Commit graph

25641 commits

Author SHA1 Message Date
Hennadii Stepanov
fa5fcb032b
refactor: CTxMemPool::ClearPrioritisation() requires CTxMemPool::cs lock
No change in behavior, the lock is already held at call sites.
Also `const uint256` refactored to `const uint256&`.
2020-09-01 12:34:29 +03:00
Hennadii Stepanov
7140b31b90
refactor: CTxMemPool::ApplyDelta() requires CTxMemPool::cs lock
No change in behavior, the lock is already held at call sites.
Also `const uint256` refactored to `const uint256&`.
2020-09-01 12:34:29 +03:00
Hennadii Stepanov
66e47e5e50
refactor: CTxMemPool::UpdateChild() requires CTxMemPool::cs lock
No change in behavior, the lock is already held at call sites.
2020-09-01 12:34:19 +03:00
Hennadii Stepanov
939807768a
refactor: CTxMemPool::UpdateParent() requires CTxMemPool::cs lock
No change in behavior, the lock is already held at call sites.
2020-09-01 12:34:11 +03:00
fanquake
e36f802fa4
lint: add C++ code linter
This currently only checks for boost::bind usage.

Co-authored-by: practicalswift <practicalswift@users.noreply.github.com>
2020-09-01 14:23:08 +08:00
MarcoFalke
bab4cce1b0
Merge #19668: Do not hide compile-time thread safety warnings
ea74e10acf doc: Add best practice for annotating/asserting locks (Hennadii Stepanov)
2ee7743fe7 sync.h: Make runtime lock checks require compile-time lock checks (Anthony Towns)
23d71d171e Do not hide compile-time thread safety warnings (Hennadii Stepanov)
3ddc150857 Add missed thread safety annotations (Hennadii Stepanov)
af9ea55a72 Use LockAssertion utility class instead of AssertLockHeld() (Hennadii Stepanov)

Pull request description:

  On the way of transit from `RecursiveMutex` to `Mutex` (see #19303) it is crucial to have run-time `AssertLockHeld()` assertion that does _not_ hide compile-time Clang Thread Safety Analysis warnings.

  On master (65e4ecabd5) using `AssertLockHeld()` could hide Clang Thread Safety Analysis warnings, e.g., with the following patch applied:
  ```diff
  --- a/src/txmempool.h
  +++ b/src/txmempool.h
  @@ -607,7 +607,7 @@ public:
       void addUnchecked(const CTxMemPoolEntry& entry, setEntries& setAncestors, bool validFeeEstimate = true) EXCLUSIVE_LOCKS_REQUIRED(cs, cs_main);

       void removeRecursive(const CTransaction& tx, MemPoolRemovalReason reason) EXCLUSIVE_LOCKS_REQUIRED(cs);
  -    void removeForReorg(const CCoinsViewCache* pcoins, unsigned int nMemPoolHeight, int flags) EXCLUSIVE_LOCKS_REQUIRED(cs, cs_main);
  +    void removeForReorg(const CCoinsViewCache* pcoins, unsigned int nMemPoolHeight, int flags) EXCLUSIVE_LOCKS_REQUIRED(cs_main);
       void removeConflicts(const CTransaction& tx) EXCLUSIVE_LOCKS_REQUIRED(cs);
       void removeForBlock(const std::vector<CTransactionRef>& vtx, unsigned int nBlockHeight) EXCLUSIVE_LOCKS_REQUIRED(cs);

  ```
  Clang compiles the code without any thread safety warnings.

  See "Add missed thread safety annotations" commit for the actual thread safety warnings that are fixed in this PR.

ACKs for top commit:
  MarcoFalke:
    ACK ea74e10acf 🎙
  jnewbery:
    ACK ea74e10acf
  ajtowns:
    ACK ea74e10acf

Tree-SHA512: 8cba996e526751a1cb0e613c0cc1b10f027a3e9945fbfb4bd30f6355fd36b9f9c2e1e95ed3183fc254b42df7c30223278e18e5bdb5e1ef85db7fef067595d447
2020-09-01 08:18:26 +02:00
fanquake
a1d14f522c
Merge #19671: wallet: Remove -zapwallettxes
3340dbadd3 Remove -zapwallettxes (Andrew Chow)

Pull request description:

  It's not clear what use there is to keeping `-zapwallettxes` given that it's intended usage has been superseded by `abandontransaction`. So this removes it outright.

  Alternative to #19700

ACKs for top commit:
  meshcollider:
    utACK 3340dbadd3
  fanquake:
    ACK 3340dbadd3 - remaining manpage references will get cleaned up pre-release.

Tree-SHA512: 3e58e1ef6f4f94894d012b93e88baba3fb9c2ad75b8349403f9ce95b80b50b0b4f443cb623cf76c355930db109f491b3442be3aa02972e841450ce52cf545fc8
2020-09-01 09:26:28 +08:00
Wladimir J. van der Laan
e796fdd4cb
Merge #19507: Expand functional zmq transaction tests
7356292e1d Have zmq reorg test cover mempool txns (Gregory Sanders)
a0f4f9c983 Add zmq test for transaction pub during reorg (Gregory Sanders)
2399a0600c Add test case for mempool->block zmq notification (Gregory Sanders)
e70512a83c Make ordering of zmq consumption irrelevant to functional test (Gregory Sanders)

Pull request description:

  Tests written to better define what messages are sent when. Also did a bit of refactoring to make sure the exact notification channel ordering doesn't matter.

