fa5eabe72117f6e3704858e8d5b2c57a120258ed refactor: Remove negative lock annotations from globals (MarcoFalke)
Pull request description:
They only make sense for mutexes that are private members. Until cs_main is a private member the negative annotations should be replaced by excluded annotations, which are optional.
ACKs for top commit:
sipa:
utACK fa5eabe72117f6e3704858e8d5b2c57a120258ed
ajtowns:
ACK fa5eabe72117f6e3704858e8d5b2c57a120258ed
hebasto:
ACK fa5eabe72117f6e3704858e8d5b2c57a120258ed
vasild:
ACK fa5eabe72117f6e3704858e8d5b2c57a120258ed
Tree-SHA512: 06f8a200304f81533010efcc42d9f59b8c4d0ae355920c0a28efb6fa161a3e3e68f2dfffb0c009afd9c2501e6a293c6e5a419a64d718f1f4e79668ab2ab1fcdc
ea74e10acf17903e44c85e3678853414653dd4e1 doc: Add best practice for annotating/asserting locks (Hennadii Stepanov)
2ee7743fe723227f2ea1b031eddb14fc6863f4c8 sync.h: Make runtime lock checks require compile-time lock checks (Anthony Towns)
23d71d171e6e22ba5e4a909d597a54595b2a2c1f Do not hide compile-time thread safety warnings (Hennadii Stepanov)
3ddc150857178bfb1c854c05bf9b526777876f56 Add missed thread safety annotations (Hennadii Stepanov)
af9ea55a72c94678b343f5dd98dc78f3a3ac58cb Use LockAssertion utility class instead of AssertLockHeld() (Hennadii Stepanov)
Pull request description:
On the way of transit from `RecursiveMutex` to `Mutex` (see #19303) it is crucial to have run-time `AssertLockHeld()` assertion that does _not_ hide compile-time Clang Thread Safety Analysis warnings.
On master (65e4ecabd5b4252154640c7bac38c92a3f3a7018) using `AssertLockHeld()` could hide Clang Thread Safety Analysis warnings, e.g., with the following patch applied:
```diff
--- a/src/txmempool.h
+++ b/src/txmempool.h
@@ -607,7 +607,7 @@ public:
void addUnchecked(const CTxMemPoolEntry& entry, setEntries& setAncestors, bool validFeeEstimate = true) EXCLUSIVE_LOCKS_REQUIRED(cs, cs_main);
void removeRecursive(const CTransaction& tx, MemPoolRemovalReason reason) EXCLUSIVE_LOCKS_REQUIRED(cs);
- void removeForReorg(const CCoinsViewCache* pcoins, unsigned int nMemPoolHeight, int flags) EXCLUSIVE_LOCKS_REQUIRED(cs, cs_main);
+ void removeForReorg(const CCoinsViewCache* pcoins, unsigned int nMemPoolHeight, int flags) EXCLUSIVE_LOCKS_REQUIRED(cs_main);
void removeConflicts(const CTransaction& tx) EXCLUSIVE_LOCKS_REQUIRED(cs);
void removeForBlock(const std::vector<CTransactionRef>& vtx, unsigned int nBlockHeight) EXCLUSIVE_LOCKS_REQUIRED(cs);
```
Clang compiles the code without any thread safety warnings.
See "Add missed thread safety annotations" commit for the actual thread safety warnings that are fixed in this PR.
ACKs for top commit:
MarcoFalke:
ACK ea74e10acf 🎙
jnewbery:
ACK ea74e10acf17903e44c85e3678853414653dd4e1
ajtowns:
ACK ea74e10acf17903e44c85e3678853414653dd4e1
Tree-SHA512: 8cba996e526751a1cb0e613c0cc1b10f027a3e9945fbfb4bd30f6355fd36b9f9c2e1e95ed3183fc254b42df7c30223278e18e5bdb5e1ef85db7fef067595d447
32a9f13cb805ecf6aebb5cf4e5d92b8a47c4548b wallet: avoid returning a reference to vMasterKey after releasing the mutex that guards it (Vasil Dimov)
Pull request description:
`CWallet::GetEncryptionKey()` would return a reference to the internal
`CWallet::vMasterKey`, guarded by `CWallet::cs_wallet`, which is unsafe.
