Commit graph

682 commits

Author SHA1 Message Date
Hennadii Stepanov
faa06ecc9c
build: Bump minimum Qt version to 5.9.5 2021-02-23 21:34:42 +02:00
Wladimir J. van der Laan
2e8116149c
Merge #21250: build: make HAVE_O_CLOEXEC available outside LevelDB (bugfix)
9bac71350d build: make HAVE_O_CLOEXEC available outside LevelDB (bugfix) (Sebastian Falbesoner)
584fd91d2d init: only use pipe2 if availabile, check in configure (Sebastian Falbesoner)

Pull request description:

  The result of the O_CLOEXEC availability check is currently only set in the Makefile and passed to LevelDB (see `LEVELDB_CPPFLAGS_INT` in `src/Makefile.leveldb.include`), but not defined to be used in our codebase. This means that code within the preprocessor conditional `#if HAVE_O_CLOEXEC` was actually never compiled. On the master branch this is currently used for pipe creation in `src/shutdown.cpp`, PR #21007 moves this part to a new module (I found the issue while testing that PR).

  The fix is similar to the one in #19803, which solved the same problem for HAVE_FDATASYNC.

  In the course of working on the PR it turned out that pipe2 is not available an all platforms, hence a configure check and a corresponding define HAVE_PIPE2 is introduced and used.

  The PR can be tested by anyone with a system that has pipe2 and O_CLOEXEC available by putting gibberish into the HAVE_O_CLOEXEC block: on master, everything should compile fine, on PR, the compiler should abort with an error. At least that's my naive way of testing preprocessor logic, happy to hear more sophisticated ways :-)

ACKs for top commit:
  laanwj:
    Code review ACK 9bac71350d

Tree-SHA512: aec89faf6ba52b6f014c610ebef7b725d9e967207d58b42a4a71afc9f1268fcb673ecc85b33a2a3debba8105a304dd7edaba4208c5373fcef2ab83e48a170051
2021-02-23 18:56:44 +01:00
Sebastian Falbesoner
9bac71350d build: make HAVE_O_CLOEXEC available outside LevelDB (bugfix) 2021-02-22 14:17:40 +01:00
Sebastian Falbesoner
584fd91d2d init: only use pipe2 if availabile, check in configure 2021-02-22 14:17:24 +01:00
MarcoFalke
fa4fbec03e
scripted-diff: Rename PROVIDE_MAIN_FUNCTION -> PROVIDE_FUZZ_MAIN_FUNCTION
-BEGIN VERIFY SCRIPT-
sed -i -e 's/PROVIDE_MAIN_FUNCTION/PROVIDE_FUZZ_MAIN_FUNCTION/g' $(git grep -l PROVIDE_MAIN_FUNCTION)
-END VERIFY SCRIPT-
2021-02-22 10:27:17 +01:00
Sjors Provoost
87a97941f6
configure: add --enable-external-signer
This option replaces --with-boost-process

This prepares external signer support to be disabled by default.
It adds a configure option to enable this feature and to check
if Boost::Process is present.

This also exposes ENABLE_EXTERNAL_SIGNER to the test suite via test/config.ini
2021-02-21 16:27:10 +01:00
fanquake
04e01606e3
Merge #21205: build: actually fail when Boost is missing
c5da2749e2 build: actually stop configure if Boost isn't available (fanquake)
cad8b527ea build: explicitly install libboost-dev package (fanquake)

Pull request description:

  If Boost is not found via AX_BOOST_BASE, we don't actually stop
  configuring, only a warning is emitted:
  ```bash
  checking for boostlib >= 1.58.0 (105800)... configure: We could not detect the boost libraries (version MINIMUM_REQUIRED_BOOST or higher). If you have a staged boost library (still not installed) please specify $BOOST_ROOT in your environment and do not give a PATH to --with-boost option.  If you are sure you have boost installed, then check your version number looking in <boost/version.hpp>. See http://randspringer.de/boost for more documentation.
  ```

  Instead we usually fail when one of the other AX_BOOST_* macros fails to find a library. These macros are slowly being
  removed, and in any case, it makes more sense to fail earlier if Boost is missing.

  If Boost is unavailable, the failure now looks like:
  ```bash
  checking for boostlib >= 1.58.0 (105800)... configure: We could not detect the boost libraries (version 1.58.0 or higher). If you have a staged boost library (still not installed) please specify $BOOST_ROOT in your environment and do not give a PATH to --with-boost option.  If you are sure you have boost installed, then check your version number looking in <boost/version.hpp>. See http://randspringer.de/boost for more documentation.
  configure: error: Boost is not available!
  ```

  Note that we now just pass the version into AX_BOOST_BASE, which fixes it's display in the output (rather than showing `MINIMUM_REQUIRED_BOOST`).

  This PR also has a commit that adds `libboost-dev` to our install instructions and CI. This package is currently installed as a side-effect of installing our other libboost-*-dev packages. However as those continue to disappear, it makes sense to install boost-dev explicitly.

ACKs for top commit:
  laanwj:
    Code review ACK c5da2749e2
  MarcoFalke:
    Concept ACK c5da2749e2

Tree-SHA512: f866062f9d7d3a2316b6c887f17c664b9cfff41fdc0cb99ca79d641240fb01a5ae0d34140e515bc465219e1b43d5ca84f7c55f48b9c5b45a80ff2795dafd072b
2021-02-19 17:45:19 +08:00
fanquake
c5da2749e2
build: actually stop configure if Boost isn't available
If Boost is not found via AX_BOOST_BASE, we don't actually stop
configuring, only a warning is emitted:
```bash
checking for boostlib >= 1.58.0 (105800)... configure: We could not detect the boost libraries (version MINIMUM_REQUIRED_BOOST or higher). If you have a staged boost library (still not installed) please specify $BOOST_ROOT in your environment and do not give a PATH to --with-boost option.  If you are sure you have boost installed, then check your version number looking in <boost/version.hpp>. See http://randspringer.de/boost for more documentation.
```

Instead we would usually fail when one of the other
AX_BOOST_* macros fails to find a library. These macros are slowly being
removed, and in any case, it makes more sense to fail earlier if Boost
is missing.

If Boost is unavailable, the failure now looks like:
```bash
checking for boostlib >= 1.58.0 (105800)... configure: We could not detect the boost libraries (version 1.58.0 or higher). If you have a staged boost library (still not installed) please specify $BOOST_ROOT in your environment and do not give a PATH to --with-boost option.  If you are sure you have boost installed, then check your version number looking in <boost/version.hpp>. See http://randspringer.de/boost for more documentation.
configure: error: Boost is not available!
```

Note that we now just pass the version into AX_BOOST_BASE, which fixes
it's display in the output (rather than MINIMUM_REQUIRED_BOOST).
2021-02-17 09:17:37 +08:00
fanquake
7bf04e358a
build: remove mostly pointless BOOST_PROCESS macro
Performing a series of link checks for a Boost component that is
header-only doesn't make much sense, and currently means we just have
another confusing Boost macro in our tree. I'm not sure why this was
originally done this way; maybe Sjors or luke-jr can elaborate
(#15382 (929cda5470))?

The macro also has the side-effect of producing confusing error
messages. i.e in #20744, the CI is currently failing with:
```bash
checking for boostlib >= 1.58.0 (105800) lib path in "/tmp/cirrus-ci-build/depends/x86_64-pc-linux-gnu/lib"... yes
checking for boostlib >= 1.58.0 (105800)... yes
checking whether the Boost::Process library is available... yes
configure: error: Could not find a version of the Boost::Process library!
```

This isn't useful, given there is no such thing as a `Boost::Process`
library.

This PR just removes the macro entirely, but maintains a `--with-boost-process`
(defaulting to off), flag to configure. Hopefully this will also be
removed, in favour of `--enable-disable-external-signer` if/when #16546
is merged.
2021-02-17 08:04:11 +08:00
Wladimir J. van der Laan
9996b1806a
Merge #21064: refactor: use std::shared_mutex & remove Boost Thread
060a2a64d4 ci: remove boost thread installation (fanquake)
06e1d7d81d build: don't build or use Boost Thread (fanquake)
7097add83c refactor: replace Boost shared_mutex with std shared_mutex in sigcache (fanquake)
8e55981ef8 refactor: replace Boost shared_mutex with std shared_mutex in cuckoocache tests (fanquake)

Pull request description:

  This replaces `boost::shared_mutex` and `boost::unique_lock` with [`std::shared_mutex`](https://en.cppreference.com/w/cpp/thread/shared_mutex) & [`std::unique_lock`](https://en.cppreference.com/w/cpp/thread/unique_lock).

  Even though [some concerns were raised](https://github.com/bitcoin/bitcoin/issues/16684#issuecomment-726214696) in #16684 with regard to `std::shared_mutex` being unsafe to use across some glibc versions, I still think this change is an improvement. As I mentioned in #21022, I also think trying to restrict standard library feature usage based on bugs in glibc is not only hard to do, but it's not currently clear exactly how we do that in practice (does it also extend to patching out use in our dependencies, should we be implementing more runtime checks for features we are using, when do we consider an affected glibc "old enough" not to worry about? etc). If you take a look through the [glibc bug tracker](https://sourceware.org/bugzilla/describecomponents.cgi?product=glibc) you'll no doubt find plenty of (active) bug reports for standard library code we already using. Obviously not to say we shouldn't try and avoid buggy code where possible.

  Two other points:

  [Cory mentioned in #21022](https://github.com/bitcoin/bitcoin/pull/21022#issuecomment-769274179):
  > It also seems reasonable to me to worry that boost hits the same underlying glibc bug, and we've just not happened to trigger the right conditions yet.

  Moving away from Boost to the standard library also removes the potential for differences related to Boosts configuration. Boost has multiple versions of `shared_mutex`, and what you end up using, and what it's backed by depends on:
  * The version of Boost.
  * The platform you're building for.
  * Which version of `BOOST_THREAD_VERSION` is defined: (2,3,4 or 5) default=2. (see [here](https://www.boost.org/doc/libs/1_70_0/doc/html/thread/build.html#thread.build.configuration) for some of the differences).
  * Is `BOOST_THREAD_V2_SHARED_MUTEX` defined? (not by default). If so, you might get the ["less performant, but more robust"](https://github.com/boostorg/thread/issues/230#issuecomment-475937761) version of `shared_mutex`.

  A lot of these factors are eliminated by our use of depends, but users will have varying configurations. It's also not inconceivable to think that a distro, or some package manager might start defining something like `BOOST_THREAD_VERSION=3`. Boost tried to change the default from 2 to 3 at one point.

  With this change, we no longer use Boost Thread, so this PR also removes it from depends, the build system, CI etc.

  Previous similar PRs were #19183 & #20922. The authors are included in the commits here.
  Also related to #21022 - pthread sanity checking.

ACKs for top commit:
  laanwj:
    Code review ACK 060a2a64d4
  vasild:
    ACK 060a2a64d4

Tree-SHA512: 572d14d8c9de20bc434511f20d3f431836393ff915b2fe9de5a47a02dca76805ad5c3fc4cceecb4cd43f3ba939a0508178c4e60e62abdbaaa6b3e8db20b75b03
2021-02-12 11:39:36 +01:00
fanquake
de4238f92f
build: consolidate reduced export checks 2021-02-12 16:02:21 +08:00
fanquake
012bdec1b7
build: add building libconsensus to end-of-configure output 2021-02-12 09:04:16 +08:00
fanquake
f054a089ec
build: remove AX_GCC_FUNC_ATTRIBUTE test for dllimport
The result of this test isn't currently used anywhere (we use dllimport based on
MSC_VER in libconsensus).
2021-02-12 09:04:16 +08:00
fanquake
7cd0a69664
build: test for __declspec(dllexport) in configure
This should work for GCC and Clang when building for Windows targets.
2021-02-12 09:04:16 +08:00
fanquake
1624e17b54
build: remove duplicate visibility attribute detection
We are already testing for this, and our test works correctly with a Darwin
target, where the macro does not. Darwin targets do not support "protected"
visibility.
2021-02-12 09:04:15 +08:00
MarcoFalke
e51f6c4dee
Merge #20936: build: build fuzz tests by default
32cbb06676 build: build fuzz tests by default. (Dan Benjamin)

Pull request description:

  This fixes issue #19388. The changes are as follows:
    - Add a new flag to configure, --enable-fuzz-binary, which allows building test/fuzz/fuzz regardless of whether we are building to do actual fuzzing
    - Set -DPROVIDE_MAIN_FUNCTION whenever --enable-fuzz is no
    - Add the following libraries to FUZZ_SUITE_LD_COMMON:
      - LIBBITCOIN_WALLET
      - SQLLITE_LIBS
      - BDB_LIBS
      - if necessary, some or all of:
        - NATPMP_LIBS
        - MINIUPNPC_LIBS
        - LIBBITCOIN_ZMQ / ZMQ_LIBS

  Fixes  #19388

ACKs for top commit:
  MarcoFalke:
    review ACK 32cbb06676 📭

Tree-SHA512: c91d713ffe54a3d055daaec02c4317d7e13eed6688821ddc10d894224950b18e276fbdd4acc758c7103b50f34a132b1882b68bc8b60409f97438e0759ced77e1
2021-02-08 10:07:15 +01:00
fanquake
8636288db1
Merge #20720: build: more robustly check for fcf-protection support
e9189a750b build: more robustly check for fcf-protection support (fanquake)

Pull request description:

  When using Clang 7, we may end up trying to use the flag when it won't
  work properly, which can lead to confusing errors. i.e:
  ```bash
  /usr/bin/ld: error: ... <corrupt x86 feature size: 0x8>
  ```

  Use `AX_CHECK_LINK_FLAG` & `--fatal-warnings` to ensure we wont use the flag in this case.

  We do this as even when the error is emitted, compilation succeeds, and the binaries produced will run. This means we can't just check if the compiler accepts the flag, or if compilation succeeds (without or without `-Werror`, and/or passing `-Wl,--fatal-warnings`, which may not be passed through to the linker).

  This was reported by someone configuring for fuzzing, on Debian 10, where Clang 7 is the default.

