refactor: Change * to & in MutableTransactionSignatureCreator #19426

pull MarcoFalke wants to merge 1 commits into bitcoin:master from MarcoFalke:2007-refactorSign changing 10 files +28 −26
  1. MarcoFalke commented at 5:30 PM on July 1, 2020: member

    The MutableTransactionSignatureCreator constructor takes in a pointer to a mutable transaction. This is problematic for several reasons:

    • It would be undefined behaviour to pass in a nullptr because for signature creation, the memory of the mutable transaction is accessed
    • No caller currently passes in a nullptr, so passing a reference as a pointer is confusing

    Fix all issues by replacing * with & in MutableTransactionSignatureCreator

  2. sipa commented at 5:34 PM on July 1, 2020: member

    IIRC this was actually intentional (and maybe even in response to a review comment); it being a pointer makes it more clear that the object will store the passed-in argument, making it less likely that someone would accidentally pass in a temporary that would not outlive the constructed object.

    Maybe this deserves the use of lifetimebound as introduced by #19387.

  3. DrahtBot added the label Refactoring on Jul 1, 2020
  4. DrahtBot added the label RPC/REST/ZMQ on Jul 1, 2020
  5. DrahtBot added the label Tests on Jul 1, 2020
  6. theuni commented at 6:32 PM on July 1, 2020: member

    The nonnull attribute could be helpful as well, if this is kept as a pointer.

  7. MarcoFalke removed the label RPC/REST/ZMQ on Jul 1, 2020
  8. MarcoFalke removed the label Tests on Jul 1, 2020
  9. MarcoFalke cross-referenced this on Jul 1, 2020 from issue span: update constructors to match c++20 draft spec and add lifetimebound attribute by theuni
  10. practicalswift commented at 10:06 PM on July 1, 2020: contributor

    Concept ACK for making the implicit precondition (non-null mut-tx) explicit by the suggested change.

    Concept super ACK for also adding lifetime annotations as suggested by @sipa to make the currently not entirely obvious lifetime hint explicit :)

    Rationale in both cases:

    • explicit is better than implicit
    • compiler enforced is better than "try to remember"-enforced
  11. MarcoFalke marked this as a draft on Jul 1, 2020
  12. sipa commented at 1:18 AM on July 2, 2020: member

    See this list of similar cases that we may want to convert if reference + lifetimebound attribute is the direction we're going in: #19387 (comment)

  13. DrahtBot commented at 1:41 AM on July 2, 2020: contributor

    <!--e57a25ab6845829454e8d69fc972939a-->

    The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

    <!--174a7506f384e20aa4161008e828411d-->

    Conflicts

    Reviewers, this pull request conflicts with the following ones:

    • #22793 (Simplify BaseSignatureChecker virtual functions and GenericTransactionSignatureChecker constructors by achow101)
    • #21702 (Implement BIP-119 Validation (CheckTemplateVerify) by JeremyRubin)

    If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

  14. DrahtBot cross-referenced this on Jul 2, 2020 from issue [WIP DONOTMERGE] Replace boost with C++17 (std::shared_mutex) by MarcoFalke
  15. DrahtBot cross-referenced this on Jul 5, 2020 from issue Replace boost::filesystem with std::filesystem by kiminuo
  16. DrahtBot cross-referenced this on Aug 21, 2020 from issue RPC: Show fee in results for signrawtransaction* for segwit inputs by luke-jr
  17. MarcoFalke cross-referenced this on Nov 25, 2020 from issue lifetimebound compile attribute by MarcoFalke
  18. MarcoFalke force-pushed on Nov 25, 2020
  19. MarcoFalke marked this as ready for review on Nov 25, 2020
  20. MarcoFalke commented at 2:29 PM on November 25, 2020: member

