Commit graph

352 commits

Author SHA1 Message Date
fanquake
2ab4fbe375
Merge bitcoin/bitcoin#24292: Revert "ci: Run fuzzer task for the master branch only"
fa27745ccb ci: Bump fuzz tasks to jammy (MarcoFalke)
fab8cd5f87 Revert "ci: Run fuzzer task for the master branch only" (MarcoFalke)

Pull request description:

  This reverts commit 5a9e255e5a.

  I think we should attempt to maintain the fuzz tasks for release branches as well.

  If it is too difficult for one branch, it could make sense to disable it for that branch, but not for all branches unconditionally.

  Also, bump to jammy.

ACKs for top commit:
  fanquake:
    ACK fa27745ccb - we'll see how we go with the 23.x release branch.

Tree-SHA512: d6d08e7dce0884b556c51ff1896aebbbb5a805c22decd58af81a04192d19876978696017b489ec55886ddfd5c022963baaab5f11022369ae5291016826ff8017
2022-02-21 13:12:36 +00:00
MarcoFalke
3de5fcc94f
Merge bitcoin/bitcoin#24296: ci: use Ubuntu Jammy for Windows cross-compilation CI
a1515cdd96 ci: use Ubuntu Jammy for Windows CI (fanquake)

Pull request description:

  This means we'll compile using [GCC 10.3.x](https://packages.ubuntu.com/jammy/g++-mingw-w64) and [mingw-w64 8.0.0](https://packages.ubuntu.com/jammy/mingw-w64) which better matches our Guix release environment.

ACKs for top commit:
  MarcoFalke:
    cr ACK a1515cdd96
  hebasto:
    ACK a1515cdd96, I have reviewed the code and it looks OK, I agree it can be merged.

Tree-SHA512: a57cce1874324c9dd00e5d8989996d214facbdd561440471c15e6cc1808bca1c6fd758abe7a1b87378b2e7f9c25e7c9d8242df911cd1ef6cfbe49718adc3be5d
2022-02-21 07:55:36 +01:00
fanquake
a1515cdd96
ci: use Ubuntu Jammy for Windows CI
This means we'll compile using GCC 10.3.x and mingw-w64 8.0.0 which
better matches our Guix release environment.
2022-02-18 15:19:05 +00:00
fanquake
7e02adf78d
ci: add missing sqlite_cflags to MSAN fuzz job
These are present in the other MSAN job.
2022-02-18 14:10:59 +00:00
fanquake
54d817c5b9
ci: remove boost_cxxflags from MSAN CIs
No-longer needed after #24301.
2022-02-18 14:07:55 +00:00
fanquake
39e66e938f
build: use header-only Boost unit test 2022-02-13 20:59:02 +00:00
MarcoFalke
fa27745ccb
ci: Bump fuzz tasks to jammy
This gives them a newer clang version, which may have more sanitizers
available.
2022-02-08 20:23:21 +01:00
MarcoFalke
fa4b61911d
test: Remove unused valgrind suppressions 2022-02-04 16:35:15 +01:00
MarcoFalke
faccb2d7fe
test: Exclude broken feature_init for now 2022-02-04 16:33:36 +01:00
fanquake
07269321f3
build: remove Boost::system usage 2022-02-03 18:35:52 +08:00
Kiminuo
b87f9c5edf
build: remove boost::filesystem usage 2022-02-03 18:35:52 +08:00
Hennadii Stepanov
0bbae237a8
ci: Drop no longer needed update-alternatives 2022-02-02 19:29:01 +02:00
MarcoFalke
fafc55a489
ci: Use dash when building depends in centos build 2022-02-01 10:15:17 +01:00
MarcoFalke
fa33236e77
scripted-diff: Rename DOCKER_EXEC to CI_EXEC
-BEGIN VERIFY SCRIPT-
 sed -i "s/DOCKER_EXEC/CI_EXEC/g" $(git grep -l DOCKER_EXEC)
-END VERIFY SCRIPT-
2022-02-01 10:14:53 +01:00
MarcoFalke
fa5457e64a
ci: Bump CentOS 8 image 2022-02-01 10:13:25 +01:00
fanquake
446e73cc0b
build: use macOS 11 SDK (Xcode 12.2)
This should be sufficient to support building for Apple ARM when
cross-compiling.
2022-01-26 17:28:16 +08:00
fanquake
e2ab9f83f8
build: disable external signer on Windows 2022-01-15 10:02:04 +08:00
MarcoFalke
95833c012e
Merge bitcoin/bitcoin#23938: ci: Clone entire bitcoin-core/qa-assets repo only when run fuzzing
0b7c55f157 ci: Clone entire bitcoin-core/qa-assets repo only when run fuzzing (Hennadii Stepanov)