  See here for a minimal example of the problematic behaviour:
  https://gist.github.com/fanquake/9b33555fcfebef8eb8c0795a71732bc6

ACKs for top commit:
  pstratem:
    tested ACK e9189a750b
  MarcoFalke:
    not an ACK e9189a750b , I only tested configure on my system (gcc-10, clang-11):
  hebasto:
    ACK e9189a750b, tested with clang-7, clang-10 and gcc: the `-fcf-protection=full` is not applied for clang-7, but applied for others compilers.

Tree-SHA512: ec24b0cc5523b90139c96cbb33bb98d1e6a24d858c466aa7dfb3c474caf8c50aca53e570fdbc0ff88378406b0ac5d687542452637b1b5fa062e829291b886fc1
2021-02-08 13:45:23 +08:00
Dan Benjamin
32cbb06676 build: build fuzz tests by default.
This fixes issue #19388. The changes are as follows:
  - Add a new flag to configure, --enable-fuzz-binary, which allows building test/fuzz/fuzz regardless of whether we are building to do actual fuzzing
  - Set -DPROVIDE_MAIN_FUNCTION whenever --enable-fuzz is no
  - Add the following libraries to FUZZ_SUITE_LD_COMMON:
    - LIBBITCOIN_WALLET
    - SQLLITE_LIBS
    - BDB_LIBS
    - if necessary, some or all of:
      - NATPMP_LIBS
      - MINIUPNPC_LIBS
      - LIBBITCOIN_ZMQ / ZMQ_LIBS
2021-02-05 19:52:45 -05:00
MarcoFalke
fac4be3048
fuzz: Configure check for main function (take 2) 2021-02-04 13:11:57 +01:00
fanquake
06e1d7d81d
build: don't build or use Boost Thread 2021-02-02 12:38:22 +08:00
Hennadii Stepanov
b6aadcd5b4
build: Add -Werror=mismatched-tags 2021-02-01 23:03:10 +02:00
Luke Dashjr
798bc0b29a Support glibc-back-compat on 64-bit POWER 2021-01-19 14:41:22 +01:00
Wladimir J. van der Laan
43f3ada27b
Merge #19866: eBPF Linux tracepoints
22eb7930a6 tracing: add tracing framework (William Casarin)
933ab8a720 build: detect sys/sdt.h for eBPF tracing (William Casarin)

Pull request description:

  Instead of writing ad-hoc logging everywhere (eg: #19509), we can take advantage of linux user static defined traces, aka. USDTs ( not the stablecoin 😅 )

  The linux kernel can hook into these tracepoints at runtime, but otherwise they have little to no performance impact. Traces can pass data which can be printed externally via tools such as bpftrace. For example, here's one that prints incoming and outgoing network messages:

  # Examples

  ## Network Messages

  ```
  #!/usr/bin/env bpftrace

  BEGIN
  {
    printf("bitcoin net msgs\n");
    @start = nsecs;
  }

  usdt:./src/bitcoind:net:push_message
  {
    $ip = str(arg0);
    $peer_id = (int64)arg1;
    $command = str(arg2);
    $data_len = arg3;
    $data = buf(arg3,arg4);
    $t = (nsecs - @start) / 100000;

    printf("%zu outbound %s %s %zu %d %r\n", $t, $command, $ip, $peer_id, $data_len, $data);

    @outbound[$command]++;
  }

  usdt:./src/bitcoind:net:process_message
  {
    $ip = str(arg0);
    $peer_id = (int64)arg1;
    $command = str(arg2);
    $data_len = arg3;
    $data = buf(arg3,arg4);
    $t = (nsecs - @start) / 100000;

    printf("%zu inbound %s %s %zu %d %r\n", $t, $command, $ip, $peer_id, $data_len, $data);

    @inbound[$ip, $command]++;
  }

  ```

      $ sudo bpftrace netmsg.bt

  output: https://jb55.com/s/b11312484b601fb3.txt

  if you look at the bottom of the output you can see a histogram of all the messages grouped by message type and IP. nice!

  ## IBD Benchmarking

  ```
  #!/usr/bin/env bpftrace
  BEGIN
  {
    printf("IBD to 500,000 bench\n");
  }

  usdt:./src/bitcoind:CChainState:ConnectBlock
  {
    $height = (uint32)arg0;

    if ($height == 1) {
      printf("block 1 found, starting benchmark\n");
      @start = nsecs;
    }

    if ($height >= 500000) {
      @end = nsecs;
      @duration = @end - @start;
      exit();
    }
  }

  END {
    printf("duration %d ms\n", @duration / 1000000)
  }
  ```
  This one hooks into ConnectBlock and prints the IBD time to height 500,000 starting from the first call to ConnectBlock

  Userspace static tracepoints give lots of flexibility without invasive logging code. It's also more flexible than ad-hoc logging code, allowing you to instrument many different aspects of the system without having to enable per-subsystem logging.

  Other ideas: tracepoints for lock contention, threads, what else?

  Let me know what ya'll think and if this is worth adding to bitcoin.

  ## TODO

  - [ ] docs?
  - [x] Integrate systemtap-std-dev/libsystemtap into build (provides the <sys/sdt.h> header)
  - [x] ~dtrace macos support? (is this still a thing?)~ going to focus on linux for now

ACKs for top commit:
  laanwj:
    Tested ACK 22eb7930a6
  0xB10C:
    Tested ACK 22eb7930a6

Tree-SHA512: 69242242112b679c8a12a22b3bc50252c305894fb3055ae6e13d5f56221d858e58af1d698af55e23b69bdb7abedb5565ac6b45fa5144087b77a17acd04646a75
2021-01-18 22:09:05 +01:00
Wladimir J. van der Laan
7b975639ef
Merge #19937: signet mining utility
595a34dbea contrib/signet: Document miner script in README.md (Anthony Towns)
ff7dbdc08a contrib/signet: Add script for generating a signet chain (Anthony Towns)
13762bcc96 Add bitcoin-util command line utility (Anthony Towns)
95d5d5e625 rpc: allow getblocktemplate for test chains when unconnected or in IBD (Anthony Towns)
81c54dec20 rpc: update getblocktemplate with signet rule, include signet_challenge (Anthony Towns)

Pull request description:

  Adds `contrib/signet/miner` for mining signet blocks.

  Adds `bitcoin-util` cli utility, with the idea being it can provide bitcoin related functionality that does not rely on the ability to access a running node. Only subcommand currently is "grind" which takes a hex-encoded header and grinds its nonce until its nBits is satisfied.

  Updates `getblocktemplate` to include `signet_challenge` field, and makes `getblocktemplate` require the signet rule when invoked on the signet change. Removes connectivity and IBD checks from `getblocktemplate` when applied to a test chain (regtest, testnet, signet).

ACKs for top commit:
  laanwj:
    code review ACK 595a34dbea

Tree-SHA512: 8d43297710fdc1edc58acd9b53e1bd1671e5724f7097b40ab73653715dc8becc70534c4496cbba9290f4dd6538a7a3d5830eb85f83391ea31a3bb5b9d3378cc3
2021-01-12 12:53:45 +01:00
Anthony Towns
13762bcc96 Add bitcoin-util command line utility 2021-01-12 18:34:25 +10:00
Wladimir J. van der Laan
d7e2401c62
Merge #18077: net: Add NAT-PMP port forwarding support
a191e23b8e doc: Add release notes (Hennadii Stepanov)
ae749d12dd doc: Add libnatpmp stuff (Hennadii Stepanov)
e28f9be87a ci: Add libnatpmp-dev package to some builds (Hennadii Stepanov)
5a0185b6c9 gui: Add NAT-PMP network option (Hennadii Stepanov)
a39f7336a3 net: Add -natpmp command line option (Hennadii Stepanov)
28acffd9d5 net: Add NAT-PMP to port mapping loop (Hennadii Stepanov)
a8d9f275d0 net: Add libnatpmp support (Hennadii Stepanov)
58e8364dcd gui: Apply port mapping changes on dialog exit (Hennadii Stepanov)
cf151cc68c scripted-diff: Rename UPnP stuff (Hennadii Stepanov)
4e91b1e24d net: Add flags for port mapping protocols (Hennadii Stepanov)
8b50d1b5bb net: Keep trying to use UPnP when -upnp=1 (Hennadii Stepanov)
28e2961fd6 refactor: Replace magic number with named constant (Hennadii Stepanov)
02ccf69dd6 refactor: Move port mapping code to its own module (Hennadii Stepanov)

Pull request description:

  Close #11902
  This PR is an alternative to:
  - #12288
  - #15717

  To compile with NAT-PMP support on Ubuntu [`libnatpmp-dev`](https://packages.ubuntu.com/source/bionic/libnatpmp) should be available.

  Log excerpt:
  ```
  2020-02-05T20:12:28Z [mapport] NAT-PMP: public address = 95.164.65.194
  2020-02-05T20:12:28Z [mapport] AddLocal(95.164.65.194:18333,3)
  2020-02-05T20:12:28Z [mapport] NAT-PMP: port mapping successful.
  ```

  See: [`libnatpmp`](https://miniupnp.tuxfamily.org/libnatpmp.html)

  ---

  Some follow-ups are out of this PR's scope:
  - mention NAT-PMP library in the version message
  - ~integrate NAT-PMP into the GUI~ (already [added](https://github.com/bitcoin/bitcoin/pull/18077#issuecomment-589405068))

ACKs for top commit:
  laanwj:
    Tested and code review ACK a191e23b8e

Tree-SHA512: 10e19267c21bf30f20ff1abfc882d526049f0e790b95e12f109dc2bed7c0aef45de03eaf967f4e667e7509be04f1873a5c508087393d947205f3aab2ad6d7cf1
2021-01-07 19:41:55 +01:00
Wladimir J. van der Laan
b6a71b80d2
Merge #19055: Add MuHash3072 implementation
9815332d51 test: Change MuHash Python implementation to match cpp version again (Fabian Jahr)
01297fb3ca fuzz: Add MuHash consistency fuzz test (Fabian Jahr)
b111410914 test: Add MuHash3072 fuzz test (Fabian Jahr)
c122527385 bench: Add Muhash benchmarks (Fabian Jahr)
7b1242229d test: Add MuHash3072 unit tests (Fabian Jahr)
adc708c98d crypto: Add MuHash3072 implementation (Fabian Jahr)
0b4d290bf5 crypto: Add Num3072 implementation (Fabian Jahr)
589f958662 build: Check for 128 bit integer support (Fabian Jahr)

Pull request description:

  This is the first split of #18000 which implements the Muhash algorithm and uses it to calculate the UTXO set hash in `gettxoutsetinfo`.

ACKs for top commit:
  laanwj:
    Code review ACK 9815332d51

Tree-SHA512: 4bc090738f0e3d80b74bdd8122e24a8ce80121120fd37c7e4335a73e7ba4fcd7643f2a2d559e2eebf54b8e3a3bd5f12cfb27ba61ded135fda210a07a233eae45
2021-01-07 17:57:17 +01:00
Hennadii Stepanov
a8d9f275d0
net: Add libnatpmp support 2021-01-07 18:07:09 +02:00
MarcoFalke
fafd725a7c
Merge #19846: build: enable unused member function diagnostic
819d03b932 refactor: took out unused member functions (Zero)
ed69213c2b build: enable unused member function diagnostic (Zero)

Pull request description:

  This PR enables the `-Wunused-member-function` compiler diagnostic, as discussed in #19702.

  > **Notice**: The `unused-member-function` diagnostic is only available on clang. Therefore, clang should be used to test this PR.

  - [x] Include the `-Wunused-member-function`diagnostic in `./configure.ac`. (ed69213c2b)
  - [x] Resolve the reported warnings. (819d03b932)

  Currently, enabling this flag no longer reports the following warnings:

  > **Note**: output from `make 2>&1 | grep "warning: unused member function" | sort | uniq -c`

  ```
  1 index/blockfilterindex.cpp:54:5: warning: unused member function 'DBHeightKey' [-Wunused-member-function]
  2 script/bitcoinconsensus.cpp:50:9: warning: unused member function 'GetType' [-Wunused-member-function]
  1 test/util_tests.cpp:1975:14: warning: unused member function 'operator=' [-Wunused-member-function]
  ```

  All tests have passed locally (from `make check` & `src/test/test_bitcoin`).

  This PR closes #19702.

ACKs for top commit:
  practicalswift:
    ACK 819d03b932 - patch still looks correct :)
  MarcoFalke:
    ACK 819d03b932
  pox:
    Tested ACK 819d03b932 with clang after `make clean`. No unused member function warnings.
  theStack:
    tested ACK 819d03b932

Tree-SHA512: 5fdfbbb02b3dc618a90a874a5caa5e01e596fc1d14a209e75a6981f01b253f9bca0cfac8fdd758dd7151986609fb76571c3745124a29cfd4f8cbb8d82a07272e
2021-01-05 12:06:40 +01:00
Emil Engler
ccc8d5513f
doc: Update license year range to 2021 2020-12-30 16:24:47 +01:00
Fabian Jahr
589f958662
build: Check for 128 bit integer support
Used in MuHash3072 implementation.

Co-authored-by: Pieter Wuille <pieter.wuille@gmail.com>
2020-12-20 22:08:15 +01:00
fanquake
e9189a750b
build: more robustly check for fcf-protection support
When using Clang 7, we may end up trying to use the flag when it won't
work properly, which can lead to confusing errors. i.e:
```bash
/usr/bin/ld: error: ... <corrupt x86 feature size: 0x8>
```

Use CHECK_LINK_FLAG & --fatal-warnings to ensure we wont use the flag in this case.
2020-12-20 21:43:58 +08:00
Wladimir J. van der Laan
f1dbf92ff0
Merge #20434: contrib: Parse ELF directly for symbol and security checks
a0a771843f contrib: Changes to checks for PowerPC64 (Luke Dashjr)
634f6ec4eb contrib: Parse ELF directly for symbol and security checks (Wladimir J. van der Laan)

Pull request description:

  Instead of the ever-messier text parsing of the output of the readelf tool (which is clearly meant for human consumption not to be machine parseable), parse the ELF binaries directly.

  Add a small dependency-less ELF parser specific to the checks.

  This is slightly more secure, too, because it removes potential ambiguity due to misparsing and changes in the output format of `elfread`. It also allows for stricter and more specific ELF format checks in the future.

  This removes the build-time dependency for `readelf`.

