from apoelstra/2024-12--simple-fuzz simplicity: add fuzz target commit a259bc369382c44bfe605482f96b5bbf4a346a55 Merge: d020546243 2c9c6cd7a0 Author: Byron Hambly <[email protected]> Date: Wed Feb 12 12:38:20 2025 +0200 Merge pull request #1341 from delta1/discount-test-vectors test: add discountvsize test vectors commit 2c9c6cd7a0b7e838a748f8f0d7f8b98e7b93cd6a Author: Byron Hambly <[email protected]> Date: Wed Jun 19 10:49:12 2024 +0200 test: add discountvsize test vectors commit bd852baca64c206d3fbe6e4d32d8ab2d7167c1dc Author: Andrew Poelstra <[email protected]> Date: Tue Feb 11 03:02:01 2025 +0000 ci: add more ubsan suppressions commit 3fe5d12c573d1bd53510f11d31000abd9bf96388 Author: Andrew Poelstra <[email protected]> Date: Thu Feb 6 23:29:10 2025 +0000 fuzz: simplicity: use zero CMR for invalid programs When we have an invalid program, use a zero CMR and create a valid control block/taptweak. Otherwise we fail to hit the Simplicity logic at all with bad programs. commit eea423e3d660ae3f0548e03fb43de595d91268e9 Author: Andrew Poelstra <[email protected]> Date: Sun Feb 2 20:55:30 2025 +0000 fuzz: add second simplicity fuzz test The first fuzztest takes a Simplicity program and a transaction and directly calls the Simplicity interpreter with some context cobbled together from the transaction. It also tries messing with the budget and computes AMRs to check that the AMR-check works, even though on the blockchain AMRs are never used. It also attempts mangling programs to directly fuzz the parser, type inference and CMR checking. THIS test, on the other hand, takes a transaction, looks for Simplicity programs (or witnesses which look like Simplicity programs), computes their CMRs to produce a correct corresponding scriptPubKey, creates scriptchecks, and executes them. This should do an end-to-end coverage of the whole Simplicity consensus logic, including all the new branches in interpreter.cpp. To produce seeds for this, I have a a local fuzz target which uses rust-simplicity and rust-elements to produce programs, deep Taproot trees, and transactions. I run this to get high coverage, then dump the resulting complete transactions to disk, where they can be used as seeds for this test. commit a87e4cf70bb5f6a7008a25fe91f025a01c83262e Author: Andrew Poelstra <[email protected]> Date: Mon Dec 2 17:25:16 2024 +0000 simplicity: rewrite fuzz target This fuzz target takes its seeds in a simple and well-defined format: a four-byte LE budget, then a transaction, Simplicity program and witness, each prefixed by a four-byte LE length. The fuzz target extracts any additional randomness it needs from the txid of the first input of the transaction, since this data is not interpreted in any other way we therefore won't confuse the fuzzer. The reason for this design, rather than a more typical "just query the fuzzer when you need stuff", is to make it possible to fairly easily generate test vectors from sources other than this fuzz test. (For example, I have an alternate target which uses Rust code to generate well-formed Simplicity programs, which quickly gets high coverage at the expense of being an unmaintainable mess.) This commit includes a .c file with a small function to comute the AMR of a program. This is needed to pass a correct AMR to the Simplicity interpreter, to exercise all the AMR-checking paths. In practice this is not really necessary; Elements passes NULL to disable these AMR checks. commit 52642b1afd52b7ff46c904548a024090b71d480f Author: Byron Hambly <[email protected]> Date: Sat Apr 20 11:34:45 2024 +0200 simplicity: add fuzz target commit d020546243677f8490685cae06da626f971ba4a7 Merge: d7efd310f8 56eec70de4 Author: Byron Hambly <[email protected]> Date: Tue Feb 11 17:58:42 2025 +0200 Merge pull request #1401 from apoelstra/2025-02--fuzz-fixes-2 