multiprocess: Add bitcoin wrapper executable

ryanofsky commented at 5:57 pm on November 26, 2024: contributor

Intended to make bitcoin command line features more discoverable and allow installing new multiprocess binaries in libexec/ instead of bin/ so they don’t cause confusion.

Idea and implementation of this were discussed in #30983.

Initial implementation of this feature is deliberately minimal so the UX can evolve in response to feedback and there are not too many details to debate and discuss in a single PR. But many improvements are possible or planned:

Adding manpage and bash completions.
Showing nicer error messages that detect if an executable isn’t installed and suggest how to fix (comment)
Showing wrapper command lines in subcommand in help output (comment). This could be done conditionally as suggested in the comment or be unconditional.
Showing wrapper command lines in subcommand error output. There is a bitcoin-cli error pointed out in (comment) that is needlessly confusing.
Integrating help so bitcoin help subcommand invokes bitcoin subcommand -h. bitcoin -h subcommand should also be supported and be equivalent (comment)
Adding support for bitcoin-util subcommands. Ideal interface would probably be more like bitcoin grind not bitcoin util grind but this has been punted for now. Supporting subcommands directly would require some ArgsManager modifications
Adding a dedicated python functional test for the wrapper. Right now there is some CI coverage by setting the BITCOIN_CMD variable, but this doesn’t cover things like the help output and version output, and support for different directory layouts.
Better --multiprocess (-m) / --monolithic (-M) default selection. Right now, default is monolithic but it probably makes sense to chose more intelligently depending on whether -ipc options are enabled and what binaries are available.
Maybe parsing bitcoin.conf and supporting options to control wrapper behavior like custom locations or preferences or aliases.
Better command command line usability. Allow combining short options like (-ah). Allow fuzzy matching of subcommands or suggestions if you misspell. (suggested by stickies in review club)
Not directly related to this PR but bitcoin-cli named implementation used by the wrapper should do a better job disambiguating named arguments from base64 arguments ending in = as pointed out in (comment)

This PR is part of the process separation project. A review club meeting for it took place in https://bitcoincore.reviews/31375

DrahtBot commented at 5:57 pm on November 26, 2024: contributor

The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

Code Coverage & Benchmarks

For details see: https://corecheck.dev/bitcoin/bitcoin/pulls/31375.

Reviews

See the guideline for information on the review process.

Type	Reviewers
ACK	vasild, theStack, ismaelsadeeq, Sjors, hodlinator, achow101
Approach ACK	TheCharlatan

If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update.

Conflicts

Reviewers, this pull request conflicts with the following ones:

#32297 (bitcoin-cli: Add -ipcconnect option by ryanofsky)
#30437 (ipc: add bitcoin-mine test program by ryanofsky)
#28690 (build: Introduce internal kernel library by TheCharlatan)

If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first.

DrahtBot added the label CI failed on Nov 26, 2024

DrahtBot commented at 6:23 pm on November 26, 2024: contributor

🚧 At least one of the CI tasks failed. Debug: https://github.com/bitcoin/bitcoin/runs/33557375133

Try to run the tests locally, according to the documentation. However, a CI failure may still happen due to a number of reasons, for example:

Possibly due to a silent merge conflict (the changes in this pull request being incompatible with the current code in the target branch). If so, make sure to rebase on the latest commit of the target branch.
A sanitizer issue, which can only be found by compiling with the sanitizer and running the affected test.
An intermittent issue.

Leave a comment here, if you need help tracking down a confusing failure.

ryanofsky force-pushed on Nov 27, 2024

ryanofsky commented at 5:15 pm on November 27, 2024: contributor

Updated 19ae652376faca65d972c12cb51cfc8af0560c9e -> 63df9f3deb35be79496f7c240e3303e1d96c6832 (pr/wrap.3 -> pr/wrap.4, compare) with fixes for windows and fuzz CI errors, and lint and tidy fixes Updated 63df9f3deb35be79496f7c240e3303e1d96c6832 -> da108a6e5be220654a65b6613ee7eb2c4ddc8677 (pr/wrap.4 -> pr/wrap.5, compare) fixing windows include error, fs lint error, and previous releases test bug

ryanofsky force-pushed on Nov 27, 2024

DrahtBot removed the label CI failed on Nov 27, 2024

in src/bitcoin.cpp:202 in b06c7ad0ae outdated

183+    // Otherwise if exe is installed in a bin/ directory, first look for target
184+    // executable in libexec/
185+    (exe_dir.filename() == "bin" && try_exec(fs::path{exe_dir.parent_path()} / "libexec" / fs::PathFromString(args[0]).filename())) ||
186+    // Otherwise look for target executable next to current exe
187+    try_exec(exe_dir / fs::PathFromString(args[0]).filename()) ||
188+    // Otherwise just look on the system path.

Sjors commented at 9:29 am on November 28, 2024:

b06c7ad0ae91102fe8cdcac6f86d627aace2219b: this is potentially confusing. If I build without gui, I expect build/src/bitcoin gui to fail. Right now it would launch any bitcoin-qt in my $PATH.

ryanofsky commented at 8:09 pm on December 3, 2024:

re: #31375 (review)

b06c7ad: this is potentially confusing. If I build without gui, I expect build/src/bitcoin gui to fail. Right now it would launch any bitcoin-qt in my $PATH.

Agree this behavior is potentially confusing, and prevented it for now, but I’m not totally I sure see it as a downside. I like the simplicity of bitcoin daemon being an alias for bitcoind and for the bitcoin wrapper to add a few additional search directories of its own but not otherwise care where other executables are installed on the PATH.

But for now added a check to avoid searching for other executables using the PATH if the bitcoin executable was not invoked using the PATH. Probably will need to keep tweaking this behavior, seeing what works and maybe adding options to control it.

Sjors commented at 7:36 am on December 6, 2024:

One advantage of allowing anything in $PATH would be once the interfaces are stable and “public”, at which point folks might install e.g. an alternative GUI implementation.

Sjors commented at 9:40 am on November 28, 2024: member

Concept ACK

I think it would be more clear to move build/src/bitcoin-{node,gui} to build/src/libexec, rather than use a different file organization for CMake builds than for installs.

The “Win64 native, VS 2022” job still seems unhappy.

hebasto commented at 10:49 am on November 28, 2024: member

The “Win64 native, VS 2022” job still seems unhappy.

https://learn.microsoft.com/en-us/cpp/error-messages/compiler-warnings/compiler-warning-level-3-c4996?view=msvc-170#posix-function-names:

To turn off deprecation warnings for these functions, define the preprocessor macro _CRT_NONSTDC_NO_WARNINGS. You can define this macro at the command line by including the option /D_CRT_NONSTDC_NO_WARNINGS.

We have already used this macro:https://github.com/bitcoin/bitcoin/blob/7590e93bc73b3bbac641f05d490fd5c984156b33/cmake/leveldb.cmake#L87-L89

ryanofsky force-pushed on Dec 3, 2024

ryanofsky commented at 8:56 pm on December 3, 2024: contributor

Thanks for the reviews!

Updated da108a6e5be220654a65b6613ee7eb2c4ddc8677 -> 02567bf2bef5997ea5f0765780d196f36d3053e8 (pr/wrap.5 -> pr/wrap.6, compare) to fix windows build warning and making a change to avoid a potentially confusing behavior #31375 (review)

re: #31375#pullrequestreview-2467341532

I think it would be more clear to move build/src/bitcoin-{node,gui} to build/src/libexec, rather than use a different file organization for CMake builds than for installs.

Agree and I think #31161 should allow this to be simplified.

re: #31375 (comment)

We have already used this macro:

https://github.com/bitcoin/bitcoin/blob/7590e93bc73b3bbac641f05d490fd5c984156b33/cmake/leveldb.cmake#L87-L89

It seems like it would be better if this code could be compiled without disabling warnings, especially since if the old names are being deprecated. For now I just added a #define to switch to the recommended name. For leveldb it probably does make sense to disable the warnings to avoid needing to change the code too much.

maflcko commented at 7:40 am on December 4, 2024: member

For reference the CI failure is:

0                                   subprocess.CalledProcessError: Command '['C:\\hostedtoolcache\\windows\\Python\\3.12.7\\x64\\python.exe', 'D:/a/bitcoin/bitcoin\\contrib\\signet\\miner', "--cli='D:\\a\\bitcoin\\bitcoin\\build\\src\\Release\\bitcoin-cli.exe' -nonamed '-datadir=D:\\a\\_temp\\test_runner_₿_🏃_20241203_223434\\tool_signet_miner_211\\node0'", 'generate', '--address=tb1q2ndfasp67k5wp30fkt63tw9gf465lcjf7rm5fc', "--grind-cmd='D:\\a\\bitcoin\\bitcoin\\build\\src\\Release\\bitcoin-util.exe' grind", '--nbits=1d00ffff', '--set-block-time=1733265821', '--poolnum=99']' returned non-zero exit status 1.

Earlier it says:

0FileNotFoundError: [WinError 2] The system cannot find the file specified

ryanofsky force-pushed on Dec 4, 2024

ryanofsky commented at 2:36 pm on December 4, 2024: contributor

Updated 02567bf2bef5997ea5f0765780d196f36d3053e8 -> 2def75a15deeb39fa66b1e8d45679ac29fd18b82 (pr/wrap.6 -> pr/wrap.7, compare) to fix argument parsing bug causing a test failure on windows https://github.com/bitcoin/bitcoin/actions/runs/12147886951/job/33875123699?pr=31375#step:12:95

DrahtBot added the label Needs rebase on Dec 11, 2024

ryanofsky force-pushed on Dec 11, 2024

ryanofsky commented at 3:46 pm on December 11, 2024: contributor

Rebased 2def75a15deeb39fa66b1e8d45679ac29fd18b82 -> 637b01fbf5064028f9a23c20f8b916325fbf82ec (pr/wrap.7 -> pr/wrap.8, compare) due to conflict with #30933

DrahtBot removed the label Needs rebase on Dec 11, 2024

in CMakeLists.txt:97 in 637b01fbf5 outdated

75@@ -76,6 +76,7 @@ list(APPEND CMAKE_MODULE_PATH ${PROJECT_SOURCE_DIR}/cmake/module)
76 #=============================
77 include(CMakeDependentOption)
78 # When adding a new option, end the <help_text> with a full stop for consistency.
79+option(BUILD_BITCOIN_BIN "Build bitcoin executable." ON)

Sjors commented at 8:02 am on December 13, 2024:

Can you add this to Executables: in the summary as well?

ryanofsky commented at 12:33 pm on December 13, 2024:

Can you add this to Executables: in the summary as well?

Good idea, added now

Sjors commented at 5:11 am on December 14, 2024:

Thanks, that worked.

Sjors commented at 8:30 am on December 13, 2024: member

I cherry-picked the first commit onto #30975 in order to try a (arm64-apple-darwin) Guix build: https://github.com/Sjors/bitcoin/tree/2024/12/multiprocess-guix

This also required adding it to installable targets and Maintenance.cmake (maybe not needed for this PR).

There was a brief discussion on IRC yesterday about whether anything special needs to happen in terms of macOS code signing. The conclusion was: probably not.

https://bitcoin-irc.chaincode.com/bitcoin-core-dev/2024-12-12#1074526

On my M4 I had to codesign -s - ... the binaries from my Guix build just like before, which suggests nothing special is required.

ryanofsky force-pushed on Dec 13, 2024

ryanofsky commented at 12:34 pm on December 13, 2024: contributor

Updated 637b01fbf5064028f9a23c20f8b916325fbf82ec -> 365ac72dc7629765afb85bb9cc7c53d153c7c034 (pr/wrap.8 -> pr/wrap.9, compare) adding to cmake output as suggested

Sjors commented at 5:31 am on December 14, 2024: member

I wrote:

I think it would be more clear to move build/src/bitcoin-{node,gui} to build/src/libexec, rather than use a different file organization for CMake builds than for installs.

But I just realized that the bitcoin binary would be installed to /usr/bin whereas new binaries like bitcoin-node and bitcoin-mine would go to /usr/libexec.

To match this behavior in development mode we could use build/bin and build/libexec. As you mentioned #31161 should allow this. But there’s no need to wait for that.

I sometimes install a user-specific node using -DCMAKE_INSTALL_PREFIX=$HOME. By default $HOME/bin is in the PATH on Ubuntu, but $HOME/libexec isn’t. Looking at f17453ff13ebd0be842396c17bcc99b0c903abb8 it handles this nicely; if the bitcoin executable lives under bin it will try ../libexec.

in src/util/fs.h:93 in f17453ff13 outdated

89@@ -90,6 +90,10 @@ static inline bool exists(const path& p)
90 {
91     return std::filesystem::exists(p);
92 }
93+static inline bool exists(const path& p, std::error_code& ec)

Sjors commented at 5:59 am on December 14, 2024:

f17453ff13ebd0be842396c17bcc99b0c903abb8 nit: can be noexcept? https://en.cppreference.com/w/cpp/filesystem/exists

ryanofsky commented at 9:06 pm on December 17, 2024:

re: #31375 (review)

f17453f nit: can be noexcept? https://en.cppreference.com/w/cpp/filesystem/exists

Makes sense, added

in src/bitcoin.cpp:25 in f17453ff13 outdated

28+  {gui,daemon,rpc,wallet,test,help}
29+
30+Options:
31+  -m, --multiprocess     Run multiprocess binaries bitcoin-node, bitcoin-gui.\n"
32+  -M, --monolothic       Run monolithic binaries bitcoind, bitcoin-qt. (Default behavior)\n"
33+  -v, --version          Show version information

Sjors commented at 6:22 am on December 14, 2024:

f17453ff13ebd0be842396c17bcc99b0c903abb8 nit: would be nice if this worked for bitcoin itself too. It currently prints the license, but not the version.

ryanofsky commented at 8:15 pm on December 17, 2024:

re: #31375 (review)

f17453f nit: would be nice if this worked for bitcoin itself too. It currently prints the license, but not the version.

Oops, good catch. This should be fixed now

in src/bitcoin.cpp:85 in f17453ff13 outdated

82+        } else if (cmd.command == "test") {
83+            args.emplace_back("test/test_bitcoin");
84+        } else if (cmd.command == "help") {
85+            tfm::format(std::cout, HELP_COMMANDS, argv[0]);
86+        } else if (cmd.command == "mine") { // undocumented, used by tests
87+            args.emplace_back("bitcoin-mine");

Sjors commented at 6:28 am on December 14, 2024:

f17453ff13ebd0be842396c17bcc99b0c903abb8 this won’t exist until #30437 right?

ryanofsky commented at 8:17 pm on December 17, 2024:

re: #31375 (review)

f17453f this won’t exist until #30437 right?

That’s right. It’s just a little easier for me to manage my branches if this is included so the PRs don’t conflict, and it shouldn’t cause any harm.

in src/bitcoin.cpp:97 in f17453ff13 outdated

84+        } else if (cmd.command == "help") {
85+            tfm::format(std::cout, HELP_COMMANDS, argv[0]);
86+        } else if (cmd.command == "mine") { // undocumented, used by tests
87+            args.emplace_back("bitcoin-mine");
88+        } else if (cmd.command == "util") { // undocumented, used by tests
89+            args.emplace_back("bitcoin-util");

Sjors commented at 6:31 am on December 14, 2024:

f17453ff13ebd0be842396c17bcc99b0c903abb8: bitcoin-util has a grind command which is also used for (custom) signet, see signet/README.md. Doesn’t need to be hidden imo.

ryanofsky commented at 8:22 pm on December 17, 2024:

re: #31375 (review)

f17453f: bitcoin-util has a grind command which is also used for (custom) signet, see signet/README.md. Doesn’t need to be hidden imo.

Forwarding the util command allows tests to work with minimal changes, but I don’t think having bitcoin util grind command would be a good public interface. I think it would be better to expose a bitcoin grind command that doesn’t require callers to know about underlying binaries. Doing this will require some tweaks to ArgsManager though to separate commands & options correctly so I postponed it for now.

Sjors commented at 3:14 am on December 18, 2024:

I think it would be better to expose a bitcoin grind command that doesn’t require callers to know about underlying binaries

Ok, that makes sense.

in src/bitcoin.cpp:98 in f17453ff13 outdated

93+        if (!args.empty()) {
94+            args.insert(args.end(), cmd.args.begin(), cmd.args.end());
95+            ExecCommand(args, argv[0]);
96+        }
97+    } catch (const std::exception& e) {
98+        tfm::format(std::cerr, "Error: %s\nTry '%s --help' for more information.", e.what(), argv[0]);

Sjors commented at 6:33 am on December 14, 2024:

f17453ff13ebd0be842396c17bcc99b0c903abb8: on macOS 15.1.1 this somehow puts a % at the end of the error message, e.g.

0% build-ipc/src/bitcoin utillll
1Error: Unrecognized command: 'utillll'
2Try 'build-ipc/src/bitcoin --help' for more information.%

(the Unknown option error below does not have this issue)

ryanofsky commented at 8:24 pm on December 17, 2024:

re: #31375 (review)

f17453f: on macOS 15.1.1 this somehow puts a % at the end of the error message, e.g.

Good catch, that just comes for forgetting to output a trailing newline. Should be fixed now.

Sjors commented at 3:52 am on December 18, 2024:

Works

in src/bitcoin.cpp:139 in f17453ff13 outdated

131+// the path to this executable is specified `argv0`.
132+//
133+// This function doesn't currently print anything but can be debugged from
134+// the command line using strace like:
135+//
136+//     strace -e trace=execve -s 10000 build/src/bitcoin ...

