Re: [Bitcoin-development] Linux packaging letter

[Greg Troxel]

Gregory Maxwell gmaxw...@gmail.com writes:

 It's portable to anything that can run the relevant VMs.  Uh
 provided you don't mind cross compiling everything from an unbuntu VM.
  It certainly would be nice if the trusted-computing-base for gitian
 were a bit smaller, thats an area for long term improvement for sure.

Thanks - I'll look forward to this being portable someday.  Right now it
sounds similar to a windows binary but you can use wine with
substitution of variables :-) People may want to look at the NetBSD
build system, which I think achieves bit-identical builds from different
hosts (but I haven't really checked), by having the toolchain be part of
the source and building cross-compilers from host to target and then
using those to build the system.

 Say Bitcoin used a backing database which had an unknown a bug where
 any item with a key that begins with 0xDEADBEEF returns not found when
 queried, even if its in the DB. Once discovered, any database library
 would want to fix that quickly and they'd fix it in a point release
 without reservation. They might not even release note that particular
 fix it if went along with some others, it could even be fixed
 accidentally.

 Now say that we have a state where half the Bitcoin network is running
 the old buggy version, and half is running the fixed version.  Someone
 creates a transaction with ID 0xDEADBEEF...  and then subsequently
 spends the output of that transaction. This could be by pure chance or
 it could be a malicious act.

 To half the network that spending transaction looks like someone
 spending coin from nowhere, a violation of the rules.  The consensus
 would then fork, effectively partitioning the network.  On each fork
 any coin could be spent twice, and the fork will only be resolvable by
 one side or the other abandoning their state (generally the more
 permissive side would need to be abandoned because the permissive one
 is tolerant of the restrictive one's behavior) by manually downgrading
 or patching software.  As a result of this parties who believed some
 of their transactions were safely settled would find them reversed by
 people who exploited the inconsistent consensus.

Thanks for the explanation - that indeed makes sense.

 multiple packages is difficult, and runs into A wants only n of C, while
 B wants only m.

 My understanding is that gentoo is actually able to handle this (and
 does, for Bitcoin)— and really I presume just about everything else
 could with enough effort. I certainly wouldn't ask anyone else to do
 that.  If you're really getting into the rathole of building separate
 libraries just for Bitcoin the value of packaging it goes away.

Well, if you insist on not having updates and bugfixes, then either it's
the included version or there's a special package just for you.
Typically packaging systems don't like included versions because often a
package will have a security bug fixed long before there are updates of
packages that bundle that fixed version.But given bitcoin's special
needs, that means you have to stay on top of these dependent included
packages and re-release if there are security fixes (that don't break
consensus).

 Running a complete set of tests is a start— though the unit tests are
 not and cannot be adequate. There is a full systems testing harnesses
 which should be used on new platforms.  Even that though isn't really
 adequate, as it is currently infeasible to even achieve complete test
 coverage in things like cryptographic libraries and database
 environments.

It would be nice if the regression tests were installed and it were
normal culturallly for end-users to run them.


Thanks again for the explanation; I understand where you are coming from
now.


--
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831iu=/4140/ostg.clktrk
___
Bitcoin-development mailing list
Bitcoin-development@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-development

Re: [Bitcoin-development] Linux packaging letter

[Greg Troxel]

I find it interesting that this is a linux packaging letter.  How much
of this applies to pkgsrc, FreeBSD ports, OpenBSD ports, and other
non-Linux packaging systems (pkgsrc supports Linux as on of 20 operating
systems, but is not a Linux packaging system)?

Is the repeatable build infrastructure portable (to any reasonable
mostly-POSIX-compliant system, with gcc or clang)?  I have the vague
impression it's Ubuntu only, but I am very unclear on this point.  How
does this repeatableness interact with building for multiple operating
systems and cpu types (say 20 OS, with typically 3 versions of the OS
for each, with 1-20 cpu types per OS, for a cross-product of perhaps 200
combinations)?

Requiring precise library depdendencies is quite awkward.  Certainly
requiring new enough to avoid known bugs is understandable, but that
should be caught at configure time and fail.  Synchronous updates of
multiple packages is difficult, and runs into A wants only n of C, while
B wants only m.  So if you are talking about running regression tests
with the set of versions of a dependency that are considered reasonable,
and there's therefore a solution to the multiple-package constraint
problem, that seems ok.

It seems like a bug that the package will build on BE systems and then
fail tests.   If it's known not to be ok, it seems that absent some
configure-time flag the build should fail.

Asking people not to patch should mean willingnesss to make accomodation
in the master sources for build issues for multiple packaging systems.
I haven't gotten around to packaging this for pkgsrc - so far I only
have the energy to lurk (due to too many things on the todo list).  But
I often find that some changes are needed.  If you're willing (in
theory) to add in configure flags to control build behavior (in a way
that you can audit and decide is safe), that's great, and of course we
can discuss an actual situation when one gets figured out.

Greg




--
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831iu=/4140/ostg.clktrk
___
Bitcoin-development mailing list
Bitcoin-development@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-development