Commit graph

894 commits

Author SHA1 Message Date
fanquake
39872f5ed4
Merge bitcoin/bitcoin#23149: build: make --enable-werror just -Werror
38fd709fa5 build: make --enable-werror just -Werror (fanquake)

Pull request description:

  No longer special case a set of warnings, to make up our own -Werror,
  just use -Werror outright. This shouldn't really have any effect on
  existing builders, who were already using `--enable-werror`, and is more
  inline with what they would expect `--enable-werror` to be, which is
  erroring on any/all warnings.

  We keep `-Wno-error=return-type` because we know that is broken when using
  mingw-w64. It should only be applied when cross-compiling for Windows.

  Similar to the change in #20544, but with (hopefully) less work-arounds,
  and other bundled changes. A step towards some configure "cleanups".

ACKs for top commit:
  hebasto:
    ACK 38fd709fa5 (also see https://github.com/bitcoin/bitcoin/pull/23149#issuecomment-940420776), tested:
  MarcoFalke:
    Concept ACK 38fd709fa5

Tree-SHA512: 37f1857d9408442cab63e40f9280427b73e09cdf03146b19c1339d7e44abd78e93df7f270ca1da0e83b79343cd3ea915f7b9e4e347488b5bc5ceaaa7540e5926
2021-10-13 11:33:25 +08:00
fanquake
309eac9019
scripts: use LIEF for ELF checks in symbol-check.py
Co-authored-by: Carl Dong <contact@carldong.me>
2021-10-12 08:36:15 +08:00
Cory Fields
0f95247246
Integrate univalue into our buildsystem
This addresses issues like the one in #12467, where some of our compiler flags
end up being dropped during the subconfigure of Univalue. Specifically, we're
still using the compiler-default c++ version rather than forcing c++17.

We can drop the need subconfigure completely in favor of a tighter build
integration, where the sources are listed separately from the build recipes,
so that they may be included directly by upstream projects. This is
similar to the way leveldb build integration works in Core.

Core benefits of this approach include:
- Better caching (for ex. ccache and autoconf)
- No need for a slow subconfigure
- Faster autoconf
- No more missing compile flags
- Compile only the objects needed

There are no benefits to Univalue itself that I can think of. These changes
should be a no-op there, and to downstreams as well until they take advantage
of the new sources.mk.

This also removes the option to use an external univalue to avoid similar ABI
issues with mystery binaries.

Co-authored-by: fanquake <fanquake@gmail.com>
2021-10-11 20:46:25 +08:00
fanquake
5b7210c874
Merge bitcoin/bitcoin#22409: configure: keep relative paths in debug info
0bc666b053 doc: add info for debugging with relative paths (S3RK)
a8b515c317 configure: keep relative paths in debug info (S3RK)

Pull request description:

  This is a follow-up for #20353 that fixes #21885

  It also adds a small section to assist debugging without absolute paths in debug info.

ACKs for top commit:
  kallewoof:
    Tested ACK 0bc666b053
  Zero-1729:
    Light crACK 0bc666b053

Tree-SHA512: d4b75183c3d3a0f59fe786841fb230581de87f6fe04cf7224e4b89c520d45513ba729d4ad8c0e62dd1dbaaa7a25741f04d036bc047f92842e76c9cc31ea47fb2
2021-10-11 10:34:29 +08:00
fanquake
ef15c574ff
build: add python3.10 alias to AC_PATH_PROGS call in configure
Python 3.10 is now relased, and has been available as a beta/rc in
distros for a little while already.
2021-10-05 12:00:02 +08:00
W. J. van der Laan
9e530c6352
Merge bitcoin/bitcoin#20487: Add syscall sandboxing using seccomp-bpf (Linux secure computing mode)
4747da3a5b Add syscall sandboxing (seccomp-bpf) (practicalswift)

Pull request description:

  Add experimental syscall sandboxing using seccomp-bpf (Linux secure computing mode).

  Enable filtering of system calls using seccomp-bpf: allow only explicitly allowlisted (expected) syscalls to be called.

  The syscall sandboxing implemented in this PR is an experimental feature currently available only under Linux x86-64.

  To enable the experimental syscall sandbox the `-sandbox=<mode>` option must be passed to `bitcoind`:

  ```
    -sandbox=<mode>
         Use the experimental syscall sandbox in the specified mode
         (-sandbox=log-and-abort or -sandbox=abort). Allow only expected
         syscalls to be used by bitcoind. Note that this is an
         experimental new feature that may cause bitcoind to exit or crash
         unexpectedly: use with caution. In the "log-and-abort" mode the
         invocation of an unexpected syscall results in a debug handler
         being invoked which will log the incident and terminate the
         program (without executing the unexpected syscall). In the
         "abort" mode the invocation of an unexpected syscall results in
         the entire process being killed immediately by the kernel without
         executing the unexpected syscall.
  ```

  The allowed syscalls are defined on a per thread basis.

  I've used this feature since summer 2020 and I find it to be a helpful testing/debugging addition which makes it much easier to reason about the actual capabilities required of each type of thread in Bitcoin Core.

