Commit graph

882 commits

Author SHA1 Message Date
MarcoFalke
fa1b63c018
test: Replace hashlib.new with named constructor 2021-12-09 14:36:06 +01:00
MarcoFalke
529ed33362
Merge bitcoin/bitcoin#23715: test: feature_rbf.py: check specified wallet type availability
84bc35d7a5 test: feature_rbf.py: check specified wallet type availability (Sebastian Falbesoner)

Pull request description:

  The test currently leads to a failure if in general wallet support is compiled, but the library for the specified type (BDB/SQLite) is not, i.e.  if started with the `--legacy-wallet` parameter, but bitcoind is compiled without BDB support, see e.g. https://github.com/bitcoin/bitcoin/pull/23682#issuecomment-989044207

  Fix this by checking if the specified wallet type (BDB for legacy wallet, SQLite for descriptor wallet) is available.

  Also move the helper `is_specified_wallet_compiled()` to the
  test framework's class BitcoinTestFramework first, so it can be reused.

  Should further pave the way for #23682. On my local instance without BDB compiled, all targets in test_runner pass now.

ACKs for top commit:
  mzumsande:
    ACK 84bc35d7a5, changes loook good for me and I confirmed that this fixes the error encountered on master when running the test `--without-bdb`.

Tree-SHA512: 1575c03c793c8e0ac195d0914eff75d02604301c8fb77d0fdb7c0b245561569c0c7db387ef4de499044b68ab6e14b4b78b955f6e74c84197bcaed95f439c9824
2021-12-09 09:24:22 +01:00
Pieter Wuille
5b559dc7ec Swap out hashlib.ripemd160 for own implementation 2021-12-08 14:29:41 -05:00
Pieter Wuille
ad3e9e1f21 Add pure Python RIPEMD-160 2021-12-08 14:29:34 -05:00
Sebastian Falbesoner
84bc35d7a5 test: feature_rbf.py: check specified wallet type availability
The test currently leads to a failure if in general wallet
support is compiled, but the library for the specified type
(BDB/SQLite) is not, i.e.  if started with the
`--legacy-wallet` parameter, but bitcoind is compiled
without BDB support.

Fix this by checking if the specified wallet type (BDB for
legacy wallet, SQLite for descriptor wallet) is available.

Also move the helper `is_specified_wallet_compiled()` to the
test framework's class BitcoinTestFramework first, so it can
be reused.
2021-12-08 19:57:43 +01:00
MarcoFalke
26a1147ce5
Merge bitcoin/bitcoin#23636: Remove GetAdjustedTime from init.cpp
fa551b3bdd Remove GetAdjustedTime from init.cpp (MarcoFalke)
fa815f8473 Replace addrman.h include with forward decl in net.h (MarcoFalke)

Pull request description:

  It seems confusing to call `GetAdjustedTime` there, because no offset could have been retrieved from the network at this point. Even if connman was started, `timedata` needs at least 5 peer connections to calculate an offset.

  Fix the confusion by replacing `GetAdjustedTime` with `GetTime`, which does not change behavior.

  Also:
  * Replace magic number with `MAX_FUTURE_BLOCK_TIME` to clarify the context
  * Add test, which passes both on current master and this pull request
  * An unrelated refactoring commit, happy to drop

ACKs for top commit:
  dongcarl:
    Code Review ACK fa551b3bdd, noticed the exact same thing here: e073634c37
  mzumsande:
    Code Review ACK fa551b3bdd
  jnewbery:
    Code review ACK fa551b3bdd
  shaavan:
    ACK fa551b3bdd
  theStack:
    Code-review ACK fa551b3bdd

Tree-SHA512: 15807a0e943e3e8d8c5250c8f6d7b56afb26002b1e290bf93636a2c747f27e78f01f1de04ce1a83d6339e27284c69c43e077a8467545c4078746f4c1ecb1164d
2021-12-02 15:24:55 +01:00
W. J. van der Laan
aef8c7cf82
Merge bitcoin/bitcoin#23289: test: add stress tests for initialization
d9803f7a0a test: add stress tests for initialization (James O'Beirne)
23f85616a8 test: add node.chain_path and node.debug_log_path (James O'Beirne)

Pull request description:

  In the course of coming up with a test plan for #23280, I thought it would be neat to include a Python snippet showing how I tested the initialization process. I quickly realized I was reinventing the functional test framework... so here's a new test.