Pull request description:

  This PR speeds up CI tasks that run unit tests but do not run fuzzing.

  On my machine:
  ```
  $ time git clone --depth=1 https://github.com/bitcoin-core/qa-assets
  Cloning into 'qa-assets'...
  remote: Enumerating objects: 289750, done.
  remote: Counting objects: 100% (289750/289750), done.
  remote: Compressing objects: 100% (207687/207687), done.
  remote: Total 289750 (delta 16863), reused 275449 (delta 12092), pack-reused 0
  Receiving objects: 100% (289750/289750), 1.39 GiB | 4.79 MiB/s, done.
  Resolving deltas: 100% (16863/16863), done.
  Updating files: 100% (294515/294515), done.

  real7m43,417s
  user2m39,771s
  sys0m43,272s
  ```

ACKs for top commit:
  MarcoFalke:
    cr ACK 0b7c55f157

Tree-SHA512: 8f8dd63e361c3d9c64a2b31f207f59beea7d2e4142363f7762ec724a61152323fda0c6b98a36386e15f2ca4ef3f7412da763baef65e862fc7f48cdeda8c40e09
2022-01-06 17:15:17 +01:00
Hennadii Stepanov
0b7c55f157
ci: Clone entire bitcoin-core/qa-assets repo only when run fuzzing 2022-01-06 16:23:48 +02:00
fanquake
e09773d20a
build: use a static .tiff for macOS .dmg over generating
Co-authored-by: Pavol Rusnak <pavol@rusnak.io>
2022-01-02 15:38:19 +08:00
MarcoFalke
623745ca74
Merge bitcoin/bitcoin#23912: Insert and bump copyright headers
1362d6173f scripted-diff: Insert missed copyright headers (Hennadii Stepanov)
f47dda2c58 scripted-diff: Bump copyright headers (Hennadii Stepanov)
c29105efdc script: Fix copyright_header.py (Hennadii Stepanov)

Pull request description:

  This PR is an alternative to #23903.

  It bumps the existing copyright headers as we did every year, and adds the missed copyright headers.

  A small fix has been applied to the `copyright_header.py` in order to prevent such weird bumping as `2021` --> `2021-2017`.

ACKs for top commit:
  MarcoFalke:
    ACK 1362d6173f

Tree-SHA512: 204d970fe8c51546b26b8f03fe4297db8a9bef5101df851540b7b9eddbd3a09677ee81fdd882c60937d732407f42c9883165bd978272200cff8f90190f075905
2021-12-31 12:08:49 +01:00
Hennadii Stepanov
f47dda2c58
scripted-diff: Bump copyright headers
-BEGIN VERIFY SCRIPT-
./contrib/devtools/copyright_header.py update ./
-END VERIFY SCRIPT-

Commits of previous years:
* 2020: fa0074e2d8
* 2019: aaaaad6ac9
2021-12-30 19:36:57 +02:00
Hennadii Stepanov
ec7b7d4a36
ci: Enable the gui in the TSan build 2021-12-30 10:53:19 +02:00
fanquake
2da97b271b
ci: use GCC 8 when building packages in native_qt5 CI
Our minimum required GCC is GCC 8, and this change in required for
changes like #23839 which take advantage of flags introduced in that
version of GCC.

