| Age | Commit message (Collapse) | Author |
|---|
|
|
|
04255073bbd2b8ea71ae8a9ff7433be499312758 qt: Update source translations (laanwj)
cf79c56e65595612d899f0551348656b00d1108f init: Remove confusing '(possible integer overflow?)' from error message (laanwj)
d570a63894d5285d350b628b47014abba280743f qt: Update transifex resource blob to 23.0 (laanwj)
Pull request description:
- Update translations for 0.23 string freeze
- Update transifex resource blob to 23.0
This is necessary before a 23.0 resource can be created on Transifex.
ACKs for top commit:
hebasto:
ACK 04255073bbd2b8ea71ae8a9ff7433be499312758
Tree-SHA512: ff886e92721f070e3c135cfec229c41848a67c02355b88f2a5a507241b545f4209167d83b561420c2a82f49a5994170b01dcfb95bfc3fe6b9c832abcc6547b14
|
|
|
|
Warning: Replacing fs::system_complete calls with fs::absolute calls
in this commit may cause minor changes in behaviour because fs::absolute
no longer strips trailing slashes; however these changes are believed to
be safe.
Co-authored-by: Russell Yanofsky <russ@yanofsky.org>
Co-authored-by: Hennadii Stepanov <32963518+hebasto@users.noreply.github.com>
|
|
|
|
coalescence" fixups
e3544c864e3e56867de25b8db7b012d58b378050 init: Use clang-tidy named args syntax (Carl Dong)
3401630417d994b53ff3a89db2ea759ab1ec6f0f style-only: Rename *Chainstate return values (Carl Dong)
1dd582782d3c182aa952f23ec577f6a0a8672e7b docs: Make LoadChainstate comment more accurate (Carl Dong)
6b83576388e205116a0ebc67b9949f309eea1207 node/chainstate: Use MAX_FUTURE_BLOCK_TIME (Carl Dong)
Pull request description:
There are 2 proposed fixups in discussions in #23280 which I have not implemented:
1. An overhaul to return types and an option type for the two `*Chainstate` functions: https://github.com/bitcoin/bitcoin/pull/23280#issuecomment-984149564
- The change reintroduces stringy return types and is quite involved. It could be discussed in a separate PR.
2. Passing in the unix time to `VerifyChainstate` instead of a callback to get the time: https://github.com/bitcoin/bitcoin/pull/23280#discussion_r765051533
- I'm not sure it matters much whether it's a callback or just the actual unix time. Also, I think `VerifyDB` can take quite a while, and I don't want to impose that the function have to "run quickly" in order to have it be correct.
If reviewers feel strongly about either of the two fixups listed above, please feel free to open a PR based on mine and I'll close this one!
ACKs for top commit:
ryanofsky:
Code review ACK e3544c864e3e56867de25b8db7b012d58b378050
MarcoFalke:
ACK e3544c864e3e56867de25b8db7b012d58b378050 🐸
Tree-SHA512: dd1de0265b6785eef306e724b678ce03d7c54ea9f4b5ea0ccd7af59cce2ea3aba73fd4af0c15e2dca9265807dc4075f9afa2ec103672677b6638b1a4fc090904
|
|
-BEGIN VERIFY SCRIPT-
./contrib/devtools/copyright_header.py update ./
-END VERIFY SCRIPT-
Commits of previous years:
* 2020: fa0074e2d82928016a43ca408717154a1c70a4db
* 2019: aaaaad6ac95b402fe18d019d67897ced6b316ee0
|
|
|
|
|
|
|
|
[META] In a future commit, these options will be used in TestingSetup to
ensure that the DBs are in-memory.
|
|
I strongly recommend reviewing with the following git-diff flags:
--color-moved=dimmed_zebra --color-moved-ws=allow-indentation-change
[META] In a future commit, this function will be re-used in TestingSetup
so that the behaviour matches across test and non-test init
codepaths.
|
|
Previously we were passing in CChainParams, when VerifyDB only needed
the Consensus::Params subset.
|
|
...instead allow optionally passing in a std::function<bool()>
|
|
...instead pass in a std::function<int64_t()>
Note that the static_cast is needed (apparently) for the compiler to
know which overloaded GetTime to choose.
|
|
See added code comment for more details.
|
|
|
|
...by moving the try/catch out of LoadChainstate
I strongly recommend reviewing with the following git-diff flags:
--color-moved=dimmed_zebra --color-moved-ws=allow-indentation-change
|
|
...instead allow the caller to optionally pass in callbacks which are
triggered for certain events.