  This change bangs init around like the Fonz hitting a jukebox. It adds some interesting (read: lazy and random) coverage for the initialization process by
  - interrupting init with SIGTERM after certain log statements,
  - interrupting init at random points, and
  - starting init with some essential data missing (block files, block indices, etc.) to test init error paths.

  As far as I can tell, some of these code paths are uncovered otherwise (namely the startup errors).

  ---

  Incidentally, I think I may have uncovered some kind of a bug or race condition with indexing initialization based on an intermittent failure in this testcase. This test sometimes fails after shutting down immediately after `loadblk` thread start:
  ```
  2021-10-15T21:14:51.295000Z TestFramework (INFO): Starting node and will exit after line 'loadblk thread start'
    36   │ 2021-10-15T21:14:51.296000Z TestFramework.node0 (DEBUG): bitcoind started, waiting for RPC to come up
    37   │ 2021-10-15T21:14:51.493000Z TestFramework (INFO): terminating node after 110 log lines seen
    38   │ 2021-10-15T21:14:51.625000Z TestFramework (INFO): Starting node and will exit after line 'txindex thread start'
    39   │ 2021-10-15T21:14:51.625000Z TestFramework.node0 (DEBUG): bitcoind started, waiting for RPC to come up
    ------> [[ FAILURE HERE ]] 2021-10-15T21:15:21.626000Z TestFramework (WARNING): missed line {bail_line}; bailing now after {num_lines} lines
  ```
  and then fails to start up afterwards. Combined logs showing `Error: txindex best block of the index goes beyond pruned data`, when the node under test is not pruned:

  ```
    node0 2021-10-15T21:16:51.848439Z [shutoff] [validationinterface.cpp:244] [ChainStateFlushed] Enqueuing ChainStateFlushed: block hash=1014bc4ff4917602ae53d10e9dfe230af4b7d52a6cdaa8a47798b9c288180907
     node0 2021-10-15T21:16:51.848954Z [shutoff] [init.cpp:302] [Shutdown] Shutdown: done
     test  2021-10-15T21:16:51.882000Z TestFramework (ERROR): Unexpected exception caught during testing
       Traceback (most recent call last):
         File "/home/james/src/bitcoin/test/functional/test_framework/test_framework.py", line 132, in main
   self.run_test()
         File "/home/james/src/bitcoin/./test/functional/stress_init.py", line 87, in run_test
   check_clean_start()
         File "/home/james/src/bitcoin/./test/functional/stress_init.py", line 60, in check_clean_start
   node.wait_for_rpc_connection()
         File "/home/james/src/bitcoin/test/functional/test_framework/test_node.py", line 224, in wait_for_rpc_connection
   raise FailedToStartError(self._node_msg(
       test_framework.test_node.FailedToStartError: [node 0] bitcoind exited with status 1 during initialization
     test  2021-10-15T21:16:51.882000Z TestFramework (DEBUG): Closing down network thread
     test  2021-10-15T21:16:51.933000Z TestFramework (INFO): Stopping nodes
     test  2021-10-15T21:16:51.933000Z TestFramework.node0 (DEBUG): Stopping node

     node0 stderr Error: txindex best block of the index goes beyond pruned data. Please disable the index or reindex (which will download the whole blockchain again)
     node0 stderr Error: txindex best block of the index goes beyond pruned data. Please disable the index or reindex (which will download the whole blockchain again)
     node0 stderr Error: txindex best block of the index goes beyond pruned data. Please disable the index or reindex (which will download the whole blockchain again)
     node0 stderr Error: txindex best block of the index goes beyond pruned data. Please disable the index or reindex (which will download the whole blockchain again)
     node0 stderr Error: txindex best block of the index goes beyond pruned data. Please disable the index or reindex (which will download the whole blockchain again)
  ```

ACKs for top commit:
  laanwj:
    Code review ACK d9803f7a0a

Tree-SHA512: 4d80dc399daf199a6222e81e47d12d830dc7af07355eddbb7f52479a676a645b8d3d45093ff54a9295f01a163b2f4fe0e038e83fc269969e03d4cfda69eaf111
2021-11-30 20:50:11 +01:00
W. J. van der Laan
63c0d0e937
Merge bitcoin/bitcoin#21327: net_processing: ignore transactions while in IBD
6aed8b7e9b [test] tx processing before and after ibd (glozow)
b9e105b664 [net_processing] ignore all transactions during ibd (glozow)

Pull request description:

  This is basically a mini, IBD-only version of #21224

  Incoming transactions aren't really relevant until we're caught up. That's why we send a giant feefilter and don't send tx getdatas, but we also shouldn't process them if peers send them anyway. Simply ignore them.

