backport: Merge bitcoin#30703, 30024, 29707, 28336, 29335, 30063, 3006, 30161, 30160

[vijaydasmp]

bitcoin backports

[github-actions]

⚠️ Potential Merge Conflicts Detected

This PR has potential conflicts with the following open PRs:

• ci: add fuzz regression testing and continuous fuzzing infrastructure #7173 - ci: add fuzz regression testing and continuous fuzzing infrastructure

Please coordinate with the authors of these PRs to avoid merge conflicts.

[vijaydasmp]

@codex review pr

[chatgpt-codex-connector]

💡 Codex Review

dash/test/functional/test_runner.py

Lines 684 to 686 in a8e58ba

	sys.exit(f"Early exiting after test failure due to insuffient free space in {tmpdir}\n"
	f"Test execution data left in {tmpdir}.\n"
	f"Additional storage is needed to execute testing.")

Exit loop without bypassing dangling-job cleanup

The no-space error branch calls sys.exit(...) directly inside the per-test result loop, which skips the later cleanup path that kills remaining parallel jobs. In runs with --jobs > 1, this can leave other test processes (and their dashd children) running after the runner exits, continuing to consume disk and making the out-of-space condition worse. Please route this through the normal shutdown path (or explicitly terminate job_queue.jobs) instead of exiting immediately.

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[thepastaclaw]

✅ Review complete (commit 664a58e)

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 664a58e9f8

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Guard deallocate against null/zero-capacity buffers

Reallocate() unconditionally calls std::allocator<T>().deallocate(m_buffer, m_capacity), but a default-constructed VecDeque has m_buffer == nullptr and m_capacity == 0, and ~VecDeque() always invokes Reallocate(0). That means destruction of an untouched deque performs a deallocate call with a pointer/size pair that was never returned by allocate, which violates allocator preconditions and is undefined behavior (it can break under hardened allocators or sanitizer-enabled builds).

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Check both streams for ENOSPC early-exit detection

The new ENOSPC fast-fail path only scans stdout, but Python tracebacks and many subprocess failures report "[Errno 28] No space left on device" on stderr. In those common cases the runner will miss the disk-full condition and continue scheduling tests, defeating the intended early-stop behavior and often producing cascading failures.

Useful? React with 👍 / 👎.

[coderabbitai]

Walkthrough

This PR updates the miniupnpc dependency from version 2.2.2 to 2.2.7 with CMake-based build configuration, introduces two new utility data structures (BitSet and VecDeque) with corresponding fuzz tests, refactors public key validation across multiple RPC and wallet functions to use a centralized HexToPubKey function with enhanced error messages, improves the test runner's disk space validation and handling, renames a test framework method, and updates comments to reference symbolic constants instead of hardcoded byte limits.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Rationale: The changes span approximately 1,650 lines of new code (BitSet, VecDeque headers and their fuzz tests) plus modifications across 15+ files for public key validation refactoring, miniupnpc build system changes, and test framework enhancements. While many changes follow consistent patterns (error message updates, comment standardization), the review demands understanding of new complex data structures (ring buffer deque, multi-limb bitset operations), comprehensive fuzz testing strategies, refactored validation logic flow, and build system configuration changes. The heterogeneity across functional areas (utility libraries, RPC/wallet code, build system, test framework) requires separate reasoning for distinct sections, though individual file changes are typically straightforward.

Suggested reviewers

• UdjinM6

🚥 Pre-merge checks | ✅ 2 | ❌ 3

❌ Failed checks (1 warning, 2 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 55.71% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Title check	❓ Inconclusive	The title lists specific bitcoin PR numbers but lacks detail about the actual changes made; it's partially related but overly focused on PR references rather than describing the main technical changes.	Consider a more descriptive title that highlights key changes (e.g., 'Add BitSet and VecDeque utilities, update miniupnpc to 2.2.7, and improve pubkey validation') rather than just PR numbers.
Description check	❓ Inconclusive	The description 'bitcoin backports' is extremely vague and generic; it does not convey any meaningful information about what changes are actually included in the pull request.	Provide a more detailed description summarizing the main changes, such as new utilities added (BitSet, VecDeque), dependency upgrades (miniupnpc), and public key validation improvements.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

• Generate code and open pull requests
• Plan features and break down work
• Investigate incidents and troubleshoot customer tickets together
• Automate recurring tasks and respond to alerts with triggers
• Summarize progress and report instantly

Built for teams:

• Shared memory across your entire org—no repeating context
• Per-thread sandboxes to safely plan and execute work
• Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@doc/dependencies.md`:
- Line 42: Update the MiniUPnPc entry in the Markdown table: locate the row
containing "MiniUPnPc" and the current "2.2.2" Version used value (and the link
to depends/packages/miniupnpc.mk) and change the Version used cell to "2.2.7" so
the doc matches the package bump.

