refactor: Make CTxMemPoolEntry only explicitly copyable #28903

pull TheCharlatan wants to merge 1 commits into bitcoin:master from TheCharlatan:CTxMemPoolEntryNonCopy changing 3 files +15 −3
  1. TheCharlatan commented at 2:10 pm on November 17, 2023: contributor

    This has the goal of prohibiting users from accidentally creating runtime failures, e.g. by interacting with iterator_to with a copied entry. This was brought up here: #28886 (comment).

    CTxMemPoolEntry is already implicitly not move-constructable. So be explicit about this and use a std::list to collect the values in the policy_estimator fuzz test instead of a std::vector.

  2. DrahtBot commented at 2:10 pm on November 17, 2023: contributor

    The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

    Code Coverage

    For detailed information about the code coverage, see the test coverage report.

    Reviews

    See the guideline for information on the review process.

    Type Reviewers
    ACK maflcko, ajtowns, ismaelsadeeq, achow101

    If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update.

    Conflicts

    Reviewers, this pull request conflicts with the following ones:

    • #28335 (RFC: Remove boost usage from kernel api / headers by TheCharlatan)

    If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

  3. DrahtBot added the label Refactoring on Nov 17, 2023
  4. in src/test/fuzz/policy_estimator.cpp:70 in b9e4b4cb27 outdated 
    66+                        entry.GetTime().count(),
67+                        entry.GetHeight(),
68+                        entry.GetSequence(),
69+                        entry.GetSpendsCoinbase(),
70+                        entry.GetSigOpCost(),
71+                        entry.GetLockPoints());
    ajtowns commented at 5:37 pm on November 17, 2023:

    Replacing a simple copy with listing all the details of the object seems cumbersome. If we want to just prevent accidental copies, how about doing something like this instead:

     0class CTxMemPoolEntry {
 1private:
 2    CTxMemPoolEntry(const CTxMemPoolEntry&) = default;
 3    struct ExplicitCopyTag { explicit ExplicitCopyTag() = default; };
 4public:
 5    static constexpr ExplicitCopyTag ExplicitCopy;
 6    CTxMemPoolEntry(ExplicitCopyTag /*unused*/, const CTxMemPoolEntry& entry) : CTxMemPoolEntry(entry) { }
 7    ...
 8};
 9
10    mempool_entries.emplace_back(CTxMemPoolEntry::ExplicitCopy, entry);
    TheCharlatan commented at 7:17 pm on November 17, 2023:
    This looks nice, I’ll try to apply it.
  5. TheCharlatan force-pushed on Nov 17, 2023
  6. TheCharlatan commented at 9:22 pm on November 17, 2023: contributor

    Thank you @ajtowns,

    Updated b8b624b36ebeb167da2f9c6d12f563f6849ccd60 -> 705e3f1de00bf30d728addd52a790a139d948e32 (CTxMemPoolEntryNonCopy_0 -> CTxMemPoolEntryNonCopy_1, compare)

    • Applied @ajtownssuggestion, making CTxMemPoolEntry only copy-able if a special tag is provided.
  7. TheCharlatan force-pushed on Nov 17, 2023
  8. DrahtBot added the label CI failed on Nov 17, 2023
  9. refactor: Make CTxMemPoolEntry only explicitly copyable 
    This has the goal of prohibiting users from accidentally creating
runtime failures, e.g. by interacting with iterator_to with a copied
entry.

CTxMemPoolEntry is already implicitly not move-constructable. So be
explicit about this and use a std::list to collect the values in the
policy_estimator fuzz test instead of a std::vector.

Co-authored-by: Anthony Towns <aj@erisian.com.au>
    705e3f1de0
  10. TheCharlatan force-pushed on Nov 17, 2023
  11. DrahtBot removed the label CI failed on Nov 17, 2023
  12. maflcko commented at 10:36 am on November 20, 2023: member
    Needs the title adjusted, according to the commit title?
  13. TheCharlatan renamed this:
    refactor: Make CTxMemPoolEntry non-copyable
    refactor: Make CTxMemPoolEntry only explicitly copyable
    on Nov 20, 2023
  14. maflcko commented at 10:48 am on November 20, 2023: member

    Would be nice to completely remove the need to create copies, but this involves a lot more code changes. This small fixup makes code and the mentioned code changes easier to review, so further improvements can be done in the future, if there is need and interest.

