Add check_pub_error macro

[tcharding]

Public errors are part of the public API, as such we need to be careful not to change them. One thing that is hard to notice is adding/removing Send/Sync.

Add a macro that asserts that an error type implements Send, Sync and std::error::Error (feature guarded on test and feature = "std").

Based on idea by @Kixunil: #1127 (comment)

Notes since first raising PR

• All the release job discussion below is resolved now.

[tcharding]

I'm not sure why the release job cargo publish -p bitcoin --dry-run fails to find the new macro?

[tcharding]

All the force pushes are me rebasing on #1742 trying to get it past CI.

[sanket1729]

concept ACK. Left one question

[sanket1729]

Why is this pub and why do we need a trait? Any drawbacks of creating this in #cfg(test) for this? We can also do this with function without the trait.

#[cfg(test)
fn assert_send_sync<T: Send + Sync + Debug> {}

macro_rules check_pub_error {
	#[cfg(test)]
	assert_send_sync<$type>();	
}

[Kixunil]

It's pub because it's in internals and reused. We can define the function inside macro, hygiene should take care of conflicts. Unless someone can prove it slows down compilation.

[tcharding]

I ended up using a trait still but feature guarding so the trait is not built in in non-test builds. Ok?

[sanket1729]

Sure. I am okay as long it is only in tests.

[Kixunil]

assert Debug is implemented

We should just check for std::error::Error on std.

[apoelstra]

Hmm, shitty.

So @tcharding the reason CI is failing is that cargo publish tries to use the version of internals that's already on crates.io. So if we add literally anything to internals ... or to hashes ... then the release job will fail.

On the one hand, this is exactly what we want to happen (it's telling us that we can't release bitcoin without releasing internals fist). But on the other hand, we're about 48 hours into this release and we're already getting a failure from the CI job, so I guess we've gotta figure out how to get it to be yellow instead of red :)

[Kixunil]

Sounds like detecting release PRs is a better solution.

[apoelstra]

@tcharding could you try adding a commit which does that, to see if it makes CI pass?

I think that wrapping the publish checks in if git diff --quiet */Cargo.toml; then ... fi will do it.

[tcharding]

Spent more time playing with bash than I wanted to, will try and fix the release thing again tomorrow.

[Kixunil]

Concept ACK.

[Kixunil]

Perhaps we should also check that no_std errors are still Send + Sync?

[apoelstra]

Neat! ACK. Part of me feels like bikeshedding the name, but this is good.

Perhaps we should have similar macros for primitives e.g. to make sure that they all implement clone/partialeq/eq/hash/debug/display/fromstr. Unsure. At some point it gets unweildy to do this with macros that we have to remember to call inline.

[apoelstra]

ACK 928635ded299622bb08436fc44fb7028b0377b3a

[stevenroose]

Left a suggestion.

[stevenroose]

Still not super happy this is pub.

I would suggest the following changes:

• have a single macro and have a ($type:ty) => {}; rule for non-test, non-empty rule for test
• do Sanket's approach for methods, have one method fn check_sendsync<T: Send + Sync>() and fn check_error<T: std::error::Error>() and gate the second on std.

Currently there is a bug that non-std test runs will not be able to build.

[Kixunil]

I'm not happy about it either but seems less work for compiler (and compile times!). It's hidden which is a clear signal people shouldn't use it (and internals is also such signal). If anyone is insane enough to depend on it they deserve the consequences.

[tcharding]

I used you suggestions @stevenroose except I was unable to put an attribute on the arms of the macro so I kept the dummy macro for not test builds.

[tcharding]

Changes in force push:

• Uses suggestion by @sanket1729 to use a function instead of a trait.
• Uses suggestion by @stevenroose to separate the std and non-std checks.

I also checked that the macro is used for all errors (I grepped for std::error::Error so ironically if any error types are missing this impl then I'll have missed them).