more fuzzer fixes (continuation of #1399) commit d7efd310f82a4d365267f182bb9dd67951f3d674 Merge: 99c2ee7f9a 04b114c148 Author: Byron Hambly <[email protected]> Date: Tue Feb 11 17:56:44 2025 +0200 Merge pull request #1400 from psgreco/master-fixbuild Fix build in master with newer environments commit dd4703ab309a9159f5454add3855481af52566c7 Merge: 421cc3d0b0 0d51ab83b9 Author: Byron Hambly <[email protected]> Date: Tue Feb 11 17:21:40 2025 +0200 Merge pull request #1397 from psgreco/elem-23.x-fixmacnative [23.3.x] Fix macos native test commit 04b114c148c7f86fdf1efefd6083a7f0ab081516 Author: Pablo Greco <[email protected]> Date: Tue Feb 11 05:30:13 2025 -0800 CI: Cirrus: use -j2 in TSan to stabilize commit 276e405ab01f0271e8716979fa3ecb1689d10db9 Author: Pablo Greco <[email protected]> Date: Tue Feb 11 05:29:42 2025 -0800 CI: Cirrus: Avoid using -j3 in some jobs when elements has -j3 as the global limit commit b703da11488a57f00ef58f0d363fd61317f8e006 Author: Pablo Greco <[email protected]> Date: Tue Feb 11 05:31:08 2025 -0800 Fix build with gcc-15 commit 8251fc8162909569eb573eff0f873da9c5b5a836 Author: fanquake <[email protected]> Date: Fri Jan 20 11:55:29 2023 +0000 23.x Add missing includes to fix gcc-13 compile error Additional include fixes are required to make the 23.x branch compile using GCC 13. (cherry picked from commit af862661654966d5de614755ab9bd1b5913e0959) commit f64aa1e6c637d7718072036f539f51118c0f39ce Author: MarcoFalke <*~=`'#}+{/-|&$^[email protected]> Date: Thu Jan 19 19:35:43 2023 +0100 Add missing includes to fix gcc-13 compile error (cherry picked from commit fadeb6b103cb441e0e91ef506ef29febabb10715) commit f8b1bb70709490e3c420533c6857222e69e7157d Author: Hennadii Stepanov <[email protected]> Date: Tue Feb 22 12:20:48 2022 +0200 build: Fix Boost.Process test for Boost 1.78 (cherry picked from commit 532c64a7264dd3c7329e8839547837c57da7dbe8) commit 8a1500c63eddc22ae06b6e0dee9a9ac2e6a45fb2 Author: Hennadii Stepanov <[email protected]> Date: Thu Mar 10 12:35:39 2022 +0100 build: Fix Boost.Process detection on macOS arm64 Could be tested as follows: ``` % brew install [email protected] % ./autogen.sh % ./configure --with-boost='/opt/homebrew/opt/[email protected]' ``` (cherry picked from commit 1d4157a42b77411579eb721b5c6fb533a357959d) commit 56eec70de45a1437d360b47cfa316a05dd715929 Author: MarcoFalke <[email protected]> Date: Tue Nov 2 21:59:39 2021 +0100 Fix signed integer overflow in prioritisetransaction RPC Cherry-pick of fa52cf8e11b3af6e0a302d5d17aab6cea78899d5 https://github.com/bitcoin/bitcoin/pull/23418 (2/2) commit 6043ab449ec0e815e742215c33b766427174ae75 Author: MarcoFalke <[email protected]> Date: Tue Nov 2 17:27:49 2021 +0100 refactor: Replace feeDelta by m_modified_fee * feeDelta tracked the delta (to be applied on top of the actual fee) * m_modified_fee tracks the actual fee with the delta included * Instead of passing in the new total delta to the Updater, pass in by how much the total delta should be modified. This is needed for the next commit, but makes sense on its own because the same is done by UpdateDescendantState and UpdateAncestorState. Cherry-pick of fa52cf8e11b3af6e0a302d5d17aab6cea78899d5 https://github.com/bitcoin/bitcoin/pull/23418 (1/2) commit 99c2ee7f9a5da6a138f1f3717fd2cca816afc316 Merge: 22089ac8f6 363c5101c2 Author: Byron Hambly <[email protected]> Date: Tue Feb 11 09:49:42 2025 +0200 Merge pull request #1399 from apoelstra/2025-02--fuzz-fixes various bugfixes for new fuzz test vectors commit 22089ac8f6a5ab08565b1bdb2fc9223d738905f5 Merge: bd551ad186 248b93dd9f Author: Byron Hambly <[email protected]> Date: Tue Feb 11 08:47:17 2025 +0200 Merge pull request #1372 from delta1/issues-1371 decodepsbt: add asset/assetcommitment to input.witness_utxo commit 363c5101c235d700a92f8963b44118b6edc813e6 