Sjors commented at 6:51 am on December 14, 2024:

f17453ff13ebd0be842396c17bcc99b0c903abb8: this seems near impossible on macOS. With htop I see that bitcoin daemon causes bitcoind to run, and there’s no lingering bitcoin process. The terminal window process also shows this.

ryanofsky commented at 8:32 pm on December 17, 2024:

re: #31375 (review)

f17453f: this seems near impossible on macOS. With htop I see that bitcoin daemon causes bitcoind to run, and there’s no lingering bitcoin process. The terminal window process also shows this.

Do you think I should change the comment in some way? The exec behavior you’re describing is expected, and strace comment is just meant to be helpful on platforms where strace works.

In the future we could add more debugging options here that would be more cross-platform than strace, but I’m trying to keep things simple in V1.

Sjors commented at 3:54 am on December 18, 2024:

It’s fine to leave the comment as is. I couldn’t find an equivalent for macOS.

vasild commented at 11:29 am on December 20, 2024:

The following works on FreeBSD. In case dtrace works on macOS:

0dtrace -n 'proc:::exec-success { trace(curpsinfo->pr_psargs); }' -c 'bitcoin -m gui'

Maybe how to enable dtrace on macOS: https://github.com/suolapeikko/dtrace?tab=readme-ov-file#sample-dtrace-scripts-for-macos

Sjors commented at 3:02 am on December 21, 2024:

0% dtrace -n 'proc:::exec-success { trace(curpsinfo->pr_psargs); }' -c 'build/src/bitcoin daemon' 
1dtrace: system integrity protection is on, some features will not be available
2dtrace: failed to initialize dtrace: DTrace requires additional privileges

With sudo:

0dtrace: system integrity protection is on, some features will not be available
1
2dtrace: invalid probe specifier proc:::exec-success { trace(curpsinfo->pr_psargs); }: probe description proc:::exec-success does not match any probes. System Integrity Protection is on

I haven’t tried disabling System Integrity Protection (SIP) as that link suggests, not necessary a good idea :-) Though the maybe the csrutil enable --without dtrace isn’t too bad.

in src/bitcoin.cpp:188 in f17453ff13 outdated

183+        exe_dir = fs::path{module_path};
184+    } else {
185+        tfm::format(std::cerr, "Warning: Failed to get executable path. Error: %s\n", GetLastError());
186+    }
187+#endif
188+    exe_dir = fs::weakly_canonical(exe_dir, ec).parent_path();

Sjors commented at 7:09 am on December 14, 2024:

f17453ff13ebd0be842396c17bcc99b0c903abb8: shouldn’t we throw here if ec is set?

ryanofsky commented at 9:33 pm on December 17, 2024:

re: #31375 (review)

f17453f: shouldn’t we throw here if ec is set?

I don’t think we actually want to throw when symlinks can’t be resolved. Should be more robust to just search for executables relative to the original path in that case. But error handling here was not right, because weakly_canonical would return an empty path on failure, so that should be fixed now.

Sjors commented at 3:55 am on December 18, 2024:

Ah, the new comment is helpful.

Sjors commented at 7:18 am on December 14, 2024: member

Mostly happy with 365ac72dc7629765afb85bb9cc7c53d153c7c034.

I didn’t test and review Windows code. I also don’t really understand the test changes in a3b92c1f46c14c5c8db1f2833fd869d8a6a7ad4f, hopefully @maflcko does. But it’s useful that we use the wrapper in 365ac72dc7629765afb85bb9cc7c53d153c7c034.

ryanofsky force-pushed on Dec 17, 2024

ryanofsky commented at 9:45 pm on December 17, 2024: contributor

Thanks for the review and testing, really helpful feedback!

Updated 365ac72dc7629765afb85bb9cc7c53d153c7c034 -> 128e110ed7af5f95d2bd16c36eca93c7c9b03573 (pr/wrap.9 -> pr/wrap.10, compare) fixing version and help formatting and weakly_canonical error handling. Updated 128e110ed7af5f95d2bd16c36eca93c7c9b03573 -> 044c1129db06983da598f427dff85513d8480b3a (pr/wrap.10 -> pr/wrap.11, compare) to fix lint failure https://cirrus-ci.com/task/5251623682834432

ryanofsky force-pushed on Dec 17, 2024

DrahtBot added the label CI failed on Dec 17, 2024

DrahtBot commented at 9:49 pm on December 17, 2024: contributor

🚧 At least one of the CI tasks failed. Debug: https://github.com/bitcoin/bitcoin/runs/34561550110

Try to run the tests locally, according to the documentation. However, a CI failure may still happen due to a number of reasons, for example:

Possibly due to a silent merge conflict (the changes in this pull request being incompatible with the current code in the target branch). If so, make sure to rebase on the latest commit of the target branch.
A sanitizer issue, which can only be found by compiling with the sanitizer and running the affected test.
An intermittent issue.

Leave a comment here, if you need help tracking down a confusing failure.

DrahtBot removed the label CI failed on Dec 17, 2024

Sjors commented at 3:57 am on December 18, 2024: member

tACK 044c1129db06983da598f427dff85513d8480b3a but did not review test and windows.

in src/bitcoin.cpp:34 in 044c1129db outdated

29+Commands (run help command for more information):
30+  {gui,daemon,rpc,wallet,test,help}
31+
32+Options:
33+  -m, --multiprocess     Run multiprocess binaries bitcoin-node, bitcoin-gui.\n"
34+  -M, --monolothic       Run monolithic binaries bitcoind, bitcoin-qt. (Default behavior)\n"

vasild commented at 8:56 am on December 20, 2024:

typo:

0  -M, --monolithic       Run monolithic binaries bitcoind, bitcoin-qt. (Default behavior)\n"

ryanofsky commented at 11:40 pm on January 17, 2025:

re: #31375 (review)

Thanks, fixed

in src/bitcoin.cpp:46 in 044c1129db outdated

41+%1$s gui [ARGS]     Start GUI, equivalent to running 'bitcoin-qt [ARGS]' or 'bitcoin-gui [ARGS]'.
42+%1$s daemon [ARGS]  Start daemon, equivalent to running 'bitcoind [ARGS]' or 'bitcoin-node [ARGS]'.
43+%1$s rpc [ARGS]     Call RPC method, equivalent to running 'bitcoin-cli -named [ARGS]'.
44+%1$s wallet [ARGS]  Call wallet command, equivalent to running 'bitcoin-wallet [ARGS]'.
45+%1$s tx [ARGS]      Manipulate hex-encoded transactions, equivalent to running 'bitcoin-tx [ARGS]'.
46+%1$s test [ARGS]    Run unit tests, equivalent to running 'test_bitcoin [ARGS]'.

vasild commented at 9:02 am on December 20, 2024:

Somehow I feel that test does not belong here - it is not for users to execute after the installation. test_bitcoin may not even be installed. The tests are normally run either by developers or by users after compile and before install, to verify the result of the compilation is correct.

Sjors commented at 2:48 am on December 21, 2024:

We can change that later, but currently the (guix built) release binaries are shipped with test_bitcoin - for whatever reason.

ryanofsky commented at 11:44 pm on January 17, 2025:

re: #31375 (review)

Removed from documentation for now since maybe this isn’t something we want to support going forward, and in any case I think it would be better to document internal commands for debugging and testing and external commands intended to be used by typical users separately.

in src/bitcoin.cpp:41 in 044c1129db outdated

36+  -h, --help             Show this help message
37+)";
38+
39+static constexpr auto HELP_COMMANDS = R"(Command overview:
40+
41+%1$s gui [ARGS]     Start GUI, equivalent to running 'bitcoin-qt [ARGS]' or 'bitcoin-gui [ARGS]'.

vasild commented at 9:10 am on December 20, 2024:

So, the user must have a knowledge whether his Bitcoin Core was compiled with or without multiprocess and start either bitcoin -M gui or bitcoin -m gui. Could we spare them this? The bitcoin executable has that knowledge.

Then the user can run just bitcoin gui and under the hood either bitcoin-qt or bitcoin-gui will be executed, depending on how it was compiled? Or maybe we can probe at run time whether the executables bitcoin-qt and bitcoin-gui exist and run whichever is present.

Sjors commented at 2:53 am on December 21, 2024:

The goal of #31098 is to have bitcoin-node included in the release. For the time being only stratum v2 (or other IPC mining interface consumers) should use that binary. And they will get instructions for that. By default folks should run bitcoind.

Once the multiprocess bundled binaries are mature enough and there’s a broader benefit to using them (e.g. the GUI can connect to the node), we could change the default.

ryanofsky commented at 11:46 pm on January 17, 2025:

re: #31375 (review)

So, the user must have a knowledge whether his Bitcoin Core was compiled with or without multiprocess and start either bitcoin -M gui or bitcoin -m gui. Could we spare them this? The bitcoin executable has that knowledge.

No this isn’t how it works. Specifying -m or -M is optional, and the current default is to run monolithic binaries. Multiprocess binaries could become the default at some some point in the future but presumably both sets of binaries would still be installed at that point.

I can’t think of a situation where users would encounter a problem or see confusing behavior here, but if I’m missing something, we could implement more complicated behavior like you are suggesting. I don’t see what problem that would solve right now, though.

vasild commented at 2:22 pm on February 12, 2025:

Ok, I see, -m|-M is not mandatory and bitcoin gui has a reasonable default of running bitcoin-qt (as if bitcoin -M gui has been run). Makes sense, thanks for the explanation!

in src/bitcoin.cpp:93 in 044c1129db outdated

88+            tfm::format(std::cout, HELP_COMMANDS, argv[0]);
89+        } else if (cmd.command == "mine") { // undocumented, used by tests
90+            args.emplace_back("bitcoin-mine");
91+        } else if (cmd.command == "util") { // undocumented, used by tests
92+            args.emplace_back("bitcoin-util");
93+        } else if (!cmd.command.empty()){

vasild commented at 9:19 am on December 20, 2024:

0        } else if (!cmd.command.empty()) {

ryanofsky commented at 11:51 pm on January 17, 2025:

re: #31375 (review)

Thanks, fixed now

in src/bitcoin.cpp:72 in 044c1129db outdated

70+            tfm::format(std::cout, HELP_USAGE, argv[0]);
71+        }
72+
73+        std::vector<std::string> args;
74+        if (cmd.command == "gui") {
75+            args.emplace_back(cmd.use_multiprocess ? "qt/bitcoin-gui" : "qt/bitcoin-qt");

vasild commented at 9:24 am on December 20, 2024:

Since everything inserted into args is a constant literal, it can be std::vector<std::string_view> and then also ExecCommand() can be:

0- void ExecCommand(const std::vector<std::string>& args, ...
1+ void ExecCommand(const std::vector<std::string_view>& args, ...

ryanofsky commented at 11:52 pm on January 17, 2025:

re: #31375 (review)

Since everything inserted into args is a constant literal, it can be std::vector<std::string_view>

Thanks, I went ahead and changed everything to const char* for now. Unfortuantely std::string_view does not work because these arguments need to be null-terminated in order to be passed to execvp.

in src/bitcoin.cpp:106 in 044c1129db outdated

 96+        if (!args.empty()) {
 97+            args.insert(args.end(), cmd.args.begin(), cmd.args.end());
 98+            ExecCommand(args, argv[0]);
 99+        }
100+    } catch (const std::exception& e) {
101+        tfm::format(std::cerr, "Error: %s\nTry '%s --help' for more information.\n", e.what(), argv[0]);

vasild commented at 9:32 am on December 20, 2024:

This adds a trailing newline, but the above 2 tfm::format() calls don’t. I think they should.

I think the tfm::format(..., FormatParagraph(LicenseInfo())) call adds a trailing \n because LicenseInfo() has it, but I did not check.

ryanofsky commented at 11:55 pm on January 17, 2025:

re: #31375 (review)

This adds a trailing newline, but the above 2 tfm::format() calls don’t. I think they should.

The output looks right to me currently and trailing newlines are not missing. Adding \n to format strings would add double line breaks to the end of output and not be right, and in general there should be no need to include \n in format strings after substituting variables that already end in newlines.

If the idea is to do some refactoring to move newlines from certain strings into other strings, I could do that, but would helpful to know what goal of refactoring would be. Maybe post a diff if you have a particular change in mind.

in src/bitcoin.cpp:132 in 044c1129db outdated

127+        }
128+    }
129+    return cmd;
130+}
131+
132+// Execute the specified bitcoind, bitcoin-qt or other command line in `args`

vasild commented at 9:38 am on December 20, 2024:

If you switch this to doxygen compatible comment it will be attached to the doxygen generated docs about ExecCommand(). Would be nice to format the arguments’ descriptions with @param[in] ....

ryanofsky commented at 11:56 pm on January 17, 2025:

re: #31375 (review)

Thanks, added doxygen documentation and descriptions.

in src/bitcoin.cpp:140 in 044c1129db outdated

135+//
136+// This function doesn't currently print anything but can be debugged from
137+// the command line using strace like:
138+//
139+//     strace -e trace=execve -s 10000 build/src/bitcoin ...
140+void ExecCommand(const std::vector<std::string>& args, std::string_view argv0)

vasild commented at 9:45 am on December 20, 2024:

I find the names confusing because I would assume this will execute argv0 args[0] args[1] args[2] .... Maybe rename argv0 to parent or wrapper_prog.

ryanofsky commented at 11:56 pm on January 17, 2025:

re: #31375 (review)

I find the names confusing because I would assume this will execute argv0 args[0] args[1] args[2] .... Maybe rename argv0 to parent or wrapper_prog.

Makes sense, and nice suggestion. renamed to wrapper_argv0. Also renamed other related variables to use wrapper_ prefix to be consistent.

in src/bitcoin.cpp:200 in 044c1129db outdated

195+    exe_dir = exe_dir.parent_path();
196+    // Search for executables on system PATH only if this executable was invoked
197+    // from the PATH, to avoid unintentionally launching system executables in a
198+    // local build
199+    // (https://github.com/bitcoin/bitcoin/pull/31375#discussion_r1861814807)
200+    const bool use_system_path{!argv0_path.has_parent_path()};

vasild commented at 10:38 am on December 20, 2024:

I think this is the same check as above: argv0.find('/') == std::string_view::npos, right? Would be good to use the same expression in both locations.

ryanofsky commented at 11:57 pm on January 17, 2025:

re: #31375 (review)

I think this is the same check as above: argv0.find('/') == std::string_view::npos, right? Would be good to use the same expression in both locations.

Nice catch! Consolidated these

in src/bitcoin.cpp:210 in 044c1129db outdated

205+    (exe_dir.filename() == "src" && try_exec(exe_dir / arg0)) ||
206+    // Otherwise if exe is installed in a bin/ directory, first look for target
207+    // executable in libexec/
208+    (exe_dir.filename() == "bin" && try_exec(fs::path{exe_dir.parent_path()} / "libexec" / arg0.filename())) ||
209+    // Otherwise look for target executable next to current exe
210+    try_exec(exe_dir / arg0.filename(), use_system_path) ||

vasild commented at 10:43 am on December 20, 2024:

Why use such an ( && || && ||| ) expression? Would be more readable as:

0if (exe_dir.filename() == "src") {
1    try_exec(exe_dir / arg0);
2}
3if (exe_dir.filename() == "bin") {
4    try_exec(fs::path{exe_dir.parent_path()} / "libexec" / arg0.filename());
5}

ryanofsky commented at 0:12 am on January 18, 2025:

re: #31375 (review)

Why use such an ( && || && ||| ) expression? Would be more readable as:

The suggested code is not equivalent unless you assume that try_exec will never return true. In practice, I agree it should work but it would be fragile and look misleading because unless you know that try_exec does a syscall that never returns in certain cases, a plain reading of the code would lead you to believe incorrectly that the return value of try_exec doesn’t matter and that the same executable is run repeatedly.

Using && and || is more explicit and robust because it makes it explicit that if try_exec succeeds, it is not run again, and it makes the code work regardless of whether try_exec halts or returns.

If the boolean operators are a problem, maybe I can try to find another way to write this doesn’t look misleading and rely on try_exec to never return. But IMO, && and || are nice because these operators are a natural convenience in shell scripts and this wrapper program basically is a shell script.

vasild commented at 3:22 pm on February 12, 2025:

Ok, I see your arguments. Feel free to ignore this comment of mine and leave the code as it is. I do not see it as a blocker.

Yes, I assumed that try_exec() will never return true and I guessed that try_exec() does an exec syscall without reading its code. Both Windows and Linux docs are clear that execvp() only returns if it couldn’t execute the program. try_exec() could be:

 0     auto try_exec = [&](fs::path exe_path, bool allow_notfound = true) {
 1         std::string exe_path_str{fs::PathToString(exe_path)};
 2         exec_args[0] = exe_path_str.c_str();
 3-        if (ExecVp(exec_args[0], (char*const*)exec_args.data()) == -1) {
 4-            if (allow_notfound && errno == ENOENT) return false;
 5+        ExecVp(exec_args[0], (char*const*)exec_args.data());
 6+        // failed
 7+        if (!allow_notfound || errno != ENOENT) {
 8             throw std::system_error(errno, std::system_category(), strprintf("execvp failed to execute '%s'", exec_args[0]));
 9         }
10-        return true; // Will not actually be reached if execvp succeeds
11+        return false;
12     };

ryanofsky commented at 12:52 pm on May 15, 2025:

re: #31375 (review)

(This is replying to an old comment but I was going through these and resolving them).