  ---

  Quick start guide:

  ```
  $ ./configure
  $ src/bitcoind -regtest -debug=util -sandbox=log-and-abort
  …
  2021-06-09T12:34:56Z Experimental syscall sandbox enabled (-sandbox=log-and-abort): bitcoind will terminate if an unexpected (not allowlisted) syscall is invoked.
  …
  2021-06-09T12:34:56Z Syscall filter installed for thread "addcon"
  2021-06-09T12:34:56Z Syscall filter installed for thread "dnsseed"
  2021-06-09T12:34:56Z Syscall filter installed for thread "net"
  2021-06-09T12:34:56Z Syscall filter installed for thread "msghand"
  2021-06-09T12:34:56Z Syscall filter installed for thread "opencon"
  2021-06-09T12:34:56Z Syscall filter installed for thread "init"
  …
  # A simulated execve call to show the sandbox in action:
  2021-06-09T12:34:56Z ERROR: The syscall "execve" (syscall number 59) is not allowed by the syscall sandbox in thread "msghand". Please report.
  …
  Aborted (core dumped)
  $
  ```

  ---

  [About seccomp and seccomp-bpf](https://en.wikipedia.org/wiki/Seccomp):

  > In computer security, seccomp (short for secure computing mode) is a facility in the Linux kernel. seccomp allows a process to make a one-way transition into a "secure" state where it cannot make any system calls except exit(), sigreturn(), and read() and write() to already-open file descriptors. Should it attempt any other system calls, the kernel will terminate the process with SIGKILL or SIGSYS. In this sense, it does not virtualize the system's resources but isolates the process from them entirely.
  >
  > […]
  >
  > seccomp-bpf is an extension to seccomp that allows filtering of system calls using a configurable policy implemented using Berkeley Packet Filter rules. It is used by OpenSSH and vsftpd as well as the Google Chrome/Chromium web browsers on Chrome OS and Linux. (In this regard seccomp-bpf achieves similar functionality, but with more flexibility and higher performance, to the older systrace—which seems to be no longer supported for Linux.)

ACKs for top commit:
  laanwj:
    Code review and lightly tested ACK 4747da3a5b

Tree-SHA512: e1c28e323eb4409a46157b7cc0fc29a057ba58d1ee2de268962e2ade28ebd4421b5c2536c64a3af6e9bd3f54016600fec88d016adb49864b63edea51ad838e17
2021-10-04 22:45:43 +02:00
practicalswift
4747da3a5b Add syscall sandboxing (seccomp-bpf) 2021-10-01 13:51:10 +00:00
fanquake
38fd709fa5
build: make --enable-werror just -Werror
No longer special case a set of warnings, to make up our own -Werror,
just use -Werror outright. This shouldn't really have any effect on
existing builders, who were already using --enable-werror, and is more
inline with what they would expect --enable-werror to be, which is
erroring on any/all warnings.

We keep -Wno-error=return-type because we know that is broken when using
mingw-w64. It should only be applied when cross-compiling for Windows.

Co-authored-by: Hennadii Stepanov <32963518+hebasto@users.noreply.github.com>
2021-10-01 11:20:53 +08:00
fanquake
4446ef0a54
build: remove support for weak linking getauxval()
It was [pointed out in #23030](https://github.com/bitcoin/bitcoin/pull/23030#issuecomment-922893367) that we might be able to get rid of our weak linking of [`getauxval()`](https://man7.org/linux/man-pages/man3/getauxval.3.html) (`HAVE_WEAK_GETAUXVAL`) entirely, with only Android being a potential holdout:
> I wonder if it's time to get rid of HAVE_WEAK_GETAUXVAL. I think it's confusing. Either we build against a C library that has this functionality, or not. We don't do this weak linking thing for any other symbols and recently got rid of the other glibc backwards compatibility stuff.
> Unless there is still a current platform that really needs it (Android?), I'd prefer to remove it from the build system, it has caused enough issues.

After looking at Android further, it would seem that given we are moving to using `std::filesystem`, which [requires NDK version 22 and later](https://github.com/android/ndk/wiki/Changelog-r22), and `getauxval` has been available in the since [API version 18](https://developer.android.com/ndk/guides/cpu-features#features_using_libcs_getauxval3), that shouldn't really be an issue. Support for API levels < 19 will be dropped with the NDK 24 release, and according to [one website](https://apilevels.com/), supporting API level 18+ will cover ~99% of devices. Note that in the CI we currently build with NDK version 22 and API level 28.

The other change in this PR is removing the include of headers for ARM intrinsics, from the check for strong `getauxval()` support in configure, as they shouldn't be needed. Including these headers also meant that the check would basically only succeed when building for ARM. This would be an issue if we remove weak linking, as we wouldn't detect `getauxval()` as supported on other platforms. Note that we also use `getauxval()` in our RNG when it's available.