  Confusions below aside, I believe having these more descriptive tests helps describe what behavior we expect from ZMQ notificaitons.

  Remaining confusion:
  1) Notification patterns seem to vary wildly with the inclusion of mempool transactions being reorg'ed. See difference between "Add zmq test for transaction pub during reorg" and "Have zmq reorg test cover mempool txns" commits for specifics.
  2) Why does a reorg'ed transaction get announced 3 times? From what I understand it can get announced once for disconnected block, once for mempool entry. What's the third? It occurs a 4th time when included in a block(not added in test)

ACKs for top commit:
  laanwj:
    code review ACK 7356292e1d
  promag:
    Code review ACK 7356292e1d.

Tree-SHA512: 573662429523fd6a1af23dd907117320bc68cb51a93fba9483c9a2160bdce51fb590fcd97bcd2b2751d543d5c1148efa4e22e1c3901144f882b990ed2b450038
2020-08-31 20:46:27 +02:00
Andrew Chow
3340dbadd3 Remove -zapwallettxes
-zapwallettxes is made a hidden option to inform users that it is
removed and they should be using abandontransaction to do the stuck
transaction thing.
2020-08-31 12:39:19 -04:00
MarcoFalke
89a8299a14
Merge #19717: rpc: Assert that RPCArg names are equal to CRPCCommand ones (mining,zmq,rpcdump)
fa3d9ce325 rpc: Assert that RPCArg names are equal to CRPCCommand ones (rpcdump) (MarcoFalke)
fa32c1d5ec rpc: Assert that RPCArg names are equal to CRPCCommand ones (zmq) (MarcoFalke)
faaa46dc20 rpc: Assert that RPCArg names are equal to CRPCCommand ones (mining) (MarcoFalke)
fa93bc14c7 rpc: Remove unused return type from appendCommand (MarcoFalke)

Pull request description:

  This is split out from #18531 to just touch the RPC methods in misc. Description from the main pr:

  ### Motivation

  RPCArg names in the rpc help are currently only used for documentation. However, in the future they could be used to teach the server the named arguments. Named arguments are currently registered by the `CRPCCommand`s and duplicate the RPCArg names from the documentation. This redundancy is fragile, and has lead to errors in the past (despite having linters to catch those kind of errors). See section "bugs found" for a list of bugs that have been found as a result of the changes here.

  ### Changes

  The changes here add an assert in the `CRPCCommand` constructor that the RPCArg names are identical to the ones in the `CRPCCommand`.

  ### Future work

  > Here or follow up, makes sense to also assert type of returned UniValue?

  Sure, but let's not get ahead of ourselves. I am going to submit any further works as follow-ups, including:

  * Removing the CRPCCommand arguments, now that they are asserted to be equal and thus redundant
  * Removing all python regex linters on the args, now that RPCMan can be used to generate any output, including the cli.cpp table
  * Auto-formatting and sanity checking the RPCExamples with RPCMan
  * Checking passed-in json in self-check. Removing redundant checks
  * Checking returned json against documentation to avoid regressions or false documentation
  * Compile the RPC documentation at compile-time to ensure it doesn't change at runtime and is completely static

  ### Bugs found

  * The assert identified issue #18607
  * The changes itself fixed bug #19250

ACKs for top commit:
  fjahr:
    tested ACK fa3d9ce325
  promag:
    Code review ACK fa3d9ce325.

Tree-SHA512: 068ade4b55cc195868d53b7f9a27151d45b440857bb069e261a49d102a49a38fdba5d68868516a1d66a54a73ba34681362f934ded7349e894042bde873b75719
2020-08-31 17:43:35 +02:00
MarcoFalke
068bc21188
Merge #19842: Update the vcpkg checkout commit ID in appveyor config
a104caeb40 Update the vcpkg checkout commit ID in appveyor config. (Aaron Clauson)

Pull request description:

  A recent appveyor vm update broke the build of the `berkeleydb` vcpkg dependency, see #19839. The temporary resolution was to switch back to the previous appveyor vm.

  This PR updates the pegged vcpkg commit ID to the most recent commit as of 31 Aug 2020. That commit ID has been tested against the latest appveyor vm and is able to build Bitcoin Core successfully.

  The vcpkg bump includes a [patch](https://github.com/microsoft/vcpkg/pull/12870) to the `berkeleydb` build config which allows it to be built on the latest appveyor vm.