Thanks for the diff and providing a concrete suggestion. I do not like this approach because it does the wrong thing and would execute multiple commands instead of a single command if execvp behaved the same way as dozens of other posix functions and returned 0 on success, -1 on failure. I understand execvp is special because it has a guardrail that takes over and prevents this from happening. But without a strong motivation, I wouldn’t make it a practice to run close to the edge of a cliff even if there is a guardrail that will keep me from falling over.

in src/bitcoin.cpp:176 in 044c1129db outdated

171+        if (const char* path_env = std::getenv("PATH")) {
172+            size_t start{0}, end{0};
173+            for (std::string_view paths{path_env}; end != std::string_view::npos; start = end + 1) {
174+                end = paths.find(':', start);
175+                fs::path candidate = fs::path(paths.substr(start, end - start)) / argv0_path;
176+                if (fs::exists(candidate, ec) && fs::is_regular_file(candidate, ec)) {

vasild commented at 11:01 am on December 20, 2024:

Isn’t fs::exists() redundant? fs::is_regular_file() will return true if the file exists and is a regular file.

ryanofsky commented at 0:16 am on January 18, 2025:

re: #31375 (review)

Isn’t fs::exists() redundant? fs::is_regular_file() will return true if the file exists and is a regular file.

Good catch, simplified.

in test/functional/test_framework/test_framework.py:297 in 044c1129db outdated

290@@ -260,7 +291,12 @@ def set_binary_paths(self):
291                 "src",
292                 binary + self.config["environment"]["EXEEXT"],
293             )
294-            setattr(self.options, attribute_name, os.getenv(env_variable_name, default=default_filename))
295+            setattr(paths, attribute_name, os.getenv(env_variable_name, default=default_filename))
296+
297+        # BITCOIN_CMD environment variable can be specified to invoke bitcoin
298+        # binary wrapper binary instead of other executables.

vasild commented at 11:09 am on December 20, 2024:

0        # BITCOIN_CMD environment variable can be specified to invoke bitcoin
1        # wrapper binary instead of other executables.

ryanofsky commented at 0:16 am on January 18, 2025:

re: #31375 (review)

Thanks fixed

vasild commented at 11:10 am on December 20, 2024: contributor

Approach ACK 044c1129db06983da598f427dff85513d8480b3a

TheCharlatan commented at 10:44 am on January 4, 2025: contributor

Concept ACK

in src/bitcoin.cpp:116 in 044c1129db outdated

106+
107+CommandLine ParseCommandLine(int argc, char* argv[])
108+{
109+    CommandLine cmd;
110+    cmd.args.reserve(argc);
111+    for (int i = 1; i < argc; ++i) {

TheCharlatan commented at 3:01 pm on January 4, 2025:

If I understand correctly passing -m -M will give precedence to -M. Should we really support this? Might it better if providing multiple flags at once be an error? E.g. currently running

0./bitcoin -h -m daemon

will print the help string and run the daemon, which might be confusing, since it is not doing the same for -v.

ryanofsky commented at 0:18 am on January 18, 2025:

re: #31375 (review)

If I understand correctly passing -m -M will give precedence to -M. Should we really support this? Might it better if providing multiple flags at once be an error? E.g. currently running
0./bitcoin -h -m daemon
will print the help string and run the daemon, which might be confusing, since it is not doing the same for -v.

Good catch on -h, that should be be fixed now and treated the same as -v and exit when done. In general though I think ability for later command line options to override earlier ones is a standard feature for command line tools and it makes them flexible and composable. For example, in a bash shell you can define a function or alias that calls bitcoin -m to invoke multiprocess binaries by default without losing the ability to append -M and run normal binaries when needed.

Sjors commented at 2:49 pm on January 10, 2025: member

I guess bitcoin is intentionally not added to installable_targets because it makes reference to the multiprocess binaries that aren’t shipped?

I made a Windows guix build for 044c1129db06983da598f427dff85513d8480b3a. It got misidentified as Trojan:Script/Wavatac.B1ml again. But since the bitcoin binary isn’t included yet, it can’t be because of the execvp call.

Just to be sure, I also tried a guix build for master @ 62bd61de110b057cbfd6e31e4d0b727d93119c72 that this PR is based on. That didn’t trigger the anti-virus. But maybe it’s just random.

In order to better test on Windows I used this: 26d3a069f94e2cabcc8d1f73fd2cfa3e7c320497. The installer puts bitcoin.exe in C:\Program Files\Bitcoin\daemon. Running it without arguments will show the help. Starting the daemon fails with “Error: Command line contains unexpected token ‘Files\Bitcoin\daemon\bitcoind’” so it seems to trip over the space. It also can’t find bitcoin-qt.exe, which lives in Bitcoin\ instead of daemon\. If I move it to a directory without space, I’m able to start the daemon and I’m able to stop the daemon using bitcoin.exe rpc stop. If I move the bitcoin-qt executable I’m also able to start the GUI. No complaints from virus scanners this time.

DrahtBot added the label Needs rebase on Jan 10, 2025

ryanofsky referenced this in commit 2a95271066 on Jan 17, 2025

ryanofsky force-pushed on Jan 18, 2025

ryanofsky commented at 0:42 am on January 18, 2025: contributor

Thanks for the reviews and testing!

Rebased 044c1129db06983da598f427dff85513d8480b3a -> 17f25149c680c1fdb2f79dbe373e8cf820e62488 (pr/wrap.11 -> pr/wrap.12, compare) to fix conflicts, also made many suggested updates and some fixes, particularly for windows. Updated 17f25149c680c1fdb2f79dbe373e8cf820e62488 -> 3d46df16e9cf4a960fedde9e515667030b39bb03 (pr/wrap.12 -> pr/wrap.13, compare) to fix python test bugs after bad rebase Updated 3d46df16e9cf4a960fedde9e515667030b39bb03 -> c11f7e7336b4a5ea6a8f22dc40dcae1b3ddd81e2 (pr/wrap.13 -> pr/wrap.14, compare) with documentation cleanups

re: #31375 (comment)

I guess bitcoin is intentionally not added to installable_targets because it makes reference to the multiprocess binaries that aren’t shipped?

No that was just an oversight, it should be added now. The wrapper tool is meant to be useful in developer builds and source builds not just official binaries releases, so it doesn’t need to be tied to current options we are building binary releases with.

Starting the daemon fails with “Error: Command line contains unexpected token ‘Files\Bitcoin\daemon\bitcoind’” so it seems to trip over the space. It also can’t find bitcoin-qt.exe, which lives in Bitcoin\ instead of daemon\. If I move it to a directory without space, I’m able to start the daemon and I’m able to stop the daemon using bitcoin.exe rpc stop. If I move the bitcoin-qt executable I’m also able to start the GUI. No complaints from virus scanners this time.

Thanks for all the windows testing, this is very helpful. I made attempted fixes for all these issues so we should be able to iterate and resolve them. I added your windows installer commit to this PR with a small tweak to put bitcoin.exe in program files directory instead of the daemon directory, then changed bitcoin.cpp to look for executables in the daemon directory and implemented command line argument escaping for execvp on windows since the windows execvp function doesn’t provide that

DrahtBot removed the label Needs rebase on Jan 18, 2025

ryanofsky force-pushed on Jan 19, 2025

ryanofsky force-pushed on Jan 20, 2025

Sjors commented at 10:19 am on January 20, 2025: member

On Windows it’s a bit ugly to show the full path:

None of the commands work anymore though, except version and help. The commands daemon and gui do not start anything. When I start the GUI manually through the desktop item, the command bitcoin rpc help doesn’t return anything.

This also doesn’t return anything: .\bitcoin.exe daemon --help

I would expect trying to run the multiprocess versions to throw an error, but nothing happens when I do .\bitcoin.exe daemon -m.

Everything seems to be in place though:

 0PS C:\Program Files\Bitcoin> ls
 1
 2
 3    Directory: C:\Program Files\Bitcoin
 4
 5
 6Mode                 LastWriteTime         Length Name
 7----                 -------------         ------ ----
 8d-----         1/20/2025  11:10 AM                daemon
 9d-----         1/20/2025  11:10 AM                share
10-a----         1/20/2025  11:10 AM       39362576 bitcoin-qt.exe
11-a----         1/20/2025  11:10 AM            126 bitcoin.conf
12-a----         1/20/2025  11:10 AM        1221120 bitcoin.exe
13-a----         1/20/2025  11:10 AM           1142 COPYING.txt
14-a----         1/20/2025  11:10 AM            846 readme.txt
15-a----         1/20/2025  11:10 AM         175560 uninstall.exe
16
17ls daemon
18    Directory: C:\Program Files\Bitcoin\daemon
19
20Mode                 LastWriteTime         Length Name
21----                 -------------         ------ ----
22-a----         1/20/2025  11:10 AM        2249728 bitcoin-cli.exe
23-a----         1/20/2025  11:10 AM        4061184 bitcoin-tx.exe
24-a----         1/20/2025  11:10 AM        9435648 bitcoin-wallet.exe
25-a----         1/20/2025  11:10 AM       15302656 bitcoind.exe
26-a----         1/20/2025  11:10 AM       26467840 test_bitcoin.exe

ryanofsky force-pushed on Jan 21, 2025

ryanofsky commented at 7:54 pm on January 21, 2025: contributor

Updated c11f7e7336b4a5ea6a8f22dc40dcae1b3ddd81e2 -> 0b503d792f0b6255f6dc5b0e4ee7ce2b7b667e90 (pr/wrap.14 -> pr/wrap.15, compare) with fixes for windows.

re: #31375 (comment)

None of the commands work anymore though, except version and help

Thanks, should be fixed now. After struggling with cross compilation and qemu a bit I was able to reproduce this. There was a bug in the ExecVp argv loop that caused string_view to be constructed with a null pointer and for the program to crash. I was a little surprised it would crash without an error, but maybe this is what happens by default if you deference a null pointer. There was also another bug in the same loop that caused arguments to be dropped. Both bugs should be fixed now and now it seems to work as expected and handle arguments with spaces correctly on windows.

On Windows it’s a bit ugly to show the full path:

I could reproduce this with powershell, but I was not seeing this when I tested with cmd.exe. So this behavior seems to vary with the shell, and it looks like this only happens with powershell, not with the classic windows shell or other shells like bash. For these other shells, I think it is probably better to show unmodified argv[0] in usage information instead of some modified or static alternative. But we could do something different in the future, like maybe show original argv[0] path in the Usage: string, and basename of that path in the command overview list.

Sjors commented at 10:05 am on January 22, 2025: member

After struggling with cross compilation and qemu a bit I was able to reproduce this.

I just have a dual boot system and configured sshd on it so I can quickly scp the windows installer from my guix machine.

it looks like this only happens with powershell, not with the classic windows shell

In that case I wouldn’t worry about it.

Just tested: 0b503d792f0b6255f6dc5b0e4ee7ce2b7b667e90 works!

in contrib/signet/miner:13 in a1d960e03b outdated

 8@@ -9,6 +9,7 @@ import logging
 9 import math
10 import os
11 import re
12+import shlex
13 import struct

Sjors commented at 1:33 pm on January 22, 2025:

a1d960e03be53517e80d36c257941ff407a6f61f: unrelated nit: struct is unused

ryanofsky commented at 3:44 am on January 24, 2025:

re: #31375 (review)

a1d960e: unrelated nit: struct is unused

Thanks, removed

in test/functional/test_framework/test_framework.py:76 in a1d960e03b outdated

71+    """
72+    def __init__(self, paths, bin_path=None):
73+        self.paths = paths
74+        self.bin_path = bin_path
75+
76+    def daemon_args(self):

Sjors commented at 1:48 pm on January 22, 2025:

a1d960e03be53517e80d36c257941ff407a6f61f: I think renaming this to daemon_command_with_args or daemon_argv would make the call sites more readable. Right now it gives the impression that this only provides command arguments, not the command itself. OTOH the documentation does clarify it.

ryanofsky commented at 3:46 am on January 24, 2025:

re: #31375 (review)

a1d960e: I think renaming this to daemon_command_with_args or daemon_argv would make the call sites more readable. […]

Makes sense, renamed to daemon_argv, and renamed other methods to match

in test/functional/test_framework/test_framework.py:93 in a1d960e03b outdated

88+
89+    def wallet_args(self):
90+        "Return argv array that should be used to invoke bitcoin-wallet"
91+        return self.args("wallet", "bitcoinwallet")
92+
93+    def args(self, command, path_attr):

Sjors commented at 1:57 pm on January 22, 2025:

a1d960e03be53517e80d36c257941ff407a6f61f: it took me a while to wrap my head around this. Suggested doc:

Return argv array that should be used to invoke the command. It either uses the bitcoin wrapper executable (if BITCOIN_CMD is set), or the direct binary path (bitcoind, etc). When bin_path is set (by tests calling binaries from previous releases) it always uses the direct path.

(in the future some of the previous releases will have the bitcoin binary, but I don’t expect we’ll need to use it in tests)

ryanofsky commented at 3:46 am on January 24, 2025:

re: #31375 (review)

a1d960e: it took me a while to wrap my head around this. Suggested doc:

Nice, added suggested doc.

Sjors commented at 2:11 pm on January 22, 2025: member

tACK 0b503d792f0b6255f6dc5b0e4ee7ce2b7b667e90

Also tested on macOS.

The logic in ExecCommand() is easier to follow compared to my previous review.

I did not study the Windows ExecVp implementation in f006565ad220154c6e402c99074d326699d62d3e. I don’t expect anyone to use it until Windows multiprocess works (and is in a release). It would be good to call the wrapper from the Windows CI.

DrahtBot requested review from vasild on Jan 22, 2025

DrahtBot requested review from TheCharlatan on Jan 22, 2025

fanquake commented at 3:11 pm on January 22, 2025: member

I tried Guix building this branch:

0HOSTS="x86_64-linux-gnu" ./contrib/guix/guix-build
1Consolidate compiler generated dependencies of target bitcoin-qt
2[100%] Built target bitcoin-qt
3Checking binary security...
4/distsrc-base/distsrc-0b503d792f0b-x86_64-linux-gnu/build/src/bitcoin: failed FORTIFY
5make[3]: *** [CMakeFiles/check-security.dir/build.make:71: CMakeFiles/check-security] Error 1
6make[2]: *** [CMakeFiles/Makefile2:565: CMakeFiles/check-security.dir/all] Error 2
7make[1]: *** [CMakeFiles/Makefile2:572: CMakeFiles/check-security.dir/rule] Error 2
8make: *** [Makefile:270: check-security] Error 2

Sjors commented at 3:39 pm on January 22, 2025: member

I had only tried the Windows guix build. Getting the same error as @fanquake with x86_64-linux-gnu.

Can also be reproduced on Ubuntu 24.10 with:

0pip install lief==0.13.2
1contrib/devtools/security-check.py build/src/bitcoin

Adding this to security-check.py works, similar to bitcoin-util:

0    # bitcoin does not currently contain any fortified functions
1    if '--monolithic' in binary.strings:
2        return True

Not sure if it’s correct though.

DrahtBot added the label Needs rebase on Jan 22, 2025

ryanofsky commented at 9:50 pm on January 22, 2025: contributor

re: #31375 (comment)

Adding this to security-check.py works, similar to bitcoin-util:

I think that makes sense. The new executable is only using c++ vector/string functions and calling execvp so it is probably just not calling any fortified functions, and won’t have any fortified function symbols, IIUC.

Sjors commented at 1:48 pm on January 23, 2025: member

fortified functions

I have no idea what those look like.

ryanofsky force-pushed on Jan 24, 2025

ryanofsky commented at 3:54 am on January 24, 2025: contributor

Rebased 0b503d792f0b6255f6dc5b0e4ee7ce2b7b667e90 -> 171ffdd10e41df9e06ec3f6ef52f1cbbfcaf1748 (pr/wrap.15 -> pr/wrap.16, compare) to avoid conflict. Also added suggestions and security check fix. Additionally made some tweaks like using path::filename() method to avoid long paths #31375 (comment), and adding documentation for internal commands not shown by default. Updated 171ffdd10e41df9e06ec3f6ef52f1cbbfcaf1748 -> 5e0196c8e0d1687bcf59a9569bb8b7268d1f195d (pr/wrap.16 -> pr/wrap.17, compare) to fix windows compile error https://cirrus-ci.com/task/5239580141551616

fortified functions

I have no idea what those look like.

I know very little about this but I believe they just have a _chk suffix: https://www.gnu.org/software/libc/manual/html_node/Source-Fortification.html

ryanofsky force-pushed on Jan 24, 2025

DrahtBot added the label CI failed on Jan 24, 2025

DrahtBot commented at 4:01 am on January 24, 2025: contributor

🚧 At least one of the CI tasks failed. Debug: https://github.com/bitcoin/bitcoin/runs/36101379316

Try to run the tests locally, according to the documentation. However, a CI failure may still happen due to a number of reasons, for example:

Possibly due to a silent merge conflict (the changes in this pull request being incompatible with the current code in the target branch). If so, make sure to rebase on the latest commit of the target branch.
A sanitizer issue, which can only be found by compiling with the sanitizer and running the affected test.
An intermittent issue.

Leave a comment here, if you need help tracking down a confusing failure.

DrahtBot removed the label CI failed on Jan 24, 2025

DrahtBot removed the label Needs rebase on Jan 24, 2025

DrahtBot added the label Needs rebase on Jan 29, 2025

ryanofsky force-pushed on Jan 30, 2025

ryanofsky commented at 3:03 am on January 30, 2025: contributor

Rebased 5e0196c8e0d1687bcf59a9569bb8b7268d1f195d -> 0e4ee158cadc3eb8f6af1b33440ae9a95fe19487 (pr/wrap.17 -> pr/wrap.18, compare) to fix conflict

ryanofsky referenced this in commit 47a872236e on Jan 30, 2025

DrahtBot removed the label Needs rebase on Jan 30, 2025

ryanofsky commented at 4:16 pm on January 30, 2025: contributor

I wonder if python test framework changes here are scaring reviewers from this PR? I potentially could drop the framework integration here and move it into a different PR. Maybe add just a more limited test here instead.