I've checked that with these changes we detect support for strong `getauxval()` on Alpine (muslibc). On Linux, previously we'd be detecting support for weak getauxval(), now we detect strong support. Note that we already require glibc 2.17, and `getauxval()` was introduced in `2.16`.

This is an alternative / supersedes #23030.
2021-09-24 15:40:04 +08:00
fanquake
e56100c5b4
build: remove arm includes from getauxval() check
Then the check will work on platforms other than ARM.
2021-09-24 15:39:25 +08:00
W. J. van der Laan
f2747d1602 build: Restrict check for CRC32C intrinsic to aarch64
`crc32c`'s hardware accelerated code doesn't handle ARM 32-bit at all.
Make the check in `configure.ac` check for this architecture explicitly.

For the release binaries, the current `configure.ac` check happens
to work: it enables it on aarch64 but disables it for armhf. However
some combination of compiler version and settings might ostensibly cause
this check to succeed on armhf (as reported on IRC). So make the 64-bit
platform requirement explicit.
2021-09-21 12:36:46 +02:00
W. J. van der Laan
82a85216c3
Merge bitcoin/bitcoin#22845: build: improve check for ::(w)system
3ec633ef1a build: improve check for ::(w)system (fanquake)

Pull request description:

  `AC_DEFINE()` takes `HAVE_STD__SYSTEM || HAVE_WSYSTEM` literally, meaning you
  end up with the following in bitcoin-config.h:
  ```cpp
  /* std::system or ::wsystem */
  #define HAVE_SYSTEM HAVE_STD__SYSTEM || HAVE_WSYSTEM
  ```

  This works for the preprocessor, because `HAVE_SYSTEM`, is defined, just unusually. Remove this in favor of setting `have_any_system` in either case, given we don't actually use `HAVE_STD__SYSTEM` or `HAVE_WSYSTEM`, and defining `HAVE_SYSTEM` to 1 thereafter.

ACKs for top commit:
  laanwj:
    Code review ACK 3ec633ef1a

Tree-SHA512: 02c39ba3179136ec1dc28df026b7fa5d732914c85622298ba7ec880f1ae9324208d322a47be451a5c2ff2e165ad1d446bae92e7018db8e517e7ac38fca25a0a3
2021-09-16 20:09:37 +02:00
fanquake
62e45da945
build: remove glibc-back-compat from build system
At this point, or minimum required glibc is implicitly 2.18, due to
thread_local support being enabled by default. However, users can
disable thread_local support to maintain 2.17 ccompat for now, which is
currently done in the Guix build.
2021-09-10 11:18:58 +08:00
fanquake
3ec633ef1a
build: improve check for ::(w)system
`AC_DEFINE()` takes `HAVE_STD__SYSTEM || HAVE_WSYSTEM` literally, meaning you
end up with the following in bitcoin-config.h:
```cpp
/* std::system or ::wsystem */
#define HAVE_SYSTEM HAVE_STD__SYSTEM || HAVE_WSYSTEM
```

This works for the preprocessor, because `HAVE_SYSTEM`, is defined, just unusually.
Remove this in favor of defining `HAVE_SYSTEM` to 1 in either case, given we
don't actually use `HAVE_STD__SYSTEM` or `HAVE_WSYSTEM`. We just use ::system if
we aren't building for Windows.
2021-09-10 09:20:35 +08:00
W. J. van der Laan
6718fbe90a
Merge bitcoin/bitcoin#22397: build: Fix macOS Apple Silicon build with miniupnpc and libnatpmp
2445df4eb3 build: Fix macOS Apple Silicon build with miniupnpc and libnatpmp (Hennadii Stepanov)

Pull request description:

  On master (7a49fdc581) the `configure` script does not pick up Homebrew's `miniupnpc` and `libnatpmp` packages on macOS Apple Silicon:

  ```
  % ./configure --with-miniupnpc
  ...
  checking for miniupnpc/miniupnpc.h... no
  checking for miniupnpc/upnpcommands.h... no
  checking for miniupnpc/upnperrors.h... no
  ...
  checking whether to build with support for UPnP... configure: error: "UPnP requested but cannot be built. Use --without-miniupnpc."
  ```

  ```
  % ./configure --with-natpmp
  ...
  checking for natpmp.h... no
  ...
  checking whether to build with support for NAT-PMP... configure: error: NAT-PMP requested but cannot be built. Use --without-natpmp
  ```

  The preferred Homebrew [prefix for Apple Silicon](https://docs.brew.sh/Installation) is `/opt/homebrew`. Therefore, if we do not use `pkg-config` to detect packages, we should set the `CPPFLAGS` and `LDFLAGS` variables for them explicitly.