ACKs for top commit:
  jnewbery:
    reACK 6aed8b7e9b
  laanwj:
    Code review ACK 6aed8b7e9b

Tree-SHA512: 8e1616bf355f9d0b180bdbc5461f24c757dc5d7bc7bf651470f3b0bffcca5d5e68287106255b5cede2d96b42bce448a0f8c0649de35a530c5e079f7c89c70a35
2021-11-30 19:09:15 +01:00
MarcoFalke
fa551b3bdd
Remove GetAdjustedTime from init.cpp 2021-11-30 17:19:49 +01:00
W. J. van der Laan
a574f4ad39
Merge bitcoin/bitcoin#23392: test: move check_node_connections to util
988024fe37 test: add check_node_connections in util (brunoerg)

Pull request description:

  This function (`check_node_connections`) exists in `feature_anchors.py` and `p2p_add_connections.py` and does the same thing in both, this PR moves this function to util to avoid repetition and facilitate maintenance.

ACKs for top commit:
  laanwj:
    Code review ACK 988024fe37

Tree-SHA512: bf86c5659933539c72cb91ad587552b45c918be74d36fb429e78f3b954f01ed0855a85dd49aea35b432fbd18227c05eb3fec8b99c139c3509c39b19bccf6b7fd
2021-11-29 13:51:27 +01:00
Sebastian Falbesoner
166f8ec28e test: always rescan after importing private keys in init_wallet helper
This fixes the functional test feature_rbf.py for descriptor wallets.
2021-11-26 17:10:55 +01:00
brunoerg
988024fe37 test: add check_node_connections in util 2021-11-18 13:40:43 -03:00
fanquake
ffdab41f94
Merge bitcoin/bitcoin#23474: test: scripted-diff cleanups after generate* changes
fac23c2114 scripted-diff: Bump copyright headers (MarcoFalke)
fa974f1f14 scripted-diff: Remove redundant sync_all and sync_blocks (MarcoFalke)
fad13991ae test: Properly set sync_fun in NodeNetworkLimitedTest (MarcoFalke)
faeff57709 test: Use 4 spaces for indentation (MarcoFalke)

Pull request description:

  Some cleanups after commit 94db963de5

ACKs for top commit:
  fanquake:
    ACK fac23c2114

Tree-SHA512: 5acfd5bb9679b41969d0fc6fc85801ccadcd6530ea692bac6352668e06fc7a9b0e1db3fd6fba435e84afe983d2eb07bd0a47c8364462bb7110004bd3d102b698
2021-11-16 11:22:06 +08:00
fanquake
41e6909c07
Merge bitcoin/bitcoin#23516: test: Force --nosandbox when --valgrind
fa9c26ab3a test: Force --nosandbox when --valgrind (MarcoFalke)

Pull request description:

  The two options are mutually exclusive and will result in a test failure. Fix that.

