Add compile time checking for cs_main runtime locking assertions #13083

pull practicalswift wants to merge 1 commits into bitcoin:master from practicalswift:cs_main changing 13 files +54 −52
  1. practicalswift commented at 9:37 PM on April 25, 2018: contributor

    Add compile time checking for cs_main runtime locking assertions.

    This PR is a subset of #12665. The PR was broken up to make reviewing easier.

    The intention is that literally all EXCLUSIVE_LOCKS_REQUIRED/LOCKS_EXCLUDED:s added in this PR should follow either directly or indirectly from AssertLockHeld(…)/AssertLockNotHeld(…):s already existing in the repo.

    Consider the case where function A(…) contains AssertLockHeld(cs_foo) (without first locking cs_foo in A), and that B(…) calls A(…) (without first locking cs_main):

    • It directly follows that: A(…) should have an EXCLUSIVE_LOCKS_REQUIRED(cs_foo) annotation.
    • It indirectly follows that: B(…) should have an EXCLUSIVE_LOCKS_REQUIRED(cs_foo) annotation.
  2. practicalswift cross-referenced this on Apr 25, 2018 from issue Add compile time checking for run time locking assertions by practicalswift
  3. fanquake added the label Refactoring on Apr 25, 2018
  4. practicalswift cross-referenced this on Apr 30, 2018 from issue Meta-issue: Add Clang thread safety analysis annotations by practicalswift
  5. practicalswift cross-referenced this on Apr 30, 2018 from issue Add missing cs_main locks when accessing chainActive by practicalswift
  6. practicalswift renamed this:
    Add compile time checking for all cs_main runtime locking assertions
    Add compile time checking for cs_main runtime locking assertions
    on May 3, 2018
  7. practicalswift force-pushed on May 5, 2018
  8. practicalswift force-pushed on May 14, 2018
  9. practicalswift commented at 1:34 PM on May 14, 2018: contributor

    Rebased!

  10. practicalswift force-pushed on May 24, 2018
  11. practicalswift commented at 8:03 PM on May 24, 2018: contributor

    Rebased!

  12. practicalswift force-pushed on May 29, 2018
  13. practicalswift commented at 10:04 PM on May 29, 2018: contributor

    Rebased!

  14. MarcoFalke cross-referenced this on May 29, 2018 from issue Add missing locks: validation.cpp + related by practicalswift
  15. in src/qt/transactiondesc.cpp:51 in 8a3505c25b outdated 
      47 | @@ -48,7 +48,7 @@ QString TransactionDesc::FormatTxStatus(const interfaces::WalletTx& wtx, const i
  48 |      }
  49 |  }
  50 |  
  51 | -QString TransactionDesc::toHTML(interfaces::Node& node, interfaces::Wallet& wallet, TransactionRecord *rec, int unit)
  52 | +QString TransactionDesc::toHTML(interfaces::Node& node, interfaces::Wallet& wallet, TransactionRecord *rec, int unit) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
    MarcoFalke commented at 11:59 PM on May 29, 2018:

    I can't see why any of the changes in the qt and rpc folders are needed. Please make sure you don't add false positives.

  16. practicalswift force-pushed on May 30, 2018
  17. DrahtBot cross-referenced this on Jun 7, 2018 from issue Document validationinterace callback blocking deadlock potential. by TheBlueMatt
  18. DrahtBot cross-referenced this on Jun 7, 2018 from issue rpc: Add testblocktemplatevalidity by MarcoFalke
  19. DrahtBot cross-referenced this on Jun 7, 2018 from issue [net,mempool] Call AcceptToMemoryPool() asynchronously in p2p by skeees
  20. DrahtBot cross-referenced this on Jun 8, 2018 from issue [net] Tighten scope in net_processing by skeees
  21. DrahtBot added the label Needs rebase on Jun 15, 2018
  22. practicalswift force-pushed on Jun 15, 2018
  23. practicalswift commented at 8:15 PM on June 15, 2018: contributor