Behaviour change: The string "Verifying blocks..." was previously
printed for each chainstate in chainman which did not have an
effectively empty coinsview, now it will be printed once unconditionally
before we call VerifyLoadedChain.
|
|
|
|
|
|
|
|
...instead pass in only the necessary information
Also allow mempool to be a nullptr
|
|
...instead pass in only the necessary information
|
|
This allows us to separate the initialization code from translations and
error reporting.
This change changes the caller semantics of LoadChainstate quite
drastically.
To see that this change doesn't change behaviour, observe that:
1. Prior to this change, LoadChainstate returned false only in the "bad
genesis block" failure case (by returning InitError()), indicating
that the caller should immediately bail. After this change, the
corresponding ERROR_BAD_GENESIS_BLOCK handler in src/init.cpp
maintains behavioue by also bailing immediately.
2. The failed_* temporary booleans were only used to break out of the
outer do/while(false) loop. They can therefore be safely removed.
|
|
...instead just move it out
|
|
I strongly recommend reviewing with the following git-diff flags:
--color-moved=dimmed_zebra --color-moved-ws=allow-indentation-change
[META] This commit is intended to be as close to a move-only commit as
possible, and lingering ugliness will be resolved in subsequent
commits.
A few variables that are passed in by value instead of by reference
deserve explanation:
- fReset and fReindexChainstate are both local variables in AppInitMain
and are not modified in the sequence
- fPruneMode, despite being a global, is only modified in
AppInitParameterInteraction, long before LoadChainstate is called
----
[META] This semantic will change in a future commit named
"node/chainstate: Decouple from stringy errors"
|
|
|
|
fa4e09924b11b0dc94e377005f86a83c09761265 refactor: Replace validation.h include with forward-decl in miner.h (MarcoFalke)
fa0739a7d398aea952a07b73ef565e7c2da75898 style: Sort file list after rename (MarcoFalke)
fa53e3a58c94731a90514fe92fad365a49adb10c scripted-diff: Move miner to src/node (MarcoFalke)
Pull request description:
It is impossible to run the miner without a node (validation, chainstate, mempool, rpc, ...). Also, the module is in the node library. Thus, it should be moved to `src/node`.
Also, replace the `validation.h` include in the header with a forward-declaration.
ACKs for top commit:
theStack:
Code-review ACK fa4e09924b11b0dc94e377005f86a83c09761265
Tree-SHA512: 791e6caa5839d8dc83b0f58f3f49bc0a7e3c1710822e8a44dede254c87b6f7531a0586fb95e8a067c181457a3895ad6041718aa2a2fac64cfc136bf04bb851d5
|
|
suffix unit
21b58f430fa05fdb7c5db79b545302417a5dbceb util: ParseByteUnits - Parse a string with suffix unit [k|K|m|M|g|G|t|T] (Douglas Chimento)
Pull request description:
A convenience utility for parsing human readable strings sizes e.g. `500G` is `500 * 1 << 30`
The argument/setting `maxuploadtarget` now accept human readable byte units `[k|K|m|M|g|G||t|T]`
This change backward compatible, defaults to `M` if no unit specified.
ACKs for top commit:
vasild:
ACK 21b58f430fa05fdb7c5db79b545302417a5dbceb
ryanofsky:
Code review ACK 21b58f430fa05fdb7c5db79b545302417a5dbceb. Only changes since last review are dropping optional has_value call, fixing comment punctuation, squashing commits.