This should have been included as part of
182de7ba10.
2021-12-23 10:53:02 +08:00
MarcoFalke
fa6a548f54
ci: Disable s390x gui tests for now 2021-12-17 17:09:51 +01:00
fanquake
1b76b18f8a
Merge bitcoin/bitcoin#23585: scripted-diff: Drop Darwin version for better maintainability
2f356a0ca8 scripted-diff: Drop Darwin version for better maintainability (Hennadii Stepanov)

Pull request description:

  After this PR, any macOS tools version bumping in the future will touch fewer files in the repo.

  Pointing a Darwin version for the `--host` system does not matter for the following reasons:

  - in terms of the resulted binaries, we should only care about the minimum supported macOS version which is a separated parameter in our build system.

  - in terms of the build system itself, the usage of the `$(host)` variable is self-consistent enough. Btw `$(host_os)` value already has the version dropped:
  ```
  $ make -C depends --no-print-directory print-host_os HOST=x86_64-apple-darwin19
  host_os=darwin
  ```

ACKs for top commit:
  gruve-p:
    ACK 2f356a0ca8
  promag:
    ACK 2f356a0ca8.
  fanquake:
    ACK 2f356a0ca8

Tree-SHA512: 374896ab0ba02b0d8b4b21431fe963bd213b0d09586e0898c13a4c5fa294c1b693f1b2c92880c245c4157c14217b4825b36522f461930477f4d2a727086ebb2a
2021-12-09 16:13:33 +08:00
Hennadii Stepanov
78a6bc6919
build, qt: Use Android NDK r23 LTS 2021-12-05 03:00:02 +02:00
Hennadii Stepanov
5202bd1dc0
test: Bump shellcheck version to 0.8.0 2021-11-30 21:15:40 +02:00
Hennadii Stepanov
3ad5ace351
ci: Revamp Android SDK cache, and update it timely 2021-11-25 21:23:34 +02:00
Hennadii Stepanov
e988bc7f2e
ci: Make macOS SDK cache independent, and update it timely 2021-11-25 20:39:07 +02:00
Hennadii Stepanov
2f356a0ca8
scripted-diff: Drop Darwin version for better maintainability
-BEGIN VERIFY SCRIPT-
sed -i 's/darwin19/darwin/g' $(git grep --files-with-matches 'darwin19')
-END VERIFY SCRIPT-
2021-11-25 01:12:46 +02:00
fanquake
ad09c287cb
Merge bitcoin/bitcoin#23504: ci: Replace soon EOL hirsute with jammy
fafa66e424 ci: Replace soon EOL hirsute with jammy (MarcoFalke)

Pull request description:

  `hirsute` will be EOL in about 1.5 months, at which point the package servers may be shut down. Avoid this by hopping to the next LTS release 22.04 (Jammy Jellyfish).

  While the release is currently in development, it seems unlikely that anything will break for us. I am doing the hirsute->jammy hop to avoid a hirsute->impish->jammy hop, but if anything does break, we can fall back to that "double hop".

ACKs for top commit:
  fanquake:
    ACK fafa66e424
  Zero-1729:
    crACK fafa66e424

Tree-SHA512: a3626b72519c7f54f260477d04265321af7aefe25cc2a7d653dba77f79caca10db3a6aa4249a934184dcdc99832f6b4c6e50330d7630e58720ab0aba3624ab8a
2021-11-16 16:11:13 +08:00
Hennadii Stepanov
fe0ff569ea
test: Enable SC2046 shellcheck rule 2021-11-13 18:05:26 +02:00
Hennadii Stepanov
9a1ad7bc0d
test: Enable SC2086 shellcheck rule 2021-11-13 16:54:56 +02:00
MarcoFalke
fafa66e424
ci: Replace soon EOL hirsute with jammy 2021-11-13 11:19:36 +01:00
fanquake
c1fb30633b
Merge bitcoin/bitcoin#23114: Add minisketch subtree and integrate into build/test
29173d6c6c ubsan: add minisketch exceptions (Cory Fields)
54b5e1aeab Add thin Minisketch wrapper to pick best implementation (Pieter Wuille)
ee9dc71c1b Add basic minisketch tests (Pieter Wuille)
0659f12b13 Add minisketch dependency (Gleb Naumenko)
0eb7928ab8 Add MSVC build configuration for libminisketch (Pieter Wuille)
8bc166d5b1 build: add minisketch build file and include it (Cory Fields)
b2904ceb85 build: add configure checks for minisketch (Cory Fields)
b6487dc4ef Squashed 'src/minisketch/' content from commit 89629eb2c7 (fanquake)