    Rebased! :-)

  24. DrahtBot removed the label Needs rebase on Jun 19, 2018
  25. DrahtBot cross-referenced this on Jun 19, 2018 from issue doc: Rewrite some validation docs as lock annotations by MarcoFalke
  26. DrahtBot cross-referenced this on Jun 19, 2018 from issue [net] Thread safety annotations in net_processing by skeees
  27. DrahtBot cross-referenced this on Jun 26, 2018 from issue rpc: Add submitheader by MarcoFalke
  28. DrahtBot cross-referenced this on Jun 30, 2018 from issue Fix get balance by jnewbery
  29. DrahtBot added the label Needs rebase on Jul 9, 2018
  30. practicalswift force-pushed on Jul 11, 2018
  31. practicalswift commented at 11:39 PM on July 11, 2018: contributor

    Rebased!

  32. MarcoFalke commented at 12:51 AM on July 12, 2018: member

    Travis output:

    bench/block_assemble.cpp:102:18: error: calling function 'AcceptToMemoryPool' requires holding mutex 'cs_main' exclusively [-Werror,-Wthread-safety-analysis]
        bool ret{::AcceptToMemoryPool(::mempool, state, txr, nullptr /* pfMissingInputs */, nullptr /* plTxnReplaced */, false /* bypass_limits */, /* nAbsurdFee */ 0)};
                 ^
1 error generated.
  33. DrahtBot removed the label Needs rebase on Jul 12, 2018
  34. DrahtBot cross-referenced this on Jul 12, 2018 from issue wallet: Add GetBalances to calculate all balances by promag
  35. DrahtBot cross-referenced this on Jul 12, 2018 from issue Drop unused pindexRet arg to CMerkleTx::GetDepthInMainChain by Empact
  36. practicalswift force-pushed on Jul 12, 2018
  37. practicalswift commented at 8:56 AM on July 12, 2018: contributor

    @MarcoFalke Oh thanks! Now fixed. Also incorporated the CChainState changes you suggested in the other PR. Please re-review :-)

  38. DrahtBot cross-referenced this on Jul 13, 2018 from issue Add CMerkleTx::IsImmatureCoinBase method by Empact
  39. DrahtBot added the label Needs rebase on Jul 14, 2018
  40. in src/validation.h:416 in dbb3af8b50 outdated 
     412 | @@ -413,7 +413,7 @@ bool ReadRawBlockFromDisk(std::vector<uint8_t>& block, const CBlockIndex* pindex
 413 |  /** Context-independent validity checks */
 414 |  bool CheckBlock(const CBlock& block, CValidationState& state, const Consensus::Params& consensusParams, bool fCheckPOW = true, bool fCheckMerkleRoot = true);
 415 |  
 416 | -/** Check a block is completely valid from start to finish (only works on top of our current best block) */
 417 | +/** Check a block is completely valid from start to finish (only works on top of our current best block, with cs_main held) */
    MarcoFalke commented at 6:15 PM on July 14, 2018:

    Unwanted change?

  41. practicalswift force-pushed on Jul 15, 2018
  42. practicalswift force-pushed on Jul 15, 2018
  43. practicalswift commented at 11:18 PM on July 15, 2018: contributor

    @MarcoFalke Thanks! Locking comment removed. Also rebased. Please re-review :-)