Would be good to know either way.

DrahtBot added the label Needs rebase on Feb 12, 2025

in src/bitcoin.cpp:244 in 0e4ee158ca outdated

239+    // Whether to use system PATH variable to locate wrapper executable and
240+    // search for other executables. Only search PATH if wrapper executable was
241+    // invoked using the PATH, to avoid unintentionally launching system
242+    // executables in a local build.
243+    // (https://github.com/bitcoin/bitcoin/pull/31375#discussion_r1861814807)
244+    const bool search_system_path{!wrapper_argv0_path.has_parent_path()};

vasild commented at 3:29 pm on February 12, 2025:

On Windows the current directory is also searched (before PATH) for executable location. So, if the current directory is C:\bitcoin\src (which is not in PATH) and the user types bitcoin (not .\bitcoin) and presses <enter> and if C:\bitcoin\src\bitcoin exists then it will be executed. This means that the variable search_system_path will be wrongly set to true in this case.

ryanofsky commented at 7:22 pm on February 13, 2025:

re: #31375 (review)

(note: renamed this variable to fallback_os_search in the latest push)

This means that the variable search_system_path will be wrongly set to true in this case.

It will be set to true, but I don’t think it will be “wrongly” set to true. This is a heuristic deciding whether or not to let operating system look for executables if we can’t find them ourselves. It’s very possible different behaviors may be more or less convenient on windows, just as they may be more or less convenient on unix.

We need to do something reasonable here, and if it turns out there are ways we can improve the behavior or make it more configurable we should consider doing that. But you would have to tell me what behavior you think is more convenient here because there is not a right or wrong way to do this.

vasild commented at 3:29 pm on February 20, 2025:

Ok, you can mark this as resolved if not already (I don’t see if it is marked as resolved or not). I will followup some related discussion at #31375 (review)

in src/bitcoin.cpp:215 in 0e4ee158ca outdated

210+//! @note This function doesn't currently print anything but can be debugged
211+//! from the command line using strace or dtrace like:
212+//!
213+//!     strace -e trace=execve -s 10000 build/src/bitcoin ...
214+//!     dtrace -n 'proc:::exec-success { trace(curpsinfo->pr_psargs); }' -c ...
215+void ExecCommand(const std::vector<const char*>& args, std::string_view wrapper_argv0)

vasild commented at 3:52 pm on February 12, 2025:

Is only used in this file:

0static void ExecCommand(const std::vector<const char*>& args, std::string_view wrapper_argv0)

ryanofsky commented at 7:44 pm on February 13, 2025:

re: #31375 (review)

Thanks, applied suggestion

in src/bitcoin.cpp:286 in 0e4ee158ca outdated

281+    // Otherwise check the "daemon" subdirectory in a windows install.
282+    try_exec(wrapper_dir / "daemon" / arg0.filename()) ||
283+    // Otherwise look for target executable next to current wrapper
284+    try_exec(wrapper_dir / arg0.filename(), search_system_path) ||
285+    // Otherwise just look on the system path.
286+    (search_system_path && try_exec(arg0.filename(), false));

vasild commented at 3:59 pm on February 12, 2025:

This is equivalent to:

0    try_exec(wrapper_dir / arg0.filename(), search_system_path) ||
1    // Otherwise just look on the system path.
2    try_exec(arg0.filename(), false);

because try_exec() would only return if search_system_path is true and if that is the case then search_system_path && A is equivalent to just A.

ryanofsky commented at 7:41 pm on February 13, 2025:

#31375 (review)

This is equivalent to […] because try_exec() would only return if search_system_path is true

IMO, this code should work correctly even if try_exec() returns true when it succeeds. There’s no reason a future implementation of try_exec() might not return true when it succeeds or that someone reading this code should automatically know try_exec() doesn’t just act like a normal function and return true when it succeeds.

The current version of this code with search_system_path && also makes it more immediately obvious that the try_exec call following it will not be executed if search_system_path is false.

vasild commented at 9:55 am on February 20, 2025:

Ok, I see the point - maybe some day try_exec() could fork() and then exec() in which case it will return in case of success.

in src/bitcoin.cpp:284 in 0e4ee158ca outdated

279+    // target executable in libexec/
280+    (wrapper_dir.filename() == "bin" && try_exec(fs::path{wrapper_dir.parent_path()} / "libexec" / arg0.filename())) ||
281+    // Otherwise check the "daemon" subdirectory in a windows install.
282+    try_exec(wrapper_dir / "daemon" / arg0.filename()) ||
283+    // Otherwise look for target executable next to current wrapper
284+    try_exec(wrapper_dir / arg0.filename(), search_system_path) ||

vasild commented at 4:00 pm on February 12, 2025:

I don’t get it why search_system_path is used as allow_notfound. Those are two different things.

vasild commented at 5:12 am on February 13, 2025:

Passing something like search_system_path=true to try_exec() is misleading because try_exec() uses execvp(3) which will search the system path but not based on the search_system_path=true argument but based on whether there is / in the executable: https://linux.die.net/man/3/execvp. Maybe rename search_system_path to allow_notfound?

ryanofsky commented at 7:30 pm on February 13, 2025:

re: #31375 (review)

(note: renamed search_system_path to fallback_os_search in the latest push)

I don’t get it why search_system_path is used as allow_notfound. Those are two different things.

Exactly, they are two different things.

If search_system_path is true, then we want to allow the operating system to search the system path. In order for that to happen we need our own searches to not throw a fatal error, therefore allow_notfound should also be true.

If search_system_path is false, then do not want to allow the operating system to search the system path, and we want our own searches to throw a fatal error if they fail, so allow_notfound should be false.

So search_system_path and allow_notfound are two different variables in two different functions with two different meanings. Just because one value is used to initialize the other one (once) doesn’t mean they should have the same name.

vasild commented at 3:53 pm on February 20, 2025:

I think I am starting to grasp: fallback_os_search (or previously search_system_path) is about allowing this code:

 0181     // Decide whether to fall back to the operating system to search for the
 1182     // specified executable. Avoid doing this if it looks like the wrapper
 2183     // executable was invoked by path, rather than by search, to avoid
 3184     // unintentionally launching system executables in a local build.
 4185     // (https://github.com/bitcoin/bitcoin/pull/31375#discussion_r1861814807)
 5186     const bool fallback_os_search{!fs::PathFromString(std::string{wrapper_argv0}).has_parent_path()};
 6187 
 7188     // If wrapper is in a CMake build tree, first look for target executable
 8189     // relative to it.
 9190     (wrapper_dir.filename() == "src" && try_exec(wrapper_dir / arg0)) ||
10191     // Otherwise if wrapper is installed in a bin/ directory, look for
11192     // target executable in libexec/
12193     (wrapper_dir.filename() == "bin" && try_exec(fs::path{wrapper_dir.parent_path()} / "libexec" / arg0.filename())
13194     // Otherwise check the "daemon" subdirectory in a windows install.
14195     try_exec(wrapper_dir / "daemon" / arg0.filename()) ||
15196     // Otherwise look for target executable next to current wrapper
16197     try_exec(wrapper_dir / arg0.filename(), fallback_os_search) ||
17198     // Otherwise just look on the system path.
18199     (fallback_os_search && try_exec(arg0.filename(), false));

to reach the last try_exec() call on line 199 where it would search the system path because we pass a first argument that does not contain /. It is not about individual try_exec() calls falling back to $PATH search.

I still find line 197 confusing because it gives the impression that we want to instruct that individual try_exec() call to search $PATH if fallback_os_search is true, whereas it will never search $PATH because the first argument we supply contains /.

I think the code is correct and works as intended, even if I personally find it confusing. So, feel free to ignore.

in src/bitcoin.cpp:51 in 0e4ee158ca outdated

46+
47+static constexpr auto HELP_INTERNAL = R"(
48+Additional internal commands:
49+  %1$s bench [ARGS]    Run util command, equivalent to running 'bench_bitcoin [ARGS]'"
50+  %1$s test [ARGS]     Run unit test, equivalent to running 'test_bitcoin [ARGS]'"
51+  %1$s test-gui [ARGS] Run unit test, equivalent to running 'test_bitcoin-qt [ARGS]'"

vasild commented at 4:55 pm on February 12, 2025:

0  %1$s bench [ARGS]    Run bench command, equivalent to running 'bench_bitcoin [ARGS]'"
1  %1$s test [ARGS]     Run unit tests, equivalent to running 'test_bitcoin [ARGS]'"
2  %1$s test-gui [ARGS] Run GUI unit tests, equivalent to running 'test_bitcoin-qt [ARGS]'"

ryanofsky commented at 7:48 pm on February 13, 2025:

re: #31375 (review)

Thanks! Applied

in src/bitcoin.cpp:203 in 0e4ee158ca outdated

198+//! using src, bin and libexec directory paths relative to this executable, where
199+//! the path to this executable is specified in `wrapper_argv0`.
200+//!
201+//! @param args Command line arguments to execute, where first argument should
202+//!             be a relative path to a bitcoind, bitcoin-qt or other executable
203+//!             that will be located on the PATH or relative to this executable.

vasild commented at 4:59 pm on February 12, 2025:

0//!             that will be located on the PATH or relative to wrapper_argv0.

ryanofsky commented at 7:50 pm on February 13, 2025:

re: #31375 (review)

Thanks! Applied

in src/bitcoin.cpp:214 in 0e4ee158ca outdated

209+//
210+//! @note This function doesn't currently print anything but can be debugged
211+//! from the command line using strace or dtrace like:
212+//!
213+//!     strace -e trace=execve -s 10000 build/src/bitcoin ...
214+//!     dtrace -n 'proc:::exec-success { trace(curpsinfo->pr_psargs); }' -c ...

vasild commented at 5:26 pm on February 12, 2025:

The dtrace example would print all exec calls on the system, not just the ones by the given program.

0//!     dtrace -n 'proc:::exec-success /pid == $target/ { trace(curpsinfo->pr_psargs); }' -c ...

ryanofsky commented at 7:52 pm on February 13, 2025:

re: #31375 (review)

The dtrace example would print all exec calls on the system, not just the ones by the given program.

Wow previous behavior would not be great, applied your suggestion.

in src/bitcoin.cpp:145 in 0e4ee158ca outdated

140+}
141+
142+//! Cross-platform wrapper for POSIX execvp function
143+int ExecVp(const char *file, char *const argv[])
144+{
145+#ifndef WIN32

vasild commented at 5:39 pm on February 12, 2025:

I think the following two commits should be squashed into one commit:

bde036879d multiprocess: Add bitcoin wrapper executable b7213977ed multiprocess: Add bitcoin wrapper windows support

because otherwise there is an intermediate state where the code is broken on Windows (would try to use execvp() which does not exist, I guess it will not compile on Windows).

ryanofsky commented at 8:07 pm on February 13, 2025:

re: #31375 (review)

intermediate state where the code is broken on Windows

Thanks, restructured so this is no longer the case. I didn’t think anyone would care if an intermediate non-merge commit failed to compile on windows and I thought code would be easier to understand looking at the unix version first. But in retrospect a better way to separate unix and windows code is just to move the windows code to another file, so have now done that in the latest push (src/util/exec.cpp)

vasild commented at 10:22 am on February 20, 2025:

IIRC we had some guidelines somewhere that all intermediate commits should be legit - compiling and tests passing. This would matter during git-bisect(1).

ryanofsky commented at 11:53 am on February 20, 2025:

IIRC we had some guidelines somewhere that all intermediate commits should be legit - compiling and tests passing. This would matter during git-bisect(1).

Yes, but the only enforcement is with the test-each-commit CI job, so I would be surprised if there weren’t many other intermediate commits where there is some build or test error on windows. Also:

In this case the error is in a new executable that didn’t exist before this PR, so if the bisect test is testing this executable., it means the test needs either some special case for this PR anyway, or it is inefficient and testing a lot of things it doesn’t need to.
The git bisect --first-parent option skips intermediate commits and avoids problems like this. I would always recommend using --first-parent anyway because it speeds up bisection, makes it easier to follow, and makes it more reliable because intermediate commits have less CI coverage and testing in general than merge commits.

In any case, I believe every commit will compile on windows now (though I didn’t test this).

vasild commented at 5:44 pm on February 12, 2025: contributor

Approach ACK 0e4ee158ca.

I wonder if python test framework changes here are scaring reviewers from this PR?

Moving the python changes to another PR would probably speed the review of this one and probably delay the review of the other one (with the python changes).

in src/bitcoin.cpp:232 in 0e4ee158ca outdated

227+            throw std::system_error(errno, std::system_category(), strprintf("execvp failed to execute '%s'", exec_args[0]));
228+        }
229+        return true; // Will not actually be reached if execvp succeeds
230+    };
231+
232+    // Try to figure out where wrapper executable is located. This does a

vasild commented at 5:50 pm on February 12, 2025:

I wonder if this can be made dumb stupid and reduce it to just call execvp(). That is, reduce ExecCommand() to just 1 - 5 lines of code and deal with the consequences of it…

ryanofsky commented at 8:03 pm on February 13, 2025:

re: #31375 (review)

I wonder if this can be made dumb stupid and reduce it to just call execvp(). That is, reduce ExecCommand() to just 1 - 5 lines of code and deal with the consequences of it…

It’s not really clear what you could be suggesting specifically.

The only thing ExecCommand() is doing is trying to execute a few different versions of the provided command line with some prefixes added. It is basically just emulating a simple shell script. It is true that a simple shell script can turn into a 40-50 lines of code when you try to write it in c++ and make it cross platform. I think this is just what shell code in c++ looks like and that this should not present an actual problem.

vasild commented at 3:59 pm on February 20, 2025:

I don’t have any particular suggestion. I will post here if I come up with some significant simplifications.

ryanofsky referenced this in commit d2ceb2e073 on Feb 13, 2025

ryanofsky referenced this in commit a7facec668 on Feb 13, 2025

ryanofsky force-pushed on Feb 13, 2025

ryanofsky commented at 9:26 pm on February 13, 2025: contributor

Thanks for the reviews!

Rebased 0e4ee158cadc3eb8f6af1b33440ae9a95fe19487 -> edb8a72226b362ee60e4184fd8f56d1e588ce5b6 (pr/wrap.18 -> pr/wrap.19, compare) due to conflict with #31818

re: #31375#pullrequestreview-2612338457

Moving the python changes to another PR would probably speed the review of this one and probably delay the review of the other one (with the python changes).

Thanks, I guess for now it should be easy enough for reviewers not review the python changes if they aren’t interested and only ack the C++ ones.

DrahtBot removed the label Needs rebase on Feb 13, 2025

DrahtBot added the label interfaces on Feb 13, 2025

ryanofsky referenced this in commit 93abdd4bbb on Feb 14, 2025

ryanofsky referenced this in commit 45bfd97ec7 on Feb 14, 2025

ryanofsky force-pushed on Feb 14, 2025

ryanofsky commented at 3:26 pm on February 14, 2025: contributor

Rebased edb8a72226b362ee60e4184fd8f56d1e588ce5b6 -> 27bb348388a6708e8748d7073e352c047e8fb95c (pr/wrap.19 -> pr/wrap.20, compare) due to silent conflict with #31844 Updated 27bb348388a6708e8748d7073e352c047e8fb95c -> 6f0405177f89377ed272bae42becec1c75b8943c (pr/wrap.20 -> pr/wrap.21, compare) just splitting up test commits internally so they are easier to review

ryanofsky referenced this in commit e58f5e0e61 on Feb 14, 2025

ryanofsky referenced this in commit bfadc7d241 on Feb 14, 2025

ryanofsky referenced this in commit 82c25f069b on Feb 14, 2025

ryanofsky referenced this in commit eca58f926f on Feb 14, 2025

ryanofsky force-pushed on Feb 14, 2025

Sjors commented at 2:22 pm on February 18, 2025: member

re-ACK 6f0405177f89377ed272bae42becec1c75b8943c.

Lightly reviewed the code changes since my previous review. It’s nice that ExecCommand is now a bit shorter, as a result of moving some helper functionality to src/util/exec.h.

The Python changes are also easier to follow now thanks to splitting the commit.

I made a guix build for 6f0405, but didn’t try including the IPC binaries with #31802 since there’s too many build system changes there. That will be easier to test after #31741 lands.

Retested a bit on Apple Silicon macOS and on Windows.