Pull request description:

  This takes over #21859, which has [recently switched](https://github.com/bitcoin/bitcoin/pull/21859#issuecomment-921899200) to my integration branch. A few more build issues came up (and have been fixed) since, and after discussing with sipa it was decided I would open a PR to shepherd any final changes through.

  > This adds a `src/minisketch` subtree, taken from the master branch of https://github.com/sipa/minisketch, to prepare for Erlay implementation (see #21515). It gets configured for just supporting 32-bit fields (the only ones we're interested in in the context of Erlay), and some code on top is added:
  > * A very basic unit test (just to make sure compilation & running works; actual correctness checking is done through minisketch's own tests).
  > * A wrapper in `minisketchwrapper.{cpp,h}` that runs a benchmark to determine which field implementation to use.

  Only changes since my last update to the branch in the previous PR have been rebasing on master and fixing an issue with a header in an introduced file.

ACKs for top commit:
  naumenkogs:
    ACK 29173d6c6c

Tree-SHA512: 1217d3228db1dd0de12c2919314e1c3626c18a416cf6291fec99d37e34fb6eec8e28d9e9fb935f8590273b8836cbadac313a15f05b4fd9f9d3024c8ce2c80d02
2021-11-12 10:00:49 +08:00
MarcoFalke
c86f546f98
Merge bitcoin/bitcoin#23458: ci: Do not print git log for empty COMMIT_RANGE
095f07744c ci: Do not print `git log` for empty COMMIT_RANGE (Hennadii Stepanov)

Pull request description:

  On master (77a2f5d30c) a CI lint task [log](https://api.cirrus-ci.com/v1/task/4817858858319872/logs/lint.log) exceeds 20K lines.

  This PR fixes this issue.

ACKs for top commit:
  MarcoFalke:
    cr ACK 095f07744c

Tree-SHA512: 89180018aeccf1599cdf218924cbab12dcbae0f6674bb90e13b64e342cdd908a880b885039c23f0d1d03493e55a94fe04abf39481616ae6550c6a759f5ca9a35
2021-11-08 09:32:11 +01:00
Hennadii Stepanov
15fb57556e
ci: Enable ccache for "ARM64 Android APK" job 2021-11-08 07:19:21 +02:00
Hennadii Stepanov
095f07744c
ci: Do not print git log for empty COMMIT_RANGE 2021-11-07 17:04:06 +02:00
MarcoFalke
11115169a1
ci: Build fuzz with libsqlite3-dev 2021-10-28 13:32:47 +01:00
Gleb Naumenko
0659f12b13
Add minisketch dependency 2021-10-21 09:38:55 +08:00
MarcoFalke
fa44406ffd
ci: Disable syscall sandbox in valgrind functional tests 2021-10-20 21:06:10 +02:00
fanquake
a7f28af437
Merge bitcoin/bitcoin#22646: build: tighter Univalue integration, remove --with-system-univalue
0f95247246 Integrate univalue into our buildsystem (Cory Fields)
9b49ed656f Squashed 'src/univalue/' changes from 98fadc0909..a44caf65fe (fanquake)

Pull request description:

  This PR more tightly integrates building Univalue into our build system. This follows the same approach we use for [LevelDB](https://github.com/bitcoin-core/leveldb/), ([`Makefile.leveldb.include`](https://github.com/bitcoin/bitcoin/blob/master/src/Makefile.leveldb.include)), and [CRC32C](https://github.com/bitcoin-core/crc32c) ([`Makefile.crc32c.include`](https://github.com/bitcoin/bitcoin/blob/master/src/Makefile.crc32c.include)), and will be the same approach we use for [minisketch](https://github.com/sipa/minisketch); see #23114.