ACKs for top commit:
  MarcoFalke:
    Concept ACK a104caeb40

Tree-SHA512: 6d363d1615c51bb3d4b324eb96d53950648fc97fc81ffaef91ee6e92f1336776d150d89f6e859f354ee75ce66afcef07aa19ed39b725dbb3f47ba67d26e111db
2020-08-31 17:02:20 +02:00
MarcoFalke
c1e0c2ad3b
Merge #19813: util, ci: Hard code previous release tarball checksums
0374e821bd util: Hard code previous release tarball checksums (Hennadii Stepanov)
bd897ce79f scripted-diff: Move previous_release.py to test/get_previous_releases.py (Hennadii Stepanov)

Pull request description:

  #19205 introduced signature verifying for the downloaded `SHA256SUMS.asc`.
  This approach is brittle and does not work in CI environment for many reasons:
  - https://github.com/bitcoin/bitcoin/issues/19812#issuecomment-680760663
  - https://github.com/bitcoin/bitcoin/pull/19013#discussion_r459590779

  This PR:
  - implements **Sjors**' [idea](https://github.com/bitcoin/bitcoin/pull/19205#pullrequestreview-426080048):
  > Alternatively we might as well hard code the checksum for each `tar.gz` release in the source code, here.

  - is an alternative to 5a2c31e528e6bd60635096f233252f3c717f366d (#19013)

  - fixes #19812

  - updates v0.17.1 to v0.17.2

ACKs for top commit:
  MarcoFalke:
    cr ACK 0374e821bd
  Sjors:
    tACK 0374e821bd

Tree-SHA512: cacdcf9f5209eae7da357abb3445585ad2f980920fd5bf75527ce89974d3f531a4cf8b5b35edfc116b23bfdfb45c0437cb14cbc416d76ed2dc5b9e6d33cdad71
2020-08-31 16:18:29 +02:00
fanquake
c4be50fea3
remove usage of boost::bind
boost::bind usage was removed in #13743. However a new usage snuck in as
part of 2bc4c3eaf9 (#15225).
2020-08-31 19:34:57 +08:00
Samuel Dobson
f98872f127
Merge #18244: rpc: fundrawtransaction and walletcreatefundedpsbt also lock manually selected coins
6d1f51343c [rpc] fundrawtransaction, walletcreatefundedpsbt lock manually selected coins (Sjors Provoost)

Pull request description:

  When using `fundrawtransaction` and `walletcreatefundedpsbt` with `lockUnspents`, it would only lock automatically selected coins, not manually selected coins. That doesn't make much sense to me if the goal is to prevent accidentally double-spending yourself before you broadcast a transaction.

  Note that when  creating a transaction, manually selected coins are automatic "unlocked" (or more accurately: the lock is ignored). Earlier versions of this PR introduced an error when a locked coin is manually selected, but this idea was abandoned after some discussion. An application that uses this RPC should either rely on automatic coin selection (with `lockUnspents`) or handle lock concurrency itself with manual coin selection. In particular it needs to make sure to avoid/pause calls with automatic coin selection between calling `lockunspent` and the subsequent spending RPC.

  See #7518 for historical background.

ACKs for top commit:
  meshcollider:
    Code review ACK 6d1f51343c
  fjahr:
    Code review ACK 6d1f51343c

Tree-SHA512: 8773c788d92f2656952e1beac147ba9956b8c5132d474e0880e4c89ff53642928b4cbfcd1cb3d17798b9284f02618a8830c93a9f7a4733e5bded96adff1d5d4d
2020-08-31 23:30:53 +12:00
Samuel Dobson
7721b31809
Merge #19773: wallet: Avoid recursive lock in IsTrusted
772ea4844c wallet: Avoid recursive lock in IsTrusted (João Barbosa)
819f10f671 wallet, refactor: Immutable CWalletTx::pwallet (João Barbosa)

Pull request description:

  This change moves `CWalletTx::IsTrusted` to `CWallet` in order to have TSAN. So now `CWallet::IsTrusted` requires `cs_wallet` and the recursive lock no longer happens.

  Motivated by https://github.com/bitcoin/bitcoin/pull/19289/files#r473308226.

ACKs for top commit:
  meshcollider:
    utACK 772ea4844c
  hebasto:
    ACK 772ea4844c, reviewed and tested on Linux Mint 20 (x86_64).

Tree-SHA512: 702ffd928b2f42a8b90de398790649a5fd04e1ac3877558da928e94cdeb19134883f06c3a73a6826c11c912facf199173375a70200737e164ccaea1bec515b2a
2020-08-31 22:45:27 +12:00
MarcoFalke
61b8c04d78
Merge #19379: tests: Add fuzzing harness for SigHasLowR(...) and ecdsa_signature_parse_der_lax(...)
46fcac1e4b tests: Add fuzzing harness for ec_seckey_import_der(...) and ec_seckey_export_der(...) (practicalswift)
b667a90389 tests: Add fuzzing harness for SigHasLowR(...) and ecdsa_signature_parse_der_lax(...) (practicalswift)

Pull request description:

  Add fuzzing harness for `SigHasLowR(...)` and `ecdsa_signature_parse_der_lax(...)`.

  See [`doc/fuzzing.md`](https://github.com/bitcoin/bitcoin/blob/master/doc/fuzzing.md) for information on how to fuzz Bitcoin Core. Don't forget to contribute any coverage increasing inputs you find to the [Bitcoin Core fuzzing corpus repo](https://github.com/bitcoin-core/qa-assets).