  Can be tested with:

  ```
  $ ./test/functional/wallet_disable.py --valgrind

ACKs for top commit:
  fanquake:
    ACK fa9c26ab3a

Tree-SHA512: 7d1c36c1b6627ca041757eb0515a0d6cc962a56d783ee4f5647a2ddc2d104491f0586a8ea0b8acebe0a203190f4f5567b349123dfd4c181bcc63361174a8ab63
2021-11-16 07:30:03 +08:00
W. J. van der Laan
5ccab7187b
Merge bitcoin/bitcoin#23394: Taproot wallet test vectors (generation+tests)
f1c33ee4ac tests: implement BIP341 test vectors (Pieter Wuille)
ac3037df11 tests: BIP341 test vector generation (Pieter Wuille)
ca83ffc2ea tests: add deterministic signing mode to ECDSA (Pieter Wuille)
c98c53f20c tests: abstract out precomputed BIP341 signature hash elements (Pieter Wuille)
a5bde018b4 tests: give feature_taproot access to sighash preimages (Pieter Wuille)
5140825096 tests: add more fields to TaprootInfo (Pieter Wuille)
2478c6730a Make signing follow BIP340 exactly w.r.t. aux randomness (Pieter Wuille)

Pull request description:

  This PR adds code to `test/functional/feature_taproot.py` which runs through a (deterministic) scenario covering several aspects of the wallet side of BIP341 (scriptPubKey computation from keys/scripts, control block computation, key path spending), with the ability to output test vectors in mediawiki format based on this scenario. The generated tests are then also included directly in `src/test/script_tests.cpp` and `src/test/script_standard_tests.cpp`.

  I intend to add these test vectors to BIP341 itself: https://github.com/bitcoin/bips/pull/1225

ACKs for top commit:
  laanwj:
    Code review ACK f1c33ee4ac

Tree-SHA512: fcf7109539cb214d3190516b205cd32d2b1b452f14aa66f4107acfaa8bfc7d368f626857f1935665a4342eabc0b9ee8aba608a7c0a2494bec0b498e723439c9d
2021-11-15 20:32:42 +01:00
MarcoFalke
fa9c26ab3a
test: Force --nosandbox when --valgrind 2021-11-15 13:28:47 +01:00
MarcoFalke
fa62207737
test: Return the largest utxo in MiniWallet.get_utxo 2021-11-15 13:10:37 +01:00
Pieter Wuille
ca83ffc2ea tests: add deterministic signing mode to ECDSA
This does the following:
* Adds a rfc6979 argument to test_framework/key.py's sign_ecdsa to
  select (deterministic) RFC6979-based nonce generation.
* Add a flag in feature_taproot.py's framework called "deterministic".
* Make the Schnorr signing in feature_taproot.py randomized by default,
  reverting to the old deterministic (aux_rnd=0x0000...00) behavior
  if the deterministic context flag is set.
* Make the ECDSA signing in feature_taproot.py use RFC6979-based nonces
  when the deterministic context flag is set (keeping the old randomized
  behavior otherwise).
2021-11-12 12:04:20 -05:00
Pieter Wuille
c98c53f20c tests: abstract out precomputed BIP341 signature hash elements 2021-11-12 12:04:20 -05:00
Pieter Wuille
a5bde018b4 tests: give feature_taproot access to sighash preimages 2021-11-12 12:04:20 -05:00
Pieter Wuille
5140825096 tests: add more fields to TaprootInfo 2021-11-12 12:04:20 -05:00
MarcoFalke
fac23c2114
scripted-diff: Bump copyright headers
The previous diff touched most files in ./test/, so bump the headers to
avoid having to touch them again for a bump later.

-BEGIN VERIFY SCRIPT-
./contrib/devtools/copyright_header.py update ./test/
-END VERIFY SCRIPT-
2021-11-10 11:10:24 +01:00
Sebastian Falbesoner
041abfebe4 test: MiniWallet: add P2TR support and use it per default 2021-11-09 12:25:48 +01:00
MarcoFalke
94db963de5
Merge bitcoin/bitcoin#23300: test: Implicitly sync after generate*, unless opted out
facc352648 test: Implicitly sync after generate*, unless opted out (MarcoFalke)

Pull request description:

  The most frequent failure in functional tests are intermittent races. Fixing such bugs is cumbersome because it involves:
  * Noticing the failure
  * Fetching and reading the log to determine the test case that failed
  * Adding a `self.sync_all()` where it was forgotten
  * Spamming out a pr and waiting for review, which is already sparse

  Also, writing a linter to catch those is not possible, nor is review effective in finding these bugs prior to merge.