Returning a copy would be a shorter solution, but could have security
implications of the master key remaining somewhere in the memory even
after `CWallet::Lock()` (the current calls to
`CWallet::GetEncryptionKey()` are safe, but that is not future proof).
So, instead of `EncryptSecret(m_storage.GetEncryptionKey(), ...)`
change the `GetEncryptionKey()` method to provide the encryption
key to a given callback:
`m_storage.WithEncryptionKey([](const CKeyingMaterial& k) { EncryptSecret(k, ...); })`
This silences the following (clang 18):
```
wallet/wallet.cpp:3520:12: error: returning variable 'vMasterKey' by reference requires holding mutex 'cs_wallet' [-Werror,-Wthread-safety-reference-return]
3520 | return vMasterKey;
| ^
```
---
_Previously this PR modified both ArgsManager and wallet code. But the ArgsManager commit 856c88776f was merged in https://github.com/bitcoin/bitcoin/pull/29040 so now this only affects wallet code. The previous PR description was:_
Avoid this unsafe pattern from `ArgsManager` and `CWallet`:
```cpp
class A
{
Mutex mutex;
Foo member GUARDED_BY(mutex);
const Foo& Get()
{
LOCK(mutex);
return member;
} // callers of `Get()` will have access to `member` without owning the mutex.
```
ACKs for top commit:
achow101:
ACK 32a9f13cb805ecf6aebb5cf4e5d92b8a47c4548b
ryanofsky:
Code review ACK 32a9f13cb805ecf6aebb5cf4e5d92b8a47c4548b. This seems like a potentially real race condition, and the fix here is pretty simple.
furszy:
ACK 32a9f13c
Tree-SHA512: 133da84691642afc1a73cf14ad004a7266cb4be1a6a3ec634d131dca5dbcdef52522c1d5eb04f5b6c4e06e1fc3e6ac57315f8fe1e207b464ca025c2b4edefdc1
02260cba57 build: stop tracking cmake dependency relic_conf.h.in (UdjinM6)
02107450d0 Squashed 'src/dashbls/' changes from 795660db76..4e070243ae (Odysseas Gabrielides)
314102e054 Revert "build: stop tracking cmake dependency relic_conf.h.in" (Odysseas Gabrielides)
Pull request description:
## Issue being fixed or feature implemented
Bumped blsdash to version 1.3.3
## What was done?
## How Has This Been Tested?
## Breaking Changes
## Checklist:
- [x] I have performed a self-review of my own code
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have added or updated relevant unit/integration/functional/e2e tests
- [ ] I have made corresponding changes to the documentation
- [ ] I have assigned this pull request to a milestone _(for repository code-owners and collaborators only)_
ACKs for top commit:
kwvg:
utACK 02260cba57
UdjinM6:
utACK 02260cba57
Tree-SHA512: 5f45919d5cc8e2c2eb37427c4e3b110bf34884472f4de1e3cd0e6b6bd7fc71d71e7d63192e6a9a637f7181f2e16641dec3abc15cd41e1e5b7322185a2bc7a58e
4e070243ae chore: bump version to 1.3.3 (#99)
d93956254e ci: disable Go bindings CI for macos for now (#98)
ae40c5c86d Merge pull request #97 from PastaPastaPasta/refac/pybind-bump-2.13.6
e835ece935 refactor: bump pybind version to 2.13.6
eda5d6a402 chore: change of gmp source (#95)
61f95aa80e chore: cleanup 6.2.1 left overs (#96)
adbd094409 Merge pull request #92 from kwvg/darwin_gmp
062ee6726b Merge pull request #90 from UdjinM6/fix_aarch_arch
3538d8b033 fix: aarch64 is not supported, should set ARCH to RELIC_NONE
e27a62f4a2 revert: disable gmp if targeting darwin on aarch64 when on 'auto'
bb2fe6ee55 build: enforce minimum version of libgmp based on arch and platform
9832b7a132 build: replace deprecated macros `AC_PROG_CC_C99` and `AM_PROG_CC_C_O`
b2428718b9 Merge pull request #91 from UdjinM6/fix_macos_test_build
3ffa7fa2b6 chore: bump version to 1.3.2 (#94)
0f4efc9327 Merge pull request #88 from HashEngineering/feat/support-android
a181889489 fix: rust bindings build for macos (#89)
738d187359 fix: detect gmp via brew earlier
ce4d6a47b6 fix: install libtool
4fa46ccaff fix: use macos-latest for test build
69bdc1aac7 Merge pull request #85 from kwvg/debug
39791d4e31 build: print build options after configure
73106a0121 build: use `-mbranch-protection=bti` on supporting `aarch64` compilers