  It passes the test-security-check for me locally, ~~though I haven't checked on all platforms~~. I've checked that this works on the cross-compile output for all ELF platforms supported by Bitcoin Core at the moment, as well as PPC64 LE and BE.

Top commit has no ACKs.

Tree-SHA512: 7f9241fec83ee512642fecf5afd90546964561efd8c8c0f99826dcf6660604a4db2b7255e1afb1e9bb0211fd06f5dbad18a6175dfc03e39761a40025118e7bfc
2020-12-18 12:16:40 +01:00
Wladimir J. van der Laan
4acbcfa97d
Merge #20470: build: Replace genisoimage with xorriso
7587d11ec9 build: remove cdrkit package from depends (fanquake)
0df9819126 build: Replace genisoimage with xorriso (fanquake)
22437fc72e build: Run libdmg-hfsplus's DMG tool in make deploy (Carl Dong)

Pull request description:

  This is a redo of fanquake's https://github.com/bitcoin/bitcoin/pull/18151, which, aside from switching us from the deprecated `genisoimage` to the maintained `xorriso`, is also necessary for Guix to achieve determinism without using faketime.

  > xorriso and its mkisofs/genisoimage emulation alter-ego xorrisofs are
  > more maintained, and has the right toggles for us to achieve output
  > determinism without using blunt tools like faketime.
  >
  > In this commit, we use xorrisofs from the build environment rather than
  > building it ourselves using depends. This is not necessary and can be
  > changed in the future.
  >
  > From wiki.debian.org/genisoimage?action=recall&rev=11 :
  >
  > > The classical command line interface for production of ISO 9660
  > > filesystem images is the option set established by program mkisofs.
  > > For reasons of licensing and other problems with its author, Debian
  > > ships a fork of mkisofs, called genisoimage, which was split off in
  > > 2006 and then developed independently.
  > >
  > > Meanwhile, genisoimage gets no new features and not even bug fixes. It
  > > is first choice only if its options -udf or -hfs are needed.
  > >
  > > Replacement in most uses cases, especially for bootable ISO 9660
  > > filesystems, archiving, and backup, is xorrisofs which starts the -as
  > > mkisofs emulation mode of program xorriso.

ACKs for top commit:
  laanwj:
    ACK 7587d11ec9

Tree-SHA512: 62f3aad08fa8bf21192e951d7dd33b24975586d76834cfa3498f4b8cdb586cefec8cab2c073d1951a0884b5e182fd71ef2cf3accad98f84455016776ad3c5422
2020-12-16 22:12:38 +01:00
fanquake
0df9819126 build: Replace genisoimage with xorriso
xorriso and its mkisofs/genisoimage emulation alter-ego xorrisofs are
more maintained, and has the right toggles for us to achieve output
determinism without using blunt tools like faketime.

In this commit, we use xorrisofs from the build environment rather than
building it ourselves using depends. This is not necessary and can be
changed in the future.

From https://wiki.debian.org/genisoimage?action=recall&rev=11 :

> The classical command line interface for production of ISO 9660
> filesystem images is the option set established by program mkisofs.
> For reasons of licensing and other problems with its author, Debian
> ships a fork of mkisofs, called genisoimage, which was split off in
> 2006 and then developed independently.
>
> Meanwhile, genisoimage gets no new features and not even bug fixes. It
> is first choice only if its options -udf or -hfs are needed.
>
> Replacement in most uses cases, especially for bootable ISO 9660
> filesystems, archiving, and backup, is xorrisofs which starts the -as
> mkisofs emulation mode of program xorriso.
2020-12-16 12:29:14 -05:00
MarcoFalke
8bb40d5f56
Merge #20560: fuzz: Link all targets once
fa13e1b0c5 build: Add option --enable-danger-fuzz-link-all (MarcoFalke)
44444ba759 fuzz: Link all targets once (MarcoFalke)

Pull request description:

  Currently the linker is invoked more than 150 times when compiling with `--enable-fuzz`. This is problematic for several reasons:

  * It wastes disk space north of 20 GB, as all libraries and sanitizers are linked more than 150 times
  * It wastes CPU time, as the link step can practically not be cached (similar to ccache for object files)
  * It makes it a blocker to compile the fuzz tests by default for non-fuzz builds #19388, for the aforementioned reasons
  * The build file is several thousand lines of code, without doing anything meaningful except listing each fuzz target in a highly verbose manner
  * It makes writing new fuzz tests unnecessarily hard, as build system knowledge is required; Compare that to boost unit tests, which can be added by simply editing an existing cpp file
  * It encourages fuzz tests that re-use the `buffer` or assume the `buffer` to be concatenations of seeds, which increases complexity of seeds and complexity for the fuzz engine to explore; Thus reducing the effectiveness of the affected fuzz targets

  Fixes #20088

ACKs for top commit:
  practicalswift:
    Tested ACK fa13e1b0c5
  sipa:
    ACK fa13e1b0c5. Reviewed the code changes, and tested the 3 different test_runner.py modes (run once, merge, generate). I also tested building with the new --enable-danger-fuzz-link-all

Tree-SHA512: 962ab33269ebd51810924c51266ecc62edd6ddf2fcd9a8c359ed906766f58c3f73c223f8d3cc49f2c60f0053f65e8bdd86ce9c19e673f8c2b3cd676e913f2642
2020-12-15 19:00:36 +01:00
Wladimir J. van der Laan
94a9cd25fd
Merge #20594: Fix getauxval calls in randomenv.cpp
836a3dc02c Avoid weak-linked getauxval support on non-linux platforms (like macOS) (Jonas Schnelli)
41a413b317 Define correct symbols for getauxval (Jonas Schnelli)

Pull request description:

  PR #20358 made use of the two preprocessor symbols `HAVE_STRONG_GETAUXVAL` as well as `HAVE_WEAK_GETAUXVAL`.

  These symbols have not been defined in configure.ac. They where only passed selective as CRC32 CPPFLAGS in https://github.com/bitcoin/bitcoin/blob/master/src/Makefile.crc32c.include#L16.

  PR #20358 would have broken the macOS build since `getauxval` is not supported on macOS (but weak-linking does pass).

  This PR defines the two symbols correctly and reduces calls to `getauxval` to linux.

ACKs for top commit:
  laanwj:
    Code review ACK 836a3dc02c
  jonatack:
    utACK 836a3dc02c

Tree-SHA512: 6527f4a617b937f4c368a3cb1c162f1ac38a6f5e6341295554961eaf322906e9b27398a6f7b00819854ceebb5c828d3e6ce0a779edd769adc4053ce8beda3739
2020-12-14 21:03:40 +01:00
MarcoFalke
fa13e1b0c5
build: Add option --enable-danger-fuzz-link-all 2020-12-14 16:55:56 +01:00
Carl Dong
22437fc72e build: Run libdmg-hfsplus's DMG tool in make deploy
Previously, the compression of the .iso file to a .dmg file was done
outside of `make deploy' in order to use the faketime-wrapped version of
libdmg-hfsplus's DMG tool.

Specifying the faketime-wrapped version of the DMG tool to ./configure
fixes this and simplifies build scripts.
2020-12-11 11:43:11 -05:00
Jonas Schnelli
86f2007193
Merge #20527: build: Do not ignore Homebrew's SQLite on macOS
c932e0d67e doc: Update wallet database installation guide for macOS (Hennadii Stepanov)
ee7b84e63c build: Use Homebrew's sqlite package if it is available (Hennadii Stepanov)
c96d1f65a5 build, refactor: Check that Homebrew's qt5 package is actually installed (Hennadii Stepanov)

Pull request description:

  On master (7ae86b3c68) installed Homebrew `sqlite` package is ignored during build on macOS.

  This PR fixes this issue and update macOS build docs.

  Closes #20498.

ACKs for top commit:
  willcl-ark:
    > > That said, another tACK of [c932e0d](c932e0d67e)
  hebasto:
    > That said, another tACK of [c932e0d](c932e0d67e)
  laanwj:
    Code review ACK c932e0d67e
  jonasschnelli:
    code review re-ACK c932e0d67e

Tree-SHA512: 2563f25534d065556b17ee8c0fca957aea61b5ae288a2aa72743e77607843a45c39f209321e0f05b34283a74d2edcf961cf1dc54a35ed0cc21182304bb961505
2020-12-10 13:18:30 +01:00
Wladimir J. van der Laan
8e1f9d6273
Merge #20549: Support make src/bitcoin-node and src/bitcoin-gui
206f74e88c Support make src/bitcoin-node and src/bitcoin-gui (João Barbosa)

Pull request description:

  This change adds the following configure output variables
  ```
  dnl Multi Process
  BITCOIN_MP_NODE_NAME=bitcoin-node
  BITCOIN_MP_GUI_NAME=bitcoin-gui
  ```
  and adds support for
  ```sh
  make src/bitcoin-node src/bitcoin-gui
  ```

ACKs for top commit:
  laanwj:
    Code review ACK 206f74e88c

Tree-SHA512: 4d1a694b9010ecc267ee955f4475127a58e6da72f30179ec740285ee6fe03cd91dcb6847317a47460dbd548edb88b7da6c7a98eac10f0dabe3ce4e83e0aa8093
2020-12-10 12:53:54 +01:00
Andrew Poelstra
904d875cf5 configure: output notice that test binary is disabled by fuzzing 2020-12-09 23:46:49 +00:00
Jonas Schnelli
836a3dc02c Avoid weak-linked getauxval support on non-linux platforms (like macOS) 2020-12-07 22:16:39 +01:00
Jonas Schnelli
41a413b317 Define correct symbols for getauxval 2020-12-07 21:22:01 +01:00
Hennadii Stepanov
ee7b84e63c
build: Use Homebrew's sqlite package if it is available 2020-12-07 13:24:59 +02:00
William Casarin
933ab8a720 build: detect sys/sdt.h for eBPF tracing 2020-12-07 11:55:51 +01:00
fanquake
d0ca394596
Merge #20476: contrib: Add test for ELF symbol-check
ed1bbcefea contrib: add MACHO tests to symbol-check tests (fanquake)
5bab08df17 contrib: Add test for ELF symbol-check (Wladimir J. van der Laan)

Pull request description:

  Check both failure cases:
  - Use a glibc symbol from a version that is too new
  - Use a symbol from a library that is not in the allowlist

  And also check a conforming binary.

  Adding a similar check for Windows PE can be done in a separate PR.

ACKs for top commit:
  fanquake:
    ACK ed1bbcefea

Tree-SHA512: fd437612e003922465fe1396efa1fa3a64bd1c7b0a514d2a0a7a0caaaa9fb5cb43e0ed7caec15eb0a3508692c9eb3212d7ba3c7e8180b942dd3e50616ad6e557
2020-12-07 15:33:37 +08:00
Hennadii Stepanov
c96d1f65a5
build, refactor: Check that Homebrew's qt5 package is actually installed
This change unifies Homebrew packages workflow, and does not change
behavior.
2020-12-04 13:02:08 +02:00
MarcoFalke
dca80ffb45
Merge #20255: util: Add Assume() identity function
faa05854f8 util: Remove probably misleading TODO (MarcoFalke)
fac5efe730 util: Add Assume() identity function (MarcoFalke)
fa861569dc util: Allow Assert(...) to be used in all contexts (practicalswift)

Pull request description:

  This is needed for #20138. Please refer to the added documentation for motivation.

ACKs for top commit:
  practicalswift:
    cr ACK faa05854f8
  jnewbery:
    utACK faa05854f8
  hebasto:
    ACK faa05854f8, I have reviewed the code and it looks OK, I agree it can be merged.

Tree-SHA512: 72165fbd898b92ab9a79b070993fa1faa86c2e3545b6645e72c652bda295d5107bc298d0482bf3aaf0926fc0c3e6418a445c0e073b08568c44231f547f76a688
2020-12-04 11:07:28 +01:00
Hennadii Stepanov
d3ef947524
build: Check that Homebrew's berkeley-db4 package is actually installed 2020-12-03 23:39:14 +02:00
Wladimir J. van der Laan
5bab08df17 contrib: Add test for ELF symbol-check
Check both failure cases:
- Use a glibc symbol from a version that is too new
- Use a symbol from a library that is not in the allowlist

And also check a conforming binary.

Adding a similar check for Windows PE can be done in a separate PR.
2020-12-03 12:15:12 +01:00
João Barbosa
206f74e88c Support make src/bitcoin-node and src/bitcoin-gui 2020-12-02 23:05:35 +00:00
Jonas Schnelli
982e548a9a Don't set BDB flags when configuring without 2020-11-24 15:08:28 +01:00
MarcoFalke
fac5efe730
util: Add Assume() identity function 2020-11-24 09:47:29 +01:00
Wladimir J. van der Laan
86bf3ae3b5
Merge #20202: wallet: Make BDB support optional
d52f502b1e Fix mock SQLiteDatabases (Andrew Chow)
99309ab3e9 Allow disabling BDB in configure with --without-bdb (Andrew Chow)
ee47f11f73 GUI: Force descriptor wallets when BDB is not compiled (Andrew Chow)
71e40b33bd RPC: Require descriptors=True for createwallet when BDB is not compiled (Andrew Chow)
6ebc41bf9c Enforce salvage is only for BDB wallets (Andrew Chow)
a58b719cf7 Do not compile BDB things when USE_BDB is defined (Andrew Chow)
b33af48210 Include wallet/bdb.h where it is actually being used (Andrew Chow)

Pull request description:

  Adds a `--without-bdb` option to `configure` which disables the compilation of the BDB stuff. Legacy wallets will not be created when BDB is not compiled. A legacy-sqlite wallet can be loaded, but we will not create them.

  Based on #20156 to resolve the situation where both `--without-sqlite` and `--without-bdb` are provided. In that case, the wallet is disabled and `--disable-wallet` is effectively set.

ACKs for top commit:
  laanwj:
    Code review ACK d52f502b1e

Tree-SHA512: 5a92ba7a542acc2e27003e9d4e5940e0d02d5c1f110db06cdcab831372bfd83e8d89c269caff31dd5bff062c1cf5f04683becff12bd23a33be731676f346553d
2020-11-23 10:30:01 +01:00
Wladimir J. van der Laan
634f6ec4eb contrib: Parse ELF directly for symbol and security checks
Instead of the ever-messier text parsing of the output of the readelf
tool (which is clearly meant for human consumption not to be machine
parseable), parse the ELF binaries directly.