  Happy fuzzing :)

ACKs for top commit:
  Crypt-iQ:
    ACK 46fcac1e4b

Tree-SHA512: 11a4856a1efd9a04030a8c8aee2413fd5be1ea248147e649a48a55bacdf732bb48a19ee1ce2761d47d4dd61c9598aec53061b961b319ad824d539dda11a8ccf4
2020-08-31 10:56:34 +02:00
MarcoFalke
269a7ccb27
Merge #19099: refactor: Move wallet methods out of chain.h and node.h
24bf17602c gui refactor: Inline SplashScreen::ConnectWallet (Russell Yanofsky)
e4f4350471 refactor: Move wallet methods out of chain.h and node.h (Russell Yanofsky)
b266b3e0bf refactor: Create interfaces earlier during initialization (Russell Yanofsky)

Pull request description:

  Add WalletClient interface so node interface is cleaner and don't need wallet-specific methods.

  The new NodeContext::wallet_client pointer will also be needed to eliminate global wallet variables like ::vpwallets in #19101, because createWallet(), loadWallet(), getWallets(), etc methods called by the GUI need a way to get a reference to the list of open wallets if it is no longer a global variable.

ACKs for top commit:
  promag:
    Code review ACK 24bf17602c.
  MarcoFalke:
    ACK 24bf17602c 🐚

Tree-SHA512: a70d3776cd6723093db8912028c50075ec5fa0a48b961cb1a945f922658f5363754f8380dbb8378ed128c8c858913024f8264740905b8121a35c0d63bfaed7cf
2020-08-31 10:10:57 +02:00
Aaron Clauson
a104caeb40
Update the vcpkg checkout commit ID in appveyor config. 2020-08-31 08:10:02 +01:00
MarcoFalke
afffbb1bc6
Merge #19710: bench: Prevent thread oversubscription and decreases the variance of result values
3edc4e34fe bench: Prevent thread oversubscription (Hennadii Stepanov)
ce3e6a7cb2 bench: Allow skip benchmark (Hennadii Stepanov)

Pull request description:

  Split out from #18710.

  Some results (borrowed from #18710):
  ![89121718-a3329800-d4c1-11ea-8bd1-66da20619696](https://user-images.githubusercontent.com/32963518/90146614-ecb89800-dd89-11ea-80fe-bac0e46e735e.png)

ACKs for top commit:
  fjahr:
    Code review ACK 3edc4e34fe

Tree-SHA512: df7413ec9ea326564a8e8de54752c9d1444ff7de34edb03e1e0c2120fc333e4640767fdbe3e87eab6a7b389a4863c02e22ad2ae0dbf139fad6a9b85e00f563b4
2020-08-31 08:29:27 +02:00
MarcoFalke
5c910a6b7a
Merge #19826: Pass mempool reference to chainstate constructor
fa0572d0f3 Pass mempool reference to chainstate constructor (MarcoFalke)

Pull request description:

  Next step toward #19556

  Instead of relying on the mempool global, each chainstate is given a reference to a mempool to keep up to date with the tip (block connections, disconnections, reorgs, ...)

ACKs for top commit:
  promag:
    Code review ACK fa0572d0f3.
  darosior:
    ACK fa0572d0f3
  hebasto:
    ACK fa0572d0f3, reviewed and tested on Linux Mint 20 (x86_64).

Tree-SHA512: 12184d33ae5797438d03efd012a07ba3e4ffa0d817c7a0877743f3d7a7656fe279280c751554fc035ccd0058166153b6c6c308a98b2d6b13998922617ad95c4c
2020-08-31 07:21:27 +02:00
fanquake
0adb80fe63
Merge #19803: Bugfix: Define and use HAVE_FDATASYNC correctly outside LevelDB
c4b85ba704 Bugfix: Define and use HAVE_FDATASYNC correctly outside LevelDB (Luke Dashjr)

Pull request description:

  Fixes a bug introduced in #19614

  The LevelDB-specific fdatasync check was only using `AC_SUBST`, which works for Makefiles, but doesn't define anything for C++. Furthermore, the #define is typically 0 or 1, never undefined.

  This fixes both issues by defining it and checking its value instead of whether it is merely defined.

  Pulled out of #14501 by fanquake's request

ACKs for top commit:
  fanquake:
    ACK c4b85ba704 - thanks for catching and fixing my mistake.
  laanwj:
     Code review ACK c4b85ba704

Tree-SHA512: 91d5d426ba000b4f3ee7e2315635e24bbb23ceff16269ddf4f65a63d25fc9e9cf94a3b236eed2f8031cc36ddcf78aeb5916efcb244f415943a8a12f907ede8f9
2020-08-31 13:07:24 +08:00
fanquake
21eda43cde
Merge #19828: wallet, refactor: Remove duplicate map lookups in GetAddressBalances
b35e74ba37 wallet, refactor: Remove duplicate map lookups in GetAddressBalances (João Barbosa)

Pull request description:

  Now just one lookup in `balances` instead of three.