Tree-SHA512: c9b85acc0f77c847a0290b27ac5dc586ecc078110cf133063140576a04c11aa9c553159b9b4993488edcf6e60db6837de7c83b2964639bc21e8ffa4d455a5eb7
|
|
A convenience utility for human readable arguments/config e.g. -maxuploadtarget=500g
|
|
|
|
-BEGIN VERIFY SCRIPT-
# Move module
git mv src/miner.cpp src/node/
git mv src/miner.h src/node/
# Replacements
sed -i 's:miner\.h:node/miner.h:g' $(git grep -l miner)
sed -i 's:miner\.cpp:node/miner.cpp:g' $(git grep -l miner)
sed -i 's:MINER_H:NODE_MINER_H:g' $(git grep -l MINER_H)
-END VERIFY SCRIPT-
|
|
ad085f9ba15c131fc5cc77086a620f2e366aac7c multiprocess: Delay wallet client construction (Russell Yanofsky)
Pull request description:
Delay wallet client construction until after logging, thread and other init for two reasons:
- More responsive multiprocess GUI startup. When bitcoin-gui is started this moves the call from bitcoin-gui to bitcoin-node that spawns bitcoin-wallet off of the GUI event thread and onto the background GUI init executor thread.
- Avoids feature_logging.py test failures with bitcoin-node by making bitcoin-wallet logging start after bitcoin-node logging starts,
because the tests are not written to handle the bitcoin-wallet logging init code running first.
This partially reverts commit b266b3e0bf29d0f3d5deaeec62d57c5025b35525, moving wallet client creation back to the place it was located before.
---
This PR is part of the [process separation project](https://github.com/bitcoin/bitcoin/projects/10).
ACKs for top commit:
laanwj:
code review ACK ad085f9ba15c131fc5cc77086a620f2e366aac7c
hebasto:
ACK ad085f9ba15c131fc5cc77086a620f2e366aac7c, I have reviewed the code and it looks OK.
Tree-SHA512: 74d957ce2ee096db745c517124f60800185814b06c20db676090e10dce1b90311adbab02865a69731f8c39b9365f9ee14be0830ca1368cac9b474801ea92bad5
|
|
CJDNS is set up in the host OS, outside of the application. When the
routing is configured properly then connecting to fc00::/8 results in
connecting to the CJDNS network.
Introduce an option so that Bitcoin Core knows whether this is the case.
|
|
If `-proxy` is given, then also use it for connecting to the CJDNS
network.
|
|
This commit does not change behavior in any way. See previous commit for
complete rationale, but these flags are being disabled because they
aren't implemented and will otherwise break backwards compatibility when
they are implemented.
-BEGIN VERIFY SCRIPT-
sed -i 's:\(ALLOW_.*\) \(//!< unimplemented\):// \1\2:' src/util/system.h
sed -i '/DISALLOW_NEGATION.*scripted-diff/d' src/util/system.cpp
git grep -l 'ArgsManager::ALLOW_\(INT\|STRING\)' | xargs sed -i 's/ArgsManager::ALLOW_\(INT\|STRING\)/ArgsManager::ALLOW_ANY | ArgsManager::DISALLOW_NEGATION/g'
git grep -l 'ALLOW_BOOL' -- ':!src/util/system.h' | xargs sed -i 's/ALLOW_BOOL/ALLOW_ANY/g'
-END VERIFY SCRIPT-
|
|
There is no change in behavior. This just helps prepare for the
transition from boost::filesystem to std::filesystem by avoiding calls
to methods which will be unsafe after the transaction to std::filesystem
to due lack of a boost::filesystem::path::imbue equivalent and inability
to set a predictable locale.
Co-authored-by: Hennadii Stepanov <32963518+hebasto@users.noreply.github.com>
Co-authored-by: Kiminuo <kiminuo@protonmail.com>
Co-authored-by: MarcoFalke <falke.marco@gmail.com>
|
|
9d0379cea6c164610d05287ae6dd4e66f35b92b3 consensus: use <cstdint> over <stdint.h> in amount.h (fanquake)
863e52fe63a67fa020fb1ef527b9095a35ab77a5 consensus: make COIN & MAX_MONEY constexpr (fanquake)
d09071da5bc997f2de1f55ca7a9babc3d7619329 [MOVEONLY] consensus: move amount.h into consensus (fanquake)
Pull request description:
A first step (of a few) towards some source code reorganization, as well as making libbitcoinconsensus slightly more self contained.