Add a small dependency-less ELF parser specific to the checks.

This is slightly more secure, too, because it removes potential
ambiguity due to misparsing and changes in the output format of `elfread`. It
also allows for stricter and more specific ELF format checks in the future.

This removes the build-time dependency for `readelf`.

It passes the test-security-check for me locally, though I haven't
checked on all platforms.
2020-11-22 11:11:32 +01:00
MarcoFalke
d4159984c3
Merge #20223: build: Drop the leading 0 from the version number
8f7b930475 Drop the leading 0 from the version number (Andrew Chow)

Pull request description:

  Removes the leading 0 from the version number. The minor version, which we had been using as the major version, is now the major version. The revision, which we had been using as the minor version, is now the minor version. The revision number is dropped. The build number is promoted to being part of the version number. This also avoids issues where it was accidentally not included in the version number.

  The CLIENT_VERSION remains the same format as previous as previously, as the Major version was 0 so it never actually got included in it.

  The user agent string formatter is updated to follow this new versioning.

  ***

  Honestly I'm just tired of all of the people asking for "1.0" that maybe this'll shut them up. Skip the whole 1.0 thing and go straight to version 22.0!

  Also, this means that the terminology we commonly use lines up with how the variables are named. So major versions are actually bumping the major version number, etc.

ACKs for top commit:
  jnewbery:
    Code review ACK 8f7b930475
  MarcoFalke:
    review ACK 8f7b930475 🎻

Tree-SHA512: b5c3fae14d4c0a9c0ab3b1db7c949ecc0ac3537646306b13d98dd0efc17c489cdd16d43f0a24aaa28e9c4a92ea360500e05480a335b03f9fb308010cdd93a436
2020-11-20 15:42:07 +01:00
Andrew Chow
8f7b930475 Drop the leading 0 from the version number
Removes the leading 0 from the version number. The minor version, which
we had been using as the major version, is now the major version. The
revision, which we had been using as the minor version, is now the minor
version. The revision number is dropped. The build number is promoted to
being part of the version number. This also avoids issues where it was
accidentally not included in the version number.

The CLIENT_VERSION remains the same format as previous as previously,
the Major version was 0 so that was never a factor in CLIENT_VERSION.
2020-11-18 12:00:57 -05:00
Andrew Chow
99309ab3e9 Allow disabling BDB in configure with --without-bdb 2020-11-18 11:56:12 -05:00
Andrew Chow
a58b719cf7 Do not compile BDB things when USE_BDB is defined 2020-11-18 11:56:08 -05:00
MarcoFalke
faaee810e6
build: Require C++17 compiler 2020-11-18 15:15:04 +01:00
MarcoFalke
4b24c3962f
Merge #19504: Bump minimum python version to 3.6
97c738ff1b [tests] Recommend f-strings for formatting, update feature_block to use them (Anthony Towns)
8ae9d314e9 Bump minimum python version to 3.6 (Anthony Towns)

Pull request description:

  Python 3.5 has reached [end-of-life](https://devguide.python.org/#status-of-python-branches) as of September 2020, and 3.6 has some moderately nice [features](https://docs.python.org/3/whatsnew/3.6.html):

  - `f'x = {x}'` as an alternative to `'x = {}'.format(x)` format strings (cf https://github.com/bitcoin/bitcoin/pull/13718#issuecomment-406591027)
  - underscore separators for large numbers, like `1_234_567`
  - improvements to async
  - improvements to typing module

  Note that 3.6 is not available in xenial (16.04), but is available in bionic (18.04), while focal (20.04) has 3.8. CentOS 7 and 8 have 3.6.8, Debian stable has 3.7.3, and [gentoo and arch already had 3.6 and 3.7 in 2018](https://github.com/bitcoin/bitcoin/pull/14954#issuecomment-447118707).

ACKs for top commit:
  MarcoFalke:
    re-ACK 97c738ff1b

Tree-SHA512: ec7fce68845edde4d61a42de12c065fd49e5217311a6fda1323206f091a0afd50f293645dffc27d420127e4e5deb864e953f1b67eff735a0dfbbedd7899a9d60
2020-11-18 10:24:22 +01:00
Wladimir J. van der Laan
132e1d897f
build: Bump master version to 0.21.99
Tree-SHA512: 94c258b234b2412d92f312a1b38adf17249664a9e3e321de0ff683b59a48cee192cd42da5220df0726a782d98776610f4420534b3a1c51f4cf4a0180d5835622
2020-11-18 10:06:03 +01:00
Anthony Towns
7abac98d3e configure: Support -f{debug,macro}-prefix-map
When bitcoin is checked out in two directories (eg via git worktree)
object files between the two will differ due to the full path being
included in the debug section. -fdebug-prefix-map is used to replace
this with "." to avoid this unnecessary difference and allow ccache to
share objects between worktrees (provided the source and compile options
are the same).

Also provide -fmacro-prefix-map if supported so that the working dir is
not encoded in __FILE__ macros.
2020-11-09 20:15:41 +10:00
Anthony Towns
8ae9d314e9 Bump minimum python version to 3.6 2020-11-09 17:53:47 +10:00
Luke Dashjr
7b54d768e1 Make sqlite support optional (compile-time) 2020-10-20 13:44:43 +00:00
Wladimir J. van der Laan
3caee16946
Merge #19953: Implement BIP 340-342 validation (Schnorr/taproot/tapscript)
0e2a5e448f tests: dumping and minimizing of script assets data (Pieter Wuille)
4567ba034c tests: add generic qa-asset-based script verification unit test (Pieter Wuille)
f06e6d0345 tests: functional tests for Schnorr/Taproot/Tapscript (Pieter Wuille)
3c226639eb tests: add BIP340 Schnorr signature support to test framework (Pieter Wuille)
206fb180ec --- [TAPROOT] Tests --- (Pieter Wuille)
d7ff237f29 Activate Taproot/Tapscript on regtest (BIP 341, BIP 342) (Pieter Wuille)
e9a021d7e6 Make Taproot spends standard + policy limits (Pieter Wuille)
865d2c37e2 --- [TAPROOT] Regtest activation and policy --- (Pieter Wuille)
72422ce396 Implement Tapscript script validation rules (BIP 342) (Johnson Lau)
330de894a9 Use ScriptExecutionData to pass through annex hash (Pieter Wuille)
8bbed4b7ac Implement Taproot validation (BIP 341) (Pieter Wuille)
0664f5fe1f Support for Schnorr signatures and integration in SignatureCheckers (BIP 340) (Pieter Wuille)
5de246ca81 Implement Taproot signature hashing (BIP 341) (Johnson Lau)
9eb590894f Add TaggedHash function (BIP 340) (Pieter Wuille)
450d2b2371 --- [TAPROOT] BIP340/341/342 consensus rules --- (Pieter Wuille)
5d62e3a68b refactor: keep spent outputs in PrecomputedTransactionData (Pieter Wuille)
8bd2b4e784 refactor: rename scriptPubKey in VerifyWitnessProgram to exec_script (Pieter Wuille)
107b57df9f scripted-diff: put ECDSA in name of signature functions (Pieter Wuille)
f8c099e220 --- [TAPROOT] Refactors --- (Pieter Wuille)

Pull request description:

  This is an implementation of the Schnorr/taproot consensus rules proposed by BIPs [340](https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki), [341](https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki), and [342](https://github.com/bitcoin/bips/blob/master/bip-0340.mediawiki).

  See the list of commits [below](https://github.com/bitcoin/bitcoin/pull/19953#issuecomment-691815830). No signing or wallet support of any kind is included, as testing is done entirely through the Python test framework.

  This is a successor to https://github.com/bitcoin/bitcoin/pull/17977 (see discussion following [this comment](https://github.com/bitcoin/bitcoin/pull/17977#issuecomment-682285983)), and will have further changes squashed/rebased. The history of this PR can be found in #19997.

ACKs for top commit:
  instagibbs:
    reACK 0e2a5e448f
  benthecarman:
    reACK 0e2a5e4
  kallewoof:
    reACK 0e2a5e448f
  jonasnick:
    ACK 0e2a5e448f almost only looked at bip340/libsecp related code
  jonatack:
    ACK 0e2a5e448f modulo the last four commits (tests) that I plan to finish reviewing tomorrow
  fjahr:
    reACK 0e2a5e448f
  achow101:
    ACK 0e2a5e448f

Tree-SHA512: 1b00314450a2938a22bccbb4e177230cf08bd365d72055f9d526891f334b364c997e260c10bc19ca78440b6767712c9feea7faad9a1045dd51a5b96f7ca8146e
2020-10-15 10:22:35 +02:00
Andrew Chow
54729f3f4e Add libsqlite3 2020-10-14 11:18:12 -04:00
Wladimir J. van der Laan
99a1d572ea
Merge #18750: build: optionally skip external warnings
ba8950ee01 build: optionally skip external warnings (Vasil Dimov)

Pull request description:

  Add an option to `./configure` to suppress compilation warnings from
  external headers. The option is off by default (no change in behavior,
  show warnings from external headers).

  This option is useful if e.g. Boost or Qt is installed outside of
  `/usr/include` (warnings from headers in `/usr/include` are already
  suppressed by default) and those warnings stand in the way of compiling
  Bitcoin Core with `-Werror[=...]` or they just clutter the build output
  too much and make our own warnings hard to spot.

  `-isystem /usr/include` bricks GCC's `#include_next`, so we use
  `-idirafter` instead. This way we don't have to treat `/usr/include`
  specially.

ACKs for top commit:
  practicalswift:
    ACK ba8950ee01: diff looks correct!
  hebasto:
    ACK ba8950ee01, tested on Linux Mint 20 (x86_64).
  luke-jr:
    utACK ba8950ee01

Tree-SHA512: 9b54fae8590be6c79f2688a5aca09e0a9067f481dabecdd49bb278c08a62ac2b0cc704c894fbd53240e77ac84da0c7a237845df0a696cfbdb0359e1c8e2e10c9
2020-10-14 14:57:15 +02:00
Pieter Wuille
0664f5fe1f Support for Schnorr signatures and integration in SignatureCheckers (BIP 340)
This enables the schnorrsig module in libsecp256k1, adds the relevant types
and functions to src/pubkey, as well as in higher-level `SignatureChecker`
classes. The (verification side of the) BIP340 test vectors is also added.
2020-10-12 17:15:40 -07:00
Vasil Dimov
ba8950ee01
build: optionally skip external warnings
Add an option to `./configure` to suppress compilation warnings from
external headers. The option is off by default (no change in behavior,
show warnings from external headers).

This option is useful if e.g. Boost or Qt is installed outside of
`/usr/include` (warnings from headers in `/usr/include` are already
suppressed by default) and those warnings stand in the way of compiling
Bitcoin Core with `-Werror[=...]` or they just clutter the build output
too much and make our own warnings hard to spot.
2020-10-12 18:18:24 +02:00
MarcoFalke
fae7a1c188
fuzz: Configure check for main function 2020-10-04 17:49:07 +02:00
fanquake
afecde8046
build: add PTHREAD_LIBS to LDFLAGS configure output
Also moves $PTHREAD_CFLAGS to the CFLAGS.
2020-09-14 16:12:36 +08:00
Zero
ed69213c2b
build: enable unused member function diagnostic 2020-08-31 10:24:59 +01:00
fanquake
0adb80fe63
Merge #19803: Bugfix: Define and use HAVE_FDATASYNC correctly outside LevelDB
c4b85ba704 Bugfix: Define and use HAVE_FDATASYNC correctly outside LevelDB (Luke Dashjr)

Pull request description:

  Fixes a bug introduced in #19614

  The LevelDB-specific fdatasync check was only using `AC_SUBST`, which works for Makefiles, but doesn't define anything for C++. Furthermore, the #define is typically 0 or 1, never undefined.

  This fixes both issues by defining it and checking its value instead of whether it is merely defined.

  Pulled out of #14501 by fanquake's request

ACKs for top commit:
  fanquake:
    ACK c4b85ba704 - thanks for catching and fixing my mistake.
  laanwj:
     Code review ACK c4b85ba704

Tree-SHA512: 91d5d426ba000b4f3ee7e2315635e24bbb23ceff16269ddf4f65a63d25fc9e9cf94a3b236eed2f8031cc36ddcf78aeb5916efcb244f415943a8a12f907ede8f9
2020-08-31 13:07:24 +08:00
Wladimir J. van der Laan
4631dc5c57
Merge #18921: build: add stack-clash and control-flow protection options to hardening flags
b536813cef build: add -fstack-clash-protection to hardening flags (fanquake)
076183b36b build: add -fcf-protection=full to hardening options (fanquake)

Pull request description:

  Beginning with Ubuntu `19.10`, it's packaged GCC now has some additional hardening options enabled by default (in addition to existing defaults like `-fstack-protector-strong` and reducing the minimum ssp buffer size). The new additions are`-fcf-protection=full` and `-fstack-clash-protection`.

  > -fcf-protection=[full|branch|return|none]
  > Enable code instrumentation of control-flow transfers to increase program security by checking that target addresses of control-flow transfer instructions (such as indirect function call, function return, indirect jump) are valid. This prevents diverting the flow of control to an unexpected target. This is intended to protect against such threats as Return-oriented Programming (ROP), and similarly call/jmp-oriented programming (COP/JOP).

  > -fstack-clash-protection
  > Generate code to prevent stack clash style attacks. When this option is enabled, the compiler will only allocate one page of stack space at a time and each page is accessed immediately after allocation. Thus, it prevents allocations from jumping over any stack guard page provided by the operating system.

  If your interested you can grab `gcc-9_9.3.0-10ubuntu2.debian.tar.xz` from https://packages.ubuntu.com/focal/g++-9. The relevant changes are part of the `gcc-distro-specs` patches, along with the relevant additions to the gcc manages:

  > NOTE: In Ubuntu 19.10 and later versions, -fcf-protection is enabled by default for C, C++, ObjC, ObjC++, if none of -fno-cf-protection nor -fcf-protection=* are found.