  Fix all future intermittent races caused by a missing sync_block call by calling `sync_all` implicitly after each `generate*`, unless opted out. This ensures that the code is race-free (with regards to blocks) when the tests pass once, instead of our current approach where the code can never be guaranteed to be race-free.

  There are some scripted-diff cleanups (see https://github.com/bitcoin/bitcoin/pull/22567), but they will be submitted in a follow-up to reduce the conflicts in this pull.

ACKs for top commit:
  lsilva01:
    tACK facc352 on Ubuntu 20.04
  brunoerg:
    tACK facc352648 on MacOS 11.6

Tree-SHA512: 046a40a066b4a3bd28a3077bd654fa8887442dd1f0ec6fd11671865809ef02376f126eb667a1320ebd67b6e372c78c00dbf8bd25d86ed86f1d9a25363103ed97
2021-11-09 09:58:51 +01:00
Samuel Dobson
24abd8312e
Merge bitcoin/bitcoin#22949: fee: Round up fee calculation to avoid a lower than expected feerate
80dc829be7 tests: Calculate fees more similarly to CFeeRate::GetFee (Andrew Chow)
ce2cc44afd tests: Test for assertion when feerate is rounded down (Andrew Chow)
0fbaef9676 fees: Always round up fee calculated from a feerate (Andrew Chow)

Pull request description:

  When calculating the fee for a feerate, it is possible that the final calculation will have fractional satoshis. Currently those are ignored via truncation which results in the absolute fee being rounded down. Rounding down is problematic because it results in a feerate that is slightly lower than the feerate represented by the `CFeeRate` object. A slightly lower feerate particularly causes issues for coin selection as it can trigger an assertion error. To avoid potentially underpaying the feerate (and the assertion), always round up the calculated fee.

  A test is added for the assertion, along with a comment explaining what happens.

  It is unlikely that a user can trigger this as it requires a very specific set of rounding errors to occur as well as the transaction not needing any change and being right on the lower bound of the exact match window. However I was able to trigger the assertion while running coin selection simulations, albeit after thousands of transactions and with some weird feerates.

ACKs for top commit:
  ryanofsky:
    Code review ACK 80dc829be7
  promag:
    Tested ACK 80dc829be7.
  lsilva01:
    tACK 80dc829
  meshcollider:
    utACK 80dc829be7

Tree-SHA512: fe26684c60f236cab48ea6a4600c141ce766dbe59504ec77595dcbd7fd0b34559acc617007f4f499c9155d8fda0a336954413410ba862b19c765c0cfac79d642
2021-11-05 00:08:00 +13:00
MarcoFalke
facc352648
test: Implicitly sync after generate*, unless opted out 2021-10-29 13:34:52 +02:00
glozow
6aed8b7e9b [test] tx processing before and after ibd
Co-authored-by: Amiti Uttarwar <amiti@uttarwar.org>
2021-10-28 16:32:41 +01:00
Sebastian Falbesoner
d2c4904ef7 test: MiniWallet: more deterministic coin selection for coinbase UTXOs (oldest first)
The coin selection strategy for MiniWallet is quite straight-forward: simply
pick a single UTXO with the largest value:

self._utxos = sorted(self._utxos, key=lambda k: k['value'])
utxo_to_spend = utxo_to_spend or self._utxos.pop()

If there are several candidates with the same value, however, it is not clear
which one is taken.  This can be particularly problematic for coinbase outputs
with fixed block subsidy, since spending could lead to a
'bad-txns-premature-spend-of-coinbase' reject if an UTXO from a too-recent
block is picked.  Introduce block height as second criteria (saved in
self._utxos in the methods generate(...) and rescan_utxos(...)), in order to
avoid potential issues with coinbases that are not matured yet.
2021-10-27 17:49:53 +02:00
Sebastian Falbesoner
4718897ce3 test: add script_util helper for creating bare multisig scripts 2021-10-26 14:51:18 +02:00
James O'Beirne
23f85616a8
test: add node.chain_path and node.debug_log_path
To allow easier access to the node's datadir and debug logs.
2021-10-20 11:24:56 -04:00
lsilva01
7b3c9e4ee8 Make explicit the node param in init_wallet() 2021-10-20 00:30:28 -03:00
MarcoFalke
2e82af46e2
Merge bitcoin/bitcoin#23207: test: Delete generate* calls from TestNode
fac62e6ff5 test: Delete generate* calls from TestNode (MarcoFalke)
fac7f6102f test: Use generate* node RPC, not wallet RPC (MarcoFalke)