In `@src/util/bitset.h`:
- Around line 198-205: The Doxygen comments for IntBitSet's bitwise assignment
operators are wrong: swap the descriptions for operator|= and operator&= so
operator|= is documented as OR and operator&= as AND, correct the operator^=
comment to read "from this and a" instead of "from this as a", and ensure the
operator-= comment still reads "AND NOT"; update the comment lines associated
with the methods named operator|=(const IntBitSet&), operator&=(const
IntBitSet&), and operator^=(const IntBitSet&) accordingly.

In `@test/functional/test_runner.py`:
- Around line 683-686: Fix the typo in the early-exit message string inside the
conditional that checks for "[Errno 28] No space left on device" (the sys.exit
call that references tmpdir and stdout); change "insuffient" to "insufficient"
so the message reads "...due to insufficient free space in {tmpdir}." Ensure the
rest of the sys.exit string remains unchanged.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: c1d7857f-4cdd-4a99-afca-9c81182b50de

📥 Commits

Reviewing files that changed from the base of the PR and between 5fd84aa and 664a58e.

📒 Files selected for processing (29)

• Makefile.am
• depends/packages/miniupnpc.mk
• depends/patches/miniupnpc/cmake_get_src_addr.patch
• depends/patches/miniupnpc/dont_leak_info.patch
• depends/patches/miniupnpc/fix_windows_snprintf.patch
• depends/patches/miniupnpc/no_libtool.patch
• depends/patches/miniupnpc/respect_mingw_cflags.patch
• doc/dependencies.md
• src/Makefile.am
• src/Makefile.test.include
• src/net_processing.cpp
• src/outputtype.cpp
• src/policy/policy.cpp
• src/rpc/output_script.cpp
• src/rpc/util.cpp
• src/test/fuzz/bitset.cpp
• src/test/fuzz/vecdeque.cpp
• src/util/bitset.h
• src/util/vecdeque.h
• src/wallet/rpc/backup.cpp
• src/wallet/rpc/spend.cpp
• test/functional/feature_init.py
• test/functional/rpc_rawtransaction.py
• test/functional/test_framework/test_node.py
• test/functional/test_runner.py
• test/functional/wallet_basic.py
• test/functional/wallet_fundrawtransaction.py
• test/get_previous_releases.py
• test/sanitizer_suppressions/ubsan

💤 Files with no reviewable changes (2)

• depends/patches/miniupnpc/no_libtool.patch
• depends/patches/miniupnpc/respect_mingw_cflags.patch

[coderabbitai]

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Update MiniUPnPc “Version used” to match the package bump.

Line 42 still documents 2.2.2, but this PR updates depends/packages/miniupnpc.mk to 2.2.7. Please keep the table in sync.

Suggested doc fix

-| [MiniUPnPc](../depends/packages/miniupnpc.mk) | [link](https://miniupnp.tuxfamily.org/) | [2.2.2](https://github.com/bitcoin/bitcoin/pull/29707) | 2.1 | No |
+| [MiniUPnPc](../depends/packages/miniupnpc.mk) | [MiniUPnP releases](https://miniupnp.tuxfamily.org/) | [2.2.7](https://github.com/bitcoin/bitcoin/pull/30024) | 2.1 | No |

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	| [MiniUPnPc](../depends/packages/miniupnpc.mk) | [link](https://miniupnp.tuxfamily.org/) | [2.2.2](https://github.com/bitcoin/bitcoin/pull/29707) | 2.1 | No |
	| [MiniUPnPc](../depends/packages/miniupnpc.mk) | [MiniUPnP releases](https://miniupnp.tuxfamily.org/) | [2.2.7](https://github.com/bitcoin/bitcoin/pull/30024) | 2.1 | No |

🧰 Tools

🪛 markdownlint-cli2 (0.22.1)

[warning] 42-42: Link text should be descriptive

(MD059, descriptive-link-text)

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@doc/dependencies.md` at line 42, Update the MiniUPnPc entry in the Markdown
table: locate the row containing "MiniUPnPc" and the current "2.2.2" Version
used value (and the link to depends/packages/miniupnpc.mk) and change the
Version used cell to "2.2.7" so the doc matches the package bump.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Docstring labels for operator|= and operator&= are swapped (plus a typo on line 204).

The implementation is correct, but the Doxygen-style comments mislabel the bitwise operation. The |= operator is documented as AND and &= as OR. Also "from this as a" should read "from this and a" on the XOR comment.

Note: the corresponding MultiIntBitSet docstrings (lines 419/427) are already correct.