6a3c28f6ca build: use stricter `-Werror` when testing compile flags
7a1b227637 build: rename {`NO`}`WARN_CFLAGS` to {`NO`}`WARN_FLAGS`, use with C{++}
28bea63838 build: set {`NO`}`WARN_CFLAGS` flags if not overridden and uniformly
32c2f0f5f8 trivial: rename `CORE_CXXFLAGS` to `CORE_FLAGS`, use with C{++}
b630c2c323 build: append `HARDENED_FLAGS` to `AM_CFLAGS`
e6008148e4 trivial: rename `HARDENED_CXXFLAGS` to `HARDENED_FLAGS`
af0e3daef5 build: subsume `PI{C,E}_FLAGS` into `HARDENED_CXXFLAGS`
9ff8618a1b build: expand `--disable-optimizations` to include `-O0` and `-fwrapv`
3036b83181 build: expand `--enable-debug` to include `-O0`, `-ftrapv` and dbg info
c90d43d43b build: add check to see if `CFLAGS` has been overridden
2d77f7ae49 build: remove vestigial `LIBTOOL_{CXX,CPP,LD}FLAGS`, `HARDENED_CPPFLAGS`
883a098868 build: autodetect i?86 and arm as 32-bit
deb3269820 build: don't specify exact `{CPU_}ARCH` if optimizations are disabled
720d49a44b trivial: fix indentation for `want_backend` check
f9328320af build: use `easy` backend if optimizations are disabled unless specified
3687cd59e0 build: define new flag `--enable-optimizations`
f82bfee5dd build: ensure help string format matches Autotool defaults
d68920063e build: define arguments as `--enable-[term]` instead of `--disable-[term]`
7f41e7dd16 fix: support android
1c2fc79c19 feat(rust): allow to move G1 and G2 elements between threads (#87)
3540b8bbed feat: debug with data hex (#86)
git-subtree-dir: src/dashbls
git-subtree-split: 4e070243aed142bc458472f8807ab77527dd879a
a3cd7dbfd8200c580aae9ea0f5473d58107dd582 test: stop node before calling assert_start_raises_init_error (Martin Zumsande)
Pull request description:
In #24789, I forgot to stop the node before using `assert_start_raises_init_error` in `feature_coinstatsindex`. This resulted in a bitcoind process that is not being terminated after the test finishes.
`feature_prune` has the same problem and also creates a zombie bitcoind process.
Also adds an assert to `assert_start_raises_init_error` to make sure the node isn't already running to prevent this sort of mistake in the future.
Top commit has no ACKs.
Tree-SHA512: 902f683ebe7b19ca32ab83ca40d9698e9d91509b1d003f21a7221f79b647e05b6ef5c0c888fbb772cbca5e641d5c9437d522b6671f446c3ab321d79f7c6d0284
5aceee38fc merge bitcoin#22875: Fix Racy ParseOpCode function initialization (Kittywhiskers Van Gogh)
427d07f4db merge bitcoin#17631: Expose block filters over REST (Kittywhiskers Van Gogh)
d60f15ec33 merge bitcoin#23738: improve logging of ChainstateManager snapshot persistance (Kittywhiskers Van Gogh)
87257347c2 merge bitcoin#23465: Remove CTxMemPool params from ATMP (Kittywhiskers Van Gogh)
d2cbdc40d5 merge bitcoin#23630: Remove GetSpendHeight (Kittywhiskers Van Gogh)
8bdab4d4fe merge bitcoin#23437: AcceptToMemoryPool (Kittywhiskers Van Gogh)
1f4e8a0cf9 merge bitcoin#23538: Remove strtol in torcontrol (Kittywhiskers Van Gogh)
2318d9f996 merge bitcoin#23564: don't use deprecated brew package names (Kittywhiskers Van Gogh)
3b7a7394a9 merge bitcoin#23223: Disable lock contention logging in checkqueue_tests (Kittywhiskers Van Gogh)
b383609a72 merge bitcoin#23227: Avoid treating integer overflow as OP_0 (Kittywhiskers Van Gogh)
0188d32430 merge bitcoin#23213: Return error when header count is not integral (Kittywhiskers Van Gogh)
eb9e20890f merge bitcoin#23156: Remove unused ParsePrechecks and ParseDouble (Kittywhiskers Van Gogh)
18fff7e3d3 rpc: switch to taking an integer for `rate` in `quorum dkgsimerror` (Kittywhiskers Van Gogh)
Pull request description:
## Additional Information
* Dependent on https://github.com/dashpay/dash/pull/6288
* Dependent on https://github.com/dashpay/dash/pull/6296
## Breaking changes
- `quorum dkgsimerror` will no longer accept a decimal value between 0 and 1 for the `rate` argument, it will now expect an integer between 0 to 100.