DrahtBot requested review from vasild on Feb 18, 2025

ryanofsky referenced this in commit 6fbd915ea6 on Feb 18, 2025

ryanofsky referenced this in commit 11615b1025 on Feb 18, 2025

ryanofsky referenced this in commit e60ff180c2 on Feb 18, 2025

ryanofsky referenced this in commit 8f5228d923 on Feb 18, 2025

ryanofsky referenced this in commit 36a9b71056 on Feb 18, 2025

ryanofsky referenced this in commit 48f8e6048f on Feb 18, 2025

ryanofsky force-pushed on Feb 18, 2025

ryanofsky commented at 10:12 pm on February 18, 2025: contributor

Updated 6f0405177f89377ed272bae42becec1c75b8943c -> 185c6a416df679ddc7b38750aa4d181c0b043d5b (pr/wrap.21 -> pr/wrap.22, compare) just incorporating some python cleanups from #31866

in src/util/exec.h:20 in 185c6a416d outdated

11+
12+namespace util {
13+//! Cross-platform wrapper for POSIX execvp function.
14+int ExecVp(const char *file, char *const argv[]);
15+//! Return path to current_executable.
16+fs::path GetExePath(std::string_view argv0);

vasild commented at 11:13 am on February 20, 2025:

0//! Return path to argv0.
1fs::path GetExePath(std::string_view argv0);

ryanofsky commented at 5:06 pm on February 28, 2025:

re: #31375 (review)

Thanks, fixed!

in src/bitcoin.cpp:14 in 185c6a416d outdated

 9+#include <util/exec.h>
10+#include <util/strencodings.h>
11+#include <util/translation.h>
12+
13+#include <iostream>
14+#include <optional>

vasild commented at 12:59 pm on February 20, 2025:

nit: unused include

ryanofsky commented at 5:05 pm on February 28, 2025:

re: #31375 (review)

nit: unused include

Thanks, fixed!

in src/bitcoin.cpp:24 in 185c6a416d outdated

19+const TranslateFn G_TRANSLATION_FUN{nullptr};
20+
21+static constexpr auto HELP_USAGE = R"(Usage: %2$s [OPTIONS] COMMAND...
22+
23+Commands (run help command for more information):
24+  {gui,daemon,rpc,wallet,test,help}

vasild commented at 1:09 pm on February 20, 2025:

tx is missing and test is part of the internal commands, so:

0  {gui,daemon,rpc,wallet,tx,help}

ryanofsky commented at 5:05 pm on February 28, 2025:

re: #31375 (review)

tx is missing and test is part of the internal commands, so:

Thanks, fixed!

in src/bitcoin.cpp:28 in 185c6a416d outdated

23+Commands (run help command for more information):
24+  {gui,daemon,rpc,wallet,test,help}
25+
26+Options:
27+  -m, --multiprocess     Run multiprocess binaries bitcoin-node, bitcoin-gui.\n"
28+  -M, --monolithic       Run monolithic binaries bitcoind, bitcoin-qt. (Default behavior)\n"

vasild commented at 1:11 pm on February 20, 2025:

Some leftovers, I guess from previous incarnation of this which did not use R"(...)":

0  -m, --multiprocess     Run multiprocess binaries bitcoin-node, bitcoin-gui.
1  -M, --monolithic       Run monolithic binaries bitcoind, bitcoin-qt. (Default behavior)

ryanofsky commented at 5:05 pm on February 28, 2025:

re: #31375 (review)

Some leftovers, I guess from previous incarnation of this which did not use R"(...)":

Thanks, fixed!

in src/bitcoin.cpp:33 in 185c6a416d outdated

28+  -M, --monolithic       Run monolithic binaries bitcoind, bitcoin-qt. (Default behavior)\n"
29+  -v, --version          Show version information
30+  -h, --help             Show this help message
31+
32+Command overview:
33+  %1$s gui [ARGS]     Start GUI, equivalent to running 'bitcoin-qt [ARGS]' or 'bitcoin-gui [ARGS]'.

vasild commented at 1:23 pm on February 20, 2025:

This prints “bitcoin gui”. One might get the impression that the command is “bitcoin gui”, whereas it is just “gui”. For comparison:

0$ git help
1usage: git ... <command> [<args>]
2...
3   clone     Clone a repository into a new directory
4   init      Create an empty Git repository or reinitialize an existing one
5...

So maybe:

0  gui [ARGS]     Start GUI, equivalent to running 'bitcoin-qt [ARGS]' or 'bitcoin-gui [ARGS]'.

ryanofsky commented at 5:06 pm on February 28, 2025:

re: #31375 (review)

This prints “bitcoin gui”. One might get the impression that the command is “bitcoin gui”, whereas it is just “gui”.

Thanks for pointing that out. Changed to just print the commands like git.

vasild commented at 3:23 pm on February 20, 2025: contributor

Approach ACK 185c6a416df679ddc7b38750aa4d181c0b043d5b

ryanofsky referenced this in commit a92ecaba95 on Feb 28, 2025

ryanofsky referenced this in commit 6c457f4043 on Feb 28, 2025

ryanofsky force-pushed on Feb 28, 2025

ryanofsky commented at 5:12 pm on February 28, 2025: contributor

Thanks for the review!

Updated 185c6a416df679ddc7b38750aa4d181c0b043d5b -> 623c0f0df878968dabbaa271a7654c638603f369 (pr/wrap.22 -> pr/wrap.23, compare) cleaning up comments and help with suggestions

DrahtBot added the label Needs rebase on Mar 18, 2025

ryanofsky referenced this in commit 095801b899 on Mar 18, 2025

ryanofsky referenced this in commit 45d439dab1 on Mar 18, 2025

ryanofsky referenced this in commit a86503d749 on Mar 18, 2025

ryanofsky referenced this in commit 4ce506318a on Mar 18, 2025

ryanofsky force-pushed on Mar 18, 2025

ryanofsky commented at 5:03 pm on March 18, 2025: contributor

Rebased 623c0f0df878968dabbaa271a7654c638603f369 -> a9935d4dae8847d0549ec51ddc4349c7e8c61763 (pr/wrap.23 -> pr/wrap.24, compare) due to conflict with #32019

DrahtBot removed the label Needs rebase on Mar 18, 2025

vasild approved

vasild commented at 5:38 pm on March 18, 2025: contributor

ACK a9935d4dae8847d0549ec51ddc4349c7e8c61763

DrahtBot requested review from Sjors on Mar 18, 2025

maflcko commented at 6:00 pm on March 18, 2025: member

(According to #31866 (comment) the test commits are the same, so any reviewer here can probably also ack the other pull)

ryanofsky referenced this in commit 0d2eefca8b on Mar 19, 2025

ryanofsky referenced this in commit d190f0facc on Mar 19, 2025

ryanofsky referenced this in commit 124487354f on Mar 19, 2025

ryanofsky referenced this in commit 32c5e3dfa1 on Mar 19, 2025

yancyribbens commented at 6:06 pm on March 19, 2025: contributor

Couldn’t much of this be done by using a just file? I saw a PR a while that tried to add something about a justfile which is a way to wrap command to make them easier and more discoverable.

ryanofsky commented at 6:17 pm on March 19, 2025: contributor

Couldn’t much of this be done by using a just file? I saw a PR a while that tried to add something about a justfile which is a way to wrap command to make them easier and more discoverable.

Yes it could also be done as a shell script or python script. If we could count on a justfile interpreter, or a portable shell, or python being installed on all platforms which bitcoin runs on, the changes in the two commits here a47cf680619cae5892d72355f56f5c5051fd5434 and cbc0bdd73ed0fd672307cf0f80bf5f22f5321ccd would be simpler, though other 5 commits would not really be changed.

Sjors commented at 10:42 am on March 20, 2025: member

re-ACK a9935d4dae8847d0549ec51ddc4349c7e8c61763

Briefly tested another guix build on Windows.

ryanofsky referenced this in commit 998386d446 on Mar 20, 2025

DrahtBot added the label Needs rebase on Mar 20, 2025

ryanofsky force-pushed on Mar 20, 2025

ryanofsky commented at 2:44 pm on March 20, 2025: contributor

Rebased a9935d4dae8847d0549ec51ddc4349c7e8c61763 -> 418236c106e32abd7357551d309f8e6d1e494f72 (pr/wrap.24 -> pr/wrap.25, compare) after #31866 with no changes

vasild approved

vasild commented at 4:46 pm on March 20, 2025: contributor

ACK 418236c106e32abd7357551d309f8e6d1e494f72

DrahtBot removed the label Needs rebase on Mar 20, 2025

sr-gi referenced this in commit 30ef3c9631 on Mar 20, 2025

sr-gi referenced this in commit c3a0735edf on Mar 20, 2025

Sjors commented at 7:01 pm on March 20, 2025: member

re-ACK 418236c106e32abd7357551d309f8e6d1e494f72

Same as my last review, but the two commits shared with #31866 are merged.

Also tested (ad hoc signed) guix builds on macOS (M4 with 15.3.2, Intel with 13.7.4).

EthanHeilman referenced this in commit f777cd12a0 on Mar 20, 2025

EthanHeilman referenced this in commit 8ac048db71 on Mar 20, 2025

DrahtBot added the label Needs rebase on Mar 27, 2025

ryanofsky force-pushed on Mar 27, 2025

ryanofsky commented at 5:39 pm on March 27, 2025: contributor

Rebased 418236c106e32abd7357551d309f8e6d1e494f72 -> 155977ae8b4280100577455d34afa4d26ce89c58 (pr/wrap.25 -> pr/wrap.26, compare) due to conflict with #32145

DrahtBot removed the label Needs rebase on Mar 27, 2025

ryanofsky commented at 5:09 pm on April 10, 2025: contributor

There was some discussion about this in the IRC meeting today: https://achow101.com/ircmeetings/2025/bitcoin-core-dev.2025-04-10_16_00.log.html

One thing that came up was whether to update documentation to suggest using bitcoin daemon instead of bitcoind and bitcoin gui instead of bitcoin-qt. Seems like the most important places in doc/ to update are the README.md and README_windows.md files, but also build-{unix,osd,windows,etc}.md files, multiprocess.md, tor.md and zmq.md files.

I think it would be better to update documentation in a separate PR since existing command lines are still correct and I think it might be good for the wrapper to get a little more testing before fully recommending it everywhere. So I think I will open a separate draft PR to update the documentation, but can also do it here if there is a preference for changing the documentation at the same time.

ryanofsky commented at 6:18 pm on April 10, 2025: contributor

I’m thinking it might also be good to add an “Installed Files” section to https://github.com/bitcoin/bitcoin/blob/master/doc/files.md to describe files and directories installed by cmake and included in binary releases.

Curious for :+1::-1: if this would be useful, or just a maintenance burden. Right now it seems like we don’t have documentation describing binaries & installed files, unless I missed it somewhere. It also seems like ideally the information in files.md would be in a manpage, but that would be a separate issue.

vasild approved

vasild commented at 1:04 pm on April 11, 2025: contributor

ACK 155977ae8b4280100577455d34afa4d26ce89c58

I think it would be better to update documentation in a separate PR since existing command lines are still correct and I think it might be good for the wrapper to get a little more testing before fully recommending it everywhere

:+1:

ryanofsky commented at 1:40 pm on April 14, 2025: contributor

I’m thinking it might also be good to add an “Installed Files” section to https://github.com/bitcoin/bitcoin/blob/master/doc/files.md to describe files and directories installed by cmake and included in binary releases.

Added this section in #31679 now, looks like: https://github.com/ryanofsky/bitcoin/blob/pr/libexec/doc/files.md#installed-files

Am still planning to make a separate PR to mention the wrapper executable in other documentation, and bitcoin daemon / bitcoin gui / bitcoin rpc as alternatives to calling bitcoind / bitcoin-qt / bitcoin-cli directly.

Sjors commented at 11:07 am on April 15, 2025: member

re-ACK 155977ae8b4280100577455d34afa4d26ce89c58

Since my last review, this adds bitcoin chainstate. I didn’t retest.

ryanofsky commented at 2:43 pm on April 15, 2025: contributor

Thanks for the reviews!

Added 2 commits 155977ae8b4280100577455d34afa4d26ce89c58 -> 86eedd3c1243d4fdbe1c0f44920340ccacbac13e (pr/wrap.26 -> pr/wrap.27, compare) just adding documentation and release notes

re: #31375 (comment)

So I think I will open a separate draft PR to update the documentation

Changed my mind about this and decided just to update documentation here recommending bitcoin tool as an alternative to other command lines. If it gains use and testing and maybe has some convenience features added like options parsing and aliases, it probably will make sense to recommend it more widely, but these changes should make it easier to get started with.

in doc/README.md:22 in 86eedd3c12 outdated

16@@ -17,6 +17,9 @@ Unpack the files into a directory and run:
17 
18 - `bin/bitcoin-qt` (GUI) or
19 - `bin/bitcoind` (headless)
20+- `bin/bitcoin` (command line interface)
21+
22+The command line interface supports subcommands like `bitcoin gui`, `bitcoin daemon`, and `bitcoin rpc` exposing different functionality. Subcommands can be listed with `bitcoin help`.

vasild commented at 12:44 pm on April 16, 2025:

Well, bitcoind can also be considered “command line interface”. Also, there is already bitcoin-cli which stands for “bitcoin-command line interface”.

The additions to doc/build-osx.md use “multifunction command line interface”.

Somewhat of a bikeshed topic, not a blocker. Feel free to ignore.

ryanofsky commented at 2:32 pm on April 16, 2025:

re: #31375 (review)

Good catch, that was unintended and unnecessarily confusing. Just switched to “bitcoin command” to be precise.

vasild commented at 7:55 am on April 17, 2025:

Maybe also:

0- - `bin/bitcoin` (command line interface)
1+ - `bin/bitcoin` (wrapper command)

if you retouch

ryanofsky commented at 7:08 pm on May 12, 2025:

re: #31375 (review)

if you retouch

Thanks, updated

in doc/build-osx.md:208 in 86eedd3c12 outdated

203@@ -204,6 +204,10 @@ cmake --build build --target deploy
204 Bitcoin Core should now be available at `./build/bin/bitcoind`.
205 If you compiled support for the GUI, it should be available at `./build/bin/bitcoin-qt`.
206 
207+There is also a multifunction command line interface at `./build/bin/bitcoin`
208+supporting subcommands like `bitcoin daemon`, `bitcoin gui`, `bitcoin cli`, and

vasild commented at 12:48 pm on April 16, 2025:

0supporting subcommands like `bitcoin daemon`, `bitcoin gui`, `bitcoin rpc`, and

ryanofsky commented at 2:35 pm on April 16, 2025:

re #31375 (review)

:man_facepalming:

Thanks!

in doc/cjdns.md:117 in 86eedd3c12 outdated

112@@ -113,3 +113,5 @@ To see which CJDNS peers your node is connected to, use `bitcoin-cli -netinfo 4`
113 or the `getpeerinfo` RPC (i.e. `bitcoin-cli getpeerinfo`).
114 
115 You can use the `getnodeaddresses` RPC to fetch a number of CJDNS peers known to your node; run `bitcoin-cli help getnodeaddresses` for details.
116+
117+`bitcoin rpc` can also be substituted for `bitcoin-cli`.

vasild commented at 12:49 pm on April 16, 2025:

0`bitcoin rpc` can also be substituted for `bitcoin-cli -named`.

ryanofsky commented at 2:46 pm on April 16, 2025:

Same here (https://github.com/bitcoin/bitcoin/pull/31375#discussion_r2046878917)

in doc/external-signer.md:45 in 86eedd3c12 outdated

41@@ -40,6 +42,8 @@ Create a wallet, this automatically imports the public keys:
42 $ bitcoin-cli createwallet "hww" true true "" true true true
43 ```
44 
45+`bitcoin rpc` can also be substituted for `bitcoin-cli`.

vasild commented at 12:49 pm on April 16, 2025:

0`bitcoin rpc` can also be substituted for `bitcoin-cli -named`.

ryanofsky commented at 2:47 pm on April 16, 2025:

Same here (https://github.com/bitcoin/bitcoin/pull/31375#discussion_r2046878917)

in doc/managing-wallets.md:18 in 86eedd3c12 outdated

14@@ -15,6 +15,8 @@ The following command, for example, creates a descriptor wallet. More informatio
15 $ bitcoin-cli createwallet "wallet-01"
16 ```
17 
18+`bitcoin rpc` can also be substituted for `bitcoin-cli`.

vasild commented at 12:53 pm on April 16, 2025:

0`bitcoin rpc` can also be substituted for `bitcoin-cli -named`.

ryanofsky commented at 2:47 pm on April 16, 2025:

Same here (https://github.com/bitcoin/bitcoin/pull/31375#discussion_r2046878917)

in doc/multiprocess.md:36 in 86eedd3c12 outdated

30@@ -31,6 +31,11 @@ Alternately, you can install [Cap'n Proto](https://capnproto.org/) and [libmulti
31 
32 ## Usage
33 
34-`bitcoin-node` is a drop-in replacement for `bitcoind`, and `bitcoin-gui` is a drop-in replacement for `bitcoin-qt`, and there are no differences in use or external behavior between the new and old executables. But internally after [#10102](https://github.com/bitcoin/bitcoin/pull/10102), `bitcoin-gui` will spawn a `bitcoin-node` process to run P2P and RPC code, communicating with it across a socket pair, and `bitcoin-node` will spawn `bitcoin-wallet` to run wallet code, also communicating over a socket pair. This will let node, wallet, and GUI code run in separate address spaces for better isolation, and allow future improvements like being able to start and stop components independently on different machines and environments.
35-[#19460](https://github.com/bitcoin/bitcoin/pull/19460) also adds a new `bitcoin-node` `-ipcbind` option and a `bitcoind-wallet` `-ipcconnect` option to allow new wallet processes to connect to an existing node process.
36-And [#19461](https://github.com/bitcoin/bitcoin/pull/19461) adds a new `bitcoin-gui` `-ipcconnect` option to allow new GUI processes to connect to an existing node process.
37+Recommended way to use multiprocess binaries is to invoke `bitcoin` CLI like `bitcoin -m daemon -debug=ipc` or `bitcoin -m gui -printtoconsole -debug=ipc`.
38+
39+When the `-m` (`--multiprocess`) option is used the `bitcoin` command will execute multiprocess binaries instead of monolithic ones (`bitcoin-node` of `bitcoind`, and `bitcoin-gui` instead of `bitcoin-qt`). The multiprocess binaries can also be invoked directly, but this is not recommended as they may change or be renamed in the future, and they are not installed in the PATH.

vasild commented at 12:57 pm on April 16, 2025:

0When the `-m` (`--multiprocess`) option is used the `bitcoin` command will execute multiprocess binaries instead of monolithic ones (`bitcoin-node` instead of `bitcoind`, and `bitcoin-gui` instead of `bitcoin-qt`). The multiprocess binaries can also be invoked directly, but this is not recommended as they may change or be renamed in the future, and they are not installed in the PATH.

ryanofsky commented at 2:52 pm on April 16, 2025:

re: #31375 (review)

Thanks, fixed

in doc/multisig-tutorial.md:34 in 86eedd3c12 outdated

30@@ -31,6 +31,8 @@ do
31 done
32 ```
33 
34+`bitcoin rpc` can also be substituted for `bitcoin-cli`.

vasild commented at 12:59 pm on April 16, 2025:

I see this is in a lot of places, but the first one I saw uses -named, which think should be everywhere:

0`bitcoin rpc` can also be substituted for `bitcoin-cli -named`.

ryanofsky commented at 2:52 pm on April 16, 2025:

re: #31375 (review)

I feel like adding -named here would be confusing and also misleading since -named is not mentioned above, so mentioning it here would imply bitcoin rpc could not be substituted for the bitcoin-cli commands here when this is not the case. The only actual case where bitcoin rpc can’t be substituted for bitcoin-cli is when you need to pass a string parameter by position and the string parameter contains an = character, otherwise -named is just a generalization and more flexible way to use the cli.

hodlinator commented at 9:02 pm on May 13, 2025:

Might be nice to add a rationale for -named in the commit message of fc47f776fbafaaf9062e6b4dc29ba6e42e390d2a as it isn’t discussed in the linked issue.

ryanofsky commented at 12:22 pm on May 15, 2025:

re: #31375 (review)

Thanks, added a code comment with this information

hodlinator commented at 8:08 pm on May 15, 2025:

https://github.com/bitcoin/bitcoin/blob/7af6e1089ea264e870b26ac83e81e7aa374acbe1/src/bitcoin.cpp#L76-L83

Note that some RPCs take Base64 parameters (finalizepsbt, verifymessage), and Base64 is commonly padded with =.

ryanofsky commented at 10:23 pm on May 15, 2025:

re: #31375 (review)

Note that some RPCs take Base64 parameters (finalizepsbt, verifymessage), and Base64 is commonly padded with =.