ACKs for top commit:
  Zero-1729:
    re-tACK 2445df4eb3 (re-tested on an M1 Machine running macOS 11.4).
  jarolrod:
    re-ACK 2445df4eb3

Tree-SHA512: d623d26492f463812bf66ca519847ff4b23d517466b6c51c3caf3642a582d02e5f03ce57915742b29f01bf9bceb731a3978ef9a5fdc82e568bcb62548eda758a
2021-09-06 17:55:34 +02:00
MarcoFalke
fa0937de35
test: Rename bitcoin-util-test.py to util/test_runner.py
To normalize the name of all three test runners (fuzz, functional, util).
2021-09-02 10:43:19 +02:00
W. J. van der Laan
19364c0ddf
Merge bitcoin/bitcoin#20586: Fix Windows build with --enable-werror
b367745cfe ci: Make Cirrus CI Windows build with --enable-werror (Hennadii Stepanov)
c713bb2b24 Fix Windows build with --enable-werror on Ubuntu Focal (Hennadii Stepanov)

Pull request description:

  This PR makes possible to cross-compile Windows build with `--enable-werror --enable-suppress-external-warnings`.
  Some problems are fixed, others are silenced.

  Also `--enable-werror` is enabled for Cirrus CI Windows build (the last one on Cirrus CI without `--enable-werror`).

ACKs for top commit:
  practicalswift:
    cr ACK b367745cfe: patch looks correct
  laanwj:
    Code review ACK b367745cfe
  vasild:
    ACK b367745cfe
  jarolrod:
    ACK b367745cfe

Tree-SHA512: 64f5c99b7dad4c0efce80cd45d7074f275bd8411235dc9e0841287bdab64b812c6f8f9d632c35531d0b8210148531f53aaaac77be7699b29d2d6aaae304dbee0
2021-08-27 08:31:45 +02:00
Hennadii Stepanov
2445df4eb3
build: Fix macOS Apple Silicon build with miniupnpc and libnatpmp
The preferred Homebrew prefix for Apple Silicon is /opt/homebrew.
Therefore, if we do not use pkg-config to detect packages, we should set
the CPPFLAGS and LDFLAGS variables for them explicitly.
2021-07-29 18:37:53 +03:00
fanquake
d23570098c
Merge bitcoin/bitcoin#21882: build: Fix undefined reference to __mulodi4
e4c8bb62e4 build: Fix undefined reference to __mulodi4 (Hennadii Stepanov)

Pull request description:

  When compiling with clang on 32-bit systems the `__mulodi4` symbol is defined in compiler-rt only.

  Fixes #21294.

  See more:
  - https://bugs.llvm.org/show_bug.cgi?id=16404
  - https://bugs.llvm.org/show_bug.cgi?id=28629

ACKs for top commit:
  MarcoFalke:
    tested-only ACK e4c8bb62e4
  luke-jr:
    utACK e4c8bb62e4
  fanquake:
    ACK e4c8bb62e4 - it's a bit of an awkward workaround to carry, but at-least it's contained to the fuzzers.

Tree-SHA512: 93edb4ed568027702b1b9aba953ad50889b834ef97fde3cb99d1ce70076d9c00aa13f95c86b12d6f59b24fa90108d93742f920e15119901a2848fb337ab859a1
2021-07-29 20:53:36 +08:00
Hennadii Stepanov
e4c8bb62e4
build: Fix undefined reference to __mulodi4
When compiling with clang on 32-bit systems the __mulodi4 symbol is
defined in compiler-rt only.
2021-07-27 14:53:24 +03:00
W. J. van der Laan
3d8c714d8e
build: Bump master version to 22.99.0
Tree-SHA512: fcd9ab71dba1fc814980c144a76288c313f42a0123a6a2f44a4adc13b83b74f9fb4f029c5cd646d3c1a2bb28899e95e9fbf55cfd98b665a653624291dc9baf49
2021-07-20 15:27:12 +02:00
fanquake
6baabc4d1d
Merge bitcoin/bitcoin#21430: build: Add -Werror=implicit-fallthrough compile flag
3c4c8e79ba build: Add -Werror=implicit-fallthrough compile flag (Hennadii Stepanov)
014110c47d Use C++17 [[fallthrough]] attribute, and drop -Wno-implicit-fallthrough (Hennadii Stepanov)

Pull request description:

ACKs for top commit:
  fanquake:
    ACK 3c4c8e79ba - looks ok to me now. Checked that warnings occur in our code & leveldb by removing a `[[fallthrough]]` or `FALLTHROUGH_INTENDED`.
  jarolrod:
    ACK 3c4c8e79ba
  theStack:
    ACK 3c4c8e79ba