  > NOTE: In Ubuntu 19.10 and later versions, -fstack-clash-protection is enabled by default for C, C++, ObjC, ObjC++, unless -fno-stack-clash-protection is found.

  So, if you're C++ using GCC on Ubuntu 19.10 or later, these options will be active unless you explicitly opt out. This can be observed with a small test:

  ```c++
  int main() { return 0; }
  ```

  ```bash
  g++ --version
  g++ (Ubuntu 9.3.0-10ubuntu2) 9.3.0

  g++ test.cpp

  objdump -dC a.out
  ..
  0000000000001129 <main>:
      1129:	f3 0f 1e fa          	endbr64
      112d:	55                   	push   %rbp
      112e:	48 89 e5             	mov    %rsp,%rbp
      1131:	b8 00 00 00 00       	mov    $0x0,%eax
      1136:	5d                   	pop    %rbp
      1137:	c3                   	retq
      1138:	0f 1f 84 00 00 00 00 	nopl   0x0(%rax,%rax,1)
      113f:	00

  # recompile opting out of control flow protection
  g++ test.cpp -fcf-protection=none

  objdump -dC a.out
  ...
  0000000000001129 <main>:
      1129:	55                   	push   %rbp
      112a:	48 89 e5             	mov    %rsp,%rbp
      112d:	b8 00 00 00 00       	mov    $0x0,%eax
      1132:	5d                   	pop    %rbp
      1133:	c3                   	retq
      1134:	66 2e 0f 1f 84 00 00 	nopw   %cs:0x0(%rax,%rax,1)
      113b:	00 00 00
      113e:	66 90                	xchg   %ax,%ax
  ```

  Note the insertion of an `endbr64` instruction when compiling and _not_ opting out. This instruction is part of the Intel Control-flow Enforcement Technology [spec](https://software.intel.com/sites/default/files/managed/4d/2a/control-flow-enforcement-technology-preview.pdf), which the GCC control flow implementation is based on.

  If we're still doing gitian builds for the `0.21.0` and `0.22.0` releases, we'd likely update the gitian image to Ubuntu Focal, which would mean that the GCC used for gitian builds would also be using these options by default. So we should decide whether we want to explicitly turn these options on as part of our hardening options (although not just for this reason), or, we should be opting-out.

  GCC has supported both options since 8.0.0. Clang has supported `-fcf-protection` from 7.0.0 and will support `-fstack-clash-protection` in it's upcoming [11.0.0 release](https://clang.llvm.org/docs/ReleaseNotes.html#id6).

ACKs for top commit:
  jamesob:
    ACK b536813cef ([`jamesob/ackr/18921.1.fanquake.build_add_stack_clash_an`](https://github.com/jamesob/bitcoin/tree/ackr/18921.1.fanquake.build_add_stack_clash_an))
  laanwj:
    Code review ACK b536813cef

Tree-SHA512: abc9adf23cdf1be384f5fb9aa5bfffdda86b9ecd671064298d4cda0440828b509f070f9b19c88c7ce50ead9ff32afff9f14c5e78d75f01241568fbfa077be0b7
2020-08-29 13:42:04 +02:00
Luke Dashjr
c4b85ba704 Bugfix: Define and use HAVE_FDATASYNC correctly outside LevelDB 2020-08-25 16:46:00 +00:00
fanquake
8e0f341779
Merge #15704: Move Win32 defines to configure.ac to ensure they are globally defined
1ccb9f30c0 Move Win32 defines to configure.ac to ensure they are globally defined (Luke Dashjr)

Pull request description:

  #9245 no longer needs this, since the main `_WIN32_WINNT` got bumped by something else.

  So rather than just lose it, might as well get it merged in independently.

  I'm not aware of any practical effects, but it seems safer to use the same API versions everywhere.

ACKs for top commit:
  fanquake:
    ACK 1ccb9f30c0 - checked that the binaries produced are the same.

Tree-SHA512: 273e9186579197be01b443b6968e26b9a8031d356fabc5b73aa967fcdb837df195b7ce0fc4e4529c85d9b86da6f2d7ff1bf56a3ff0cbbcd8cee8a9c2bf70a244
2020-08-25 11:52:52 +08:00
fanquake
38c13a4a60
Merge #19689: build: Add Qt version checking
4af4672525 build, qt: Add Qt version checking (Hennadii Stepanov)
30e336f785 build: Drop unused bitcoin_cv_qt58 (Hennadii Stepanov)

Pull request description:

  Now `configure` script checks that Qt version is not less then minimum required (currently [5.5.1](https://github.com/bitcoin/bitcoin/pull/15393)).

  This PR is an alternative to #15706 (see https://github.com/bitcoin/bitcoin/pull/15706#issuecomment-629076962).

  Closes #15688.

  The first commit removes dead code (see https://github.com/bitcoin/bitcoin/pull/18297#issuecomment-603252662).

ACKs for top commit:
  fanquake:
    ACK 4af4672525 - this looks ok. I've tested this with Qt 5.15.0 and Qt 5.7.1 system libs, as well as 5.9.8 from depends.

Tree-SHA512: 8e3b82fa3a98926814923331038185633fabad962c271f31bd158e1ab293dcde52ab1dbf997745540a9ed27e16835cf5b5f3701d405876d877fa561eb03cc619
2020-08-24 12:14:18 +08:00
Luke Dashjr
1ccb9f30c0 Move Win32 defines to configure.ac to ensure they are globally defined
common.vcxproj used for MSVC builds
2020-08-20 17:55:06 +00:00
fanquake
772cb03a28
Merge #19015: build: Enable some commonly enabled compiler diagnostics
2f8a4c9a06 build: Enable some commonly enabled compiler diagnostics (practicalswift)

Pull request description:

  Enable some commonly enabled compiler diagnostics as discussed in #17344.

  | Compiler diagnostic | no# of emitted unique GCC warnings in `master` | no# of emitted unique Clang warnings in `master` |
  | ------------- | ------------- | ------------- |
  | `-Wduplicated-branches`: Warn if `if`/`else` branches have duplicated code  | 0 | Not supported |
  | `-Wduplicated-cond`: Warn if `if`/`else` chain has duplicated conditions  | 0 | Not supported |
  | `-Wlogical-op`: Warn about logical operations being used where bitwise were probably wanted  | 0 | Not supported |
  | `-Woverloaded-virtual`: Warn if you overload (not `override`) a virtual function  | 0 | 0 |
  | ~~`-Wunused-member-function`: Warn on unused member function~~  | Not supported | 2 |
  | ~~`-Wunused-template`: Warn on unused template~~ | Not supported | 1 |

  There is a large overlap between this list and [Jason Turner's list of recommended compiler diagnostics in the Collaborative Collection of C++ Best Practices (`cppbestpractices`) project](https://github.com/lefticus/cppbestpractices/blob/master/02-Use_the_Tools_Available.md#gcc--clang). There is also an overlap with the recommendations given in the [C++ Core Guidelines](https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines) (with editors Bjarne Stroustrup and Herb Sutter).

  Closes #17344.

ACKs for top commit:
  jonatack:
    ACK 2f8a4c9a06 no warnings for me with these locally on debian 5.7.10-1 (2020-07-26) x86_64 with gcc 10 and clang 12
  fanquake:
    ACK 2f8a4c9a06 - no-longer seeing any obvious issues with doing this.
  hebasto:
    ACK 2f8a4c9a06, no new warnings in Travis jobs.

Tree-SHA512: f669ea22b31263a555f999eff6a9d65750662e95831b188c3192a2cf0127fb7b5136deb762a6b0b7bbdfb0dc6a40caf48251a62b164fffb81dd562bdd15ec3c8
2020-08-18 13:00:13 +08:00
MarcoFalke
fa55c1d5fd
build: Add Werror=range-loop-analysis 2020-08-14 15:27:38 +02:00
practicalswift
2f8a4c9a06 build: Enable some commonly enabled compiler diagnostics 2020-08-11 12:03:28 +00:00
Hennadii Stepanov
4af4672525
build, qt: Add Qt version checking 2020-08-10 02:10:28 +03:00
Hennadii Stepanov
c71bdf93d7
build, test: Add support for llvm-cov 2020-08-08 22:53:15 +03:00
fanquake
82127d27c9
Merge #19667: build: set minimum required Boost to 1.58.0
70452a070b build: set minimum required Boost to 1.58 (fanquake)

Pull request description:

  Any systems which only have an older installable Boost can use depends.
  1.58.0 retains compatibility with the packages [installable on Ubuntu 16.04](https://packages.ubuntu.com/xenial/libboost-dev).

  The projects usage of Boost wont be going away any time soon, if ever (i.e #15382), and our usage of the test framework.

  Fixes: #19506

ACKs for top commit:
  practicalswift:
    ACK 70452a070b -- patch looks correct
  laanwj:
    ACK 70452a070b
  hebasto:
    ACK 70452a070b, tested on Linux Mint 20 (x86_64).

Tree-SHA512: d290415e3c70a394b3d7659c0480a35b4082bdce8d48b1c64a0025f7ad6e21567b4dc85813869513ad246d27f950706930410587c11c1aa3693ae6245084765c
2020-08-06 19:29:09 +08:00
fanquake
70452a070b
build: set minimum required Boost to 1.58
Any systems which only have an older install-able Boost can use depends.

Fixes: #19506
2020-08-05 17:13:45 +08:00
Sjors Provoost
c47e4bbf0b
[build] make boost-process opt-in 2020-07-31 13:38:09 +02:00
Sjors Provoost
929cda5470
configure: add ax_boost_process
Co-authored-by: Luke Dashjr <luke-jr+git@utopios.org>
2020-07-31 13:38:09 +02:00
fanquake
2e9e6377f1
build: add -Wl,-z,separate-code to hardening flags
This flag was added to binutils/ld in the 2.30 release, 
see commit c11c786f0b45617bb8807ab6a57220d5ff50e414:

> The new "-z separate-code" option will generate separate code LOAD
segment which must be in wholly disjoint pages from any other data.


It was made the default for Linux/x86 targets in the 2.31 release, see commit
f6aec96dce1ddbd8961a3aa8a2925db2021719bb:

> This patch adds --enable-separate-code to ld configure to turn on
-z separate-code by default and enables it by default for Linux/x86.
This avoids mixing code pages with data to improve cache performance
as well as security.

> To reduce x86-64 executable and shared object sizes, the maximum page
size is reduced from 2MB to 4KB when -z separate-code is turned on by
default.  Note: -z max-page-size= can be used to set the maximum page
size.

> We compared SPEC CPU 2017 performance before and after this change on
Skylake server.  There are no any significant performance changes.
Everything is mostly below +/-1%.

Support was also added to LLVMs lld: https://reviews.llvm.org/D64903, however
there is remains off by default.

There were concerns about an increase in binary size, however in our case, the
increase (1 page worth of bytes) would seem negligible, given we are shipping a
multi-megabyte binary, which then downloads 100's of GBs of data.

Also note that most recent versions of distros are shipping a new enough version
of binutils that this is available and/or on by default (assuming the distro has
not turned it off, I haven't checked everywhere):

CentOS 8: 2.30
Debian Buster 2.31.1
Fedora 29: 2.31.1
FreeBSD: 2.33
GNU Guix: 2.33 / 2.34
Ubuntu 18.04: 2.30

Related threads / discussion:
https://bugzilla.redhat.com/show_bug.cgi?id=1623218
2020-07-28 12:57:35 +08:00
fanquake
ef3d4ce4c3
build: call AC_PATH_TOOL for dsymutil in macOS cross-compile
While testing #19530 I noticed that we couldn't call dsymutil after LTO:
```bash
../libtool: line 10643: x86_64-apple-darwin16-dsymutil: command not found
```

This updates configure to call `AC_PATH_TOOL` so that we end up with the
full path to dsymutil, similar to `otool` and `install_name_tool`, ie:
`/bitcoin/depends/x86_64-apple-darwin16/share/../native/bin/x86_64-apple-darwin16-otool`.
2020-07-22 18:22:56 +08:00
fanquake
6cef3652d1
build: fix -Wformat-security check when compiling with GCC
Debian GCC ignores -Wformat-security, without -Wformat, which
means when we test for it, it currently fails:

```bash
checking whether C++ compiler accepts -Wformat-security... no
...
configure:15907: checking whether C++ compiler accepts -Wformat-security
configure:15926: g++ -std=c++11 -c -g -O2 -Werror -Wformat-security  conftest.cpp >&5
cc1plus: error: '-Wformat-security' ignored without '-Wformat' [-Werror=format-security]
cc1plus: all warnings being treated as errors
```

Fix this by just combining the -Wformat and -Wformat-security checks
together.
2020-07-15 17:50:01 +08:00
fanquake
7d9008f43e
Merge #18307: build: Require pkg-config for all of the hosts
92bc268e4a build: Detect missed pkg-config early (Hennadii Stepanov)
1739eb23d8 build: Drop unused use_pkgconfig variable (Hennadii Stepanov)
a661449a2e build: Drop use_pkgconfig check for libmultiprocess check (Hennadii Stepanov)
90b95e7929 build: Drop dead non-pkg-config code for libevent check (Hennadii Stepanov)
44a14afbb8 build: Drop dead non-pkg-config code for qrencode check (Hennadii Stepanov)
10cbae0c39 build: Drop dead non-pkg-config code for ZMQ check (Hennadii Stepanov)
06cfc9cadf build: Fix indentation in UNIVALUE check (Hennadii Stepanov)
6fd2118e77 build: Drop dead non-pkg-config code for UNIVALUE check (Hennadii Stepanov)
e9edbe4dbd build: Always use pkg-config (Hennadii Stepanov)
9e2e753b06 build: Always define ZMQ_STATIC for MinGW (Hennadii Stepanov)

Pull request description:

  This PR:
  - is based on #18297 (already merged)
  - drops all of the non-pkg-config paths from the `configure` script

  Ref: #17768

ACKs for top commit:
  fanquake:
    ACK 92bc268e4a. I re-gitian-built. There are a couple follow-ups that I'll PR shortly. Thanks for addressing my feedback above. I took too long to get back to this.
  laanwj:
    ACK 92bc268e4a

Tree-SHA512: 83c2d9cf03518867a1ebf7e26a8fc5b6dd8962ef983fe0d84e0c7eb74717f4c36a834da02faf0e503ffd87167005351671cf040c0d4ddae57ee152a6ff84012b
2020-07-03 16:15:52 +08:00
Wladimir J. van der Laan
9d92ee12fd
Merge #19257: build: remove BIP70 configure option
c4ffcf07af build: remove BIP70 configure option (fanquake)

Pull request description:

  This was left in after #17165, so that anyone who had been compiling
  with (already disabled by default) BIP70 would realise that support
  had been completely removed in 0.20.0. However we should be able to
  remove it for 0.21.0.