  44. practicalswift force-pushed on Jul 15, 2018
  45. DrahtBot removed the label Needs rebase on Jul 16, 2018
  46. DrahtBot added the label Needs rebase on Jul 24, 2018
  47. practicalswift force-pushed on Aug 1, 2018
  48. DrahtBot removed the label Needs rebase on Aug 1, 2018
  49. DrahtBot cross-referenced this on Aug 1, 2018 from issue [wallet] Kill accounts by jnewbery
  50. DrahtBot cross-referenced this on Aug 1, 2018 from issue WIP: Transaction Pool Layer by MarcoFalke
  51. DrahtBot cross-referenced this on Aug 1, 2018 from issue wallet: -avoidreuse with destination filters by kallewoof
  52. DrahtBot cross-referenced this on Aug 1, 2018 from issue validation: Pass tx pool reference into CheckSequenceLocks by MarcoFalke
  53. DrahtBot cross-referenced this on Aug 1, 2018 from issue wallet: "avoid_reuse" wallet flag for improved privacy by kallewoof
  54. DrahtBot cross-referenced this on Aug 3, 2018 from issue validation: Document where we are intentionally ignoring bool return values from validation related functions by practicalswift
  55. DrahtBot cross-referenced this on Aug 3, 2018 from issue Remove unused fScriptChecks parameter from CheckInputs by Empact
  56. DrahtBot cross-referenced this on Aug 10, 2018 from issue Track best-possible-headers (TheBlueMatt) by Sjors
  57. practicalswift force-pushed on Aug 13, 2018
  58. practicalswift commented at 11:44 AM on August 13, 2018: contributor

    Rebase number seven performed! :-)

  59. MarcoFalke commented at 1:25 PM on August 13, 2018: member

    utACK 2cb4b9a4bdec7e70e188e4cbf5588e0957112647

  60. DrahtBot cross-referenced this on Aug 22, 2018 from issue Remove accounts rpcs by jnewbery
  61. in src/validationinterface.h:10 in 2cb4b9a4bd outdated 
       6 | @@ -7,10 +7,12 @@
   7 |  #define BITCOIN_VALIDATIONINTERFACE_H
   8 |  
   9 |  #include <primitives/transaction.h> // CTransaction(Ref)
  10 | +#include <sync.h>
    MarcoFalke commented at 1:19 AM on August 23, 2018:

    Could use a forward decl of class CCriticalSection; instead?

    practicalswift commented at 9:33 PM on August 25, 2018:

    @MarcoFalke sync.h is needed for LOCKS_EXCLUDED, etc too :-)

  62. DrahtBot cross-referenced this on Aug 23, 2018 from issue Utxoscriptindex by mgrychow
  63. DrahtBot added the label Needs rebase on Aug 25, 2018
  64. DrahtBot commented at 4:40 PM on August 25, 2018: contributor

    <!--cf906140f33d8803c4a75a2196329ecb-->Needs rebase

  65. practicalswift force-pushed on Aug 25, 2018
  66. practicalswift commented at 9:38 PM on August 25, 2018: contributor

    @MarcoFalke Rebased. Please re-review. Any outstanding issues? :-)

  67. MarcoFalke commented at 9:44 PM on August 25, 2018: member

    re-utACK 5cc07926d82b4fecdc7ec6b68f113b709cfa1938

  68. practicalswift commented at 9:59 PM on August 25, 2018: contributor

    If this is merged then a lot of the other locking annotations PR:s would be drastically reduced since they repeat cs_main related annotations already contained in this PR. Review of this specific locking annotations PR would thus be extra appreciated :-)

    Reviewers of previous locking annotations PR:s – @Empact, @laanwj, @TheBlueMatt or @promag – would you mind take a look at this PR? :-)

  69. MarcoFalke commented at 10:04 PM on August 25, 2018: member

    @practicalswift Travis failed here

  70. Add compile time checking for all cs_main runtime locking assertions 9e0a514112
  71. practicalswift force-pushed on Aug 25, 2018
  72. MarcoFalke merged this on Aug 25, 2018
  73. MarcoFalke closed this on Aug 25, 2018
  74. MarcoFalke referenced this in commit 91186e5984 on Aug 25, 2018
  75. MarcoFalke removed the label Needs rebase on Aug 25, 2018
  76. in src/txmempool.cpp:500 in 9e0a514112 
     496 | @@ -497,7 +497,7 @@ void CTxMemPool::removeRecursive(const CTransaction &origTx, MemPoolRemovalReaso
 497 |      }
 498 |  }
 499 |  
 500 | -void CTxMemPool::removeForReorg(const CCoinsViewCache *pcoins, unsigned int nMemPoolHeight, int flags)
 501 | +void CTxMemPool::removeForReorg(const CCoinsViewCache *pcoins, unsigned int nMemPoolHeight, int flags) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
    MarcoFalke commented at 10:39 PM on August 25, 2018:

    Looks like this was added in the cpp file. Would you mind moving it to the header file?