Tree-SHA512: 4dce91f0f26b8a3de09bd92bb3d7e1995e078e3a8b3ff861c4fbf6c0b32b2327d063633b07b89c4aa94a1141d7f78d46d9d43ab8df865273e342693ad30645b6
2021-07-18 11:06:10 +08:00
Carl Dong
a8127b34bc
build: Use and test PE binutils with --reloc-section
Also fix test-security-check.py to account for new PE PIE failure
indication.
2021-07-07 19:31:37 +08:00
S3RK
a8b515c317 configure: keep relative paths in debug info
Revert to the state prior to e507acbe and allow debugging
from project root dir with `gdb src/bitcoind`.
2021-07-06 08:57:23 +02:00
fanquake
e46287853f
build: remove --enable-determinism configure option 2021-07-05 23:53:20 +08:00
Hennadii Stepanov
3c4c8e79ba
build: Add -Werror=implicit-fallthrough compile flag 2021-07-05 08:59:54 +03:00
Hennadii Stepanov
014110c47d
Use C++17 [[fallthrough]] attribute, and drop -Wno-implicit-fallthrough 2021-07-05 08:59:38 +03:00
fanquake
957f358427
build: remove check for Boost Process header
Now that we require Boost 1.64.0+, Boost Process will be available.
2021-06-23 15:48:42 +08:00
fanquake
df2c933217
build: remove workaround for Boost and std::atomic 2021-06-23 15:48:42 +08:00
fanquake
2bf211696b
build: set minimum required Boost to 1.64.0 2021-06-23 15:48:37 +08:00
fanquake
ad0c8f356e
Merge bitcoin/bitcoin#22238: build: improve detection of eBPF support
8f7704d032 build: improve detection of eBPF support (fanquake)

Pull request description:

  Just checking for the `sys/sdt.h` header isn't enough, as systems like macOS have the header, but it doesn't actually have the `DTRACE_PROBE*` probes, which leads to [compile failures](https://github.com/bitcoin/bitcoin/pull/22006#issuecomment-859559004). The contents of `sys/sdt.h` in the macOS SDK is:
  ```bash
  #ifndef _SYS_SDT_H
  #define _SYS_SDT_H

  /*
   * This is a wrapper header that wraps the mach visible sdt.h header so that
   * the header file ends up visible where software expects it to be.  We also
   * do the C/C++ symbol wrapping here, since Mach headers are technically C
   * interfaces.
   *
   * Note:  The process of adding USDT probes to code is slightly different
   * than documented in the "Solaris Dynamic Tracing Guide".
   * The DTRACE_PROBE*() macros are not supported on Mac OS X -- instead see
   * "BUILDING CODE CONTAINING USDT PROBES" in the dtrace(1) manpage
   *
   */
  #include <sys/cdefs.h>
  __BEGIN_DECLS
  #include <mach/sdt.h>
  __END_DECLS

  #endif  /* _SYS_SDT_H */
  ```

  The `BUILDING CODE CONTAINING USDT PROBES` section from the dtrace manpage is available [here](https://gist.github.com/fanquake/e56c9866d53b326646d04ab43a8df9e2), and outlines the more involved process of using USDT probes on macOS.

ACKs for top commit:
  jb55:
    utACK 8f7704d032
  practicalswift:
    cr ACK 8f7704d032
  hebasto:
    ACK 8f7704d032, tested on macOS Big Sur 11.4 (20F71) and on Linux Mint 20.1 (x86_64) with depends.

Tree-SHA512: 5f1351d0ac2e655fccb22a5454f415906404fdaa336fd89b54ef49ca50a442c44ab92d063cba3f161cb8ea0679c92ae3cd6cfbbcb19728cac21116247a017df5
2021-06-18 15:16:00 +08:00
fanquake
7c561bea52
Merge bitcoin/bitcoin#21935: Enable external signer support by default, reduce #ifdef
2f5bdcbc31 gui: misc external signer fixes and translation hints (Sjors Provoost)
d672404466 refactor: make ExternalSigner NetworkArg() and m_chain private (Sjors Provoost)
4455145e26 refactor: reduce #ifdef ENABLE_EXTERNAL_SIGNER usage (Sjors Provoost)
5be90c907e build: enable external signer by default (Sjors Provoost)
7d9453041b refactor: clean up external_signer.h includes (Sjors Provoost)
fc0eca31b3 fuzz: fix fuzz binary linking order (Sjors Provoost)

Pull request description:

  This follows the introduction of GUI support in https://github.com/bitcoin-core/gui/pull/4

  I don't think we should expect GUI users to self compile. This also enables external signer support by default for RPC users.

  In addition this PR reduces the number of `#ifdef ENABLE_EXTERNAL_SIGNER`, which also fixes #21919. When compiled with `--disable-external-signer` such wallets can't be created in RPC or GUI, but they can be loaded. Attempting any action that calls HWI will trigger an error.

  Side-note: this PR may or may not (currently) break CI for the GUI repository, as explained here: https://github.com/bitcoin-core/gui/pull/4#issuecomment-769859001

ACKs for top commit:
  achow101:
    ACK 2f5bdcbc31
  hebasto:
    re-ACK 2f5bdcbc31