ACKs for top commit:
  jnewbery:
    utACK c4ffcf07af
  MarcoFalke:
    ACK c4ffcf07af with or without the "catch-all reject"

Tree-SHA512: a5dd4231ed97c9dd1984fb90d69a8725df2fdda0b963269b0575601c74528e5d820a4a863c428f8ede86eaae2a1606671fe1fcebdeb96b1023f7a5f899270284
2020-07-01 16:31:04 +02:00
Wladimir J. van der Laan
1269cab21a
Merge #19403: build: improve __builtin_clz* detection
9952242c03 build: improve builtin_clz* detection (fanquake)

Pull request description:

  Fixes #19402.

  The way we currently test for `__builtin_clz*` support with `AC_CHECK_DECLS` does not work with Clang:
  ```bash
  configure:21492: clang++-10 -std=c++11 -c -g -O2  -DHAVE_BUILD_INFO -D__STDC_FORMAT_MACROS conftest.cpp >&5
  conftest.cpp💯10: error: builtin functions must be directly called
    (void) __builtin_clz;
           ^
  1 error generated.
  ```

  This also removes the `__builtin_clz()` check, as we don't actually use it anywhere, and it's trvial to re-add detection if we do start using it at some point. If this is controversial then I'll add a test for it as well.

ACKs for top commit:
  sipa:
    ACK 9952242c03
  laanwj:
    ACK 9952242c03

Tree-SHA512: 695abb1a694a01a25aaa483b4fffa7d598842f2ba4fe8630fbed9ce5450b915c33bf34bb16ad16a16b702dd7c91ebf49fe509a2498b9e28254fe0ec5177bbac0
2020-06-29 15:49:08 +02:00
fanquake
9952242c03
build: improve builtin_clz* detection
The way we currently test with AC_CHECK_DECLS do not work with Clang:
```bash
configure:21492: clang++-10 -std=c++11 -c -g -O2  -DHAVE_BUILD_INFO -D__STDC_FORMAT_MACROS conftest.cpp >&5
conftest.cpp💯10: error: builtin functions must be directly called
  (void) __builtin_clz;
         ^
1 error generated.
```

This also removes the __builtin_clz() check, as we don't actually use
it anywhere, and it's trvial to re-add detection if we do start using
it at some point.
2020-06-29 11:31:17 +08:00
Glenn Willen
8578c6fccd build: Fix search for brew-installed BDB 4 on OS X
On OS X, when searching Homebrew keg-only packages for BDB 4.8, if we find it,
use BDB_CPPFLAGS and BDB_LIBS instead of CFLAGS and LIBS for the result. This
is (1) more correct, and (2) necessary in order to give this location
priority over other directories in the include search path, which may include
system include directories with other versions of BDB.
2020-06-23 22:04:02 -07:00
Hennadii Stepanov
92bc268e4a
build: Detect missed pkg-config early 2020-06-23 09:02:11 +03:00
Hennadii Stepanov
1739eb23d8
build: Drop unused use_pkgconfig variable 2020-06-23 09:01:47 +03:00
Hennadii Stepanov
a661449a2e
build: Drop use_pkgconfig check for libmultiprocess check 2020-06-23 09:00:54 +03:00
Hennadii Stepanov
90b95e7929
build: Drop dead non-pkg-config code for libevent check 2020-06-22 11:31:38 +03:00
fanquake
b536813cef
build: add -fstack-clash-protection to hardening flags
This option causes the compiler to insert probes whenever stack space
is allocated statically or dynamically to reliably detect stack overflows
and thus mitigate the attack vector that relies on jumping over a stack
guard page as provided by the operating system.

This option is now enabled by default in Ubuntu GCC as of 19.10.

Available in GCC 8 and Clang 11.
2020-06-19 17:20:27 +08:00
fanquake
076183b36b
build: add -fcf-protection=full to hardening options
Enables code instrumentation of control-flow transfers. Available in
GCC 8 and Clang 7.

This option is now on by default in Ubuntu GCC as of 19.10.
2020-06-19 17:20:27 +08:00
fanquake
fa84edb93c
build: don't warn when doxygen isn't found
Doxygen isn't so important that we need to warn when it is missing. I'd
assume it might even be missing more often than not for most builds.
2020-06-17 18:27:00 +08:00
fanquake
968aaae940
tests: run test-security-check.py in CI 2020-06-16 19:52:30 +08:00
Hennadii Stepanov
44a14afbb8
build: Drop dead non-pkg-config code for qrencode check 2020-06-13 20:07:10 +03:00
Hennadii Stepanov
10cbae0c39
build: Drop dead non-pkg-config code for ZMQ check 2020-06-13 20:01:49 +03:00
Hennadii Stepanov
06cfc9cadf
build: Fix indentation in UNIVALUE check 2020-06-13 20:01:36 +03:00
Hennadii Stepanov
6fd2118e77
build: Drop dead non-pkg-config code for UNIVALUE check 2020-06-13 20:01:27 +03:00
Hennadii Stepanov
e9edbe4dbd
build: Always use pkg-config 2020-06-13 20:01:04 +03:00
Hennadii Stepanov
9e2e753b06
build: Always define ZMQ_STATIC for MinGW 2020-06-13 19:59:18 +03:00
fanquake
265492723a
Merge #18297: build: Use pkg-config in BITCOIN_QT_CONFIGURE for all hosts including Windows
8a26848c46 build: Fix m4 escaping (Hennadii Stepanov)
9123ec15db build: Remove extra tokens warning (Hennadii Stepanov)
fded4f48c3 build: Remove duplicated QT_STATICPLUGIN define (Hennadii Stepanov)
05a93d5d96 build: Fix indentation in bitcoin_qt.m4 (Hennadii Stepanov)
ddbb419310 build: Use pkg-config in BITCOIN_QT_CONFIGURE for all hosts (Hennadii Stepanov)
492971de35 build: Fix mingw pkgconfig file and dependency naming (Hennadii Stepanov)

Pull request description:

  This PR makes `bitcoin_qt.m4` to use `pkg-config` for all hosts and removes non-pkg-config paths from it. This is a step towards the idea which was clear [stated](https://github.com/bitcoin/bitcoin/pull/8314#issue-76644643) by Cory Fields:
  > I believe the consensus is to treat Windows like the others and require pkg-config across the board. We can drop all of the non-pkg-config paths, and simply AC_REQUIRE(PKG_PROG_PKG_CONFIG)

  There are two unsolved problems with this PR. If depends is built with `DEBUG=1` the `configure` script fails to pickup Qt:
  - for macOS host (similar to, but not the same as #16391)
  - for Windows host (regression)

  The fix is ~on its way~ submitted in #18298 (as a followup).

  Also this PR picks some small improvements from #17820.

ACKs for top commit:
  theuni:
    Code review ACK 8a26848c46
  dongcarl:
    Code Review ACK 8a26848c46
  laanwj:
    Code review ACK 8a26848c46

Tree-SHA512: 3b25990934b939121983df7707997b31d61063b1207d909f539d69494c7cb85212f353092956d09ecffebb9fef28b869914dd1216a596d102fcb9744bb5487f7
2020-06-13 15:41:39 +08:00
fanquake
c4ffcf07af
build: remove BIP70 configure option
This was left in after #17165, so that anyone who had been compiling
with (already disabled by default) BIP70 would realise that support
had been completely removed in 0.20.0. However we should be able to
remove it for 0.21.0.
2020-06-12 15:54:00 +08:00
Pieter Wuille
ca8bc42330 Drop --disable-jni from libsecp256k1 configure options 2020-06-10 18:15:38 -07:00
MarcoFalke
fa16e7816b
build: Add -Wshadow-field 2020-06-06 08:12:37 -04:00
Vasil Dimov
0012471391
build: turn on --enable-c++17 by --enable-fuzz
Fuzzing code uses C++17 specific code (e.g. std::optional), so it is not
possible to compile with --enable-fuzz and without --enable-c++17.

Thus, turn on --enable-c++17 whenever --enable-fuzz is used.
2020-06-05 11:50:34 +02:00
Wladimir J. van der Laan
b46fb5cb10
Merge #19131: refactor: Fix unreachable code in init arg checks
eea8114657 build: Enable unreachable-code-loop-increment (Jonathan Schoeller)
d15db4b1fc refactor: Fix unreachable code in init arg checks (Jonathan Schoeller)

Pull request description:

  Closes: #19017

  In #19015 it's been suggested that we add some new compiler warnings to our build. Some of these, such as `-Wunreachable-code-loop-increment`, generate warnings. We'll likely want to fix these up if we're going to turn these warnings on.

  ```shell
  init.cpp:969:5: warning: loop will run at most once (loop increment never executed) [-Wunreachable-code-loop-increment]
       for (const auto& arg : gArgs.GetUnsuitableSectionOnlyArgs()) {
       ^~~
   1 warning generated.
   ```
   aa8d76806c/src/init.cpp (L968-L972)

  To fix this, collect all errors, and output them in a single error message after the loop completes. This resolves the unreachable code warning, and avoids popup hell that could result from outputting a seperate message for each error or warning one by one.

ACKs for top commit:
  laanwj:
    Code review ACK eea8114657
  hebasto:
    re-ACK eea8114657, only suggested changes applied since the [previous](https://github.com/bitcoin/bitcoin/pull/19131#pullrequestreview-421772387) review.

Tree-SHA512: 2aa3ceb7fab581b6ba2580900668388d8eba1c3001c8ff9c11c1f4a9a10fbc37f30e590249862676858446e3f4950140a252953ba1643ba3bfd772f8eae20583
2020-06-04 16:27:53 +02:00
sachinkm77
0fef60c63d build: improved output of configure for build OS 2020-06-03 04:06:36 -04:00
Jonathan Schoeller
eea8114657 build: Enable unreachable-code-loop-increment
Enable unreachable-code-loop-increment and treat as error.
refs: #19015
2020-06-02 06:24:10 +10:00
fanquake
a8327fd71f
Merge #19072: doc: Expand section on Getting Started
facef3d413 doc: Explain that anyone can work on good first issues, move text to CONTRIBUTING.md (MarcoFalke)
fae2fb2a19 doc: Expand section on Getting Started (MarcoFalke)
100000d1b2 doc: Add headings to CONTRIBUTING.md (MarcoFalke)
fab893e0ca doc: Fix unrelated typos reported by codespell (MarcoFalke)

Pull request description:

  Some random doc changes:

  * Add sections to docs, so that they can be linked to
  * Explain that anyone (even maintainers) are allowed to work on good first issues
  * Expand section on Getting Started slightly

ACKs for top commit:
  hebasto:
    ACK facef3d413
  fanquake:
    ACK facef3d413

Tree-SHA512: 8998e273a76dbf4ca77e79374c14efe4dfcc5c6df6b7d801e1e1e436711dbe6f76b436f9cbc6cacb45a56827babdd6396f3bd376a9426ee7be3bb9b8a3b8e383
2020-06-01 15:38:57 +08:00
Wladimir J. van der Laan
399d84da37 build: Only allow ASCII identifiers
While emoji and other symbols in C++ identifers (as accepted by newer
compilers) are fun, they might create confusion during code review, for
example because some symbols look very similar. Forbid such extended
identifiers for now.

This is done by providing `-fno-extended-identifiers`. Thanks to sipa
for suggesting this compiler flag.
2020-05-28 19:35:42 +02:00
Hennadii Stepanov
87766b355c
build: Replace -Wthread-safety-analysis with broader -Wthread-safety 2020-05-28 09:56:44 +03:00
MarcoFalke
fab893e0ca
doc: Fix unrelated typos reported by codespell 2020-05-27 12:37:08 -04:00
fanquake
97b21b302a
Merge #18677: Multiprocess build support
e2bab2aa16 multiprocess: add multiprocess travis configuration (Russell Yanofsky)
603fd6a2e7 depends: add MULTIPROCESS depends option (Russell Yanofsky)
5d1377b52b build: multiprocess autotools changes (Russell Yanofsky)

Pull request description:

  This PR is part of the [process separation project](https://github.com/bitcoin/bitcoin/projects/10).

  ---

  This PR consists of build changes only. It adds an `--enable-multiprocess` autoconf option (off by default and marked experimental), that builds new `bitcoin-node` and `bitcoin-gui` binaries. These currently function the same as existing `bitcoind` and `bitcoin-qt` binaries, but are extended in #10102 with IPC features to execute node, wallet, and gui functions in separate processes.

  In addition to adding the `--enable-multiprocess` config flag, it also adds a depends package and autoconf rules to build with the [libmultiprocess](https://github.com/chaincodelabs/libmultiprocess) library, and it adds new travis configuration to exercise the build code and run functional tests with the new binaries.

  The changes in this PR were originally part of #10102 but were moved into #16367 to be able to develop and review the multiprocess build changes independently of the code changes. #16367 was briefly merged and then reverted in #18588. Only change since #16367 has been dropping the `native_boost.mk` depends package which was pointed out to be no longer necessary in https://github.com/bitcoin/bitcoin/pull/16367#issuecomment-596484337 and https://github.com/bitcoin/bitcoin/pull/18588#pullrequestreview-391765649

ACKs for top commit:
  practicalswift:
    ACK e2bab2aa16
  Sjors:
    tACK e2bab2aa16 on macOS 10.15.4
  hebasto:
    ACK e2bab2aa16, tested on Linux Mint 19.3 (x86_64):

Tree-SHA512: b5a76eab5abf63d9d8b6d628cbdff4cc1888eef15cafa0a5d56369e2f9d02595fed623f4b74b2cf2830c42c05a774f0943e700f9c768a82d9d348cad199e135c
2020-05-21 15:34:25 +08:00
fanquake
e8a8cff07c
build: enforce minimum required Windows version (7)
Instruct the linker to set the major & minor subsystem versions in the PE
header to 6 & 1 (NT 6.1 which corresponds to Windows 7). Similar to
macOS, the binary will now refuse to run on unsupported versions of
Windows.
2020-05-14 09:46:18 +08:00
Wladimir J. van der Laan
04c09553d8
Merge #18887: build: enable -Werror=gnu
a30b0a24e9 build: enable -Werror=gnu (Vasil Dimov)

Pull request description:

  Stop the build if a warning is emitted due to `-Wgnu` and
  `--enable-werror` has been used. As usual - this would help notice such
  a warning that is about to be introduced in new code.

