Commit Graph

9326 Commits

Author SHA1 Message Date
Chris Rankin
592d7238fd
CORDA-3685: Prevent ServiceHub.signInitialTransaction from throwing undeclared checked exceptions. (#6111) 2020-04-28 17:02:37 +01:00
Dan Newton
297e504740
CORDA-3291 isKilled flag and session errors for killed flows (#6170)
* CORDA-3291 `isKilled` flag and session errors for killed flows

## Summary

Two major improvements have been worked on:

- A new flag named `isKilled` has been added to `FlowLogic` to allow
developers to break out of loops without suspension points.
- Killed flows now send session errors to their counter parties allowing
their flows to also terminate without further coordination.

Achieving these changes required a __fundamental__ change to how flows are
killed as well as how they sleep.

## `isKilled` flag

The addition of `FlowLogic.isKilled` allows flows to check if the
current flow has been killed. They can then throw an exception to lead
to the flow's termination (following the standard error pathway). They
can also perform some extra logic or not throw an exception if they
really wanted to.

No matter what, once the flag is set, the flow will terminate. Due to
timing, a killed flow might successfully process its next suspension
event, but it will then process a killed transition and terminate.

## Send session errors when killing a flow

A flow will now send session errors to all of its counter parties. They
are transferred as `UnexpectedFlowEndException`s. This allows initiated
flows to handle these errors as they see fit, although they should
probably just terminate.

## How flows are killed

### Before

Originally we were relying on Quasar to interrupt a flow's fiber, we
could then handle the resulting `InterruptedException`. The problem with
this solution is that it only worked when a flow was already suspended
or when a flow moved into suspension. Flows stuck in loops did not work.

### After

We now *do not* use Quasar to interrupt a flow's fiber. Instead, we
switch `FlowStateMachine.isKilled` to true and schedule a new event.
Any event that is processed after switching this flag will now cause a
`KilledFlowTransition`. This transition follows similar logic to how
error propagation works. Note, the extra event allows a suspended flow
to be killed without waiting for the event that it was _really_ waiting
for.

This allows a lot of the tidy up code in `StateMachineManager.killFlow`
to be removed as tidy up is executed as part of removing a flow.
Deleting a flow's checkpoint and releasing related soft locks is still
handled manually in case of infinite loops but also triggered as part
of the actions executed in a transition.

This required flow sleeping to be changed as we no longer rely on
quasar.

## How flows now sleep

The reliance on Quasar to make a flow sleep has been removed.

Instead, when a flow sleeps we create a `ScheduledFuture` that is
delayed for the requested sleep duration. When the future executes it
schedules a `WakeUpFromSleep` event that wakes up the flow... Duh.

`FlowSleepScheduler` handles the future logic. It also uses the same
scheduled thread pool that timed flows uses.

A future field was added to `StateMachineState`. This removes the 
need for concurrency control around flow sleeps as the code path does
not need to touch any concurrent data structures.

To achieve this:

- `StateMachineState.future` added as a `var`
- When the `ScheduledFuture` is created to wake up the flow the passed
in `StateMachineState` has its `future` value changed
- When resumed `future` and `isWaitingForFuture` are set to `null` and
`false` respectively
- When cancelling a sleeping flow, the `future` is cancelled and nulled
out. `isWaitingForFuture` is not changed since the flow is ending anyway
so really the value of the field is not important.
2020-04-28 15:53:44 +01:00
Chris Rankin
1c3ec2eb18
CORDA-3738: Upgrade to DJVM 1.1-RC01. (#6182)
* Update for changes to API for DJVM 1.1-RC01.

* Tidy up generics for DJVM serialization.
2020-04-28 15:43:14 +01:00
James Higgs
ab43238420
[EG-438] Error Reporting Framework (#6125)
* [EG-438] First commit of error code interface

* [EG-438] Implement error reporter and a few error codes

* [EG-438] Add unit tests and default properties files

* [EG-438] Add the error table builder

* [EG-438] Update initial properties files

* [EG-438] Add some Irish tests and the build.gradle

* [EG-438] Fall back for aliases and use different resource strategy

* [EG-438] Define the URL using a project-specific context

* [EG-438] Tidy up initialization code

* [EG-438] Add testing to generator and tidy up

* [EG-438] Remove direct dependency on core and add own logging config

* [EG-438] Fix compiler warnings and tidy up logging

* [EG-438] Fix detekt warnings

* [EG-438] Improve error messages

* [EG-438] Address first set of review comments

* [EG-438] Use enums and a builder for the reporter

* [EG-438] Add kdocs for error resource static methods

* [EG-438] Handle enums defined with underscores

* [EG-438] Slight refactoring of startup code

* [EG-438] Port changes to error reporting code from future branch

* [EG-438] Also port test changes

* [EG-438] Suppress a deliberately unused parameter
2020-04-28 14:07:50 +01:00
nikinagy
274b958dad switch on the publishing of sources 2020-04-28 11:43:07 +01:00
Dan Newton
9a2ae8ae19
CORDA-3722 withEntityManager can rollback its session (#6187)
* CORDA-3722 withEntityManager can rollback its session

## Summary

Improve the handling of database transactions when using
`withEntityManager` inside a flow.