Related to #15732.
ACKs for top commit:
MarcoFalke:
concept ACK 9d0379cea6c164610d05287ae6dd4e66f35b92b 🏝
Tree-SHA512: 97fc79262dcb8c00996852a288fee69ddf8398ae2c95700bba5b326f1f38ffcfaf8fa66e29d0cb446d9b3f4e608a96525fae0c2ad9cd531ad98ad2a4a687cd6a
|
|
secure computing mode)
4747da3a5b639b5a336b737e7e3cbf060cf2efcf Add syscall sandboxing (seccomp-bpf) (practicalswift)
Pull request description:
Add experimental syscall sandboxing using seccomp-bpf (Linux secure computing mode).
Enable filtering of system calls using seccomp-bpf: allow only explicitly allowlisted (expected) syscalls to be called.
The syscall sandboxing implemented in this PR is an experimental feature currently available only under Linux x86-64.
To enable the experimental syscall sandbox the `-sandbox=<mode>` option must be passed to `bitcoind`:
```
-sandbox=<mode>
Use the experimental syscall sandbox in the specified mode
(-sandbox=log-and-abort or -sandbox=abort). Allow only expected
syscalls to be used by bitcoind. Note that this is an
experimental new feature that may cause bitcoind to exit or crash
unexpectedly: use with caution. In the "log-and-abort" mode the
invocation of an unexpected syscall results in a debug handler
being invoked which will log the incident and terminate the
program (without executing the unexpected syscall). In the
"abort" mode the invocation of an unexpected syscall results in
the entire process being killed immediately by the kernel without
executing the unexpected syscall.
```
The allowed syscalls are defined on a per thread basis.
I've used this feature since summer 2020 and I find it to be a helpful testing/debugging addition which makes it much easier to reason about the actual capabilities required of each type of thread in Bitcoin Core.
---
Quick start guide:
```
$ ./configure
$ src/bitcoind -regtest -debug=util -sandbox=log-and-abort
…
2021-06-09T12:34:56Z Experimental syscall sandbox enabled (-sandbox=log-and-abort): bitcoind will terminate if an unexpected (not allowlisted) syscall is invoked.
…
2021-06-09T12:34:56Z Syscall filter installed for thread "addcon"
2021-06-09T12:34:56Z Syscall filter installed for thread "dnsseed"
2021-06-09T12:34:56Z Syscall filter installed for thread "net"
2021-06-09T12:34:56Z Syscall filter installed for thread "msghand"
2021-06-09T12:34:56Z Syscall filter installed for thread "opencon"
2021-06-09T12:34:56Z Syscall filter installed for thread "init"
…
# A simulated execve call to show the sandbox in action:
2021-06-09T12:34:56Z ERROR: The syscall "execve" (syscall number 59) is not allowed by the syscall sandbox in thread "msghand". Please report.
…
Aborted (core dumped)
$
```
---
[About seccomp and seccomp-bpf](https://en.wikipedia.org/wiki/Seccomp):
> In computer security, seccomp (short for secure computing mode) is a facility in the Linux kernel. seccomp allows a process to make a one-way transition into a "secure" state where it cannot make any system calls except exit(), sigreturn(), and read() and write() to already-open file descriptors. Should it attempt any other system calls, the kernel will terminate the process with SIGKILL or SIGSYS. In this sense, it does not virtualize the system's resources but isolates the process from them entirely.
>
> […]
>
> seccomp-bpf is an extension to seccomp that allows filtering of system calls using a configurable policy implemented using Berkeley Packet Filter rules. It is used by OpenSSH and vsftpd as well as the Google Chrome/Chromium web browsers on Chrome OS and Linux. (In this regard seccomp-bpf achieves similar functionality, but with more flexibility and higher performance, to the older systrace—which seems to be no longer supported for Linux.)