Author: Andrew Poelstra <[email protected]> Date: Tue Feb 11 02:38:45 2025 +0000 fuzz: change int to unsigned in witness_program Avoids a signed/unsigned integer conversion. commit b90ef387277d36070337b4f1ca088179414840e7 Author: Andrew Poelstra <[email protected]> Date: Tue Feb 11 03:00:36 2025 +0000 ubsan: add suppression for simplicity commit 371718bc99b6958c7a07954900c67c5859d98ff2 Author: MarcoFalke <[email protected]> Date: Mon Mar 21 11:57:21 2022 +0100 Use CAmount for fee delta and modified fee Cherry-pick of fa84a49526fcf76e98b0b2f4d4b00b34a8dddf46 https://github.com/bitcoin/bitcoin/pull/24625 (2/2) commit 3e46754507af7acce2c1cc49fa7c2ecbf2efb496 Author: MarcoFalke <[email protected]> Date: Mon Mar 21 11:37:17 2022 +0100 Replace struct update_fee_delta with lambda Cherry-pick of https://github.com/bitcoin/bitcoin/pull/24625 (1/2) commit bd4ae1bcc405c3496c85c3af16c81a0768f82392 Author: Andrew Poelstra <[email protected]> Date: Tue Feb 11 00:12:35 2025 +0000 rpc: fix crash in getcompactsketch This originates in 8723debb3d1f281f26bdc456868f3daaf7c6aa5a which has no PR associated with it. We've really gotta stop putting thousands of unreviewed commits into this project and rebasing the history away.. commit f5ed4e4520550d43e84aacc828fef24fbfda8c92 Author: Andrew Poelstra <[email protected]> Date: Mon Feb 10 23:17:15 2025 +0000 chain: make some integer conversions explicit We have an unsigned constant which we're bit-inverting, or'ing into a signed constant, then assigning back to the signed constant. We should make it explicit wth is going on here. commit 86d740b5eb7b365648e8ee379819e1f8337cddc2 Author: Andrew Poelstra <[email protected]> Date: Sat Feb 8 16:05:13 2025 +0000 fuzz: fix crash on null pointer in witness_program target commit 0d51ab83b95e76ce2c50c156699818a7e180b84c Author: Pablo Greco <[email protected]> Date: Sat Feb 8 07:05:42 2025 -0800 Apply acc06bc91f80ddf4e015dcdf0b984bbdbfcb5ca3 fix also to pip upgrade commit 8592b9979902841b9ddf0d61fa8553d2e1f6d6fa Author: Pablo Greco <[email protected]> Date: Mon Jan 27 11:54:40 2025 -0800 Manually pick acc06bc91f80ddf4e015dcdf0b984bbdbfcb5ca3 from bitcoin commit 421cc3d0b0405651086592f084da67bfc2319b89 Merge: a3d55eedbd a5852ceccb Author: Byron Hambly <[email protected]> Date: Mon Feb 10 09:59:11 2025 +0200 Merge pull request #1396 from psgreco/elem-23.3.0rc3 Prepare 23.3.0rc3 commit a5852ceccbb35d9525e302ceaaf8f4f7b3562b8c Author: Pablo Greco <[email protected]> Date: Sun Feb 9 09:19:49 2025 -0800 Update manpages commit 4faf6080ea3cf5dfbb1d5fd1568dad52118b2895 Author: Pablo Greco <[email protected]> Date: Sun Feb 9 09:29:40 2025 -0800 Bump version to 23.3.0-rc3 commit 37cee3b61c47a0f5bd7ad5721c9a7af3538fa3b8 Merge: 45fc81bfcc bd551ad186 Author: Pablo Greco <[email protected]> Date: Sun Feb 9 07:19:10 2025 -0800 Merge branch 'master' into elem-23.3.0rc3 commit 45fc81bfccb9f07634e19966bb9079f40acae070 Merge: a3d55eedbd 06b72ec82c Author: Pablo Greco <[email protected]> Date: Sun Feb 9 07:19:00 2025 -0800 Merge commit '06b72ec82c53c09b39ffb45a408bbd2dfeb0e043' into elem-23.3.0rc3 commit bd551ad18630518a4a0ae891ea9def6cd5cb2026 Merge: 29cf7c21b1 77b3bdd864 Author: Byron Hambly <[email protected]> Date: Sun Feb 9 11:22:34 2025 +0200 Merge pull request #1393 from psgreco/master-fixci CI: Fix Win64 native build, TSAN and CentOS 8 test commit 77b3bdd864ed221f17f53997472464c843e19385 Author: Pablo Greco <[email protected]> Date: Mon Jan 27 20:16:35 2025 -0800 ci: Use clang-18 in tsan task (Ubuntu 20.04) Cherry-picked from fabb6af8508a9c0d05d2e9f0006b0b1d3f38119a Cherry-picked from faf4aca15a319a26aaec7127455f6db97c7039cc Cherry-picked from fa23c9aa7c7d60ff4f914447e7d37dedca85e171 Cherry-picked from fa83b65ef8934b44fbac02da8dbc27fc0bc230e6 Cherry-picked from