  77. in src/wallet/wallet.cpp:4413 in 9e0a514112 
    4409 | @@ -4410,7 +4410,7 @@ bool CMerkleTx::IsImmatureCoinBase() const
4410 |      return GetBlocksToMaturity() > 0;
4411 |  }
4412 |  
4413 | -bool CWalletTx::AcceptToMemoryPool(const CAmount& nAbsurdFee, CValidationState& state)
4414 | +bool CWalletTx::AcceptToMemoryPool(const CAmount& nAbsurdFee, CValidationState& state) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
    MarcoFalke commented at 10:39 PM on August 25, 2018:

    Same here

  78. in src/interfaces/wallet.cpp:60 in 9e0a514112 
      56 | @@ -57,7 +57,7 @@ class PendingWalletTxImpl : public PendingWalletTx
  57 |  };
  58 |  
  59 |  //! Construct wallet tx struct.
  60 | -WalletTx MakeWalletTx(CWallet& wallet, const CWalletTx& wtx)
  61 | +static WalletTx MakeWalletTx(CWallet& wallet, const CWalletTx& wtx) EXCLUSIVE_LOCKS_REQUIRED(cs_main)
    ryanofsky commented at 3:20 PM on August 27, 2018:

    These functions are in an anonymous namespace so adding static here has no effect.

    I think it would be better to avoid using static in cases like this. Anonymous namespaces provide a reliable way of hiding all types of c++ linker symbols, while static keyword works on a non-member symbols (and was actually deprecated in C++03, though it is undeprecated now: https://stackoverflow.com/questions/8460327/why-are-anonymous-namespaces-not-a-sufficient-replacement-for-namespace-static).

    practicalswift commented at 3:26 PM on August 27, 2018:

    @ryanofsky Yes, I know. I simply missed the fact that it was in an anonymous namespace :-)

    Thanks for noticing though :-)

  79. Bushstar cross-referenced this on Sep 4, 2018 from issue commits from bitcoin/master by Bushstar
  80. ryanofsky cross-referenced this on Sep 5, 2018 from issue Refactor: separate wallet from node by ryanofsky
  81. practicalswift deleted the branch on Apr 10, 2021
  82. Munkybooty referenced this in commit c69df3bc97 on Jun 30, 2021
  83. Munkybooty referenced this in commit c09e919c67 on Jun 30, 2021
  84. Munkybooty referenced this in commit 8a6e8d7a28 on Jul 1, 2021
  85. Munkybooty referenced this in commit a898756320 on Jul 2, 2021
  86. Munkybooty referenced this in commit 5c9d57b8b8 on Jul 4, 2021
  87. UdjinM6 referenced this in commit 0f26a0df06 on Jul 7, 2021
  88. Munkybooty referenced this in commit 23f332711e on Jul 7, 2021
  89. Munkybooty referenced this in commit eae3b9abc4 on Jul 7, 2021
  90. Munkybooty referenced this in commit 06e467d037 on Jul 8, 2021
  91. gades referenced this in commit 956217b1c7 on May 1, 2022
  92. bitcoin locked this on Aug 18, 2022
Contributors
practicalswiftMarcoFalkeDrahtBotryanofsky
Labels
Refactoring
Linked (view graph)
#10973 Refactor: separate wallet from node#11596 Add missing cs_main locks when accessing chainActive#11652 Add missing locks: validation.cpp + related#12665 Add compile time checking for run time locking assertions#13129 Meta-issue: Add Clang thread safety analysis annotations
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-05-20 06:55 UTC