ACKs for top commit:
  achow101:
    ACK b35e74ba37
  theStack:
    ACK b35e74ba37
  practicalswift:
    ACK b35e74ba37

Tree-SHA512: a73c1b336406a569e3bb10290618c5950b944db58ed0b05ff202d097684bb3ba3a5942c8d30443960052aa16438c054e2d02977b67aa901cce665c4df0ee5602
2020-08-31 10:24:18 +08:00
fanquake
f89b4f895f
Merge #19830: test: Add tsan supp for leveldb::DBImpl::DeleteObsoleteFiles
fa1fc536bb test: Add tsan supp for leveldb::DBImpl::DeleteObsoleteFiles (MarcoFalke)

Pull request description:

  Fixes #19712

ACKs for top commit:
  practicalswift:
    ACK fa1fc536bb -- patch looks correct
  hebasto:
    ACK fa1fc536bb

Tree-SHA512: 24d6a4e871fda11196a9f88e2ddbd1c1461d895c503a04b103791233e46638421836200eaaa7d70689564e51dee0d68d32b880dd90a5c259fb6a906f21d07853
2020-08-31 09:59:21 +08:00
MarcoFalke
6eb97fb823
Merge #19839: Set appveyor VM version to previous Visual Studio 2019 release
3ec8f4c080 Set appveyor vm version to previous Visual Studio 2019 release. (Aaron Clauson)

Pull request description:

  The Visual Studio 2019 Appveyor [update](https://www.appveyor.com/updates/2020/08/29/) includes a bump of `cmake` to `3.18.2`.

  The `berkeleydb` dependency from the pegged `vcpkg` commit now fails to build with the `cmake` update.

  Setting the Appveyor VM back to the previous version should fix the immediate issue while a solution is identified for updating the `berkeleydb` build configuration.

ACKs for top commit:
  hebasto:
    ACK 3ec8f4c080, AppVeyor build is ok now.

Tree-SHA512: 61e10d0260c1c51dc6c552c857b3013f55ee324e26b1229bf7ef6f14c3e296762148db66a994ecc33fdc43e81592a7f8442d17b407964edb774b482d84735757
2020-08-30 19:27:09 +02:00
João Barbosa
413e0d1d31 Avoid callback when -blocknotify is empty 2020-08-30 17:38:27 +01:00
Aaron Clauson
3ec8f4c080
Set appveyor vm version to previous Visual Studio 2019 release.
Latest vm version has updated cmake and the berkeleydb vcpkg now fails to build.
2020-08-30 12:34:43 +01:00
Hennadii Stepanov
ea74e10acf
doc: Add best practice for annotating/asserting locks 2020-08-29 20:46:47 +03:00
Anthony Towns
2ee7743fe7
sync.h: Make runtime lock checks require compile-time lock checks 2020-08-29 20:46:47 +03:00
Hennadii Stepanov
23d71d171e
Do not hide compile-time thread safety warnings 2020-08-29 20:46:23 +03:00
Hennadii Stepanov
3ddc150857
Add missed thread safety annotations
This is needed for upcoming commit "sync.h: Make runtime lock checks
require compile-time lock checks" to pass.
2020-08-29 20:46:23 +03:00
Hennadii Stepanov
af9ea55a72
Use LockAssertion utility class instead of AssertLockHeld()
This change prepares for upcoming commit "Do not hide compile-time
thread safety warnings" by replacing AssertLockHeld() with
LockAssertion() where needed.
2020-08-29 20:43:23 +03:00
Wladimir J. van der Laan
4631dc5c57
Merge #18921: build: add stack-clash and control-flow protection options to hardening flags
b536813cef build: add -fstack-clash-protection to hardening flags (fanquake)
076183b36b build: add -fcf-protection=full to hardening options (fanquake)

Pull request description:

  Beginning with Ubuntu `19.10`, it's packaged GCC now has some additional hardening options enabled by default (in addition to existing defaults like `-fstack-protector-strong` and reducing the minimum ssp buffer size). The new additions are`-fcf-protection=full` and `-fstack-clash-protection`.

  > -fcf-protection=[full|branch|return|none]
  > Enable code instrumentation of control-flow transfers to increase program security by checking that target addresses of control-flow transfer instructions (such as indirect function call, function return, indirect jump) are valid. This prevents diverting the flow of control to an unexpected target. This is intended to protect against such threats as Return-oriented Programming (ROP), and similarly call/jmp-oriented programming (COP/JOP).

  > -fstack-clash-protection
  > Generate code to prevent stack clash style attacks. When this option is enabled, the compiler will only allocate one page of stack space at a time and each page is accessed immediately after allocation. Thus, it prevents allocations from jumping over any stack guard page provided by the operating system.

  If your interested you can grab `gcc-9_9.3.0-10ubuntu2.debian.tar.xz` from https://packages.ubuntu.com/focal/g++-9. The relevant changes are part of the `gcc-distro-specs` patches, along with the relevant additions to the gcc manages:

  > NOTE: In Ubuntu 19.10 and later versions, -fcf-protection is enabled by default for C, C++, ObjC, ObjC++, if none of -fno-cf-protection nor -fcf-protection=* are found.