  This approach yields a number of benefits, including:
  * Faster configuration due to one less subconfigure being run during `./configure` i.e 22s with this PR vs 26s
  * Faster autoconf i.e 13s with this PR vs 17s
  * Improved caching
  * No more issues with compiler flags i.e https://github.com/bitcoin/bitcoin/pull/12467
  * More direct control means we can build exactly the objects we want

  There might be one argument against making this change, which is that builders should have the option to use "proper shared/system libraries". However, I think that falls down for a few reasons. The first being that we already don't support building with a number of system libraries (secp256k1, leveldb, crc32c); some for good reason. Univalue is really the odd one out at the moment.

  Note that the only fork of Core I'm aware of, that actively patches in support for using system libs, also explicitly marks them as ["DANGEROUS"](a886811721/configure.ac (L1430)) and ["NOT SUPPORTED"](a886811721/configure.ac (L1312)). So it would seem they exist more to satisfy a distro requirement, as opposed to something that anyone should, or would actually use in practice.

  PRs like #22412 highlight the "issue" with us operating with our own Univalue fork, where we actively fix bugs, and make improvements, when upstream (https://github.com/jgarzik/univalue) may not be taking those improvements, and by all accounts, is not currently actively maintained. Bitcoin Core should not be hamstrung into not being able to fix bugs in a library, and/or have to litter our source with "workarounds", i.e #22412, for bugs we've already fixed, based on the fact that an upstream project is not actively being maintained. Allowing builders to use system libs is really only exacerbating this problem, with little benefit to our project. Bitcoin Core is not quite like your average piece of distro packaged software.

  There is the potential for us to give the same treatment to libsecp256k1, however it seems doing that is currently less straightforward.

ACKs for top commit:
  dongcarl:
    ACK 0f95247246 less my comment above, always nice to have an include-able `sources.mk` which makes integration easier.
  theuni:
    ACK 0f95247246. Thanks fanquake for keeping this going.

Tree-SHA512: a7f2e41ee7cba06ae72388638e86b264eca1b9a8b81c15d1d7b45df960c88c3b91578b4ade020f8cc61d75cf8d16914575f9a78fa4cef9c12be63504ed804b99
2021-10-20 11:01:38 +08:00
fanquake
22e652662b
lint mypy 0.910 2021-10-16 09:14:36 +08:00
josibake
6ae9c2ef23
lint: install pyzmq (22.3.0) into linter environment
mypy stubs were introduced in 21.0.1
2021-10-16 09:14:36 +08:00
Hennadii Stepanov
67bb6b5c43
ci, refactor: Disable binaries for Android task explicitly
No behavior change.
2021-10-15 15:00:04 +02:00
Cory Fields
0f95247246
Integrate univalue into our buildsystem
This addresses issues like the one in #12467, where some of our compiler flags
end up being dropped during the subconfigure of Univalue. Specifically, we're
still using the compiler-default c++ version rather than forcing c++17.

We can drop the need subconfigure completely in favor of a tighter build
integration, where the sources are listed separately from the build recipes,
so that they may be included directly by upstream projects. This is
similar to the way leveldb build integration works in Core.

Core benefits of this approach include:
- Better caching (for ex. ccache and autoconf)
- No need for a slow subconfigure
- Faster autoconf
- No more missing compile flags
- Compile only the objects needed

There are no benefits to Univalue itself that I can think of. These changes
should be a no-op there, and to downstreams as well until they take advantage
of the new sources.mk.

This also removes the option to use an external univalue to avoid similar ABI
issues with mystery binaries.

Co-authored-by: fanquake <fanquake@gmail.com>
2021-10-11 20:46:25 +08:00
W. J. van der Laan
9e530c6352
Merge bitcoin/bitcoin#20487: Add syscall sandboxing using seccomp-bpf (Linux secure computing mode)
4747da3a5b Add syscall sandboxing (seccomp-bpf) (practicalswift)

Pull request description:

  Add experimental syscall sandboxing using seccomp-bpf (Linux secure computing mode).