    Maybe this deserves the use of lifetimebound

    thx, done

  21. jnewbery cross-referenced this on Dec 16, 2020 from issue Replace boost::optional with std::optional by MarcoFalke
  22. MarcoFalke force-pushed on Dec 21, 2020
  23. MarcoFalke commented at 12:44 PM on December 21, 2020: member

    Rebased

  24. MarcoFalke commented at 12:45 PM on December 21, 2020: member

    Closing for now due to lack of interest

  25. MarcoFalke closed this on Dec 21, 2020
  26. MarcoFalke deleted the branch on Dec 21, 2020
  27. MarcoFalke cross-referenced this on Jul 13, 2021 from issue Make PrecomputedData hold references instead of pointers? by JeremyRubin
  28. bitcoin locked this on Feb 15, 2022
  29. MarcoFalke restored the branch on May 4, 2022
  30. bitcoin unlocked this on May 4, 2022
  31. refactor: Change * to & in MutableTransactionSignatureCreator fac6cfc50f
  32. MarcoFalke reopened this on May 4, 2022
  33. MarcoFalke force-pushed on May 4, 2022
  34. MarcoFalke commented at 9:51 AM on May 4, 2022: member

    Rebased

  35. theStack approved
  36. theStack commented at 11:59 AM on May 4, 2022: contributor

    Code-review ACK fac6cfc50f65c610f2df9af3ec2efff5eade6661

    Checked that the newly introduced [[clang::lifetimebound]] attribute for the first parameter applies by compiling with clang 13.0.0 and the following patch:

    diff --git a/src/test/txvalidationcache_tests.cpp b/src/test/txvalidationcache_tests.cpp
index d41b54af2..dd995a445 100644
--- a/src/test/txvalidationcache_tests.cpp
+++ b/src/test/txvalidationcache_tests.cpp
@@ -361,6 +361,8 @@ BOOST_FIXTURE_TEST_CASE(checkinputs_test, Dersig100Setup)
             UpdateInput(tx.vin[i], sigdata);
         }

+        auto mtxsig = MutableTransactionSignatureCreator(CMutableTransaction(), 0, 0, SIGHASH_ALL);
+
         // This should be valid under all script flags
         ValidateCheckInputsForAllFlags(CTransaction(tx), 0, true, m_node.chainman->ActiveChainstate().CoinsTip());

    leading to the following warning:

      CXX      test/test_bitcoin-txvalidationcache_tests.o
test/txvalidationcache_tests.cpp:364:58: warning: temporary whose address is used as value of local variable 'mtxsig' will be destroyed at the end of the full-expression [-Wdangling]
        auto mtxsig = MutableTransactionSignatureCreator(CMutableTransaction(), 0, 0, SIGHASH_ALL);
                                                         ^~~~~~~~~~~~~~~~~~~~~
1 warning generated.
  37. DrahtBot cross-referenced this on May 5, 2022 from issue Simplify BaseSignatureChecker virtual functions and GenericTransactionSignatureChecker constructors by achow101
  38. jonatack commented at 8:27 AM on May 5, 2022: contributor

    ACK fac6cfc50f65c610f2df9af3ec2efff5eade6661

  39. DrahtBot cross-referenced this on May 5, 2022 from issue Implement BIP-119 Validation (CheckTemplateVerify) by JeremyRubin
  40. MarcoFalke merged this on May 6, 2022
  41. MarcoFalke closed this on May 6, 2022
  42. MarcoFalke deleted the branch on May 6, 2022
  43. sidhujag referenced this in commit 072bb30765 on May 9, 2022
  44. bitcoin locked this on Jul 22, 2023
Contributors
MarcoFalkesipatheunipracticalswiftDrahtBottheStackjonatack
Labels
Refactoring
Linked (view graph)
#19387 span: update constructors to match c++20 draft spec and add lifetimebound attribute#20493 lifetimebound compile attribute#20671 Replace boost::optional with std::optional#22438 Make PrecomputedData hold references instead of pointers?
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-05-20 06:54 UTC