ACKs for top commit:
laanwj:
Code review and lightly tested ACK 4747da3a5b639b5a336b737e7e3cbf060cf2efcf
Tree-SHA512: e1c28e323eb4409a46157b7cc0fc29a057ba58d1ee2de268962e2ade28ebd4421b5c2536c64a3af6e9bd3f54016600fec88d016adb49864b63edea51ad838e17
|
|
|
|
dc3ec74d67abc85e8f724648f93efdd097e6f783 Add rescan removal release note (Samuel Dobson)
bccd1d942d971e70e7a0f4f5628e1b74b3ac15e0 Remove -rescan startup parameter (Samuel Dobson)
f963b0fa8cdd5223feb828c5faf6c57bc4107c8a Corrupt wallet tx shouldn't trigger rescan of all wallets (Samuel Dobson)
6c006495ef07f163d0734ec35d3cd1589a4aae9d Remove outdated dummy wallet -salvagewallet arg (Samuel Dobson)
Pull request description:
Remove the `-rescan` startup parameter.
Rescans can be run with the `rescanblockchain` RPC.
Rescans are still done on wallet-load if needed due to corruption, for example.
ACKs for top commit:
achow101:
ACK dc3ec74d67abc85e8f724648f93efdd097e6f783
laanwj:
re-ACK dc3ec74d67abc85e8f724648f93efdd097e6f783
Tree-SHA512: 608360d0e7d73737fd3ef408b01b33d97a75eebccd70c6d1b47a32fecb99b9105b520b111b225beb10611c09aa840a2b6d2b6e6e54be5d0362829e757289de5c
|
|
Move amount.h to consensus/amount.h.
Renames, adds missing and removes uneeded includes.
|
|
|
|
This reverts commit ee7891a0c412728cf8bec667f25263682a9baaaf, and moves
the comments into the right place.
|
|
Delay wallet client construction until after logging, thread and other
init for two reasons:
- More responsive multiprocess GUI startup. When bitcoin-gui is started
this moves the call from bitcoin-gui to bitcoin-node that spawns
bitcoin-wallet off of the GUI event thread and onto the background GUI
init executor thread.
- Avoids feature_logging.py test failures with bitcoin-node by making
bitcoin-wallet logging start after bitcoin-node logging starts,
because the tests are not written to handle the bitcoin-wallet logging
init code running first.
This partially reverts commit b266b3e0bf29d0f3d5deaeec62d57c5025b35525,
moving wallet client creation back to the place it was located before.
|
|
fa20f815a9cb438c5ab61e97a453612ddd8b21b5 Remove txindex migration code (MarcoFalke)
fae878603345854527c211ebb7d1967f12c8bb9d doc: Fix validation typo (MarcoFalke)
fab89006d656261770503e54fdd01ac9167bdd49 Add missing includes and forward declarations, remove unused ones (MarcoFalke)
Pull request description:
No supported version of Bitcoin Core used the legacy txindex, so all relevant nodes can be assumed to have upgraded. Thus, there is no need to keep this code any longer.
As a temporary courtesy, provide a one-time warning on how to free the disk space used by the legacy txindex.
Fixes #22615
ACKs for top commit:
laanwj:
Code review ACK fa20f815a9cb438c5ab61e97a453612ddd8b21b5
hebasto:
ACK fa20f815a9cb438c5ab61e97a453612ddd8b21b5, tested on Linux Mint 20.2 (x86_64).
Zero-1729:
crACK fa20f815a9cb438c5ab61e97a453612ddd8b21b5
theStack:
Approach ACK fa20f815a9cb438c5ab61e97a453612ddd8b21b5
Tree-SHA512: 68aa32d064d1e3932e6e382816a4b5de417bd7e82861fea1ee50660e8c397f4efeb88ae4ed54a8ad1952c3563eb0b8449d7ccf883c353cc4d4dc7e15c53d78e8
|
|
makeChain, etc methods
e4709c7b56612553fb7cbf16ef2d5099c5b732d0 Start using init makeNode, makeChain, etc methods (Russell Yanofsky)
Pull request description:
Use `interfaces::Init::make*` methods instead of `interfaces::Make*` functions, so interfaces can be constructed differently in different executable without having to change any code. (So for example `bitcoin-gui` can make an `interfaces::Node` pointer that communicates with a `bitcoin-node` subprocess, while `bitcoin-qt` can make an `interfaces::Node` pointer that controls node code in the same process.)