    ACK 705e3f1de00bf30d728addd52a790a139d948e32 🌯

    Signature:

    0untrusted comment: signature from minisign secret key on empty file; verify via: minisign -Vm "${path_to_any_empty_file}" -P RWTRmVTMeKV5noAMqVlsMugDDCyyTSbA3Re5AkUrhvLVln0tSaFWglOw -x "${path_to_this_whole_four_line_signature_blob}"
1RUTRmVTMeKV5npGrKx1nqXCw5zeVHdtdYURB/KlyA/LMFgpNCs+SkW9a8N95d+U4AP1RJMi+krxU1A3Yux4bpwZNLvVBKy0wLgM=
2trusted comment: ACK 705e3f1de00bf30d728addd52a790a139d948e32 🌯
3+9sbfb3Xi5BnQ71dPDaSlA05BlkJvoPm1sFn0t0AAd4IzDC1gW7LUAep5r7LXc1iTT3BUwwHivUxUd3KI62+DA==
  15. maflcko commented at 10:49 am on November 20, 2023: member

    For reference, the move constructor is already deleted, according to a compiler:

    0./kernel/mempool_entry.h:188:27: note: move constructor of 'CTxMemPoolEntry' is implicitly deleted because field 'm_epoch_marker' has a deleted move constructor
  16. TheCharlatan force-pushed on Nov 20, 2023
  17. TheCharlatan commented at 11:11 am on November 20, 2023: contributor

    Thanks for the review @maflcko

    Re #28903 (comment)

    For reference, the move constructor is already deleted, according to a compiler:

    Removed the explicit move constructor deletion again.

  18. maflcko commented at 11:18 am on November 20, 2023: member

    Ah sorry, didn’t mean it as a feedback to change the commit. It seems fine to keep it explicitly deleted, because a move is no better than a copy when either results in a runtime error. Having it deleted also prevents it from accidentally appearing again.

    Edit: My comment was mostly meant for reviewers that wondered whether and why the move constructor was deleted.

  19. TheCharlatan force-pushed on Nov 20, 2023
  20. TheCharlatan commented at 11:21 am on November 20, 2023: contributor
    Reverted the last change again.
  21. in src/kernel/mempool_entry.h:74 in 705e3f1de0 
    70@@ -71,6 +71,11 @@ class CTxMemPoolEntry
71     typedef std::set<CTxMemPoolEntryRef, CompareIteratorByHash> Children;
72 
73 private:
74+    CTxMemPoolEntry(const CTxMemPoolEntry&) = default;
    ajtowns commented at 4:09 am on November 22, 2023:
    Might be good to add a comment explaining why copying this is often a bad thing and should only be done explicitly? (I think it’s because m_parents and m_children need to stay in sync with the container holding this entry – if you leave the copy out of the container, those sets will become bad; if you put it back into the container, those sets will probably be wrong)
    TheCharlatan commented at 5:17 pm on November 24, 2023:
    I’ll do this in #28886.
  22. ajtowns commented at 4:14 am on November 22, 2023: contributor
    ACK 705e3f1de00bf30d728addd52a790a139d948e32
  23. ismaelsadeeq approved
  24. ismaelsadeeq commented at 8:53 am on November 28, 2023: member
    ACK 705e3f1de00bf30d728addd52a790a139d948e32
  25. achow101 commented at 7:38 pm on November 28, 2023: member
    ACK 705e3f1de00bf30d728addd52a790a139d948e32
  26. achow101 merged this on Nov 28, 2023
  27. achow101 closed this on Nov 28, 2023


TheCharlatan DrahtBot ajtowns maflcko ismaelsadeeq achow101

Labels
Refactoring

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-06-29 07:13 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me