[apoelstra]

I'm a little surprised that this works now without the functions being pub

[apoelstra]

ACK 70054bcffa51a43e60fb11f0fb99035418b1c7f1

[tcharding]

I'm a little surprised that this works now without the functions being pub

I was surprise also, I tried to work out why it works and I cannot. (Also the comment on dead_code is wrong, will fix it and force push.)

[Kixunil]

Maybe we should use bare cfg, not feature, so this doesn't get pulled in when --all-features is used?

[tcharding]

I used #[cfg(trait_checks)] and I enabled it in all builds by exporting RUSFLAGS from the top level contrib/test.sh script.

[Kixunil]

We should have at least one build without it in case something gets messed up.

[tcharding]

Oh yes, very good point.

[Kixunil]

Could also check Debug + Display for no_std.

[tcharding]

Done as a separate trait.

[Kixunil]

Unrelated but it looks like this should be called HiddenNodesError or be withing an error module.

[tcharding]

Noted, thanks.

[tcharding]

Changes in force push:

• Use #[cfg(trait_checks)] instead of feature
• Check for Display/Debug for all builds

[tcharding]

Changes in force push:

• Changed cfg option to be check_traits (instead of trait_checks) so its a verb in line with "bench" and "bitcoin_fuzz".
• Changed CI to explicitly call cargo build with RUSTFLAGS set instead of setting for all builds.

[tcharding]

ooo, I had missed all the public errors that were structs (as opposed to enums). Now included.

[tcharding]

Sweeet, macro finds to unusual error types, they were added in commit: 1a2cf2681 Implement consensus encoding adapter for serde by you @Kixunil. Are we happy with DecodeError and DecodeInitError not implementing the usual traits?

I've added FIXME to mark the two errors.

[Kixunil]

Good question, IIRC those errors are meant to be converted to serde errors. But adding the impls wouldn't be too bad. I think we should check Send + Sync at least.

[tcharding]

I elected to implement Display and std::error::Error for both types, added as an initial patch.

[Kixunil]

write_err

[tcharding]

I'm not totally sure on the best content to put in the error message of write_err, noting it here but can discuss on #1862.

[tcharding]

I rebased this one to fix merge conflicts, but to do the rebase properly I have to go through the whole codebase again and check no new errors were introduced since I last did this. I can't be bothered doing that right now. Can we just agree that this PR might miss adding the macro to some errors, and keep an eye out?

[sanket1729]

ACK c406cc2. This looks great. Did not check whether all parts are covered

[apoelstra]

Honestly now I'm a little tempted to scrap this PR in favor of just using some creative greping on the output of #1880, which would be resilient against new errors being introduced.

[tcharding]

That's not a bad idea because it would put further "coding policy" things into the same place instead of having a bunch of macros that one must remember to call (assuming we come up with more things like that introduced here).

[tcharding]

Draft until #1880 resolves.

[tcharding]

Looks like we are going to use cargo public-api to solve this problem.

ref: rust-bitcoin/hex-conservative#34

[Kixunil]

@tcharding it'd still be nice to have some tool to check that the API is good in the first place (e.g. an error type implements std::error::Error). cargo public-api helps with the biggest footguns though.

[apoelstra]

@Kixunil right -- after bringing in cargo public-api we had a vague plan to write some shell scripts (or Perl or whatever) that would run in CI and do sanity checks like "if a type has Error in its name then it impls std::error::Error".

Unfortunately every specific rule we've thought of has had a bunch of exceptions :) but if you have ones in mind it'd be awesome to start doing it. Maybe in hex-conservative first where we have a much smaller API.

[Kixunil]

Well, I think the one you mentioned doesn't have an exception. :) I'd throw in Clone (later, when we get rid of io::Error, Send, and Sync as well, maybe also PartialEq. Another that comes to mind: <T as FromStr>::Err and <T as TryFrom<U>>::Error should end with Error. IIRC there are also some interesting clippy lints which I'd prefer instead of shell scripts.