Wow, that’s good to know about and looks like bitcoin-cli -named will not currently handle these well, just treating everything before the first ‘=’ character as the parameter name and everything after it as the parameter value.

The client can’t currently know not to do that because information in the vRPCConvertParams table there only includes the names of non-string parameters (ints, bools, objects, arrays) not string parameters. But it should not be too hard to extend the table for specific functions like finalizepsbt and verifymessage to include the names of string parameters as well. Then if the client finds a ‘=’ character and the part before the ‘=’ is not a known parameter name, it can pass the whole string as a positional argument.

This extension would still interpret some genuinely ambiguous arguments like “psbt=” or “signature=” as positional arguments instead of base64, but that seems reasonable because you probably won’t actually want the string “psbt=” be decoded as base64 and interpreted as a PSBT, and if you really did you could pass “psbt=psbt=” instead.

This seems like another thing to follow up on in a separate PR.

in doc/offline-signing-tutorial.md:37 in 86eedd3c12 outdated

33@@ -34,6 +34,8 @@ We are going to first create an `offline_wallet` on the offline host. We will th
34 }
35 ```
36 
37+`bitcoin rpc` can also be substituted for `bitcoin-cli`.

vasild commented at 12:59 pm on April 16, 2025:

0`bitcoin rpc` can also be substituted for `bitcoin-cli -named`.

ryanofsky commented at 2:56 pm on April 16, 2025:

Same here (https://github.com/bitcoin/bitcoin/pull/31375#discussion_r2046878917)

in doc/tor.md:30 in 86eedd3c12 outdated

26@@ -27,6 +27,8 @@ e.g. for `-onlynet=onion`.
27 
28 You can use the `getnodeaddresses` RPC to fetch a number of onion peers known to your node; run `bitcoin-cli help getnodeaddresses` for details.
29 
30+`bitcoin rpc` can also be substituted for `bitcoin-cli`.

vasild commented at 1:00 pm on April 16, 2025:

0`bitcoin rpc` can also be substituted for `bitcoin-cli -named`.

ryanofsky commented at 2:56 pm on April 16, 2025:

Same here (https://github.com/bitcoin/bitcoin/pull/31375#discussion_r2046878917)

in doc/release-notes-31375.md:10 in 86eedd3c12 outdated

 5+discoverable and convenient to use. The `bitcoin` tool just calls other
 6+executables and does not implement any functionality on its own.  Specifically
 7+`bitcoin daemon` is a synonym for `bitcoind`, `bitcoin gui` is a synonym for
 8+`bitcoin-qt`, and `bitcoin rpc` is a synonym for `bitcoin-cli -named`. Other
 9+commands and options can be listed with `bitcoin help`. The new tool does not
10+replace other tools, so all existing command should continue working and there

vasild commented at 1:02 pm on April 16, 2025:

0replace other tools, so all existing commands should continue working and there

vasild approved

vasild commented at 1:03 pm on April 16, 2025: contributor

ACK 86eedd3c1243d4fdbe1c0f44920340ccacbac13e modulo some minor fixups below

ryanofsky force-pushed on Apr 16, 2025

ryanofsky commented at 3:02 pm on April 16, 2025: contributor

Updated 86eedd3c1243d4fdbe1c0f44920340ccacbac13e -> 8892cb50db63656991e4d411ab804a9535f991a0 (pr/wrap.27 -> pr/wrap.28, compare) with suggested documentation fixes

Appreciate the close reading, vasild!

DrahtBot added the label Needs rebase on Apr 17, 2025

vasild approved

vasild commented at 7:57 am on April 17, 2025: contributor

ACK d0a2a5239d6c68d45f0ed9b113131fc4273d1214

Sjors commented at 1:55 pm on April 17, 2025: member

ACK 8892cb50db63656991e4d411ab804a9535f991a0 @vasild I think you got the wrong hash.

DrahtBot requested review from vasild on Apr 17, 2025

ryanofsky force-pushed on Apr 21, 2025

ryanofsky commented at 8:23 pm on April 21, 2025: contributor

Rebased 8892cb50db63656991e4d411ab804a9535f991a0 -> 81c0b9edfe533afbb2f4dda56142afdedffdb347 (pr/wrap.28 -> pr/wrap.29, compare) due to conflict with #31862. Also dropped check for build/src directory no longer needed after #31161

This PR is scheduled for a review club discussion in a few weeks so I started notes and questions in https://github.com/ryanofsky/bitcoin-core-review-club.github.io/blob/pr/wnotes/_posts/2025-05-07-%2331375.md and will put a link to the final URL in the description.

DrahtBot removed the label Needs rebase on Apr 21, 2025

vasild approved

vasild commented at 9:02 am on April 23, 2025: contributor

ACK 81c0b9edfe533afbb2f4dda56142afdedffdb347

@vasild I think you got the wrong hash.

Yes, that was HEAD~ at the time :space_invader:

in doc/multiprocess.md:50 in 81c0b9edfe outdated

48+
49+When the `-m` (`--multiprocess`) option is used the `bitcoin` command will execute multiprocess binaries instead of monolithic ones (`bitcoin-node` instead of `bitcoind`, and `bitcoin-gui` instead of `bitcoin-qt`). The multiprocess binaries can also be invoked directly, but this is not recommended as they may change or be renamed in the future, and they are not installed in the PATH.
50+
51+The multiprocess binaries currently function the same as the monolithic binaries, except they support an `-ipcbind` option.
52+
53+In the future, after [#10102](https://github.com/bitcoin/bitcoin/pull/10102) they will have other differences. Specficially `bitcoin-gui` will spawn a `bitcoin-node` process to run P2P and RPC code, communicating with it across a socket pair, and `bitcoin-node` will spawn `bitcoin-wallet` to run wallet code, also communicating over a socket pair. This will let node, wallet, and GUI code run in separate address spaces for better isolation, and allow future improvements like being able to start and stop components independently on different machines and environments. [#19460](https://github.com/bitcoin/bitcoin/pull/19460) also adds a new `bitcoind-wallet -ipcconnect` option to allow new wallet processes to connect to an existing node process.

maflcko commented at 10:00 am on April 23, 2025:

Specficially → Specifically

Also, bitcoin*d*-wallet seems odd.

ryanofsky commented at 7:10 pm on May 12, 2025:

re: #31375 (review)

Thanks, fixed both

in src/util/exec.cpp:71 in 9ac787c7a8 outdated

 98+#else
 99+    wchar_t module_path[MAX_PATH];
100+    if (GetModuleFileNameW(nullptr, module_path, MAX_PATH) > 0) {
101+        path = fs::path{module_path};
102+    }
103+#endif

TheCharlatan commented at 10:21 am on May 5, 2025:

I think it would be good to check that the file actually exists here. If in future releases more commands are added, and the user applies a command for it on a binary directory with the old version, the error is a bit terse. E.g. removing bitcoind will currently result in:

0./bitcoin daemon --signet
1Error: execvp failed to execute '/home/drgrid/bitcoin/build_dev_mode_clang/bin/bitcoind': No such file or directory
2Try './bitcoin --help' for more information.

We already print “Unrecognized command” if the command doesn’t exist. Maybe print something along the lines of “Could not execute command. Ensure the latest version is installed.”

ryanofsky commented at 7:21 pm on May 12, 2025:

re: #31375 (review)

Agree it would be nice to add a friendlier error message that would suggest how to fix the problem. Added this to the list of followups in the PR description that could make the command nicer & easier to use. My goal is to start off with the simplest working implementation and add more niceties from there.

TheCharlatan commented at 10:32 am on May 5, 2025: contributor

Approach ACK

I’ve been thinking about this approach over the approach @darosior suggested in #30983 again, and think this would indeed be cleaner. While providing multiprocess binaries over a known interface (e.g. just invoking the current binaries) could be beneficial in the initial roll out, I also like how this binary could potentially be the point where everything is packaged together if we ever do choose to go the full process + repository separation route. I think combining multiprocess and monolithic functionality in the same binary could complicate this process. I also like the extra discoverability this adds.

One thing I am still not sure about is hiding the tests as an internal command, for the same reason I laid out here: #31679 (comment)

in src/util/exec.cpp:64 in 81c0b9edfe outdated

59+                    escaped.push_back(arg[i]);
60+                }
61+            }
62+            escaped.push_back('"'); // End with a quote
63+            escaped_args.emplace_back(std::move(escaped));
64+            new_argv.push_back((char *)escaped_args.back().c_str());

hodlinator commented at 10:13 am on May 7, 2025:

Potential for use after free?

This relies on escaped_args-elements being moved around with the backing char-buffers remaining in place as the vector is resized. It probably holds for all stdlib-implementations by now, but might be slightly safer to declare and fill new_argv after this loop, or resize escaped_args ahead of the loop.

Maybe there’s some standardeese reason this is guaranteed to work that I’m unaware of.

Could use const_cast?

ryanofsky commented at 7:56 pm on May 12, 2025:

re: #31375 (review)

Good catch. If the vector was reallocated and string objects were using a small string optimization, the previous code could easily result in passing pointers to already freed memory. Fixed by adding a separate loop to construct new_argv. Also removed the c cast as that was unnecessary.

in src/util/exec.cpp:58 in 81c0b9edfe outdated

85+    if (!argv0_path.has_parent_path()) {
86+        if (const char* path_env = std::getenv("PATH")) {
87+            size_t start{0}, end{0};
88+            for (std::string_view paths{path_env}; end != std::string_view::npos; start = end + 1) {
89+                end = paths.find(':', start);
90+                fs::path candidate = fs::path(paths.substr(start, end - start)) / argv0_path;

hodlinator commented at 12:22 pm on May 7, 2025:

nit: Could use util/string.h:

0            for (const auto& element : Split(std::string_view{path_env}, ':')) {
1                fs::path candidate = fs::path{std::string_view{element.data(), element.size()}} / argv0_path;

ryanofsky commented at 8:02 pm on May 12, 2025:

re: #31375 (review)

nit: Could use util/string.h:

That’s slightly simpler, but doesn’t seem enough to want to construct and unneeded vector and pull in an extra dependency here. Worth keeping in mind if this code needs to be extended though.

in src/util/exec.cpp:18 in 81c0b9edfe outdated

13+#else
14+#include <unistd.h>
15+#endif
16+
17+namespace util {
18+int ExecVp(const char *file, char *const argv[])

hodlinator commented at 12:30 pm on May 7, 2025:

nit: Could keep style consistent with function body rather than wrapped function.

0int ExecVp(const char* file, char* const argv[])

ryanofsky commented at 8:04 pm on May 12, 2025:

re: #31375 (review)

nit: Could keep style consistent with function body rather than wrapped function.

Thanks, I can never remember where the spaces go.

in src/bitcoin.cpp:196 in 81c0b9edfe outdated

191+    try_exec(wrapper_dir / "daemon" / arg0.filename()) ||
192+    // Otherwise look for target executable next to current wrapper
193+    try_exec(wrapper_dir / arg0.filename(), fallback_os_search) ||
194+    // Otherwise just look on the system path.
195+    (fallback_os_search && try_exec(arg0.filename(), false));
196+};

hodlinator commented at 12:30 pm on May 7, 2025:

nit:

0}

ryanofsky commented at 8:05 pm on May 12, 2025:

re: #31375 (review)

Good catch, removed

in src/util/exec.cpp:65 in 81c0b9edfe outdated

92+                    path = candidate;
93+                    break;
94+                }
95+            }
96+        }
97+    }

hodlinator commented at 12:47 pm on May 7, 2025:

nit: Could verify we succeeded:

0        assert(path.has_parent_path()); // Failed resolving directory.
1    }

ryanofsky commented at 8:13 pm on May 12, 2025:

re: #31375 (review)

nit: Could verify we succeeded:

Good point. An assert seems extreme here since there could be some OS variation, but this case wasn’t being handled well in the calling function and could do things like try to execute the same path twice. Add better handling now in caller.

hodlinator commented at 8:29 pm on May 13, 2025:

Might be clearer to return std::nullopt upon failure? Feels a bit sloppy currently, but maybe okay for a glorified shell script as you wrote elsewhere: #31375 (review)

ryanofsky commented at 12:06 pm on May 15, 2025:

re: #31375 (review)

Just added a note to the GetExePath doc, because I’m not really sure std::nullopt is better representation of a path that could not be determined than path.empty(). Returning {empty path, nonempty path} seems safer than returning {null path, empty path, nonempty path} if the goal is to avoid bugs.

Theoretically if we had a not_empty<T> wrapper which asserted the wrapped value is non-empty on construction maybe optional<not_empty<path>> could be a better return type than just path, but path is simple and basically equivalent to that.

in src/bitcoin.cpp:203 in 81c0b9edfe outdated

190+    // Otherwise check the "daemon" subdirectory in a windows install.
191+    try_exec(wrapper_dir / "daemon" / arg0.filename()) ||
192+    // Otherwise look for target executable next to current wrapper
193+    try_exec(wrapper_dir / arg0.filename(), fallback_os_search) ||
194+    // Otherwise just look on the system path.
195+    (fallback_os_search && try_exec(arg0.filename(), false));

hodlinator commented at 12:53 pm on May 7, 2025:

Would be nice if we printed an error when failing to execute anything at all.

Edit: Oh, I see now, we throw an exception from the lambda upon failing. Not a fan of exceptions but that ship has sailed.

(Nice lisp code. :) )

in src/bitcoin.cpp:191 in 81c0b9edfe outdated

186+
187+    // If wrapper is installed in a bin/ directory, look for target executable
188+    // in libexec/
189+    (wrapper_dir.filename() == "bin" && try_exec(fs::path{wrapper_dir.parent_path()} / "libexec" / arg0.filename())) ||
190+    // Otherwise check the "daemon" subdirectory in a windows install.
191+    try_exec(wrapper_dir / "daemon" / arg0.filename()) ||

hodlinator commented at 12:54 pm on May 7, 2025:

nit: Wrap in #ifdef WIN32?

ryanofsky commented at 8:15 pm on May 12, 2025:

nit: Wrap in #ifdef WIN32?

Makes sense, added.

in src/util/exec.cpp:28 in 81c0b9edfe outdated

20+#ifndef WIN32
21+    return execvp(file, argv);
22+#else
23+    std::vector<char*> new_argv;
24+    std::vector<std::string> escaped_args;
25+    for (char* const* arg_ptr{argv}; *arg_ptr; ++arg_ptr) {

hodlinator commented at 2:07 pm on May 7, 2025:

Is argv guaranteed to always end with ~~an empty string~~ nullptr?

ryanofsky commented at 8:21 pm on May 12, 2025:

re: #31375 (review)

Is argv guaranteed to always end with ~~an empty string~~ nullptr?

ExecVp is our own function so we can require whatever we want from callers, but execvp requires “The array of pointers must be terminated by a NULL pointer.” https://linux.die.net/man/3/execvp so using the same interface helps keep things simple.

hodlinator commented at 8:54 pm on May 13, 2025:

nit: Could document requirements in header:

0//! Cross-platform wrapper for POSIX execvp function.
1//! [@param](/bitcoin-bitcoin/contributor/param/) argv Needs to end with nullptr element, in line with execvp.
2int ExecVp(const char* file, char* const argv[]);

ryanofsky commented at 12:09 pm on May 15, 2025:

re: #31375 (review)

Thanks, added a similar comment

in doc/JSON-RPC-interface.md:63 in b0989e3095 outdated

61@@ -62,6 +62,8 @@ bitcoin-cli -named createwallet wallet_name=mywallet load_on_startup=true
62 bitcoin-cli -named createwallet mywallet load_on_startup=true
63 ```

ismaelsadeeq commented at 2:22 pm on May 7, 2025:

In “doc: Mention bitcoin wrapper executable in documentation” b0989e3095f1964fdb523cdd4b44f0b198417014

I think it would be better to provide a single usage instruction for users. Otherwise, having separate instructions for both bin/bitcoin and bin/bitcoind in all places could be confusing.