  > NOTE: In Ubuntu 19.10 and later versions, -fstack-clash-protection is enabled by default for C, C++, ObjC, ObjC++, unless -fno-stack-clash-protection is found.

  So, if you're C++ using GCC on Ubuntu 19.10 or later, these options will be active unless you explicitly opt out. This can be observed with a small test:

  ```c++
  int main() { return 0; }
  ```

  ```bash
  g++ --version
  g++ (Ubuntu 9.3.0-10ubuntu2) 9.3.0

  g++ test.cpp

  objdump -dC a.out
  ..
  0000000000001129 <main>:
      1129:	f3 0f 1e fa          	endbr64
      112d:	55                   	push   %rbp
      112e:	48 89 e5             	mov    %rsp,%rbp
      1131:	b8 00 00 00 00       	mov    $0x0,%eax
      1136:	5d                   	pop    %rbp
      1137:	c3                   	retq
      1138:	0f 1f 84 00 00 00 00 	nopl   0x0(%rax,%rax,1)
      113f:	00

  # recompile opting out of control flow protection
  g++ test.cpp -fcf-protection=none

  objdump -dC a.out
  ...
  0000000000001129 <main>:
      1129:	55                   	push   %rbp
      112a:	48 89 e5             	mov    %rsp,%rbp
      112d:	b8 00 00 00 00       	mov    $0x0,%eax
      1132:	5d                   	pop    %rbp
      1133:	c3                   	retq
      1134:	66 2e 0f 1f 84 00 00 	nopw   %cs:0x0(%rax,%rax,1)
      113b:	00 00 00
      113e:	66 90                	xchg   %ax,%ax
  ```

  Note the insertion of an `endbr64` instruction when compiling and _not_ opting out. This instruction is part of the Intel Control-flow Enforcement Technology [spec](https://software.intel.com/sites/default/files/managed/4d/2a/control-flow-enforcement-technology-preview.pdf), which the GCC control flow implementation is based on.

  If we're still doing gitian builds for the `0.21.0` and `0.22.0` releases, we'd likely update the gitian image to Ubuntu Focal, which would mean that the GCC used for gitian builds would also be using these options by default. So we should decide whether we want to explicitly turn these options on as part of our hardening options (although not just for this reason), or, we should be opting-out.

  GCC has supported both options since 8.0.0. Clang has supported `-fcf-protection` from 7.0.0 and will support `-fstack-clash-protection` in it's upcoming [11.0.0 release](https://clang.llvm.org/docs/ReleaseNotes.html#id6).

ACKs for top commit:
  jamesob:
    ACK b536813cef ([`jamesob/ackr/18921.1.fanquake.build_add_stack_clash_an`](https://github.com/jamesob/bitcoin/tree/ackr/18921.1.fanquake.build_add_stack_clash_an))
  laanwj:
    Code review ACK b536813cef

Tree-SHA512: abc9adf23cdf1be384f5fb9aa5bfffdda86b9ecd671064298d4cda0440828b509f070f9b19c88c7ce50ead9ff32afff9f14c5e78d75f01241568fbfa077be0b7
2020-08-29 13:42:04 +02:00
Hennadii Stepanov
0374e821bd
util: Hard code previous release tarball checksums 2020-08-29 11:28:53 +03:00
Hennadii Stepanov
bd897ce79f
scripted-diff: Move previous_release.py to test/get_previous_releases.py
-BEGIN VERIFY SCRIPT-
OLD=contrib/devtools/previous_release.py
NEW=test/get_previous_releases.py
sed -i "s|$OLD|$NEW|g" $(git grep -l $OLD)
git mv $OLD $NEW
-END VERIFY SCRIPT-
2020-08-29 11:26:25 +03:00
MarcoFalke
baf9cedee8
Merge #18817: doc: Document differences in bitcoind and bitcoin-qt locale handling
ca185cf5a1 doc: Document differences in bitcoind and bitcoin-qt locale handling (practicalswift)

Pull request description:

  Document differences in `bitcoind` and `bitcoin-qt` locale handling.

  Since this seems to be the root cause to the locale dependency issues we've seen over the years I thought it was worth documenting :)

  Note that 1.) `QLocale` (used by Qt), 2.) C locale (used by locale-sensitive C standard library functions/POSIX functions and some parts of the C++ standard library such as `std::to_string`) and 3.) C++ locale (used by the C++ input/output library) are three separate things. This comment is about the perhaps surprising interference with the C locale (2) that takes place as part of the Qt initialization.