## Checklist
- [x] I have performed a self-review of my own code
- [x] I have commented my code, particularly in hard-to-understand areas **(note: N/A)**
- [x] I have added or updated relevant unit/integration/functional/e2e tests
- [x] I have made corresponding changes to the documentation
- [x] I have assigned this pull request to a milestone _(for repository code-owners and collaborators only)_
ACKs for top commit:
PastaPastaPasta:
utACK 5aceee38fc
UdjinM6:
utACK 5aceee38fc
knst:
utACK 5aceee38fc
Tree-SHA512: 8fc34b05a74f2ddbe84b2a7a54772e49941042c89bc74d71d33711e658754a3d086af11fb2437d2bb72ede0c611adc57b82193783e7b6f10fbd4ebab2a7fa7cb
2e36832982 refactor: drop circular dependency governance/classes over governance/governance (Konstantin Akimov)
39f18ab154 refactor: move CGoveranceManager code from classes.cpp to governace.cpp (Konstantin Akimov)
350a5ca47c refactor: drop CSuperblock::GetGovernanceObject to simplify thread safety analysis over FindGovernanceObject (Konstantin Akimov)
5031f29441 refactor: add couple missing `const` for CGovernanceManager (Konstantin Akimov)
b240d08e09 refactor: move GetBestSuperblock to CGovernanceManager (Konstantin Akimov)
3641653174 refactor: move CSuperblockManager::IsValid to CGoveranceManager::IsValidSuperblock (Konstantin Akimov)
de8969f463 refactor: move ExecuteBestSuperblock to CGovernanceManager (Konstantin Akimov)
107d5b4941 refactor: move GetSuperblockPayments to CGovernanceManager (Konstantin Akimov)
7a470c441e refactor: move IsSuperblockTriggered to CGovernanceManager (Konstantin Akimov)
9638fdce6d refactor: pass mn_sync to CGovernanceManager ctor as a reference (UdjinM6)
7eb1634686 refactor: drop alias that is used only once (Konstantin Akimov)
1570a02c89 refactor: move ScopedLockBool from header to cpp file (Konstantin Akimov)
7aafb5a393 fix: add one more file to list of non-backported (flat-database.h) (Konstantin Akimov)
41f1a43236 fix: add missing const for member functions of CRateCheckBuffer (Konstantin Akimov)
982fc9a069 fix: avoid lock annotation for govman.cs in voteraw (Konstantin Akimov)
Pull request description:
## Issue being fixed or feature implemented
This PR is preparation for bitcoin#19668, otherwise impossible to make lock annotations for CGovernanceManager properly.
## What was done?
1. object mn_sync and peerman is pass to many methods of CGovernanceManager instead passing it to constructor.
2. methods of class CSuperblockManager moved to CGovernanceManager where they belongs to.
3. removed `CSuperblock::GetGovernanceObject` which makes a lot of mess with annotations of `govman.cs`
And minor relevant improvements: moved ScopedLockBool from header to implementation, added multiple `const` for methods, added one more file `flat-database.h` to non-backported list
## How Has This Been Tested?
Run unit and functional tests.