Instead, I suggest we standardize on bin/bitcoin in all places, while still supporting the previous one for backward compatibility.

The release notes have clearly indicate this change to users.

ryanofsky commented at 7:33 pm on May 12, 2025:

I think it would be better to provide a single usage instruction for users. Otherwise, having separate instructions for both bin/bitcoin and bin/bitcoind in all places could be confusing.

It seems like it could be more confusing to not mention one of the alternatives than just describe both.

If there’s something specific that is confusing, would probably want to clarify by adding to the documentation instead of deleting things. Or if you think it is better to just not mention the new wrapper for now I’d also be fine with that, too.

ismaelsadeeq commented at 5:08 pm on May 13, 2025:

It seems like it could be more confusing to not mention one of the alternatives than just describe both.

You are right I think it’s okay to include both alternative comment in the doc/README.md.

However In my opinion, that’s sufficient, and we don’t need to repeat in every instance that, for example, bitcoin node or bitcoin GUI can be substituted with bitcoind, etc.

ismaelsadeeq commented at 2:24 pm on May 7, 2025: member

Concept ACK

I’ve Tested the new bitcoin wrapper on macOS in -regtest mode, both with and without multiprocess (-m). It ran smoothly.

DrahtBot added the label Needs rebase on May 7, 2025

in src/bitcoin.cpp:1 in f2c003c927 outdated

hodlinator commented at 2:41 pm on May 7, 2025:

nit: Child executable names leak through

 0₿ ./build/bin/bitcoin rpc --help
 1Bitcoin Core RPC client version v29.99.0-81c0b9edfe53
 2
 3The bitcoin-cli utility provides a command line interface to interact with a Bitcoin Core RPC server.
 4
 5It can be used to query network information, manage wallets, create or broadcast transactions, and control the Bitcoin Core server.
 6
 7Use the "help" command to list all commands. Use "help <command>" to show help for that command.
 8The -named option allows you to specify parameters using the key=value format, eliminating the need to pass unused positional parameters.
 9
10Usage: bitcoin-cli [options] <command> [params]
11...

Seems okay for now, but would be nice if we sent in an extra -from_wrapper arg/env var so they detect being launched by the wrapper and output help with the wrapper invocation instead.

ryanofsky commented at 8:21 pm on May 12, 2025:

re: #31375 (review)

nit: Child executable names leak through

Good suggestion, added it to the list in the PR description.

hodlinator commented at 8:15 pm on May 13, 2025:

Would be nice to merge exec.h/cpp into subprocess.h due to similar functionality. But I don’t know what happens to copyright in that case, so might be better to avoid for that reason.

ryanofsky commented at 11:54 am on May 15, 2025:

re: #31375 (review)

I think they are somewhat distinct. The subprocess header is trying to mimic python’s subprocess API and provides functions for starting and interacting with child processes. This header provides functions for getting information about and replacing the current process that don’t have any equivalent in python’s subprocess API. So not sure I’d want to merge them, though it could be a possibility.

For copyright probably we could just add our own copyright line to the subprocess header without removing the existing one, but I don’t think it matters that much.

hodlinator commented at 2:42 pm on May 7, 2025: contributor

Concept ACK 81c0b9edfe533afbb2f4dda56142afdedffdb347

Introducing a bitcoin wrapper command seems like a good step to improve discoverability of the project’s functionality.

Only briefly tested on NixOS (Linux) for now.

in src/bitcoin.cpp:30 in f2c003c927 outdated

25+  -v, --version          Show version information
26+  -h, --help             Show this help message
27+
28+Commands:
29+  gui [ARGS]     Start GUI, equivalent to running 'bitcoin-qt [ARGS]' or 'bitcoin-gui [ARGS]'.
30+  daemon [ARGS]  Start daemon, equivalent to running 'bitcoind [ARGS]' or 'bitcoin-node [ARGS]'.

ismaelsadeeq commented at 4:33 pm on May 7, 2025:

On master, when -daemon is used to start bitcoind, it means logs won’t be printed to the console. I believe that’s also the literal meaning of daemon: https://en.wikipedia.org/wiki/Daemon_(computing) This PR changes makes the keyword ambiguous to mean bitcoin node executable and start the executable in the background so doing the two things at once is now a bit awkard bitcoin daemon -daemon.

Should it be node instead?

So that we can distinguish the two and have a cleaner command bitcoin node -daemon.

Sjors commented at 6:56 am on May 8, 2025:

TIL we have a -daemon option. Indeed we’ll have to pick a different term here.

TheCharlatan commented at 7:36 am on May 8, 2025:

I think it is fine as is to be honest. bitcoind -daemon already means the same thing (albeit abbreviated).

Sjors commented at 7:40 am on May 8, 2025:

I think -daemon detaches, so you can’t ctrl + c it.

(just checked, that’s indeed what it does)

vasild commented at 7:55 am on May 9, 2025:

bitcoin daemon -daemon

Good point. Indeed I find that super not-intuitive, I did not think about that before. I would strongly prefer to rename it to node, e.g. bitcoin node -daemon.

bitcoind -daemon already means the same thing

Eh, but somehow I don’t find it so perplexing. Or even if it is as confusing, now we have a chance to pick better names.

ryanofsky commented at 11:38 am on May 9, 2025:

Good catch! I do think daemon could be ok but I agree node is better. I will update this (and I also want to look into @theStack’s suggestion to use subprocess.h, which I was unaware of and could simplify the PR)

theStack commented at 6:07 pm on May 8, 2025: contributor

Concept ACK

Did a quick test of the wrapper on OpenBSD 7.7 for the monolithic binaries, everything worked as expected so far. I’m wondering if the util/subprocess.h module could be of any use here, especially considering the windows-specific argument quoting code seems to look very simliar at a first glance?

util: Add cross-platform ExecVp and GetExePath functions

These functions are just meant to serve the needs of the bitcoin wrapper
executable, and are intentionally not very general purpose so they can be
simple.

5076d20fdb

multiprocess: Add bitcoin wrapper executable

Intended to make bitcoin command line features more discoverable and allow
installing new multiprocess binaries in libexec/ instead of bin/ so they don't
cause confusion.

Idea and implementation of this were discussed in
https://github.com/bitcoin/bitcoin/issues/30983

Co-authored-by: Sjors Provoost <sjors@sprovoost.nl>

9c8c68891b

test: Support BITCOIN_CMD environment variable

Support new BITCOIN_CMD environment variable in functional test to be able to
test the new bitcoin wrapper executable and run other commands through it
instead of calling them directly.

Co-authored-by: Sjors Provoost <sjors@sprovoost.nl>

29bdd743bb

ci: Run multiprocess tests through wrapper executable ba649c0006

build: add bitcoin.exe to windows installer d2739d75c9

doc: Mention bitcoin wrapper executable in documentation 258bda80c0

doc: Add release notes describing bitcoin wrapper executable a5ac43d98d

ryanofsky force-pushed on May 12, 2025

ryanofsky commented at 8:58 pm on May 12, 2025: contributor

Rebased 81c0b9edfe533afbb2f4dda56142afdedffdb347 -> 27874b9c6e10ac5b6e71bb5e17f44c58691684fe (pr/wrap.29 -> pr/wrap.30, compare) due to conflict with #28710, also made many suggested improvements, particularly dropping windows escaping code and replacing with call to subprocess library Updated 27874b9c6e10ac5b6e71bb5e17f44c58691684fe -> 22ee0d99b50aeac08932ca772616165a5170291e (pr/wrap.30 -> pr/wrap.31, compare) to fix python CI error https://cirrus-ci.com/task/5556588934594560 after daemon -> node rename Updated 22ee0d99b50aeac08932ca772616165a5170291e -> 4e1aae19512df82af584a064640c2143c5c5fa4f (pr/wrap.31 -> pr/wrap.32, compare) with more documentation updates after rename

re: #31375#pullrequestreview-2814380926

One thing I am still not sure about is hiding the tests as an internal command

Fair enough. Dropped the word “internal”. It is now just an additional command.

DrahtBot removed the label Needs rebase on May 12, 2025

ryanofsky force-pushed on May 12, 2025

DrahtBot added the label CI failed on May 12, 2025

DrahtBot removed the label CI failed on May 12, 2025

ryanofsky force-pushed on May 13, 2025

vasild approved

vasild commented at 9:21 am on May 13, 2025: contributor

ACK 4e1aae19512df82af584a064640c2143c5c5fa4f

Good to see the manual quoting go away and bitcoin daemon -daemon be renamed to bitcoin node -daemon.

DrahtBot requested review from theStack on May 13, 2025

DrahtBot requested review from ismaelsadeeq on May 13, 2025

DrahtBot requested review from hodlinator on May 13, 2025

DrahtBot requested review from TheCharlatan on May 13, 2025

hodlinator referenced this in commit 44ee4b40b8 on May 13, 2025

in src/bitcoin.cpp:149 in fc47f776fb outdated

144+//!                      how to look for new executables.
145+//
146+//! @note This function doesn't currently print anything but can be debugged
147+//! from the command line using strace or dtrace like:
148+//!
149+//!     strace -e trace=execve -s 10000 build/src/bitcoin ...

theStack commented at 1:55 pm on May 13, 2025:

0//!     strace -e trace=execve -s 10000 build/bin/bitcoin ...

ryanofsky commented at 11:37 am on May 15, 2025:

re: #31375 (review)

Good catch, fixed!

in src/bitcoin.cpp:89 in fc47f776fb outdated

84+        } else if (cmd.command == "chainstate") {
85+            args.emplace_back("bitcoin-chainstate");
86+        } else if (cmd.command == "test") {
87+            args.emplace_back("test/test_bitcoin");
88+        } else if (cmd.command == "test-gui") {
89+            args.emplace_back("qt/test/test_bitcoin-qt");

theStack commented at 2:06 pm on May 13, 2025:

are these prepended paths (here and also for the gui, bench and test commands above) still relevant? They seem to reflect a folder structure that doesn’t exist anymore since https://github.com/bitcoin/bitcoin/pull/31161

ryanofsky commented at 11:41 am on May 15, 2025:

re: #31375 (review)

are these prepended paths (here and also for the gui, bench and test commands above) still relevant? They seem to reflect a folder structure that doesn’t exist anymore since #31161

Good find, removed these. The prefixes were harmless but no longer do anything after the update in #31375 (comment) following the #31161 merge.

DrahtBot requested review from theStack on May 13, 2025

darosior commented at 2:25 pm on May 13, 2025: member

I’ve been thinking about this approach over the approach @darosior suggested in #30983 again, and think this would indeed be cleaner.

Explicitly signaling here that despite my suggesting a different approach in #30983 i am not opposed to this one.

Sjors commented at 3:40 pm on May 13, 2025: member

re-tACK 4e1aae19512df82af584a064640c2143c5c5fa4f

Briefly retested on macOS. Will retest on Windows later.

Main changes since my last review:

using subprocess in Windows to replace a bunch of string manipulation code (good idea @theStack)
bitcoin node instead of bitcoin daemon to disambiguate from (detaching) -daemon

in src/util/exec.cpp:9 in 4e1aae1951 outdated

0@@ -0,0 +1,73 @@
1+// Copyright (c) 2025 The Bitcoin Core developers
2+// Distributed under the MIT software license, see the accompanying
3+// file COPYING or http://www.opensource.org/licenses/mit-license.php.
4+
5+#include <util/fs.h>
6+#include <util/subprocess.h>
7+

hodlinator commented at 8:30 pm on May 13, 2025:

Should this include util/exec.h?

ryanofsky commented at 12:09 pm on May 15, 2025:

re: #31375 (review)

Good catch, added.

in share/setup.nsi.in:76 in 3eb0d32715 outdated

72@@ -73,6 +73,7 @@ Section -Main SEC0000
73     SetOutPath $INSTDIR
74     SetOverwrite on
75     File @abs_top_builddir@/release/@BITCOIN_GUI_NAME@@EXEEXT@
76+    File @abs_top_builddir@/release/@BITCOIN_WRAPPER_NAME@@EXEEXT@

hodlinator commented at 9:08 pm on May 13, 2025:

It appears we should also be deleting this in the uninstall section further down, right after: https://github.com/bitcoin/bitcoin/blob/3eb0d327153f61ef2121a4b261b024f6ee1f3398/share/setup.nsi.in#L133

Sjors commented at 8:25 am on May 14, 2025:

Good point, otherwise it leaves bitcoin.exe behind because it’s not inside the daemon subdirectory.

I’ll add this to my Windows test:

 0diff --git a/share/setup.nsi.in b/share/setup.nsi.in
 1index 270468ad7b..2160cc05a1 100644
 2--- a/share/setup.nsi.in
 3+++ b/share/setup.nsi.in
 4@@ -130,6 +130,7 @@ done${UNSECTION_ID}:
 5
 6 # Uninstaller sections
 7 Section /o -un.Main UNSEC0000
 8+    Delete /REBOOTOK $INSTDIR\@BITCOIN_WRAPPER_NAME@@EXEEXT@
 9     Delete /REBOOTOK $INSTDIR\@BITCOIN_GUI_NAME@@EXEEXT@
10     Delete /REBOOTOK $INSTDIR\COPYING.txt
11     Delete /REBOOTOK $INSTDIR\readme.txt

Sjors commented at 8:51 am on May 14, 2025:

Works like a charm.

I also briefly tested bitcoin.exe gui, node and rpc.

ryanofsky commented at 12:27 pm on May 15, 2025:

re: #31375 (review)

Thanks to both for the suggestion and testing. Added this line

hodlinator commented at 9:15 pm on May 13, 2025: contributor

Code Review 4e1aae19512df82af584a064640c2143c5c5fa4f

Seems like a slight fix would be good in the NSI script, see inline comment.

Nice simplification of ExecVp since previous review.

Tested on NixOS.

Tested redirection of stderr/stdout

0./build/bin/bitcoin node > foo
1./build/bin/bitcoin node --nonexistentarg 2> err

“foo” stdout file contains expected log output. Confirmed by changing bitcoind.cpp error message that it was properly writing to “err” stderr file.

Tested moving bitcoin executable

Ensured /src was in $PATH and copied bitcoin executable there. Gives expected error messages:

0~/bitcoin/src
1₿ bitcoin node --nonexistentarg 
2Error: execvp failed to execute 'bitcoind': No such file or directory
3Try 'bitcoin --help' for more information.
4
5~/bitcoin/src
6₿ ./bitcoin node --nonexistentarg 
7Error: execvp failed to execute '/home/hodlinator/bitcoin/src/bitcoind': No such file or directory
8Try './bitcoin --help' for more information.

DrahtBot requested review from hodlinator on May 13, 2025

in src/bitcoin.cpp:1 in fc47f776fb outdated

0@@ -0,0 +1,198 @@
1+// Copyright (c) 2024 The Bitcoin Core developers

ismaelsadeeq commented at 12:28 pm on May 15, 2025:

In “multiprocess: Add bitcoin wrapper executable” https://github.com/bitcoin/bitcoin/commit/ceabc8cd43fa17be795974a85083aa8e865c654d Copy right bump to 2025-present.

ryanofsky commented at 7:50 pm on May 15, 2025:

re: #31375 (review)

Thanks! Updated

in CMakeLists.txt:95 in fc47f776fb outdated

93@@ -94,6 +94,7 @@ endif()
94 #=============================
95 include(CMakeDependentOption)

ismaelsadeeq commented at 12:29 pm on May 15, 2025:

In “multiprocess: Add bitcoin wrapper executable” https://github.com/bitcoin/bitcoin/commit/ceabc8cd43fa17be795974a85083aa8e865c654d

Should the list of executable mentioned that bitcoin-node and bitcoin-gui since are hidden unlike bitcoind and should be accessed via bitcoin process?

ryanofsky commented at 10:34 pm on May 15, 2025:

re: #31375 (review)

Which list of executables is this referring to? No executables are hidden currently, though #31679 is a PR that could hide them. (That PR is a little stuck, but I think it will become easier to understand if this PR is merged.) This PR should just provide a new way of starting executables, and allow some of them them be hidden, but not actually hide anything itself

ismaelsadeeq commented at 1:54 pm on May 16, 2025:

Thanks for the context.

ryanofsky force-pushed on May 15, 2025

ryanofsky commented at 12:38 pm on May 15, 2025: contributor

Updated 4e1aae19512df82af584a064640c2143c5c5fa4f -> 7af6e1089ea264e870b26ac83e81e7aa374acbe1 (pr/wrap.32 -> pr/wrap.33, compare) with suggestions adding windows uninstall line, removing no longer used cmake build prefixes, and improving many comments.

Sjors commented at 12:58 pm on May 15, 2025: member

re-utACK 7af6e1089ea264e870b26ac83e81e7aa374acbe1

I didn’t retest.

DrahtBot requested review from vasild on May 15, 2025

in src/bitcoin.cpp:171 in ceabc8cd43 outdated

166+        exec_args[0] = exe_path_str.c_str();
167+        if (util::ExecVp(exec_args[0], (char*const*)exec_args.data()) == -1) {
168+            if (allow_notfound && errno == ENOENT) return false;
169+            throw std::system_error(errno, std::system_category(), strprintf("execvp failed to execute '%s'", exec_args[0]));
170+        }
171+        return true; // In practice, this line should not be reached if execvp succeeds

ismaelsadeeq commented at 1:06 pm on May 15, 2025:

Shouldn’t we throw when that happen?

ryanofsky commented at 8:04 pm on May 15, 2025:

re: #31375 (review)

Shouldn’t we throw when that happen?

