wallet: [bugfix] Mark CNoDestination and PubKeyDestination constructor explicit #28728
Conversation
This should cut some include bloat and seems fine to do, because prevector exists primarily to represent scripts. Also, add missing includes to script.h and addresstype.h
|
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. Code CoverageFor detailed information about the code coverage, see the test coverage report. ReviewsSee the guideline for information on the review process.
If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update. ConflictsReviewers, this pull request conflicts with the following ones:
If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first. |
fa6eec0 to
fa5f1f0
Compare
fa5f1f0 to
fa7184c
Compare
There was a problem hiding this comment.
tACK fa7184c
Good catch! Reviewed the code and tested and it looks good. There is a typo in the fa7184c commit message (destiantion -> destination) and a typo in the description (Make the confusion -> Make the conversion). Not a big deal, but happy to re-ack if you end up re-pushing to fix the commit message typo.
| CScript scriptPubKey = GetScriptForDestination(DecodeDestination(rcp.address.toStdString())); | ||
| CRecipient recipient = {scriptPubKey, rcp.amount, rcp.fSubtractFeeFromAmount}; | ||
| CRecipient recipient{DecodeDestination(rcp.address.toStdString()), rcp.amount, rcp.fSubtractFeeFromAmount}; |
There was a problem hiding this comment.
To check my understanding:
The bug was introduced by not updating this line in #28246 to use the CTxDestination returned by DecodeDestination directly in the CRecipient object. Instead, it was converting to a CScript and silently converting to a CNoDestination, since CRecipient now expects a CTxDestination. So if we had marked the CNoDestination constructor as explicit, the compiler would have warned us here.
I changed it back to try and use the CScript directly in the CRecipient and confirmed I got a compiler warning:
qt/walletmodel.cpp:192:34: error: could not convert ‘spk’ from ‘const CScript’ to ‘CTxDestination’
|
Thanks, fixed the typo in the pull request description. |
There was a problem hiding this comment.
Aside from the two comments, do you think that mixing the bug fix with some code styling improvements and the iwyu commit is really desirable?
I know that those are small, good and easy reviewable changes but.. it might be better for backporting and historical context to leave this PR only with the bug fix.
src/wallet/test/wallet_tests.cpp
Outdated
| @@ -605,7 +605,7 @@ BOOST_FIXTURE_TEST_CASE(ListCoinsTest, ListCoinsTestingSetup) | |||
| // returns the coin associated with the change address underneath the | |||
| // coinbaseKey pubkey, even though the change address has a different | |||
| // pubkey. | |||
| AddTx(CRecipient{GetScriptForRawPubKey({}), 1 * COIN, /*subtract_fee=*/false}); | |||
| AddTx(CRecipient{CPubKey{}, 1 * COIN, /*subtract_fee=*/false}); | |||
There was a problem hiding this comment.
Not for this PR but based on this recent not so good experience, I think we should make all destinations constructors explicit.
Here, we are providing a CPubKey to implicitly construct a PubKeyDestination, which is not very intuitive. There is a PKHash constructor (the CTxDestination type of a p2pkh) that also accepts a CPubKey as argument.
There was a problem hiding this comment.
Thanks, done in the last push. I missed that CPubKey was also ambiguous.
This should fix the bug reported in bitcoin#28246 (comment), which caused the GUI to not detect the destination type of recipients, thus picking the wrong change destination type. Also, add missing lifetimebound attribute to a getter method.
fa7184c to
1111475
Compare
Missing includes have been a source for compile failures in the past. Though, I couldn't care less whether it is backported or not. I think it is up to the person doing the backport to decide what commits to backport, if any at all. |
|
ACK 1111475 Nice to see changing |
There was a problem hiding this comment.
Missing includes have been a source for compile failures in the past.
Hard to disagree with it.
Though, I couldn't care less whether it is backported or not. I think it is up to the person doing the backport to decide what commits to backport, if any at all.
This PR is simple enough. I just would have preferred to not add the code styling fixes within the bugfix commit, even when they are tempting small things to tackle.
About the conceptual discussion
In general, I believe we all care about not releasing a new version with broken code. And, we can support this goal by making any post-branch-off pre-release bugfix as simple as possible.
If you are referring to the missing newline at the end of the file, this is not something I do on purpose. This is done automatically by most vanilla editors when saving the file. A missing trailing newline will cause problems with those editors and git, so I think it makes sense to add a linter for this to prevent people from adding such a file in the first place? |
|
ACK 1111475 |
yeah, that would be nice. |
|
Unrelated from this bugfix, I also wondered if there should be a "true" "no destiantion" type. Currently, a non-standard empty script is mapped to the same value like a default constructed I guess this is fine, but if in the future there is a need to have a "real null", |
I don't think it is all that useful to have an actual "no destination". It could easily be served by using a |
This should fix the bug reported in bitcoin#28246 (comment), which caused the GUI to not detect the destination type of recipients, thus picking the wrong change destination type. Also, add missing lifetimebound attribute to a getter method. GitHub-Pull: bitcoin#28728 Rebased-From: 1111475
|
Backported in #28754. |
This should fix the bug reported in bitcoin#28246 (comment), which caused the GUI to not detect the destination type of recipients, thus picking the wrong change destination type. Also, add missing lifetimebound attribute to a getter method. GitHub-Pull: bitcoin#28728 Rebased-From: 1111475
e4e8479 doc: update manual pages for v26.0rc2 (fanquake) 0b189a9 build: bump version to v26.0rc2 (fanquake) e097d4c gui: fix crash on selecting "Mask values" in transaction view (Sebastian Falbesoner) 05e8874 guix: update signapple (fanquake) deccc50 guix: Zip needs to include all files with time as SOURCE_DATE_EPOCH (Andrew Chow) fe57abd test: add coverage for snapshot chainstate not matching AssumeUTXO parameters (pablomartin4btc) b761a58 assumeutxo, blockstorage: prevent core dump on invalid hash (pablomartin4btc) d3ebf6e [test] Test i2p private key constraints (Vasil Dimov) 1f11784 [net] Check i2p private key constraints (dergoegge) 6544ffa bugfix: Mark CNoDestination and PubKeyDestination constructor explicit (MarcoFalke) Pull request description: Backports for v26.0rc2: * #28695 * #28698 * #28728 * #28757 * #28759 * bitcoin-core/gui#774 ACKs for top commit: josibake: ACK e4e8479 hebasto: re-ACK e4e8479, only a backport of bitcoin-core/gui#774 added since my [recent](#28754 (review)) review. TheCharlatan: Re-ACK e4e8479 Tree-SHA512: 4b95afd26b8bf91250cb883423de8b274cefa48dc474734f5900aeb756eee3a6c656116efcfa2caff3c250678c16b70cc6b7a5d840018dc7e2c1e8161622cd61
It seems confusing to allow any script, even one with a corresponding address, to silently convert to
CNoDestination.Make the converstion
explicitin the code, and fix any bugs that were previously introduced.In a follow-up, the class can be renamed, or the documentation can be updated to better reflect what the code does.