faac1cda6e test: Use generate* from TestFramework, not TestNode (MarcoFalke)

Pull request description:

  Deleting the methods is needed for #22567 to pave the way to make it easier to implicitly call the `sync_all` member function.

  Without the methods being deleted, nothing prevents developers from adding calls to it. As history showed, developers *will* add calls to it. For example, see commit eb02dbba3c from today or the first commit in this pull request.

ACKs for top commit:
  stratospher:
    Tested ACK fac62e6.
  brunoerg:
    tACK fac62e6ff5
  promag:
    Code review ACK fac62e6ff5.

Tree-SHA512: 6d4dea8f95ead954acfef2e6a5d98897ce0c2d02265c5b137bb149d0265543bd51d7e8403e1945b9af75df5524ca50064fe1d2a432b25c8abc71bbb28ed6ed53
2021-10-18 13:06:03 +02:00
Andrew Chow
80dc829be7 tests: Calculate fees more similarly to CFeeRate::GetFee
Because of floating point precision issues, not all of the rounding done
is always correct. To fix this, the fee calculation for
assert_fee_amount is changed to better reflect how CFeeRate::GetFee does
it.

First the feerate is converted to an int representing sat/kvb. Then this
is multiplied by the transaction size, divivided by 1000, and rounded up
to the nearest sat. The result is then converted back to BTC (divided by
1e8) and then rounded down to the nearest sat to avoid precision errors.
2021-10-11 12:29:33 -04:00
W. J. van der Laan
991753e4d5
Merge bitcoin/bitcoin#23118: test: refactor: introduce script_util helper for creating P2PK scripts
429b49378e test: introduce script_util helper for creating P2PK scripts (Sebastian Falbesoner)

Pull request description:

  This PR is a follow-up to #22363, which took use of already existing `script_util` helpers to get rid of manual CScript for the P2{PKH,SH,WPKH,WSH} output types, in order to increase readability and maintainability of the test code. Here the same is done for P2PK scripts by introducing a helper `key_to_p2pk_script` and using it. Note that the helper only accepts ECDSA pubkeys (i.e. ones with a size of 33 or 65 bytes), hence it can't be used for scripts in the form of [x-only-pubkey, OP_CHECKSIG].

ACKs for top commit:
  brunoerg:
    Code review ACK 429b49378e
  laanwj:
    Code review ACK 429b49378e
  rajarshimaitra:
    Concept + tACK 429b49378e

Tree-SHA512: 984aea01eba5f38a328d69905d90a3a36f0a02419ca3e5baf3c8095895fb094e3780c7da16fad5851db3847bdb05ce8cda244ab09b79b8aa9602dfb3c5e0414c
2021-10-07 15:41:57 +02:00
MarcoFalke
b4437d7dfe
Merge bitcoin/bitcoin#23210: test: Replace satoshi_round with int() or Decimal()
fa2ac5881e test: Replace satoshi_round with int() or Decimal() (MarcoFalke)

Pull request description:

  satoshi_round will round down. To make the code easier to parse use
  Decimal() where possible, which does not round. Or use int(), which
  explicitly rounds down.

ACKs for top commit:
  lsilva01:
    Tested ACK fa2ac5881e on Ubuntu 20.04.

Tree-SHA512: 17795d906aa7652933d43e510e993cdd9cf8926da1febf1c42d463048cb38c92dc518ec08736efe29c0189ffd532b108bc7a715f32b4c2ee58b215df65352eb9
2021-10-07 09:09:11 +02:00
MarcoFalke
fa2ac5881e
test: Replace satoshi_round with int() or Decimal()
satoshi_round will round down. To make the code easier to parse use
Decimal() where possible, which does not round. Or use int(), which
explicitly rounds down.
2021-10-06 15:16:59 +02:00
MarcoFalke
fa3ab7b5b1
test: Avoid RPC roundtrip in MiniWallet get_descriptor() 2021-10-06 14:54:26 +02:00
MarcoFalke
fac62e6ff5
test: Delete generate* calls from TestNode 2021-10-06 13:41:08 +02:00
W. J. van der Laan
9e530c6352
Merge bitcoin/bitcoin#20487: Add syscall sandboxing using seccomp-bpf (Linux secure computing mode)
4747da3a5b Add syscall sandboxing (seccomp-bpf) (practicalswift)

Pull request description:

  Add experimental syscall sandboxing using seccomp-bpf (Linux secure computing mode).

  Enable filtering of system calls using seccomp-bpf: allow only explicitly allowlisted (expected) syscalls to be called.

  The syscall sandboxing implemented in this PR is an experimental feature currently available only under Linux x86-64.

  To enable the experimental syscall sandbox the `-sandbox=<mode>` option must be passed to `bitcoind`:

