f0e829022a
308aec3e5655327d98e0428d8205d246f24d6af5 build: disable external-signer for Windows (fanquake)
35537318a19360ddf1ea8f0c1e6d8ad49e635516 ci: remove --enable-external-signer from win64 job (fanquake)
Pull request description:
It's come to light that Boost ASIO (a Boost Process sub dep) has in some
instances, been quietly initialising our network stack on Windows (see
PR https://github.com/bitcoin/bitcoin/pull/28486 and discussion in https://github.com/bitcoin/bitcoin/issues/28940).
This has been shielding a bug in our own code, but the larger issue
is that Boost Process/ASIO is running code before main, and doing things
like setting up networking. This undermines our own assumptions about
how our binary works, happens before we run any sanity checks,
and before we call our own code to setup networking. Note that ASIO also
calls WSAStartup with version `2.0`, whereas we call with `2.2`.
It's also not clear why a feature like external signer would have a
dependency that would be doing anything network/socket related,
given it only exists to spawn a local process.
See also the discussion in https://github.com/bitcoin/bitcoin/issues/24907. Note that the maintaince of Boost Process in general,
has not really improved. For example, rather than fixing bugs like https://github.com/boostorg/process/issues/111,
i.e, https://github.com/boostorg/process/pull/317, the maintainer chooses to just wrap exception causing overflows
in try-catch blocks: 0c42a58eac. These changes get merged in large,
unreviewed PRs, i.e https://github.com/boostorg/process/pull/319.
This PR disables external-signer on Windows for now. If, in future, someone
changes how Boost Process works, or replaces it entirely with some
properly reviewed and maintained code, we could reenable this feature on
Windows.
ACKs for top commit:
hebasto:
re-ACK 308aec3e5655327d98e0428d8205d246f24d6af5.
TheCharlatan:
ACK 308aec3e5655327d98e0428d8205d246f24d6af5
Tree-SHA512: 7405f7fc9833eeaacd6836c4e5b1c1a7845a40c1fdd55c1060152f8d8189e4777464fde650e11eb1539556a75dddf49667105987078b1457493ee772945da66e
Building Bitcoin Core with Visual Studio
Introduction
Visual Studio 2022 is minimum required to build Bitcoin Core.
Solution and project files to build with msbuild or Visual Studio can be found in the build_msvc directory.
To build Bitcoin Core from the command-line, it is sufficient to only install the Visual Studio Build Tools component.
The "Desktop development with C++" workload must be installed as well.
Building with Visual Studio is an alternative to the Linux based cross-compiler build.
Prerequisites
To build dependencies (except for Qt), the default approach is to use the vcpkg package manager from Microsoft:
-
Install vcpkg.
-
By default, vcpkg makes both
releaseanddebugbuilds for each package. To save build time and disk space, one could skipdebugbuilds (example uses PowerShell):
Add-Content -Path "vcpkg\triplets\x64-windows-static.cmake" -Value "set(VCPKG_BUILD_TYPE release)"
Qt
To build Bitcoin Core with the GUI, a static build of Qt is required.
- Download a single ZIP archive of Qt source code from https://download.qt.io/official_releases/qt/ (e.g.,
qt-everywhere-opensource-src-5.15.11.zip), and expand it into a dedicated folder. The following instructions assume that this folder isC:\dev\qt-source.
💡 Tip: If you use the default path with "Extract All" for the Qt source code zip file, and end up with something like
C:\dev\qt-everywhere-opensource-src-5.15.11\qt-everywhere-src-5.15.11, you are likely to encounter a "path too long" error when building. To fix the problem move the source files to a shorter path such as the recommendedC:\dev\qt-source.
- Open "x64 Native Tools Command Prompt for VS 2022", and input the following commands:
cd C:\dev\qt-source
mkdir build
cd build
..\configure -release -silent -opensource -confirm-license -opengl desktop -static -static-runtime -mp -qt-zlib -qt-pcre -qt-libpng -nomake examples -nomake tests -nomake tools -no-angle -no-dbus -no-gif -no-gtk -no-ico -no-icu -no-libjpeg -no-libudev -no-sql-sqlite -no-sql-odbc -no-sqlite -no-vulkan -skip qt3d -skip qtactiveqt -skip qtandroidextras -skip qtcharts -skip qtconnectivity -skip qtdatavis3d -skip qtdeclarative -skip doc -skip qtdoc -skip qtgamepad -skip qtgraphicaleffects -skip qtimageformats -skip qtlocation -skip qtlottie -skip qtmacextras -skip qtmultimedia -skip qtnetworkauth -skip qtpurchasing -skip qtquick3d -skip qtquickcontrols -skip qtquickcontrols2 -skip qtquicktimeline -skip qtremoteobjects -skip qtscript -skip qtscxml -skip qtsensors -skip qtserialbus -skip qtserialport -skip qtspeech -skip qtsvg -skip qtvirtualkeyboard -skip qtwayland -skip qtwebchannel -skip qtwebengine -skip qtwebglplugin -skip qtwebsockets -skip qtwebview -skip qtx11extras -skip qtxmlpatterns -no-openssl -no-feature-bearermanagement -no-feature-printdialog -no-feature-printer -no-feature-printpreviewdialog -no-feature-printpreviewwidget -no-feature-sql -no-feature-sqlmodel -no-feature-textbrowser -no-feature-textmarkdownwriter -no-feature-textodfwriter -no-feature-xml -prefix C:\Qt_static
nmake
nmake install
One could speed up building with jom, a replacement for nmake which makes use of all CPU cores.
To build Bitcoin Core without Qt, unload or disable the bitcoin-qt, libbitcoin_qt and test_bitcoin-qt projects.
Building
- Use Python to generate
*.vcxprojfor the Visual Studio 2022 toolchain from Makefile:
python build_msvc\msvc-autogen.py
-
An optional step is to adjust the settings in the
build_msvcdirectory and thecommon.init.vcxprojfile. This project file contains settings that are common to all projects such as the runtime library version and target Windows SDK version. The Qt directories can also be set. To specify a non-default path to a static Qt package directory, use theQTBASEDIRenvironment variable. -
To build from the command-line with the Visual Studio toolchain use:
msbuild build_msvc\bitcoin.sln -property:Configuration=Release -maxCpuCount -verbosity:minimal
Alternatively, open the build_msvc/bitcoin.sln file in Visual Studio.
Security
Base address randomization is used to make Bitcoin Core more secure. When building Bitcoin using the build_msvc process base address randomization can be disabled by editing common.init.vcproj to change RandomizedBaseAddress from true to false and then rebuilding the project.
To check if bitcoind has RandomizedBaseAddress enabled or disabled run
.\dumpbin.exe /headers src/bitcoind.exe
If is it enabled then in the output Dynamic base will be listed in the DLL characteristics under OPTIONAL HEADER VALUES as shown below
8160 DLL characteristics
High Entropy Virtual Addresses
Dynamic base
NX compatible
Terminal Server Aware
This may not disable all stack randomization as versions of windows employ additional stack randomization protections. These protections must be turned off in the OS configuration.