Yes, that’s a good idea, added this.

in src/bitcoin.cpp:28 in ceabc8cd43 outdated

23+  -m, --multiprocess     Run multiprocess binaries bitcoin-node, bitcoin-gui.
24+  -M, --monolithic       Run monolithic binaries bitcoind, bitcoin-qt. (Default behavior)
25+  -v, --version          Show version information
26+  -h, --help             Show this help message
27+
28+Commands:

ismaelsadeeq commented at 1:16 pm on May 15, 2025:

In “multiprocess: Add bitcoin wrapper executable” ceabc8cd43fa17be795974a85083aa8e865c654d

Are these actually commands?

Maybe target would be a better name. The commands are what’s being forwarded to the executable, right?

It gets confusing in the error message, like when you pass cli:

0Error: Unrecognized command: 'cli'

Maybe it would be clearer as:

0Error: Unrecognized target: 'cli'

It gets more ambigous when you omit the command in the RPC

the error is

0error: too few parameters (need at least command)

So I think it worth differentiating the two

hodlinator commented at 7:48 pm on May 15, 2025:

Git approach is command + subcommand:

0₿ git sdfsdf
1git: 'sdfsdf' is not a git command. See 'git --help'.
2
3₿ git remote sdfsdf
4error: unknown subcommand: `sdfsdf'

Edit: Maybe in the bitcoin-cli case it should actually be called simply “procedure” (as in RPC) rather than “command”.

ryanofsky commented at 8:25 pm on May 15, 2025:

re: #31375 (review)

Nice catch finding that omitting an RPC command produces a potentially confusing error message:

0$ bitcoin rpc 
1error: too few parameters (need at least command)

I think it would be good to address in a followup since it will require changing bitcoin-cli, but I think bitcoin-cli should behave have more like bitcoin and git and output usage information and a failing exit code when misused.

I think output would should look more like:

 0$ bitcoin rpc
 1Usage: bitcoin rpc [options] <command> [params]
 2or:    bitcoin rpc [options] help
 3or:    bitcoin rpc [options] help <command>
 4
 5Bitcoin Core RPC client version v29.99.0-4e1aae19512d-dirty
 6
 7The RPC client provides a command line interface to interact with a Bitcoin Core server.
 8
 9It can be used to query network information, manage wallets, create or broadcast transactions, and control the Bitcoin Core server.
10
11Use the "help" command to list all commands. Use "help <command>" to show help for that command.
12Most commands accept parameters, which can be specified as a list, or written in key=value format.

I will add a note to follow up on this in the PR description.

In general though I think “command” is probably a good term to stick with.

in src/bitcoin.cpp:72 in ceabc8cd43 outdated

67+        if (cmd.show_help || cmd.command.empty()) {
68+            tfm::format(std::cout, HELP_USAGE, argv[0]);
69+            if (cmd.show_help_all) tfm::format(std::cout, HELP_EXTRA);
70+            return cmd.show_help ? EXIT_SUCCESS : EXIT_FAILURE;
71+        } else if (cmd.command == "gui") {
72+            args.emplace_back(cmd.use_multiprocess ? "bitcoin-gui" : "bitcoin-qt");

ismaelsadeeq commented at 3:23 pm on May 15, 2025:

In “multiprocess: Add bitcoin wrapper executable” https://github.com/bitcoin/bitcoin/commit/ceabc8cd43fa17be795974a85083aa8e865c654d

I think we should prevent mixing up options with commands using this suggestion or something like it.

If you pass -v you should not pass any other command same with help

 0        if (cmd.show_version) {
 1            if (argc > 2) {
 2                tfm::format(std::cout, "Error: too many arguments");
 3                return EXIT_FAILURE;
 4            }
 5            tfm::format(std::cout, "%s version %s\n%s", CLIENT_NAME, FormatFullVersion(), FormatParagraph(LicenseInfo()));
 6            return EXIT_SUCCESS;
 7        }
 8
 9        if (cmd.show_help || cmd.command.empty()) {
10            if (cmd.show_help_all && argc <= 3){
11                tfm::format(std::cout, HELP_USAGE, argv[0]);
12                tfm::format(std::cout, HELP_EXTRA);
13                return EXIT_SUCCESS;
14            }
15            if (argc > 2) {
16                tfm::format(std::cout, "Error: too many arguments");
17                return EXIT_FAILURE;
18            }
19            tfm::format(std::cout, HELP_USAGE, argv[0]);
20            return cmd.show_help ? EXIT_SUCCESS : EXIT_FAILURE;
21        }
22        std::vector<const char*> args;
23        if (cmd.command == "gui") {

ryanofsky commented at 8:36 pm on May 15, 2025:

re: #31375 (review)

I can believe that it might not be good to allow certain options with commands, but would be helpful to know some specific examples you think are problems?

I don’t like suggested change very much because it seems to provide less information to users while making the logic more deeply nested and complicated, and doesn’t seem to follow the pattern of trying to provide usage information when the command is misused.

But please let me know if you think there are specific cases that would be good to fix, because I would be interested in fixing them either here or in a follow up.

ismaelsadeeq commented at 2:02 pm on May 16, 2025:

E.g on this branch

 0 abubakarismail@Abubakars-MacBook-Pro ~/D/W/b/bitcoin ((a5ac43d9))> build/bin/bitcoin -h rpc
 1Usage: build/bin/bitcoin [OPTIONS] COMMAND...
 2
 3Options:
 4  -m, --multiprocess     Run multiprocess binaries bitcoin-node, bitcoin-gui.
 5  -M, --monolithic       Run monolithic binaries bitcoind, bitcoin-qt. (Default behavior)
 6  -v, --version          Show version information
 7  -h, --help             Show this help message
 8
 9Commands:
10  gui [ARGS]     Start GUI, equivalent to running 'bitcoin-qt [ARGS]' or 'bitcoin-gui [ARGS]'.
11  node [ARGS]    Start node, equivalent to running 'bitcoind [ARGS]' or 'bitcoin-node [ARGS]'.
12  rpc [ARGS]     Call RPC method, equivalent to running 'bitcoin-cli -named [ARGS]'.
13  wallet [ARGS]  Call wallet command, equivalent to running 'bitcoin-wallet [ARGS]'.
14  tx [ARGS]      Manipulate hex-encoded transactions, equivalent to running 'bitcoin-tx [ARGS]'.
15  help [-a]      Show this help message. Include -a or --all to show additional commands.

I would like if it will emit the help text of rpc command instead.

ryanofsky commented at 7:56 pm on May 20, 2025:

re: #31375 (review)

I would like if it will emit the help text of rpc command instead.

Makes sense! I expanded the “Integrating help” followup note in the description and linked to this comment.

in src/bitcoin.cpp:34 in ceabc8cd43 outdated

29+  gui [ARGS]     Start GUI, equivalent to running 'bitcoin-qt [ARGS]' or 'bitcoin-gui [ARGS]'.
30+  node [ARGS]    Start node, equivalent to running 'bitcoind [ARGS]' or 'bitcoin-node [ARGS]'.
31+  rpc [ARGS]     Call RPC method, equivalent to running 'bitcoin-cli -named [ARGS]'.
32+  wallet [ARGS]  Call wallet command, equivalent to running 'bitcoin-wallet [ARGS]'.
33+  tx [ARGS]      Manipulate hex-encoded transactions, equivalent to running 'bitcoin-tx [ARGS]'.
34+  help [-a]      Show this help message. Include -a or --all to show additional commands.

ismaelsadeeq commented at 3:24 pm on May 15, 2025:

In “multiprocess: Add bitcoin wrapper executable” https://github.com/bitcoin/bitcoin/commit/ceabc8cd43fa17be795974a85083aa8e865c654d

help seems redundant here we can get same behavior with -h, maybe just add -a?

ryanofsky commented at 8:40 pm on May 15, 2025:

re: #31375 (review)

I wouldn’t necessarily expect a user looking for help to know whether they are supposed to type bitcoin help or bitcoin --help or something else, so it seems reasonable to support both or these, as long as they are both fit in with other syntax we support. git could be a model here as well since it also supports both git --help and git help.

ismaelsadeeq commented at 2:02 pm on May 16, 2025:

fair point.

ismaelsadeeq commented at 3:31 pm on May 15, 2025: member

Code review 7af6e1089ea264e870b26ac83e81e7aa374acbe1

I’ve also tested this on macOS.

It was running smoothly. I tried shutting it down using the CLI interface, and it worked as expected.

However, I encountered an issue when performing an unclean shutdown using CTRL+C. The process hung, and I had to pkill bitcoind to terminate it.

I wasn’t running with -debug option, so I couldn’t figure out exactly what went wrong. I tried to reproduce the issue but couldn’t It worked smoothly in all subsequent runs and shutdown even during unclean shutdown. Because of that, I would encourage additional testing on all supported platforms.

I also have some comments and a suggestion to help prevent mixing up options with commands.

DrahtBot requested review from ismaelsadeeq on May 15, 2025

ryanofsky referenced this in commit 2fe87d016b on May 15, 2025

ryanofsky force-pushed on May 15, 2025

ryanofsky commented at 10:38 pm on May 15, 2025: contributor

Thanks for the reviews!

Updated 7af6e1089ea264e870b26ac83e81e7aa374acbe1 -> a5ac43d98d1ad3ebed934f2c50208a85aae17e5e (pr/wrap.33 -> pr/wrap.34, compare) just updating copyright and adding exception to handle an unexpected condition

re: #31375#pullrequestreview-2843509023

However, I encountered an issue when performing an unclean shutdown using CTRL+C.

This could be a real issue but I somewhat doubt this PR could cause something like that. Unless the wrapper executable is printing help or error output should only be making a single exec call, so there is very little it could be doing to influence the next executable that is started.

DrahtBot added the label CI failed on May 15, 2025

DrahtBot removed the label CI failed on May 17, 2025

in src/bitcoin.cpp:171 in a5ac43d98d

166+        exec_args[0] = exe_path_str.c_str();
167+        if (util::ExecVp(exec_args[0], (char*const*)exec_args.data()) == -1) {
168+            if (allow_notfound && errno == ENOENT) return false;
169+            throw std::system_error(errno, std::system_category(), strprintf("execvp failed to execute '%s'", exec_args[0]));
170+        }
171+        throw std::runtime_error("execvp returned unexpectedly");

vasild commented at 8:49 am on May 21, 2025:

This can be written like:

0util::ExecVp(exec_args[0], (char*const*)exec_args.data()); // If it returns then an error has occurred.
1
2if (allow_notfound && errno == ENOENT) return false;
3throw std::system_error(errno, std::system_category(), strprintf("execvp failed to execute '%s'", exec_args[0]));

it is less indentation and less code - no need for the “this will never be reached” throw.

ryanofsky commented at 6:01 pm on May 21, 2025:

re: #31375 (review)

execvp is documented to return -1 if there is an error (https://linux.die.net/man/3/execvp and https://learn.microsoft.com/en-us/cpp/c-runtime-library/reference/execvp-wexecvp) so if it returns something else I think it is better to abort and not just keep going.

in src/util/exec.h:16 in a5ac43d98d

11+
12+namespace util {
13+//! Cross-platform wrapper for POSIX execvp function.
14+//! Arguments and return value are the same as for POSIX execvp, and the argv
15+//! array should consist of null terminated strings and be null terminated
16+//! itself, like the POSIX function.

vasild commented at 8:52 am on May 21, 2025:

super nit, but I can’t resist :rescue_worker_helmet: :

“null terminated strings” and “null terminated” array – it is not the same “null”:

0//! array should consist of '\0'-terminated strings and be nullptr-terminated
1//! itself, like the POSIX function.

:runner:

ryanofsky commented at 6:06 pm on May 21, 2025:

re: #31375 (review)

Yes I used to refer to them as NUL terminated strings, until I came across https://en.wikipedia.org/wiki/Null-terminated_string and decided there wasn’t any real ambiguity and null was probably easier to read. But would be ok changing this if others would prefer

vasild approved

vasild commented at 8:53 am on May 21, 2025: contributor

ACK a5ac43d98d1ad3ebed934f2c50208a85aae17e5e

ryanofsky commented at 6:10 pm on May 21, 2025: contributor

Thanks for reviewing again!

in src/util/exec.cpp:59 in 5076d20fdb outdated

54+        if (const char* path_env = std::getenv("PATH")) {
55+            size_t start{0}, end{0};
56+            for (std::string_view paths{path_env}; end != std::string_view::npos; start = end + 1) {
57+                end = paths.find(':', start);
58+                fs::path candidate = fs::path(paths.substr(start, end - start)) / argv0_path;
59+                if (fs::is_regular_file(candidate, ec)) {

theStack commented at 10:52 pm on May 21, 2025:

in commit 5076d20f: nit: since the error code ec isn’t used, could use the shorter one-parameter variant of is_regular_file (denoted as (2) in https://en.cppreference.com/w/cpp/filesystem/is_regular_file)

ryanofsky commented at 8:16 pm on May 22, 2025:

re: #31375 (review)

in commit 5076d20: nit: since the error code ec isn’t used, could use the shorter one-parameter variant of is_regular_file

The reason for doing this is the std::error_code overload should prevent the call from throwing exceptions. If for example the specified path is inaccessible due to permissions, the code should ignore the path and move onto the next one, not trigger an error or an exception.

theStack commented at 11:31 pm on May 22, 2025:

That makes sense, thanks for clarifying (missed that the one-parameter variant was not noexcept). Might be worth it to add a small comment about this in a follow-up PR.

in src/bitcoin.cpp:140 in 9c8c68891b outdated

135+    }
136+    return cmd;
137+}
138+
139+//! Execute the specified bitcoind, bitcoin-qt or other command line in `args`
140+//! using src, bin and libexec directory paths relative to this executable, where

theStack commented at 11:00 pm on May 21, 2025:

in commit 9c8c6889: nit: the directory list seems outdated

0//! using bin and libexec directory paths relative to this executable, where

(don’t know if it’s really that important, but could even mentioned the “daemon” directory on Windows)

ryanofsky commented at 8:19 pm on May 22, 2025:

re: #31375 (review)

in commit 9c8c688: nit: the directory list seems outdated

Thanks! I made this change locally so it will be included here if there is another update, or in one of the followups.

in src/bitcoin.cpp:179 in 9c8c68891b outdated

174+    // Get the wrapper executable path.
175+    const fs::path wrapper_path{util::GetExePath(wrapper_argv0)};
176+
177+    // Try to resolve any symlinks and figure out the directory containing the wrapper executable.
178+    std::error_code ec;
179+    fs::path wrapper_dir{fs::weakly_canonical(wrapper_path, ec)};

theStack commented at 11:04 pm on May 21, 2025:

in commit 9c8c6889: nit: since the error code ec isn’t used, could use the shorter variant of weakly_canonical (denoted as (3) in https://en.cppreference.com/w/cpp/filesystem/canonical)

0    fs::path wrapper_dir{fs::weakly_canonical(wrapper_path)};

ryanofsky commented at 8:23 pm on May 22, 2025:

re: #31375 (review)

Thanks, again it’s important to call the non-throwing overload here, because any error should be handled by trying to execute relative to the original, not throwing an error if symlinks can’t be resolved for whatever reason.

theStack approved

theStack commented at 11:33 pm on May 21, 2025: contributor

ACK a5ac43d98d1ad3ebed934f2c50208a85aae17e5e

Tested the wrapper more in-depth on Debian Linux 12, both with monolithic and multiprocess binaries this time, and also tried calling the wrapper without path separator to test PATH searching. Everything worked fine. Reviewed the code, though I only lightly looked at the Windows-specific parts in the exec.cpp module. Left some small refactoring and a comment improvement nit below, nothing blocking.

ryanofsky commented at 8:26 pm on May 22, 2025: contributor

Thanks for the review! This could be ready to merge with another ack

ismaelsadeeq approved

ismaelsadeeq commented at 8:35 pm on May 22, 2025: member

fwiw my last review implied an ACK a5ac43d98d1ad3ebed934f2c50208a85aae17e5e

Further improvement can come after this as mentioned in the description, and also since I could not and no one reproduced the freeze I encountered in the unclean shutdown it is not a blocker to this.

Sjors commented at 7:39 am on May 23, 2025: member

utACK a5ac43d98d1ad3ebed934f2c50208a85aae17e5e

Since my last review this just adds throw std::runtime_error("execvp returned unexpectedly") and the copyright change.

hodlinator approved

hodlinator commented at 9:46 am on May 23, 2025: contributor

ACK a5ac43d98d1ad3ebed934f2c50208a85aae17e5e

Concept: #31375#pullrequestreview-2821205668

git range-diff master 4e1aae1 a5ac43d shows only minor fixups since previous review (https://github.com/bitcoin/bitcoin/pull/31375#pullrequestreview-2838013470).

achow101 commented at 7:25 pm on May 27, 2025: member

ACK a5ac43d98d1ad3ebed934f2c50208a85aae17e5e

achow101 merged this on May 27, 2025

achow101 closed this on May 27, 2025

hebasto commented at 3:57 pm on May 28, 2025: member

There seems a silent conflict with #32396.

hebasto commented at 7:27 pm on May 28, 2025: member

There seems a silent conflict with #32396.

Addressed in #32634.

multiprocess: Add bitcoin wrapper executable #31375

Code Coverage & Benchmarks

Reviews

Conflicts

Tested redirection of stderr/stdout

Tested moving bitcoin executable