---
This PR is part of the [process separation project](https://github.com/bitcoin/bitcoin/projects/10). The commit was first part of larger PR #10102.
ACKs for top commit:
jamesob:
reACK https://github.com/bitcoin/bitcoin/commit/e4709c7b56612553fb7cbf16ef2d5099c5b732d0
achow101:
ACK e4709c7b56612553fb7cbf16ef2d5099c5b732d0
benthecarman:
utACK e4709c7b56612553fb7cbf16ef2d5099c5b732d0
Tree-SHA512: 580c1979dbb2ef444157c8e53041e70d15ddeee77e5cbdb34f70b6d228cc2d2fe3843825f172da84e506200c58f7e0932f7cd4c006bb5058c1f4e43259394834
|
|
corrupted
fa55c3dc1b4bbdc6a53bd11fa6c0b2ec6bbb64ae Raise InitError when peers.dat is invalid or corrupted (MarcoFalke)
fa4e2ccfd8ae96c381947285bef47cb39474ac89 Inline ReadPeerAddresses (MarcoFalke)
fa5aeec80c6cdca9ca027d80dff3b397911ff2c2 Move LoadAddrman from init to addrdb (MarcoFalke)
Pull request description:
peers.dat is silently erased when it can not be parsed or when it appears corrupted. Fix that by notifying the user. This might help in the following examples:
* The user provided the database, but picked the wrong one.
* A future version of Bitcoin Core wrote the file and it can't be read.
* The file was corrupted by a logic bug in Bitcoin Core.
* The file was corrupted by a disk failure.
ACKs for top commit:
jonatack:
Code review re-ACK fa55c3dc1b4bbdc6a53bd11fa6c0b2ec6bbb64ae per `git range-diff eb1f570 fa59c6d fa55c3` and verified the new tests fail on master, except "Check mocked addrman is valid", as expected
prayank23:
tACK https://github.com/bitcoin/bitcoin/commit/fa55c3dc1b4bbdc6a53bd11fa6c0b2ec6bbb64ae
vasild:
ACK fa55c3dc1b4bbdc6a53bd11fa6c0b2ec6bbb64ae
Tree-SHA512: 78264a78ee570a3c3262cf9c8542b5ffaffa5f52da1eef66c8c381f346989272967cfe1769c573502d9d7d3f7ad68c3ac3b2ec734185d2e4e7595b7122b14196
|
|
853c4edb70f897a6a7165abaea4a303d7d448721 [net] Remove asmap argument from CNode::CopyStats() (John Newbery)
9fd5618610e91e3949536c5122cf31eb58c9aa6b [asmap] Make DecodeAsmap() a utility function (John Newbery)
bfdf4ef334a16ef6108a658bf4f8514754128c18 [asmap] Remove SanityCheckASMap() from netaddress (John Newbery)
07a9eccb60485e71494664cc2b1964ae06a3dcf0 [net] Remove CConnman::Options.m_asmap (John Newbery)
Pull request description:
These small cleanups to the asmap code are the first 4 commits from #22910. They're minor improvements that are independently useful whether or not 22910 is merged.
ACKs for top commit:
naumenkogs:
ACK 853c4edb70f897a6a7165abaea4a303d7d448721
theStack:
Concept and code-review ACK 853c4edb70f897a6a7165abaea4a303d7d448721 🗺️
fanquake:
ACK 853c4edb70f897a6a7165abaea4a303d7d448721
Tree-SHA512: 64783743182592ac165df6ff8d18870b63861e9204ed722c207fca6938687aac43232a5ac4d8228cf8b92130ab0349de1b410a2467bb5a9d60dd9a7221b3b85b
|