ACKs for top commit:
  hebasto:
    re-ACK ca185cf5a1

Tree-SHA512: e51c32f3072c506b0029a001d8b108125e1acb4f2b6a48a6be721ddadda9da0ae77a9b39ff33f9d9eebabe2244c1db09e8502e3e7012d7a5d40d98e96da0dc44
2020-08-29 10:03:45 +02:00
MarcoFalke
fa1fc536bb
test: Add tsan supp for leveldb::DBImpl::DeleteObsoleteFiles 2020-08-29 09:55:44 +02:00
practicalswift
ca185cf5a1 doc: Document differences in bitcoind and bitcoin-qt locale handling 2020-08-29 01:55:27 +00:00
Wladimir J. van der Laan
1cf73fb8eb
Merge #19607: [p2p] Add Peer struct for per-peer data in net processing
8e35bf5906 scripted-diff: rename misbehavior members (John Newbery)
1f96d2e673 [net processing] Move misbehavior tracking state to Peer (John Newbery)
7cd4159ac8 [net processing] Add Peer (John Newbery)
aba03359a6 [net processing] Remove CNodeState.name (John Newbery)

Pull request description:

  We currently have two structures for per-peer data:

  - `CNode` in net, which should just contain connection layer data (eg socket, send/recv buffers, etc), but currently also contains some application layer data (eg tx/block inventory).
  - `CNodeState` in net processing, which contains p2p application layer data, but requires cs_main to be locked for access.

  This PR adds a third struct `Peer`, which is for p2p application layer data, and doesn't require cs_main. Eventually all application layer data from `CNode` should be moved to `Peer`, and any data that doesn't strictly require cs_main should be moved from `CNodeState` to `Peer` (probably all of `CNodeState` eventually).

  `Peer` objects are stored as shared pointers in a net processing global map `g_peer_map`, which is protected by `g_peer_mutex`. To use a `Peer` object, `g_peer_mutex` is locked, a copy of the shared pointer is taken, and the lock is released. Individual members of `Peer` are protected by different mutexes that guard related data. The lifetime of the `Peer` object is managed by the shared_ptr refcount.

  This PR adds the `Peer` object and moves the misbehaving data from `CNodeState` to `Peer`. This allows us to immediately remove 15 `LOCK(cs_main)` instances.

  For more motivation see #19398

ACKs for top commit:
  laanwj:
    Code review ACK 8e35bf5906
  troygiorshev:
    reACK 8e35bf5906 via `git range-diff master 9510938 8e35bf5`
  theuni:
    ACK 8e35bf5906.
  jonatack:
    ACK 8e35bf5906 keeping in mind Cory's comment (https://github.com/bitcoin/bitcoin/pull/19607#discussion_r470173964) for the follow-up

Tree-SHA512: ad84a92b78fb34c9f43813ca3dfbc7282c887d55300ea2ce0994d134da3e0c7dbc44d54380e00b13bb75a57c28857ac3236bea9135467075d78026767a19e4b1
2020-08-28 20:29:16 +02:00
Jon Atack
7984c39be1
test framework: serialize/deserialize inv type as unsigned int 2020-08-28 20:12:02 +02:00
João Barbosa
b35e74ba37 wallet, refactor: Remove duplicate map lookups in GetAddressBalances 2020-08-28 17:01:06 +01:00
MarcoFalke
ca30d34cf9
Merge bitcoin-core/gui#39: Add visual accenting for the 'Create new receiving address' button
4ec49f8d1e qt: Leverage the default "Create new receiving address" button (Hennadii Stepanov)
4227a8e1f3 qt: Make "Create new receiving address" default unconditionally (Hennadii Stepanov)

Pull request description:

  Fix #24

  The first commit:
  - visual improvement with no behavior change

  The second commit:
  - removes a bunch of LOCs
  - slightly change behavior and makes it standard

  With this PR:
  ![DeepinScreenshot_select-area_20200721213040](https://user-images.githubusercontent.com/32963518/88093294-7b2a6700-cb9a-11ea-89a2-a0e2678056a7.png)

ACKs for top commit:
  Saibato:
    Concept tACK  4227a8e1f3 4ec49f8d1e
  promag:
    Tested ACK 4ec49f8d1e on macos.

Tree-SHA512: 3403d5ee96ec139491c7e23b24a24d9239fe55c58d99cbd4cd13bc877f76f992ed011c09e2af35b2a63be1a2371b95f6ac719325396dcc8333cf3eb7fa2e3d2c
2020-08-28 17:54:05 +02:00
MarcoFalke
5edef20a65
Merge #19797: net: Remove old check for 3-byte shifted IP addresses from pre-0.2.9 nodes
7b6d0f10a7 Remove old check for 3-byte shifted IP addresses from pre-0.2.9 node messages (Raúl Martínez (RME))

Pull request description:

  The change removes an old check for IPv6 addresses in range ::ff:ff00:0:0:0/72 that were created due to a bug in size field of addr messages for 0.2.8 nodes and before.

  This check is no longer needed as they are no more pre 0.2.9 nodes on the network (as per bitnodes network snapshot).

  Credits for discovering this go to sipa in https://github.com/bitcoin/bitcoin/pull/19628#discussion_r475907453

  Thanks for the attention!