fa75220ac5e0ea401a26dd2f16a88627e51c240a commit 06b72ec82c53c09b39ffb45a408bbd2dfeb0e043 Author: MarcoFalke <[email protected]> Date: Tue Mar 15 18:49:00 2022 +0100 ci: Temporarily use clang-13 to work around clang-14 TSan bug Github-Pull: bitcoin#24572 Rebased-From: fa43933 commit 7f10cd11c18270f008b74bdc6a9aa42dcaae4f67 Author: Pablo Greco <[email protected]> Date: Fri Feb 7 13:34:50 2025 -0800 Update xcb_proto to 1.15.2, manually picked from 7cb88c8b46723d306b96953a6a60c90a4ab211e3 commit 871e9d2ea239293c11169fd13d08add0a294ac3e Author: Pablo Greco <[email protected]> Date: Fri Feb 7 13:33:59 2025 -0800 Update boost to 1.81, manually picked from e8b4201ba2fd7745edc26543704d2b4a51dbb151 commit cad37df99f20b020b90b626d4ec8f954bdfd58d9 Author: Cory Fields <[email protected]> Date: Thu Jun 13 13:25:37 2024 +0000 upnp: add compatibility for miniupnpc 2.2.8 See: https://github.com/miniupnp/miniupnp/commit/c0a50ce33e3b99ce8a96fd43049bb5b53ffac62f The return value of 2 now indicates: "A valid connected IGD has been found but its IP address is reserved (non routable)" We continue to ignore any return value other than 1. (cherry picked from commit 8acdf66540834b9f9cf28f16d389e8b6a48516d5) commit d1a9ff34788e28ff6e5239521c28b598b7eb7a46 Author: Pablo Greco <[email protected]> Date: Fri Feb 7 06:38:46 2025 -0800 Win64 native: fix build with simplicity commit 0b40e25bebbdebf09dddc85ab0a3cd76f501abcf Author: Pablo Greco <[email protected]> Date: Sat Feb 1 11:01:04 2025 -0800 Win64 native: fix build before simplicity commit 5194a623931a9ad4525c9248f8c0f92c53cf82e6 Author: Pablo Greco <[email protected]> Date: Sun Feb 2 11:03:17 2025 -0800 Win64 native: disable psbt_wallet_test just like in Makefile commit daf8ddc7d28322db8e7ce680cfb8f33d59415acd Author: Pablo Greco <[email protected]> Date: Mon Jan 27 09:47:35 2025 -0800 CI: Use RockyLinux 8 instead of CentOS Stream 8 commit 29cf7c21b1fa82da68319869d510f3bb36f0a22d Merge: 72a5e4117c e6aa6e773e Author: Byron Hambly <[email protected]> Date: Fri Feb 7 14:37:47 2025 +0200 Merge pull request #1392 from psgreco/master-fixfunctional Fix some functional tests when bdb is not available commit 72a5e4117cee11fd17c1612e123ea32facfbacd5 Merge: 368010a308 ff6482fc29 Author: Byron Hambly <[email protected]> Date: Fri Feb 7 09:31:18 2025 +0200 Merge pull request #1391 from apoelstra/2025-02--misc-fuzz-fixes A couple miscellaneous fixes for fuzztests commit e6aa6e773e464eb4e9ebca741dda5c3fc7299bfa Author: Pablo Greco <[email protected]> Date: Mon Jan 27 16:39:17 2025 -0800 CI: example_elements_code_tutorial test test uses initialfreecoins, disable for descriptor wallets commit a33ceacdbca66f466b81e13b05d45e6ed5932cb3 Author: Pablo Greco <[email protected]> Date: Mon Jan 27 17:26:12 2025 -0800 CI: feature_tapscript_opcodes test uses initialfreecoins, disable for descriptor wallets commit 87808101be489d0fda86706dc8c1ce881e51de85 Author: Pablo Greco <[email protected]> Date: Mon Jan 27 17:25:29 2025 -0800 CI: feature_taphash_pegins_issuances test uses initialfreecoins, disable for descriptor wallets commit e3c318b2b8bd6672756e34d287857b625b28b990 Author: Pablo Greco <[email protected]> Date: Mon Jan 27 17:24:35 2025 -0800 CI: discounttests use initialfreecoins, disable for descriptor wallets commit 6991cf7960b55ebd70698a0e1fa82f33a1f6d74b Author: Pablo Greco <[email protected]> Date: Mon Jan 27 17:27:53 2025 -0800 CI: trim_headers test uses combineblocksigs, disable for descriptor wallets commit 1ecd5821e8154bb2c07d20d2ba81d42b86902dda Author: Pablo Greco <[email protected]> Date: Mon Jan 27 17:29:19 2025 -0800 CI: wallet_elements_regression_1263 uses getpeginaddress, disable for descriptor wallets commit 74cae2d9ec28c2f77b5272c643235f7233cb58f4 Author: Pablo Greco <[email protected]> Date: Mon Jan 27 17:29:44 2025 -0800 CI: use default wallet name in wallet_elements_21million commit ff6482fc2918888a22e8ec765fcd44cbd2124725 Author: Andrew Poelstra <[email protected]> Date: Sun Jan 26 16:51:10 2025 +0000 fuzz: add SelectParams to rbf.cpp We cannot fuzz RBF (or do anything mempool-related, really) without chainparams. This has been true since 2019 at least. I suspect this fuzz test has never really been run. commit a3b7e71a3d8d063b70e05cc0914643433e105fee Author: Andrew Poelstra <[email protected]> Date: Sun Jan 26 15:33:19 2025 +0000 transaction: refuse to deserialize TxOuts with null values In Bitcoin Core the notion of a "null" amount (and therefore a "null" txout) is one which cannot be serialized or deserialized. In Core this is implemented using a value of -1. In Elements we use the CT notion of "nullness" which is that the flag on the confidential value is 0. See d53479c9ffff80e889f6072b13e83b13c7a53026 which implemented this. This is reasonable, but because we don't have checks on deserialization, we can deserialize objects that cannot be reserialized. In particular, in coins.h, we deserialize a coin by deserializing its txout. When reserializing we assert that !out.IsNull(). This assertion is hit by the `coins_deserialize` fuzztest. There are a few potential fixes here: * Remove the assertion from coins.h, which is there to catch logic bugs in Core, on the assumption that if they have no bugs then we don't either. This seems like a bad idea. * Change "nullness" for amounts to be an encoding of -1, like in Core. This seems dangerous because we call `GetAmount` all over the place, and if this could return the -1 amount, this will likely blow something up. Probably this is safe for the same reason it is in Core -- that is, we never create null txouts except as sentinel values. But do you wanna bet that this is true now? That it'll always be true? * Same as above, but assert that the amount is not null. This is safer than just blindly hoping that no overflows will occur but still not obviously safe. * Refuse to deserialize null CT objects. This is impossible because we use null nonce values in txouts. * Refuse to deserialize null CT values. Similarly, this is impossible because we use null values in null asset issuances, which are legal. * Refused to deserialize CTxOuts with null values or assets. We are going with the latter solution, because it is narrowly scoped, does not increase the "crash surface" (we throw an exception, and we already throw exceptions for other kinds of invalid serializations), and is very unlikely to cause bugs (null values are invalid on the network anyway; this is the first check in VerifyAmounts) (so are null assets for that matter, which we maybe also should refuse to deserialize). commit 368010a308e773b81268ebb6e69e41fa3ff1d083 Merge: e9a914465d 00399aa117 Author: Byron Hambly <[email protected]> Date: Thu Feb 6 07:26:06 2025 +0200 Merge pull request #1390 from ElementsProject/simplicity Update to latest Simplicity commit 00399aa1177dfaebaf16a3d62e2b92140158f45a Author: Russell O'Connor <[email protected]> Date: Tue Feb 4 11:48:18 2025 -0500 Enable coverage for simplicity/secp256k1 While the bitcoin/elements project testing isn't trying to gain coverage of the regular libsecp256k1 library, in our case we do want our (fuzz) testing to cover simplicity's own copy of libsecp256k1, which has been specifically trimmed down to only include functionality needed by simplicity's jets. commit 31d94775b3254b88cce6131067c8884a4a4b40af Author: Russell O'Connor <roconnor@blocks…
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I ran all the non-Simplicity fuzztests for 100 CPU-hours and found 3 crashes. Two are minor things which are fixed here. Another was in deserializing PSBTs, which needs more investigation, so I did not address.