📝 Proposed fix

-    /** Set this object's bits to be the binary AND between respective bits from this and a. */
+    /** Set this object's bits to be the binary OR between respective bits from this and a. */
     constexpr IntBitSet& operator|=(const IntBitSet& a) noexcept { m_val |= a.m_val; return *this; }
-    /** Set this object's bits to be the binary OR between respective bits from this and a. */
+    /** Set this object's bits to be the binary AND between respective bits from this and a. */
     constexpr IntBitSet& operator&=(const IntBitSet& a) noexcept { m_val &= a.m_val; return *this; }
     /** Set this object's bits to be the binary AND NOT between respective bits from this and a. */
     constexpr IntBitSet& operator-=(const IntBitSet& a) noexcept { m_val &= ~a.m_val; return *this; }
-    /** Set this object's bits to be the binary XOR between respective bits from this as a. */
+    /** Set this object's bits to be the binary XOR between respective bits from this and a. */
     constexpr IntBitSet& operator^=(const IntBitSet& a) noexcept { m_val ^= a.m_val; return *this; }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	/** Set this object's bits to be the binary AND between respective bits from this and a. */
	constexpr IntBitSet& operator|=(const IntBitSet& a) noexcept { m_val |= a.m_val; return *this; }
	/** Set this object's bits to be the binary OR between respective bits from this and a. */
	constexpr IntBitSet& operator&=(const IntBitSet& a) noexcept { m_val &= a.m_val; return *this; }
	/** Set this object's bits to be the binary AND NOT between respective bits from this and a. */
	constexpr IntBitSet& operator-=(const IntBitSet& a) noexcept { m_val &= ~a.m_val; return *this; }
	/** Set this object's bits to be the binary XOR between respective bits from this as a. */
	constexpr IntBitSet& operator^=(const IntBitSet& a) noexcept { m_val ^= a.m_val; return *this; }
	/** Set this object's bits to be the binary OR between respective bits from this and a. */
	constexpr IntBitSet& operator|=(const IntBitSet& a) noexcept { m_val |= a.m_val; return *this; }
	/** Set this object's bits to be the binary AND between respective bits from this and a. */
	constexpr IntBitSet& operator&=(const IntBitSet& a) noexcept { m_val &= a.m_val; return *this; }
	/** Set this object's bits to be the binary AND NOT between respective bits from this and a. */
	constexpr IntBitSet& operator-=(const IntBitSet& a) noexcept { m_val &= ~a.m_val; return *this; }
	/** Set this object's bits to be the binary XOR between respective bits from this and a. */
	constexpr IntBitSet& operator^=(const IntBitSet& a) noexcept { m_val ^= a.m_val; return *this; }

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/util/bitset.h` around lines 198 - 205, The Doxygen comments for
IntBitSet's bitwise assignment operators are wrong: swap the descriptions for
operator|= and operator&= so operator|= is documented as OR and operator&= as
AND, correct the operator^= comment to read "from this and a" instead of "from
this as a", and ensure the operator-= comment still reads "AND NOT"; update the
comment lines associated with the methods named operator|=(const IntBitSet&),
operator&=(const IntBitSet&), and operator^=(const IntBitSet&) accordingly.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Typo: "insuffient" → "insufficient" in the early-exit message string.

📝 Proposed fix

                 if "[Errno 28] No space left on device" in stdout:
-                    sys.exit(f"Early exiting after test failure due to insuffient free space in {tmpdir}\n"
+                    sys.exit(f"Early exiting after test failure due to insufficient free space in {tmpdir}\n"
                              f"Test execution data left in {tmpdir}.\n"
                              f"Additional storage is needed to execute testing.")

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	if "[Errno 28] No space left on device" in stdout:
	sys.exit(f"Early exiting after test failure due to insuffient free space in {tmpdir}\n"
	f"Test execution data left in {tmpdir}.\n"
	f"Additional storage is needed to execute testing.")
	if "[Errno 28] No space left on device" in stdout:
	sys.exit(f"Early exiting after test failure due to insufficient free space in {tmpdir}\n"
	f"Test execution data left in {tmpdir}.\n"
	f"Additional storage is needed to execute testing.")

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@test/functional/test_runner.py` around lines 683 - 686, Fix the typo in the
early-exit message string inside the conditional that checks for "[Errno 28] No
space left on device" (the sys.exit call that references tmpdir and stdout);
change "insuffient" to "insufficient" so the message reads "...due to
insufficient free space in {tmpdir}." Ensure the rest of the sys.exit string
remains unchanged.

[thepastaclaw]

Code Review

I verified the reported findings against head 664a58e. The MiniUPnPc documentation mismatch is real and actionable; the claimed missing read-only reindex test hunk is factual upstream context but not a concrete issue in Dash's current tree because the referenced file is absent and no broken call remains.

Reviewed commit: 664a58e

💬 1 nitpick(s)

[thepastaclaw]

💬 Nitpick: MiniUPnPc documented version still says 2.2.2 after the 2.2.7 bump

The depends package now builds MiniUPnPc 2.2.7, but the dependency table still lists the version as 2.2.2 while pointing at bitcoin#29707. This leaves the documentation inconsistent with the actual package version selected by depends/packages/miniupnpc.mk.

_{source: ['claude', 'claude-backport-reviewer']}