ACKs for top commit:
  sipa:
    utACK 7b6d0f10a7
  vasild:
    ACK 7b6d0f1

Tree-SHA512: c5fab59dda2acafe143f607a4c5b636a54ac76fba651cad1ad1b09c94e88ab39503a31c2244c8f2664da68456c2a870c601d8894139c55cde9ece8161913ed2e
2020-08-28 17:51:37 +02:00
Wladimir J. van der Laan
9632b7edc7
Merge #19739: refactor: remove c-string interfaces for DecodeBase58{Check}
d3e8adfada util: remove c-string interfaces for DecodeBase58{Check} (Sebastian Falbesoner)

Pull request description:

  This micro-PR gets rid of base58 function interfaces that are redundant in terms of c-string / std::string variants; the c-string interface for `DecodeBase58Check` is completely unused outside the base58 module, while the c-string interface for `DecodeBase58` is only used in unit tests, where an implicit conversion to std::string is not problematic.

ACKs for top commit:
  practicalswift:
    ACK d3e8adfada -- patch looks correct
  laanwj:
    Code review ACK d3e8adfada

Tree-SHA512: 006a4a1e23b11385f60820c188b8e6b1634a182ca36e29a6580f72150214c65a3fdb273ec439165f26ba88a42d2bf5bab1cf3666a9eaee222fb4e1c00aeba433
2020-08-28 16:50:57 +02:00
Wladimir J. van der Laan
22acd36d53
Merge #19646: doc: Updated outdated help command for getblocktemplate
c91b241b48 Updated outdated help command for getblocktemplate (fixes #19625) (Jake Leventhal)

Pull request description:

  **Summary of Changes**
  * Removed coinbasetxn from the help outputs
  * Added the missing name for transactions in the help outputs
  * Added help outputs for longpollid and default_witness_commitment
  * Added more clarity to capabilities, rules, and coinbaseaux

  **Rationale**
  The outputs from the help command for `getblocktemplate` are outdated and don't reflect the actual results from `getblocktemplate` (see #19625 for more details)

  Fixes #19625.

ACKs for top commit:
  laanwj:
    ACK c91b241b48
  fjahr:
    utACK c91b241b48

Tree-SHA512: ee443af4bc3b2838dfd92e2705f344256ee785ae720e505fffea9b0ec5b75930e3b1374bae59b36d5da57c85c9aefe4d62504b028b893d6f2914dccf1e34c658
2020-08-28 15:24:16 +02:00
fanquake
1dac4dcf08
Merge #19758: Drop deprecated and unused GUARDED_VAR and PT_GUARDED_VAR annotations
9034f6e30e Drop deprecated and unused GUARDED_VAR and PT_GUARDED_VAR annotations (Hennadii Stepanov)

Pull request description:

  https://clang.llvm.org/docs/ThreadSafetyAnalysis.html#guarded-var-and-pt-guarded-var:
  > `GUARDED_VAR` and `PT_GUARDED_VAR`
  > Use of these attributes has been deprecated.

ACKs for top commit:
  MarcoFalke:
    ACK 9034f6e30e They seem to be deprecated for a long time already https://releases.llvm.org/4.0.0/tools/clang/docs/ThreadSafetyAnalysis.html#guarded-var-and-pt-guarded-var

Tree-SHA512: d86f55fe57c28d91eda4a0ad727e36a5b35ba4b50a557c59b83cf0c5291cc5ad37b6f4ba6daeba3c1aba143faadaea6bb21c723f4d221856d6e6c42d228e8aa2
2020-08-28 20:36:40 +08:00
Raúl Martínez (RME)
7b6d0f10a7 Remove old check for 3-byte shifted IP addresses from pre-0.2.9 node messages
The change removes an old check for IPv6 addresses in range ::ff:ff00:0:0:0/72 that were created due to a bug in size field of addr messages for 0.2.8 nodes and before.

This check is no longer needed as they are no more pre 0.2.9 nodes on the network (as per bitnodes network snapshot).

Credits for discovering this go to sipa.
2020-08-28 14:17:28 +02:00
fanquake
4326515f01
Merge #19822: chain: Fix CChain comparison UB by removing it (it was unused)
df536883d2 chain: Remove UB CChain comparison (Carl Dong)

Pull request description:

  Comparing two empty `CChain`s is currently undefined behaviour, and resulted in false assertion failures when comparing identical empty `CChain`s in local testing.

  Let's just remove this comparison operator since it doesn't seem to be used anywhere.

ACKs for top commit:
  practicalswift:
    ACK df536883d2 -- patch is guaranteed to be correct :)
  MarcoFalke:
    cr ACK df536883d2

Tree-SHA512: db10bac364fc965b56abf7a5bac48018786b14806ffe107e3e8eb24d5004a29331f3387dfe3409a3452a6750d3329e3f354265d787ebb3abfccabe77b28a54d5
2020-08-28 19:44:47 +08:00
João Barbosa
772ea4844c wallet: Avoid recursive lock in IsTrusted 2020-08-28 10:42:18 +01:00
João Barbosa
819f10f671 wallet, refactor: Immutable CWalletTx::pwallet 2020-08-28 10:42:18 +01:00
MarcoFalke
fa0572d0f3
Pass mempool reference to chainstate constructor 2020-08-28 10:42:04 +02:00