Extra changes have been included to improve the safety and
correctness of Corda around handling database transactions.

This focuses on allowing flows to catch errors that occur inside an
entity manager and handle them accordingly.

Errors can be caught in two places:

- Inside `withEntityManager`
- Outside `withEntityManager`

Further changes have been included to ensure that transactions are
rolled back correctly.

## Catching errors inside `withEntityManager`

Errors caught inside `withEntityManager` require the flow to manually
`flush` the current session (the entity manager's individual session).
By manually flushing the session, a `try-catch` block can be placed
around the `flush` call, allowing possible exceptions to be caught.

Once an error is thrown from a call to `flush`, it is no longer possible
to use the same entity manager to trigger any database operations. The
only possible option is to rollback the changes from that session.
The flow can continue executing updates within the same session but they
will never be committed. What happens in this situation should be handled
by the flow. Explicitly restricting the scenario requires a lot of effort
and code. Instead, we should rely on the developer to control complex
workflows.

To continue updating the database after an error like this occurs, a new
`withEntityManager` block should be used (after catching the previous
error).

## Catching errors outside `withEntityManager`

Exceptions can be caught around `withEntityManager` blocks. This allows
errors to be handled in the same way as stated above, except the need to
manually `flush` the session is removed. `withEntityManager` will
automatically `flush` a session if it has not been marked for rollback
due to an earlier error.

A `try-catch` can then be placed around the whole of the
`withEntityManager` block, allowing the error to be caught while not
committing any changes to the underlying database transaction.

## Savepoints / Transactionality

To make `withEntityManager` blocks work like mini database transactions,
save points have been utilised. A new savepoint is created when opening
a `withEntityManager` block (along with a new session). It is then used
as a reference point to rollback to if the session errors and needs to
roll back. The savepoint is then released (independently from
completing successfully or failing).

Using save points means, that either all the statements inside the
entity manager are executed, or none of them are.

## Some implementation details

- A new session is created every time an entity manager is requested,
but this does not replace the flow's main underlying database session.
- `CordaPersistence.transaction` can now determine whether it needs
to execute its extra error handling code. This is needed to allow errors
escape `withEntityManager` blocks while allowing some of our exception
handling around subscribers (in `NodeVaultService`) to continue to work.
2020-04-28 11:20:00 +01:00
nikinagy
ec96a844bd
CORDA-3659 - adding kdoc for RestrictedEntityManager and RestrictedConnection (#6179)
* adding kdoc for RestrictedEntityManager and RestrictedConnection

* adding kdoc for RestrictedEntityManager and RestrictedConnection
2020-04-28 09:35:47 +01:00
Rick Parker
e6e1caa58a
Merge pull request #6185 from corda/nnagy-os4.4-os4.5-20200426-2
os4.4->os4.5 2020-04-26
2020-04-28 09:02:36 +01:00
Xavier Leprêtre
9396ee9551 Make TransactionBuilder's input references deep copied on copy. 2020-04-25 22:50:09 +04:00
Denis Rekalov
6581815ec2
Merge pull request #6183 from corda/denis/ENT-5222-tls-handshake-error
ENT-5222: Prevent from blocking connections after transport failure on TLS handshake
2020-04-24 18:40:26 +01:00
Joseph Zuniga-Daly
e618416861 Move files to their new home 2020-04-24 17:11:15 +01:00
nikinagy
ee7700e28f Add Hibernate UTC Fix 2020-04-24 17:00:10 +01:00
nikinagy
8eab8653cd Merge branch 'release/os/4.4' of https://github.com/corda/corda into nnagy-os4.4-os4.5-20200426-2
 Conflicts:
	node-api/src/main/kotlin/net/corda/nodeapi/internal/persistence/HibernateConfiguration.kt
	node-api/src/main/kotlin/net/corda/nodeapi/internal/rpc/client/AMQPClientSerializationScheme.kt
2020-04-24 16:57:57 +01:00
Matthew Nesbit
8eda8b744f
Merge pull request #6181 from corda/nnagy-os-4.3-os-4.4-20200423
Nnagy os 4.3 os 4.4 20200423
2020-04-24 15:00:34 +01:00
Denis Rekalov
c86249adb3 ENT-5222: Prevent from blocking further connections after transport failure on TLS handshake 2020-04-24 13:59:19 +01:00
Matthijs van den Bos
a298a94960
Load CordaServices before NotaryService (#6173)
On node start, load CordaServices before starting the NotaryService,
so that the NotaryService can check that the services it requires are
available when starting.