  This is a followup to
  https://github.com/bitcoin/bitcoin/pull/18088 build: ensure we aren't using GNU extensions

ACKs for top commit:
  practicalswift:
    ACK a30b0a24e9
  Empact:
    ACK a30b0a24e9

Tree-SHA512: f81b71cf3ee4db88b6f664c571075e0d30800a604f067f44273f256695a1dea533779db2ac859dd0a4cd8b66289c3e45f4aff1cfadfa160a1c354237167b05e2
2020-05-13 22:20:13 +02:00
Wladimir J. van der Laan
5d18c0ae18
Merge #18862: Remove fdelt_chk back-compat code and sanity check
df6bde031b test: remove glibc fdelt sanity check (fanquake)
8bf1540cc2 build: remove fdelt_chk backwards compatibility code (fanquake)

Pull request description:

  ae30d40e50
  The return type of [`fdelt_chk`](https://sourceware.org/git/?p=glibc.git;a=blob;f=debug/fdelt_chk.c;h=f62ce7349707cb68f55831c1c591fd7387a90258;hb=HEAD) changed from `unsigned  long int` to `long int` in glibc 2.16. See [this commit](https://sourceware.org/git/?p=glibc.git;a=commit;h=ceb9e56b3d1f8c1922e0526c2e841373843460e2). Now that we require [glibc >=2.17](https://github.com/bitcoin/bitcoin/pull/17538) we can remove our back-compat code.

  ab7bce584a
  While looking at the above changes, I noticed that our glibc fdelt sanity check doesn't seem to be checking anything. `fdelt_warn()` also isn't something we'd want to actually "trigger" at runtime, as doing so would cause `bitcoind` to abort.

  The comments:
  > // trigger: Call FD_SET to trigger __fdelt_chk. FORTIFY_SOURCE must be defined
  > //   as >0 and optimizations must be set to at least -O2.

  suggest calling FD_SET to check the invocation of `fdelt_chk` (this is [aliased with fdelt_warn in glibc](https://sourceware.org/git/?p=glibc.git;a=blob;f=debug/fdelt_chk.c;h=f62ce7349707cb68f55831c1c591fd7387a90258;hb=HEAD)). However just calling `FD_SET()` will not necessarily cause the compiler to insert a call to `fd_warn()`.

  Whether or not GCC (recent Clang should work, but may use different heuristics) inserts a call to `fdelt_warn()` depends on if the compiler can determine if the value passed in is a compile time constant (using [`__builtin_constant_p`](https://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html)) and whether the value is < 0 or >= `FD_SETSIZE`. The glibc implementation is [here](https://sourceware.org/git/?p=glibc.git;a=blob;f=misc/bits/select2.h;h=7e17430ed94dd1679af10afa3d74795f9c97c0e8;hb=HEAD). This means our check should never cause a call to be inserted.

  Compiling master without `--glibc-back-compat` (if you do pass `--glibc-back-compat` the outcome is still the same; however the abort will only happen with >=`FD_SETSIZE` as that is what our [fdelt_warn()](https://github.com/bitcoin/bitcoin/blob/master/src/compat/glibc_compat.cpp#L24) checks for), there are no calls to `fdelt_warn()` inserted by the compiler:
  ```bash
  objdump -dC bitcoind | grep sanity_fdelt
  ...
  0000000000399d20 <sanity_test_fdelt()>:
    399d20:       48 81 ec 98 00 00 00    sub    $0x98,%rsp
    399d27:       b9 10 00 00 00          mov    $0x10,%ecx
    399d2c:       64 48 8b 04 25 28 00    mov    %fs:0x28,%rax
    399d33:       00 00
    399d35:       48 89 84 24 88 00 00    mov    %rax,0x88(%rsp)
    399d3c:       00
    399d3d:       31 c0                   xor    %eax,%eax
    399d3f:       48 89 e7                mov    %rsp,%rdi
    399d42:       fc                      cld
    399d43:       f3 48 ab                rep stos %rax,%es:(%rdi)
    399d46:       48 8b 84 24 88 00 00    mov    0x88(%rsp),%rax
    399d4d:       00
    399d4e:       64 48 33 04 25 28 00    xor    %fs:0x28,%rax
    399d55:       00 00
    399d57:       75 0d                   jne    399d66 <sanity_test_fdelt()+0x46>
    399d59:       b8 01 00 00 00          mov    $0x1,%eax
    399d5e:       48 81 c4 98 00 00 00    add    $0x98,%rsp
    399d65:       c3                      retq
    399d66:       e8 85 df c8 ff          callq  27cf0 <__stack_chk_fail@plt>
    399d6b:       0f 1f 44 00 00          nopl   0x0(%rax,%rax,1)

  ```

  If you modify the sanity test to pass `-1` or `FD_SETSIZE` to `FD_SET`, you'll see calls to `fdelt_warn` inserted, and the runtime behaviour is an abort as expected.

  ```diff
  diff --git a/src/compat/glibc_sanity_fdelt.cpp b/src/compat/glibc_sanity_fdelt.cpp
  index 87140d0c7..16974bfa0 100644
  --- a/src/compat/glibc_sanity_fdelt.cpp
  +++ b/src/compat/glibc_sanity_fdelt.cpp
  @@ -20,7 +20,7 @@ bool sanity_test_fdelt()
   {
       fd_set fds;
       FD_ZERO(&fds);
  -    FD_SET(0, &fds);
  +    FD_SET(FD_SETSIZE, &fds);
       return FD_ISSET(0, &fds);
   }
   #endif
  ```

  ```bash
  0000000000399d20 <sanity_test_fdelt()>:
    399d20:	48 81 ec 98 00 00 00 	sub    $0x98,%rsp
    399d27:	b9 10 00 00 00       	mov    $0x10,%ecx
    399d2c:	64 48 8b 04 25 28 00 	mov    %fs:0x28,%rax
    399d33:	00 00
    399d35:	48 89 84 24 88 00 00 	mov    %rax,0x88(%rsp)
    399d3c:	00
    399d3d:	31 c0                	xor    %eax,%eax
    399d3f:	48 89 e7             	mov    %rsp,%rdi
    399d42:	fc                   	cld
    399d43:	f3 48 ab             	rep stos %rax,%es:(%rdi)
    399d46:	48 c7 c7 ff ff ff ff 	mov    $0xffffffffffffffff,%rdi
    399d4d:	e8 3e ff ff ff       	callq  399c90 <__fdelt_warn>
    399d52:	0f b6 04 24          	movzbl (%rsp),%eax
    399d56:	83 e0 01             	and    $0x1,%eax
    399d59:	48 8b 94 24 88 00 00 	mov    0x88(%rsp),%rdx
    399d60:	00
    399d61:	64 48 33 14 25 28 00 	xor    %fs:0x28,%rdx
    399d68:	00 00
    399d6a:	75 08                	jne    399d74 <sanity_test_fdelt()+0x54>
    399d6c:	48 81 c4 98 00 00 00 	add    $0x98,%rsp
    399d73:	c3                   	retq
    399d74:	e8 77 df c8 ff       	callq  27cf0 <__stack_chk_fail@plt>
    399d79:	0f 1f 80 00 00 00 00 	nopl   0x0(%rax)
   ```

   ```bash
   src/bitcoind
  *** buffer overflow detected ***: src/bitcoind terminated
  Aborted
   ```

  I think the test should should be removed and replaced (if possible) with additional checks in security-check.py. I was thinking about adding a version of [this script](https://github.com/fanquake/core-review/blob/master/fortify.py) as part of the output, but that needs more thought. I'll address this in a follow up.

ACKs for top commit:
  laanwj:
    ACK  df6bde031b

Tree-SHA512: d8b3af4f4eb2d6c767ca6e72ece51d0ab9042e1bbdfcbbdb7ad713414df21489ba3217662b531b8bfdac0265d2ce5431abfae6e861b6187d182ff26c6e59b32d
2020-05-13 19:35:25 +02:00
fanquake
6c647c89db
Merge #18738: build: Suppress -Wdeprecated-copy warnings
0c63f80854 build: Suppress -Wdeprecated-copy warnings (Hennadii Stepanov)

Pull request description:

  Tomorrow, on Apr 23 the Ubuntu 20.04 release is expected. It packaged with Qt 5.12 LTS that has a nasty peculiarity to cause modern compilers, including Clang 10.0 and GCC 9.3, to emit spammy `-Wdeprecated-copy` warnings (#15822, #18419).

  This PR suppress such warnings _temporarily_, until the [upstream is fixed](https://codereview.qt-project.org/c/qt/qtbase/+/272258).

  Here are some affected systems (with system packages):
  - Ubuntu 20.04 LTS + Qt 5.12.8 LTS + { Clang 10.0 | GCC 9.3 }
  - Fedora 32 + Qt 5.13.2 + Clang 10.0

  Reference: [QTBUG-75210](https://bugreports.qt.io/browse/QTBUG-75210)

  Also see **fanquake**'s [comment](https://github.com/bitcoin/bitcoin/pull/18738#issuecomment-622956100).

ACKs for top commit:
  MarcoFalke:
    ACK 0c63f80854 seems fine to disable this warning for the 0.21.0 release temporarily and then enable it for 0.22.0, when boost is removed.
  fanquake:
    ACK 0c63f80854 - I think it's ok to suppress these for now, given that `-Wdeprecated-copy` is enabled (via `-Wextra`) in GCC 9 and Clang 10. The Qt output is pretty noisy, and there's a few warnings from Boost as well.

Tree-SHA512: 7064a3272bc9eae00b73a16c421ac58be148f374cbef87320e8f092f52761f6e98166eff60346b70867f8a69a9698a79455dc16b42d92f8fbe7c56519571ac08
2020-05-13 21:17:07 +08:00
fanquake
219c55da75
Merge #16710: build: Enable -Wsuggest-override if available
839add193b build: Enable -Wsuggest-override (Hennadii Stepanov)
de5e91c303 refactor: Add BerkeleyDatabaseVersion() function (Hennadii Stepanov)

Pull request description:

  From GCC [docs](https://gcc.gnu.org/onlinedocs/gcc-9.2.0/gcc/Warning-Options.html):
  > `-Wsuggest-override`
  > Warn about overriding virtual functions that are not marked with the override keyword.

  ~This PR is based on #16722 (the first commit).~ See: https://github.com/bitcoin/bitcoin/pull/16722#issuecomment-584111086

ACKs for top commit:
  fanquake:
    ACK 839add193b
  vasild:
    ACK 839add193
  practicalswift:
    ACK 839add193b assuming Travis is happy: patch looks correct

Tree-SHA512: 1e8cc085da30d41536deff9b181962c1882314ab252c2ad958294087ae1e5a0dfa4886bdbe36f21cf6ae71df776a8420f349f007d4b5b49fd79ba98ce308965a
2020-05-13 15:19:05 +08:00
Hennadii Stepanov
839add193b
build: Enable -Wsuggest-override 2020-05-12 18:03:39 +03:00
Russell Yanofsky
5d1377b52b build: multiprocess autotools changes
autoconf and automake changes to support multiprocess gui/node/wallet execution.

This adds a new --enable-multiprocess flag, and build configuration code to
detect libraries needed for multiprocess support. The --enable-multiprocess
flag builds new bitcoin-node and bitcoin-gui executables, which are updated in
https://github.com/bitcoin/bitcoin/pull/10102 to communicate across processes.
But for now they are functionally equivalent to existing bitcoind and
bitcoin-qt executables.
2020-05-12 09:47:06 -04:00
fanquake
49d237ce32
Merge #18928: build: don't pass -w when building for Windows
89fea68ffd build: don't pass -w when building for Windows (fanquake)

Pull request description:

  This has been around since the introduction of autotools. However at
  this point I'm not sure we'd ever want to suppress all warnings when
  performing a build, and given that CXX FLAGS will have been overriden
  when cross-compiling for Windows (using depends), this would rarely,
  if-ever be used anyways.

  From https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html:
  > -w
  >
  >     Inhibit all warning messages.

ACKs for top commit:
  hebasto:
    ACK 89fea68ffd

Tree-SHA512: 2b5bdef7fff5c87b28199f5822cab3cdf600c90c01a40db5cd85053eef5dcb5816e2e97ff61a30ff94b4f0c6cb7be22beaef34d82235bdf05ff9da865d40b381
2020-05-12 16:17:15 +08:00
fanquake
89fea68ffd
build: don't pass -w when building for Windows
This has been around since the introduction of autotools. However at
this point I'm not sure we'd every want to suppress all warnings when
performing a build, and given that CXX FLAGS will have been overriden
when cross-compiling for Windows (using depends), this would rarely,
if-ever be used anyways.

From https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html:
-w

    Inhibit all warning messages.
2020-05-10 19:27:15 +08:00
Ben Woosley
68537275bd
build: Enable -Werror=sign-compare
Explicitly add -Wsign-compare as well - not required for all compilers, as GCC activates it
under -Wall, but may impact clang, etc.
2020-05-09 00:20:09 -07:00
fanquake
df6bde031b
test: remove glibc fdelt sanity check
As is, this sanity check doesn't seem to be testing fdelt_chk, because
passing a value of "0" to FD_SET wont cause the compiler to insert any
calls to fdelt_chk().

The documentation is a little misleading. If we actually triggered fdelt_chk
at runtime, bitcoind would abort. I think this check would be better replaced
(if possible) by additional checks in security-check.py.

The compiler may insert a call to fdelt_warn() (aliased with fdelt_chk
in glibc) at compile time if it can determine that an invalid value is
being passed to FD_SET.

These checks are essentially; value < 0 or value >= FD_SETSIZE along
with a check for wether the value is a compile time constant.