Tree-SHA512: 1b71c5a8bea2be077ee9fa33a01130c957a0cf90951d4b7b04d3d0ef826bb77e474c3963abddfef2e2c1ea99d9c72cd2302d1eb9b5fcb7ba0bd2a625f006aa05
2021-06-17 12:47:37 +08:00
MarcoFalke
1111457d74
build: Disable deprecated-copy warning only when external warnings are enabled 2021-06-16 15:44:27 +02:00
Sjors Provoost
5be90c907e
build: enable external signer by default 2021-06-16 10:48:57 +02:00
fanquake
8f7704d032
build: improve detection of eBPF support
Just checking for the `sys/sdt.h` header isn't enough, as systems like
macOS have the header, but it doesn't actually have the dtrace probes,
which leads to compile failures.
2021-06-16 10:16:03 +08:00
W. J. van der Laan
359f72105b
Merge bitcoin/bitcoin#21573: Update libsecp256k1 subtree to latest master
5c7ee1b2da libsecp256k1 no longer has --with-bignum= configure option (Pieter Wuille)
bdca9bcb6c Squashed 'src/secp256k1/' changes from 3967d96bf1..efad3506a8 (Pieter Wuille)
cabb566123 Disable certain false positive warnings for libsecp256k1 msvc build (Pieter Wuille)

Pull request description:

  This updates our src/secp256k1 subtree to the latest upstream master. The changes include:

  * The introduction of safegcd-based modular inverses, reducing ECDSA signing time by 25%-30% and ECDSA verification time by 15%-17%.
    * [Original paper](https://gcd.cr.yp.to/papers.html) by Daniel J. Bernstein and Bo-Yin Yang
    * [Implementation](https://github.com/bitcoin-core/secp256k1/pull/767) by Peter Dettman; [final](https://github.com/bitcoin-core/secp256k1/pull/831) version
    * [Explanation](https://github.com/bitcoin-core/secp256k1/blob/master/doc/safegcd_implementation.md) of the algorithm using Python snippets
    * [Analysis](https://github.com/sipa/safegcd-bounds) of the maximum number of iterations the algorithm needs
    * [Formal proof in Coq](https://medium.com/blockstream/a-formal-proof-of-safegcd-bounds-695e1735a348) by Russell O'Connor, for a high-level equivalent algorithm
  * Removal of libgmp as an (optional) dependency (which wasn't used in the Bitcoin Core build)
  * CI changes (Travis -> Cirrus)
  * Build system improvements

ACKs for top commit:
  laanwj:
    Tested ACK 5c7ee1b2da

Tree-SHA512: ad8ac3746264d279556a4aa7efdde3733e114fdba8856dd53218588521f04d83950366f5c1ea8fd56329b4c7fe08eedf8e206f8f26dbe3f0f81852e138655431
2021-06-07 17:05:11 +02:00
fanquake
7041d256e3
Merge bitcoin/bitcoin#21788: build: Silence [-Wunused-command-line-argument] warnings
e9f948c727 build: Convert warnings into errors when testing for -fstack-clash-protection (Hennadii Stepanov)

Pull request description:

  Apple clang version 12.0.5 (clang-1205.0.22.9) that is a part of Xcode 12.5, and is based on LLVM clang 11.1.0, fires spammy warnings:

  ```
  clang: warning: argument unused during compilation: '-fstack-clash-protection' [-Wunused-command-line-argument]
  ```

  From the https://github.com/apple/llvm-project:
  ```
  $ git log --oneline | grep 'stack-clash-protection'
  00065d5cbd02 Revert "-fstack-clash-protection: Return an actual error when used on unsupported OS"
  4d59c8fdb955 -fstack-clash-protection: Return an actual error when used on unsupported OS
  df3bfaa39071 [Driver] Change -fnostack-clash-protection to  -fno-stack-clash-protection
  68e07da3e5d5 [clang][PowerPC] Enable -fstack-clash-protection option for ppc64
  515bfc66eace [SystemZ] Implement -fstack-clash-protection
  e67cbac81211 Support -fstack-clash-protection for x86
  454621160066 Revert "Support -fstack-clash-protection for x86"
  0fd51a4554f5 Support -fstack-clash-protection for x86
  658495e6ecd4 Revert "Support -fstack-clash-protection for x86"
  e229017732bc Support -fstack-clash-protection for x86
  b03c3d8c6209 Revert "Support -fstack-clash-protection for x86"
  4a1a0690ad68 Support -fstack-clash-protection for x86
  f6d98429fcdb Revert "Support -fstack-clash-protection for x86"
  39f50da2a357 Support -fstack-clash-protection for x86
  ```

  I suppose, that Apple clang-1205.0.22.9 ends with on of the "Revert..." commits.

  This PR prevents using of the `-fstack-clash-protection` flag if it causes warnings.

  ---

  System: macOS Big Sur 11.3 (20E232).

ACKs for top commit:
  jarolrod:
    re-ACK e9f948c727
  Sjors:
    tACK e9f948c727 on macOS 11.3.1

Tree-SHA512: 30186da67f9b0f34418014860c766c2e7f622405520f1cbbc1095d4aa4038b0a86014d76076f318a4b1b09170a96d8167c21d7f53a760e26017f486e1a7d39d4
2021-05-25 16:03:26 +08:00
Hennadii Stepanov
e9f948c727
build: Convert warnings into errors when testing for -fstack-clash-protection
When building with Clang, if `-fstack-clash-protection` is used with an
unsupported target, it may result in hundreds of
`-Wunused-command-line-argument` warnings at compile time. This is
currently the case when building for at least Darwin using Apple or LLVM
Clang.