  Enable filtering of system calls using seccomp-bpf: allow only explicitly allowlisted (expected) syscalls to be called.

  The syscall sandboxing implemented in this PR is an experimental feature currently available only under Linux x86-64.

  To enable the experimental syscall sandbox the `-sandbox=<mode>` option must be passed to `bitcoind`:

  ```
    -sandbox=<mode>
         Use the experimental syscall sandbox in the specified mode
         (-sandbox=log-and-abort or -sandbox=abort). Allow only expected
         syscalls to be used by bitcoind. Note that this is an
         experimental new feature that may cause bitcoind to exit or crash
         unexpectedly: use with caution. In the "log-and-abort" mode the
         invocation of an unexpected syscall results in a debug handler
         being invoked which will log the incident and terminate the
         program (without executing the unexpected syscall). In the
         "abort" mode the invocation of an unexpected syscall results in
         the entire process being killed immediately by the kernel without
         executing the unexpected syscall.
  ```

  The allowed syscalls are defined on a per thread basis.

  I've used this feature since summer 2020 and I find it to be a helpful testing/debugging addition which makes it much easier to reason about the actual capabilities required of each type of thread in Bitcoin Core.

  ---

  Quick start guide:

  ```
  $ ./configure
  $ src/bitcoind -regtest -debug=util -sandbox=log-and-abort
  …
  2021-06-09T12:34:56Z Experimental syscall sandbox enabled (-sandbox=log-and-abort): bitcoind will terminate if an unexpected (not allowlisted) syscall is invoked.
  …
  2021-06-09T12:34:56Z Syscall filter installed for thread "addcon"
  2021-06-09T12:34:56Z Syscall filter installed for thread "dnsseed"
  2021-06-09T12:34:56Z Syscall filter installed for thread "net"
  2021-06-09T12:34:56Z Syscall filter installed for thread "msghand"
  2021-06-09T12:34:56Z Syscall filter installed for thread "opencon"
  2021-06-09T12:34:56Z Syscall filter installed for thread "init"
  …
  # A simulated execve call to show the sandbox in action:
  2021-06-09T12:34:56Z ERROR: The syscall "execve" (syscall number 59) is not allowed by the syscall sandbox in thread "msghand". Please report.
  …
  Aborted (core dumped)
  $
  ```

  ---

  [About seccomp and seccomp-bpf](https://en.wikipedia.org/wiki/Seccomp):

  > In computer security, seccomp (short for secure computing mode) is a facility in the Linux kernel. seccomp allows a process to make a one-way transition into a "secure" state where it cannot make any system calls except exit(), sigreturn(), and read() and write() to already-open file descriptors. Should it attempt any other system calls, the kernel will terminate the process with SIGKILL or SIGSYS. In this sense, it does not virtualize the system's resources but isolates the process from them entirely.
  >
  > […]
  >
  > seccomp-bpf is an extension to seccomp that allows filtering of system calls using a configurable policy implemented using Berkeley Packet Filter rules. It is used by OpenSSH and vsftpd as well as the Google Chrome/Chromium web browsers on Chrome OS and Linux. (In this regard seccomp-bpf achieves similar functionality, but with more flexibility and higher performance, to the older systrace—which seems to be no longer supported for Linux.)

ACKs for top commit:
  laanwj:
    Code review and lightly tested ACK 4747da3a5b

Tree-SHA512: e1c28e323eb4409a46157b7cc0fc29a057ba58d1ee2de268962e2ade28ebd4421b5c2536c64a3af6e9bd3f54016600fec88d016adb49864b63edea51ad838e17
2021-10-04 22:45:43 +02:00
practicalswift
4747da3a5b Add syscall sandboxing (seccomp-bpf) 2021-10-01 13:51:10 +00:00
fanquake
182de7ba10
ci: update minimum compiler requirements for std::filesystem 2021-09-22 18:18:19 +08:00