If the compiler can determine an invalid value is being passed, a call
to fdelt_warn will be inserted. Passing 0 should never cause a call to
be inserted.

You can check this after compiling:
```bash
objdump -dC bitcoind | grep sanity_fdelt
...
0000000000399d20 <sanity_test_fdelt()>:
  399d20:	48 81 ec 98 00 00 00 	sub    $0x98,%rsp
  399d27:	b9 10 00 00 00       	mov    $0x10,%ecx
  399d2c:	64 48 8b 04 25 28 00 	mov    %fs:0x28,%rax
  399d33:	00 00
  399d35:	48 89 84 24 88 00 00 	mov    %rax,0x88(%rsp)
  399d3c:	00
  399d3d:	31 c0                	xor    %eax,%eax
  399d3f:	48 89 e7             	mov    %rsp,%rdi
  399d42:	fc                   	cld
  399d43:	f3 48 ab             	rep stos %rax,%es:(%rdi)
  399d46:	48 8b 84 24 88 00 00 	mov    0x88(%rsp),%rax
  399d4d:	00
  399d4e:	64 48 33 04 25 28 00 	xor    %fs:0x28,%rax
  399d55:	00 00
  399d57:	75 0d                	jne    399d66 <sanity_test_fdelt()+0x46>
  399d59:	b8 01 00 00 00       	mov    $0x1,%eax
  399d5e:	48 81 c4 98 00 00 00 	add    $0x98,%rsp
  399d65:	c3                   	retq
  399d66:	e8 85 df c8 ff       	callq  27cf0 <__stack_chk_fail@plt>
  399d6b:	0f 1f 44 00 00       	nopl   0x0(%rax,%rax,1)

```

To test, you could modify this test to pass -1 to FD_SET, and check
that a call to fdelt_warn() is inserted, and that running bitcoind
fails. i.e:

```bash
0000000000399d20 <sanity_test_fdelt()>:
  399d20:	48 81 ec 98 00 00 00 	sub    $0x98,%rsp
  399d27:	b9 10 00 00 00       	mov    $0x10,%ecx
  399d2c:	64 48 8b 04 25 28 00 	mov    %fs:0x28,%rax
  399d33:	00 00
  399d35:	48 89 84 24 88 00 00 	mov    %rax,0x88(%rsp)
  399d3c:	00
  399d3d:	31 c0                	xor    %eax,%eax
  399d3f:	48 89 e7             	mov    %rsp,%rdi
  399d42:	fc                   	cld
  399d43:	f3 48 ab             	rep stos %rax,%es:(%rdi)
  399d46:	48 c7 c7 ff ff ff ff 	mov    $0xffffffffffffffff,%rdi
  399d4d:	e8 3e ff ff ff       	callq  399c90 <__fdelt_warn>
  399d52:	0f b6 04 24          	movzbl (%rsp),%eax
  399d56:	83 e0 01             	and    $0x1,%eax
  399d59:	48 8b 94 24 88 00 00 	mov    0x88(%rsp),%rdx
  399d60:	00
  399d61:	64 48 33 14 25 28 00 	xor    %fs:0x28,%rdx
  399d68:	00 00
  399d6a:	75 08                	jne    399d74 <sanity_test_fdelt()+0x54>
  399d6c:	48 81 c4 98 00 00 00 	add    $0x98,%rsp
  399d73:	c3                   	retq
  399d74:	e8 77 df c8 ff       	callq  27cf0 <__stack_chk_fail@plt>
  399d79:	0f 1f 80 00 00 00 00 	nopl   0x0(%rax)

```

```bash
./src/bitcoind
*** buffer overflow detected ***: src/bitcoind terminated
Aborted
```
2020-05-07 15:45:09 +08:00
fanquake
8bf1540cc2
build: remove fdelt_chk backwards compatibility code
Now that we require glibc 2.17 or later, we no longer need to check for
different return types in fdelt_chk. It was changed from unsigned long
int to long int in glibc 2.16 . See this commit:
https://sourceware.org/git/?p=glibc.git;a=commit;h=ceb9e56b3d1f8c1922e0526c2e841373843460e2
and related issue:
https://sourceware.org/bugzilla/show_bug.cgi?id=14210.
2020-05-07 15:44:56 +08:00
fanquake
3b1e289248
Merge #18535: build: remove -Qunused-arguments workaround for clang + ccache
a029805f57 build: remove -Qunused-arguments workaround for clang + ccache (fanquake)

Pull request description:

  This was added in 386efb7695 to address spammy Clang warnings when building with ccache.

  The issue was addressed in [ccache 3.2](https://bugzilla.samba.org/show_bug.cgi?id=8118), and from a look at most major distros, it's only Debian Jessie that has a version of ccache older than that ([3.1](https://packages.debian.org/jessie/ccache)).

  Therefore I think it's acceptable to drop this workaround, and re-enable warnings for unused driver arguments (when compiling using Clang and ccache).

ACKs for top commit:
  hebasto:
    ACK a029805f57.
  vasild:
    utACK a029805f57

Tree-SHA512: f887b9bd12f9c1c8d209943b86e8dafe33cfd1572912f2cafabe08ffe403973e48f0f7289280a8c6db9263c57aad43fbd4bb72f42db762eb090f3b1ef0538f43
2020-05-07 15:41:59 +08:00
Wladimir J. van der Laan
c6b15ec0ee
Merge #17874: build: make linker checks more robust
03da4c7781 build: make linker checks more robust (Cory Fields)

Pull request description:

  Check for a flag to turn linker warnings into errors. When flags are passed to
  linkers via the compiler driver using a -Wl,-foo flag, linker warnings may be
  swallowed rather than bubbling up.

  This is one of [Corys commits](b9acd3d33e) that I've modified to also add `-Wl,-fatal_warnings`
  for darwin.

ACKs for top commit:
  vasild:
    re-ACK 03da4c778

Tree-SHA512: 212031d619ed88e52aaae30cf3b711681d72c4d670884406403605d1d86c784c84cb07e2e0d6c30926e659db8f14f8dabd5af3de5291637f8080d6dfee358248
2020-05-06 15:09:55 +02:00
Wladimir J. van der Laan
6621be5351
Merge #18843: build: warn on potentially uninitialized reads
71f183a49b build: warn on potentially uninitialized reads (Vasil Dimov)

Pull request description:

  * Enable `conditional-uninitialized` warning class to show potentially uninitialized
  reads.

  * Fix the sole such warning in Bitcoin Core in `GetRdRand()`: `r1` would be
  set to `0` on `rdrand` failure, so initializing it to `0` is a non-functional
  change.

ACKs for top commit:
  practicalswift:
    ACK 71f183a49b
  laanwj:
    ACK 71f183a49b

Tree-SHA512: 2c1d8caacd86424b16a9d92e5df19e0bedb51ae111eecad7e3bfa46447bc88e5fff1f32dacf6c4a28257ebb3d87e79f80f074ce2c523ce08b1a0c0a67ab44204
2020-05-06 13:49:49 +02:00
Cory Fields
03da4c7781
build: make linker checks more robust
Check for a flag to turn linker warnings into errors. When flags are passed to
linkers via the compiler driver using a -Wl,-foo flag, linker warnings may be
swallowed rather than bubbling up.

Co-authored-by: fanquake <fanquake@gmail.com>
2020-05-06 17:39:07 +08:00
Vasil Dimov
a30b0a24e9
build: enable -Werror=gnu
Stop the build if a warning is emitted due to `-Wgnu` and
`--enable-werror` has been used. As usual - this would help notice such
a warning that is about to be introduced in new code.

This is a followup to
https://github.com/bitcoin/bitcoin/pull/18088
build: ensure we aren't using GNU extensions
2020-05-05 14:47:59 +02:00
Hennadii Stepanov
0c63f80854
build: Suppress -Wdeprecated-copy warnings 2020-05-05 06:21:52 +03:00
Vasil Dimov
71f183a49b
build: warn on potentially uninitialized reads
Enable -Wconditional-uninitialized to warn on potentially uninitialized
reads.

Fix the sole such warning in Bitcoin Core in GetRdRand(): r1 would be
set to 0 on rdrand failure, so initializing it to 0 is a non-functional
change.

From "Intel 64 and IA-32 ArchitecturesSoftware Developer's Manual" [1],
page 1711: "CF=1 indicates that the data in the destination is valid.
Otherwise CF=0 and the data in the destination operand will be returned
as zeros for the specified width."

[1] https://software.intel.com/sites/default/files/managed/39/c5/325462-sdm-vol-1-2abcd-3abcd.pdf
2020-05-03 17:21:45 +02:00
fanquake
0ae8f18dfe
build: add -Wgnu to compile flags
When compiling with Clang, this will warn when GNU extensions are
used.

Info: https://clang.llvm.org/docs/DiagnosticsReference.html#wgnu
2020-04-30 18:02:04 +08:00
Wladimir J. van der Laan
35ef3c15ef
Merge #18591: Add C++17 build to Travis
c31cbe7cfe Add C++17 test to Travis (Pieter Wuille)
7829685e27 Add configure option for c++17 (Pieter Wuille)
0fbde488b2 Support conversion between Spans of compatible types (Pieter Wuille)
7cbfebbf3d Update ax_cxx_compile_stdcxx.m4 (Pieter Wuille)

Pull request description:

  This adds a `--enable-c++17` option to the configure script, fixes the only C++17 incompatibility (with a commit taken from #18468), and adds a Travis test for it.

  This is all off by default, and release builds remain C++11.

  It implements the first step of the plan in https://github.com/bitcoin/bitcoin/issues/16684.

ACKs for top commit:
  elichai:
    tACK c31cbe7cfe
  practicalswift:
    Tested ACK c31cbe7cfe
  hebasto:
    ACK c31cbe7cfe, tested on Linux Mint 19.3 both C++11 and C++17 modes. Compiled and passed tests locally.

Tree-SHA512: a4b00776dbceef9c12abbb404c6bcd48f7916ce24c8c7a14116355f64e817578b7fcddbedd5ce435322319d1e4de43429b68553f4d96d970c308fe3e3e59b9d1
2020-04-30 11:16:56 +02:00
Wladimir J. van der Laan
63d5ed2fc4
Merge #18437: util: Detect posix_fallocate() instead of assuming
182dbdf0f4 util: Detect posix_fallocate() instead of assuming (Vasil Dimov)

Pull request description:

  Don't assume that `posix_fallocate()` is available on Linux and not
  available on other operating systems. At least FreeBSD has it and we
  are not using it.

  Properly check whether `posix_fallocate()` is present and use it if it
  is.

ACKs for top commit:
  laanwj:
    ACK 182dbdf0f4

Tree-SHA512: f9ed4bd661f33ff6b2b1150591e860b3c1f44e12b87c35e870d06a7013c4e841ed2bf17b41ad6b18fe471b0b23a4b5e42cf1400637180888e0bc56c254fe0766
2020-04-30 10:45:17 +02:00
fanquake
cd24f37ea9
doc: Better explain GNU ld's dislike of ld64's options
There's also now more than a single option being special cased for
darwin.
2020-04-27 11:08:51 +08:00
fanquake
7d1a3bda21
Merge #18709: doc: note why we can't use thread_local with glibc back compat
b155fcda51 doc: fix typo in configure.ac (fanquake)
20a30922fb doc: note why we can't use thread_local with glibc back compat (fanquake)

Pull request description:

  Given that we went through a [gitian build](https://github.com/bitcoin/bitcoin/pull/18681) to remember why this is the case, we might as well make a note of it in configure.ac.

  [From #18681](https://github.com/bitcoin/bitcoin/pull/18681#issuecomment-615526634):

  Looking at the Linux build log, this has failed with:
  ```bash
  Checking glibc back compat...
  bitcoind: symbol __cxa_thread_atexit_impl from unsupported version GLIBC_2.18
  bitcoind: failed IMPORTED_SYMBOLS
  bitcoin-cli: symbol __cxa_thread_atexit_impl from unsupported version GLIBC_2.18
  bitcoin-cli: failed IMPORTED_SYMBOLS
  bitcoin-tx: symbol __cxa_thread_atexit_impl from unsupported version GLIBC_2.18
  bitcoin-tx: failed IMPORTED_SYMBOLS
  bitcoin-wallet: symbol __cxa_thread_atexit_impl from unsupported version GLIBC_2.18
  bitcoin-wallet: failed IMPORTED_SYMBOLS
  test/test_bitcoin: symbol __cxa_thread_atexit_impl from unsupported version GLIBC_2.18
  test/test_bitcoin: failed IMPORTED_SYMBOLS
  bench/bench_bitcoin: symbol __cxa_thread_atexit_impl from unsupported version GLIBC_2.18
  bench/bench_bitcoin: failed IMPORTED_SYMBOLS
  qt/bitcoin-qt: symbol __cxa_thread_atexit_impl from unsupported version GLIBC_2.18
  ```

  `__cxa_thread_atexit_impl` is used for [thread_local variable destruction](https://sourceware.org/glibc/wiki/Destructor%20support%20for%20thread_local%20variables):

  > To implement this support, glibc defines __cxa_thread_atexit_impl exclusively for use by libstdc++ (which has the __cxa_thread_atexit to wrap around it), that registers destructors for thread_local variables in a list. Upon thread or process exit, the destructors are called in reverse order in which they were added.

  As suggested, this only became available in glibc 2.18. From the [2.18 release notes](https://sourceware.org/legacy-ml/libc-alpha/2013-08/msg00160.html):

  > * Add support for calling C++11 thread_local object destructors on thread
    and program exit.  This needs compiler support for offloading C++11
    destructor calls to glibc.

ACKs for top commit:
  hebasto:
    ACK b155fcda51

Tree-SHA512: 5b9567e4a70598a4b0b91956f44ae0d93091db17c84cbf9817dac6cfa992c97d3438a8b1bb66644c74891f2149e44984daed445d22de93ca8858c5b0eabefb40
2020-04-22 14:46:19 +08:00
fanquake
b155fcda51
doc: fix typo in configure.ac
s/liner/linker/
2020-04-21 10:05:43 +08:00
fanquake
20a30922fb
doc: note why we can't use thread_local with glibc back compat 2020-04-20 16:58:54 +08:00