Unsupported targets may also include *BSD, however that is changing; see
further discussion in https://reviews.llvm.org/D92245 and
https://reviews.freebsd.org/D27366. 

Note that this option is already skipped for Windows.
2021-05-24 08:57:22 +03:00
MarcoFalke
fa27d6d3ac
fuzz: Remove unused --enable-danger-fuzz-link-all option 2021-05-08 09:32:45 +02:00
W. J. van der Laan
cdcf82622d
Merge bitcoin/bitcoin#21629: build: fix configuring when building depends with NO_BDB=1
a5491882a0 build: fix configuring when building depends with NO_BDB=1 (fanquake)

Pull request description:

  Currently, if you build depends using `NO_BDB=1` (only sqlite wallets), `./configure` will fail as it still tries to find bdb. i.e:
  ```bash
  make -C depends/ NO_QT=1 NO_BDB=1 NO_UPNP=1 NO_ZMQ=1 NO_NATPMP=1 -j8
  ...
  copying packages: native_b2 boost libevent sqlite

  ./autogen.sh
  ./configure --prefix=/home/ubuntu/bitcoin/depends/x86_64-pc-linux-gnu
  ...
  checking for Berkeley DB C++ headers... default
  configure: error: Found Berkeley DB other than 4.8, required for portable BDB wallets (--with-incompatible-bdb to ignore or --without-bdb to disable BDB wallet support)
  ```

  This PR fixes the build such that you can build depends, opting out of bdb, without opting out of wallets entirely, and still configure successfully. I think I've tested across most potential configurations. i.e:
  ```bash
   ./configure (bdb and sqlite on system)
  bdb & sqlite are both are available

  ./configure --without-bdb  (bdb and sqlite on system)
  only sqlite

  ./configure --without-sqlite  (bdb and sqlite on system)
  only bdb

  ./configure --disable-wallet  (bdb and sqlite on system)
  neither bdb or sqlite

  depends NO_WALLET=1
  ./configure --prefix=/bitcoin/depends/x86_64-apple-darwin19.6.0
  neither bdb or sqlite

  depends NO_BDB=1
  ./configure --prefix=/bitcoin/depends/x86_64-apple-darwin19.6.0
  only sqlite

  depends NO_SQLITE=1
  ./configure --prefix=/bitcoin/depends/x86_64-apple-darwin19.6.0
  only bdb

  depends
  ./configure --prefix=/bitcoin/depends/x86_64-apple-darwin19.6.0
  bdb and sqlite
  ```

ACKs for top commit:
  laanwj:
    Code review ACK a5491882a0
  jarolrod:
    ACK a5491882a0

Tree-SHA512: baf7d2543a401db0d846095415ff449c04ecfb4a74c734dc51e79453702f9051210daeef686970f11fcffd32cdfadbc58acd54f0706aceecfb3edb0ff17310d7
2021-05-05 13:29:05 +02:00
Pieter Wuille
5c7ee1b2da libsecp256k1 no longer has --with-bignum= configure option 2021-04-23 11:36:01 -07:00
fanquake
e507acb118
Merge #20353: configure: Support -fdebug-prefix-map and -fmacro-prefix-map
7abac98d3e configure: Support -f{debug,macro}-prefix-map (Anthony Towns)

Pull request description:

  When bitcoin is checked out in two directories (eg via git worktree) object files between the two will differ due to the full path being included in the debug section. `-fdebug-prefix-map` is used to replace this with "." to avoid this unnecessary difference and allow ccache to share objects between worktrees (provided the source and compile options are the same).

  Also provide `-fmacro-prefix-map` if supported so that the working dir is not encoded in `__FILE__` macros.

ACKs for top commit:
  practicalswift:
    cr ACK 7abac98d3e: patch looks correct
  fanquake:
    ACK 7abac98d3e

Tree-SHA512: b6a37c1728ec3b2e552f244da0e66db113c1e7662c7ac502e12ff466f3dbfbfefae12695ca135137c50dbb1c4c5d84059116c0cd09b391a17466dc77b8726679
2021-04-21 13:26:49 +08:00
Hennadii Stepanov
c713bb2b24
Fix Windows build with --enable-werror on Ubuntu Focal 2021-04-13 10:20:44 +03:00
fanquake
a5491882a0
build: fix configuring when building depends with NO_BDB=1
Currently, if you build depends using `NO_BDB=1` (only sqlite wallets),
./configure will fail as it still tries to find bdb. i.e:
```bash
checking for Berkeley DB C++ headers... default
configure: error: Found Berkeley DB other than 4.8, required for portable BDB wallets (--with-incompatible-bdb to ignore or --without-bdb to disable BDB wallet support)
```

This PR fixes the build such that you can build depends, opting out of
bdb without opting out of wallets entirely, and still configure
successfully.
2021-04-07 20:50:10 +08:00
fanquake
2b3e5bf4c0
Merge #21613: build: enable -Wdocumentation
a4e970adb6 build: enable -Wdocumentation if suppressing external warnings (fanquake)
3b0078f958 doc: fixup -Wdocumentation issues (fanquake)
c6edcf1c71 build: suppress libevent warnings if supressing external warnings (fanquake)

Pull request description:

  Enable `-Wdocumentation` by taking advantage of our `--enable-suppress-external-warnings` flag. Most of the CIs are using this flag now, so any regressions should be caught.