## Breaking Changes
N/A
## Checklist:
- [x] I have performed a self-review of my own code
- [x] I have commented my code, particularly in hard-to-understand areas
- [x] I have added or updated relevant unit/integration/functional/e2e tests
- [x] I have made corresponding changes to the documentation
- [x] I have assigned this pull request to a milestone
ACKs for top commit:
UdjinM6:
utACK 2e36832982
PastaPastaPasta:
utACK 2e36832982
Tree-SHA512: 59842c208f7ece46c9381fc3f9fc838d9ed1cf0fd2404eebf7fbd656c5df1fa5fd339410da83088089e2d954a017efb518cba290f6c5d45b5bcb91818041f931
This is required in order to backport bitcoin#23156, which gets rid of
`ParseDouble` (used by `ParseDoubleV`), which is last used by
`quorum dkgsimerror`.
9dad5252db build: set `-march` irrespective of target operating system (Kittywhiskers Van Gogh)
82b440546a build: update gmp to 6.3.0 (Kittywhiskers Van Gogh)
Pull request description:
## Additional Information
After [bls-signatures#92](https://github.com/dashpay/bls-signatures/pull/92), GMP is re-enabled for Apple Silicon macOS targets so long as GMP 6.3.0 or higher is used. GMP significantly contributes to performance improvements in bls-signatures, generally to the tune of ~50% ([source](https://github.com/dashpay/bls-signatures/pull/93#issuecomment-2395111949)).
The URL has been changed based on guidance from the Homebrew recipe for `gmp` ([source](51c899140c/Formula/g/gmp.rb (L44-L45))).
## Breaking Changes
None expected.
## Checklist:
- [x] I have performed a self-review of my own code
- [x] I have commented my code, particularly in hard-to-understand areas **(note: N/A)**
- [x] I have added or updated relevant unit/integration/functional/e2e tests **(note: N/A)**
- [x] I have made corresponding changes to the documentation **(note: N/A)**
- [x] I have assigned this pull request to a milestone _(for repository code-owners and collaborators only)_
ACKs for top commit:
PastaPastaPasta:
utACK [9dad525](9dad5252db)
Tree-SHA512: fbab727b9aa331f3eadd0573b925bc222380732782642cd4e12d670162cc0c45bf14edc8f99227960dc894f968f1d3f22496f0da7aca898ecb8db41d3a504f2b
c0154c0d8c partial merge bitcoin/bitcoin#27783: Add public Boost headers explicitly (fanquake)
49fcd4ab64 Merge bitcoin/bitcoin#29066: Bump minimum required Boost version due to migration to C++20 (fanquake)
355a69c47d Merge bitcoin/bitcoin#24558: build: explicitly disable Boost multi_index serialization (MarcoFalke)
Pull request description:
## Issue being fixed or feature implemented
See commit
## What was done?
## How Has This Been Tested?
## Breaking Changes
## Checklist:
_Go over all the following points, and put an `x` in all the boxes that apply._
- [ ] I have performed a self-review of my own code
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have added or updated relevant unit/integration/functional/e2e tests
- [ ] I have made corresponding changes to the documentation
- [x] I have assigned this pull request to a milestone _(for repository code-owners and collaborators only)_
ACKs for top commit:
UdjinM6:
utACK c0154c0d8c
knst:
utACK c0154c0d8c
Tree-SHA512: d11045903e1b665b8bbb21326ce3f9b1ee2c83b881e48a08482f1c5103c7b9909f1defac27b222fa28ee6c1ae52c98c924850eb0a38993e53d6008c81791181d
251434f094 test: adjust reindex test to check with txindex on/off (UdjinM6)
Pull request description:
## Issue being fixed or feature implemented
https://github.com/dashpay/dash/pull/6316#discussion_r1791520650
## What was done?
## How Has This Been Tested?
## Breaking Changes
## Checklist:
- [ ] I have performed a self-review of my own code
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] I have added or updated relevant unit/integration/functional/e2e tests
- [ ] I have made corresponding changes to the documentation
- [x] I have assigned this pull request to a milestone _(for repository code-owners and collaborators only)_
ACKs for top commit:
kwvg:
utACK 251434f094
PastaPastaPasta:
utACK 251434f094
Tree-SHA512: c2349317c7e1f1202c3f141bc4271b45b4a1d69740681ec1aacd0ebb20082db0255c4a9eb0562c01f9229bd119e6bcc7b87964da3b4d7e23aa855d04e75c3880