  ```
    -sandbox=<mode>
         Use the experimental syscall sandbox in the specified mode
         (-sandbox=log-and-abort or -sandbox=abort). Allow only expected
         syscalls to be used by bitcoind. Note that this is an
         experimental new feature that may cause bitcoind to exit or crash
         unexpectedly: use with caution. In the "log-and-abort" mode the
         invocation of an unexpected syscall results in a debug handler
         being invoked which will log the incident and terminate the
         program (without executing the unexpected syscall). In the
         "abort" mode the invocation of an unexpected syscall results in
         the entire process being killed immediately by the kernel without
         executing the unexpected syscall.
  ```

  The allowed syscalls are defined on a per thread basis.

  I've used this feature since summer 2020 and I find it to be a helpful testing/debugging addition which makes it much easier to reason about the actual capabilities required of each type of thread in Bitcoin Core.

  ---

  Quick start guide:

  ```
  $ ./configure
  $ src/bitcoind -regtest -debug=util -sandbox=log-and-abort
  …
  2021-06-09T12:34:56Z Experimental syscall sandbox enabled (-sandbox=log-and-abort): bitcoind will terminate if an unexpected (not allowlisted) syscall is invoked.
  …
  2021-06-09T12:34:56Z Syscall filter installed for thread "addcon"
  2021-06-09T12:34:56Z Syscall filter installed for thread "dnsseed"
  2021-06-09T12:34:56Z Syscall filter installed for thread "net"
  2021-06-09T12:34:56Z Syscall filter installed for thread "msghand"
  2021-06-09T12:34:56Z Syscall filter installed for thread "opencon"
  2021-06-09T12:34:56Z Syscall filter installed for thread "init"
  …
  # A simulated execve call to show the sandbox in action:
  2021-06-09T12:34:56Z ERROR: The syscall "execve" (syscall number 59) is not allowed by the syscall sandbox in thread "msghand". Please report.
  …
  Aborted (core dumped)
  $
  ```

  ---

  [About seccomp and seccomp-bpf](https://en.wikipedia.org/wiki/Seccomp):

  > In computer security, seccomp (short for secure computing mode) is a facility in the Linux kernel. seccomp allows a process to make a one-way transition into a "secure" state where it cannot make any system calls except exit(), sigreturn(), and read() and write() to already-open file descriptors. Should it attempt any other system calls, the kernel will terminate the process with SIGKILL or SIGSYS. In this sense, it does not virtualize the system's resources but isolates the process from them entirely.
  >
  > […]
  >
  > seccomp-bpf is an extension to seccomp that allows filtering of system calls using a configurable policy implemented using Berkeley Packet Filter rules. It is used by OpenSSH and vsftpd as well as the Google Chrome/Chromium web browsers on Chrome OS and Linux. (In this regard seccomp-bpf achieves similar functionality, but with more flexibility and higher performance, to the older systrace—which seems to be no longer supported for Linux.)

ACKs for top commit:
  laanwj:
    Code review and lightly tested ACK 4747da3a5b

Tree-SHA512: e1c28e323eb4409a46157b7cc0fc29a057ba58d1ee2de268962e2ade28ebd4421b5c2536c64a3af6e9bd3f54016600fec88d016adb49864b63edea51ad838e17
2021-10-04 22:45:43 +02:00
practicalswift
4747da3a5b Add syscall sandboxing (seccomp-bpf) 2021-10-01 13:51:10 +00:00
MarcoFalke
35a31d5f7e
Merge bitcoin/bitcoin#23136: test: update fee rate assertion helper in the functional test framework
b658d7d5c5 test: update assert_fee_amount() in test_framework/util.py (Jon Atack)

Pull request description:

  Follow-up to 42e1b5d979 (#12486).
  - update call to `round()` with our utility function `satoshi_round()` to avoid intermittent test failures
  - rename `fee_per_kB` to `feerate_BTC_kvB` for precision
  - store division result in `feerate_BTC_vB`

  Possibly resolves #19418.

ACKs for top commit:
  meshcollider:
    utACK b658d7d5c5

Tree-SHA512: f124ded98c913f98782dc047a85a05d3fdf5f0585041fa81129be562138f6261ec1bd9ee2af89729028277e75b591b0a7ad50244016c2b2fa935c6e400523183
2021-10-01 10:54:23 +02:00
Jon Atack
b658d7d5c5
test: update assert_fee_amount() in test_framework/util.py
- update call to round() with satoshi_round() to avoid intermittent test failures
- rename fee_per_kB to feerate_BTC_kvB for precision
- store division result in feerate_BTC_vB
2021-09-30 16:38:55 +02:00
W. J. van der Laan
1cf7fb9fd6
Merge bitcoin/bitcoin#23104: log: Avoid breaking single log lines over multiple lines in the log file
2222c04e1b log: Adjust coin selection log string (MarcoFalke)
fa6c1e850f test: Fix typos in tests (MarcoFalke)
faeae2980f log: Avoid broken DEBUG_LOCKORDER log (MarcoFalke)
faffaa85cd log: Avoid broken SELECTCOINS log (MarcoFalke)

Pull request description:

  Follow up to commit d8b4b3077f

ACKs for top commit:
  laanwj:
    re-ACK 2222c04e1b
  practicalswift:
    cr ACK 2222c04e1b

Tree-SHA512: e0daf76815a1b7c4898ceffedeaf7ede093223abf709874f9a0d78c8e41551c14e8b56d055c8fdf06ec698df64e67dfc168bbd8716131b23648d1d1294fa6636
2021-09-30 14:42:11 +02:00
MarcoFalke
fa6c1e850f
test: Fix typos in tests 2021-09-29 18:47:45 +02:00
Sebastian Falbesoner
429b49378e test: introduce script_util helper for creating P2PK scripts 2021-09-29 14:09:14 +02:00
MarcoFalke
33e31f8df9
Merge bitcoin/bitcoin#23079: test: use MiniWallet for p2p_filter.py
cfdb6baa22 test: use MiniWallet for p2p_filter.py (Sebastian Falbesoner)
6fc2cd3f09 test: introduce helper to create random P2WPKH scriptPubKeys (Sebastian Falbesoner)
aa26797f69 test: MiniWallet: add `send_to` method to create arbitrary txouts (Sebastian Falbesoner)

Pull request description:

  This PR enables one more of the non-wallet functional tests (p2p_filter.py) to be run even with the Bitcoin Core wallet disabled by using the MiniWallet instead, as proposed in #20078.
  For this purpose, a MiniWallet method `send_to` is introduced first, which allows to create arbitrary outputs (scriptPubKey/amount). Note that the implementation for this is already present in feature_rbf.py (recently added in PR #22998), i.e. it is simply moved to the MiniWallet interface.

ACKs for top commit:
  laanwj:
    Code review ACK cfdb6baa22

Tree-SHA512: 13b063631f0d7af065b7757cfe8b47c9be6cb9850ac5db2968a2bba4f5a18cdc9f89173a9b03971545356225082042f5fdbe49d3036027d18e8b7eb042d04f5e
2021-09-29 09:13:07 +02:00
MarcoFalke
fa54efda9b
test: pep-8 touched test
Can be reviewed with "--word-diff-regex=.".
2021-09-28 15:48:55 +02:00
MarcoFalke
fa46768059
test: Remove unused and confusing main parameter from script_util
Bitcoin script opcodes are equal on all chains (main and test) anyway.

Can be reviewed with "--word-diff-regex=.".
2021-09-28 15:46:57 +02:00
Sebastian Falbesoner
6fc2cd3f09 test: introduce helper to create random P2WPKH scriptPubKeys 2021-09-27 13:55:25 +02:00
Sebastian Falbesoner
aa26797f69 test: MiniWallet: add send_to method to create arbitrary txouts
With this new method, outputs to an arbitrary scriptPubKey/amount can
be created. Note that the implementation was already present in the
test feature_rbf.py and is just moved to the MiniWallet interface, in
order to enable other tests to also use it.
2021-09-27 13:55:25 +02:00