  This also required modifying libevents flags when suppressing warnings, as depending on the version being built against, that could generate a large number of warnings. i.e:
  ```bash
  In file included from httpserver.cpp:34:
  In file included from ./support/events.h:12:
  /usr/local/Cellar/libevent/2.1.12/include/event2/http.h:464:11: warning: parameter 'req' not found in the function declaration [-Wdocumentation]
     @param req a request object
            ^~~
  /usr/local/Cellar/libevent/2.1.12/include/event2/http.h:465:11: warning: parameter 'databuf' not found in the function declaration [-Wdocumentation]
     @param databuf the data chunk to send as part of the reply.
            ^~~~~~~
  /usr/local/Cellar/libevent/2.1.12/include/event2/http.h:467:11: warning: parameter 'call' not found in the function declaration [-Wdocumentation]
     @param call back's argument.
            ^~~~
  /usr/local/Cellar/libevent/2.1.12/include/event2/http.h:939:4: warning: declaration is marked with '@deprecated' command but does not have a deprecation attribute [-Wdocumentation-deprecated-sync]
    @deprecated  This function is deprecated; you probably want to use
    ~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  /usr/local/Cellar/libevent/2.1.12/include/event2/http.h:946:1: note: add a deprecation attribute to the declaration to silence this warning
  char *evhttp_decode_uri(const char *uri);
  ^
  __AVAILABILITY_INTERNAL_DEPRECATED
  /usr/local/Cellar/libevent/2.1.12/include/event2/http.h:979:5: warning: declaration is marked with '@deprecated' command but does not have a deprecation attribute [-Wdocumentation-deprecated-sync]
     @deprecated This function is deprecated as of Libevent 2.0.9.  Use
     ~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  /usr/local/Cellar/libevent/2.1.12/include/event2/http.h:987:1: note: add a deprecation attribute to the declaration to silence this warning
  int evhttp_parse_query(const char *uri, struct evkeyvalq *headers);
  ^
  __AVAILABILITY_INTERNAL_DEPRECATED
  /usr/local/Cellar/libevent/2.1.12/include/event2/http.h:1002:11: warning: parameter 'query_parse' not found in the function declaration [-Wdocumentation]
     @param query_parse the query portion of the URI
            ^~~~~~~~~~~
  /usr/local/Cellar/libevent/2.1.12/include/event2/http.h:1002:11: note: did you mean 'uri'?
     @param query_parse the query portion of the URI
            ^~~~~~~~~~~
            uri
  69 warnings generated.
  ```

  Note that a lot of these have already been fixed upstream.

ACKs for top commit:
  laanwj:
    Concept and code review ACK a4e970adb6
  practicalswift:
    cr ACK a4e970adb6: automatic compiler feedback comes sooner and is more reliable than manual reviewer feedback
  jonatack:
    Light ACK a4e970adb6 skimmed the changes, clang 11 build is clean with the change, verified -Wdocumentation build warnings with this change when a doc fix was reverted

Tree-SHA512: 57a1e30cffcc8bcceee72d85f58ebe29eae525861c70acb237541bd480c51ede89875c033042c0af376fdbb49fb7f588ef9282a47c6e78f9d4501c41f1b21eb6
2021-04-07 16:49:57 +08:00
fanquake
a4e970adb6
build: enable -Wdocumentation if suppressing external warnings
Co-authored-by: Ben Woosley <ben.woosley@gmail.com>
2021-04-06 14:50:26 +08:00
fanquake
c6edcf1c71
build: suppress libevent warnings if supressing external warnings 2021-04-06 14:44:50 +08:00
fanquake
1a011b3a82
build: remove -Wdeprecated-register from NOWARN flags
The register keyword was deprecated in C++11, and removed in C++17. Now
that we require C++17, we shouldn't have to supress warnings for a
non-existant feature.
2021-04-06 08:12:22 +08:00
fanquake
879215e665
build: check if -lsocket is required with *ifaddrs 2021-03-29 11:09:40 +08:00
fanquake
e658b0e49b
Merge #21505: build: Remove unused header from the build system
0eabb2abed build: Remove unused header from the build system (Hennadii Stepanov)

Pull request description:

  The only `#include <miniupnpc/miniwget.h>` was removed in #16659.

ACKs for top commit:
  practicalswift:
    cr ACK 0eabb2abed
  fanquake:
    ACK 0eabb2abed

Tree-SHA512: 630da03875c851e80286561eae0f966c89624cbb17b90f70e2bec9a69146e79d088fc176e07a4906915770ac1cdb11341a7a431ea7cf6a59d2816e927486f335
2021-03-27 09:06:53 +08:00