Resolves #6172.
2020-04-24 09:15:38 +01:00
nikinagy
335372cfc1 Merge branch 'release/os/4.3' into nnagy-os-4.3-os-4.4-20200423 2020-04-23 16:03:17 +01:00
Joseph Zuniga-Daly
69a4f80cd2
ENT-5141: Fix ConcurrentModificationException in FetchDataFlow (#6176)
* ENT-5141: Fix ConcurrentModificationException in FetchDataFlow

* Make detekt happy

* Make CheckpointSerializationEnvironmentRule inheritable
2020-04-23 13:11:23 +01:00
Denis Rekalov
824c01daad
ENT-5219: Synchronize BCCryptoService between OS and ENT (#6178) 2020-04-23 12:44:27 +01:00
ivanterziev
73d5fc4db6
EG-1404 - Retired the rst doc source structure under /docs and update… (#6147)
* Retired the rst doc source structure under /docs and updated the /docs/README.md
*Rollback of /example-code and /whitepaper dirs back under /docs dir until new code example process is in place
2020-04-23 09:56:57 +01:00
Joseph Zuniga-Daly
0beee5beff
CORDA-3316: Add ThrowableEvolutionTests unit test (#6167)
* CORDA-3316: Add ThrowableEvolutionTests unit test

* Add timeouts to tests

* Remove extra space before class name
2020-04-23 08:54:37 +01:00
Viktor Kolomeyko
257026f606
CORDA-3726: Remove memory leaks when many InProcess nodes started (#6169)
* CORDA-3762: Integration test exposing the problem reported

* CORDA-3726: Additional logging

* CORDA-3726: Prevent thread leaks

* CORDA-3726: New `journalBufferTimeout` parameter

* CORDA-3726: Override `journalBufferTimeout` parameter

* CORDA-3726: Making Detekt happier

* CORDA-3276: Account for extra thread user in MockNetwork

For real node this does not matter as `shutdown` can safely be called multiple times, which is not true for server thread provided by MockNetwork

* CORDA-3276: Do not make SMM shutdown "executor" as it belongs to AbstractNode

* CORDA-3276: Address input from @rick-r3

* CORDA-3276: Fix test after rebase
2020-04-23 08:53:51 +01:00
Adel El-Beik
f3c78c02da
CORDA-3730: New version enabled features can now be switched on with constants. (#6175) 2020-04-23 08:44:06 +01:00
Rick Parker
28f00ce92a
CORDA-3701 Fix bugs in some iterator checkpoint serializers (#6135)
* CORDA-3701 Fix bugs in some iterator checkpoint serializers

* Added some more tests and tidied up implementation some more.

* Fix imports to be detekt compliant

* Add timeouts to tests
2020-04-22 16:21:39 +01:00
nikinagy
02d21c7bac
making sure hibernate uses UTC time zone (#6168) 2020-04-22 13:34:17 +01:00
Denis Rekalov
0d441c3760
ENT-4912: Enable CRL checking with embedded Artemis (#6154) 2020-04-22 10:35:58 +01:00
Dimos Raptis
ad020647ab
[NOTICK] - Bump platform version to 7 2020-04-21 14:40:48 +01:00
nikinagy
2bcaa2ac80
CORDA-3569 - Add RestrictedConnection and more blocked methods to RestrictedEntityManager (#6129)
* adding blocked functions ro RestrictedEntityManager and creating RestrictedConnection class

* adding flow tests and fixing issues regarding the review

* adding quasar util to gradle

* updating flow tests

* adding space before } at .isThrownBy()

* adding spaces
2020-04-21 14:39:41 +01:00
Christian Sailer
9ca251c65f
ENT-4494 revert postgre to previous open source behaviour (#6166)
* ENT-4494 revert to previous open source behaviour re postgres while discussions about DB harmonization is ongoing

* Remove unused imports
2020-04-21 13:14:12 +01:00
Chris Rankin
7e13491a25
CORDA-3716: Fix Enum serializers to handle enums that override toString()
* CORDA-3716: Fix SandboxEnumSerializer to handle enums that override toString().

* Remove more uses of Enum.toString() from the Corda serializer.

* Add test coverage for this case to standard enum serializer.

* Increase maxWaitTimeout in IRSDemoTest to 150 seconds.
2020-04-20 17:49:12 +01:00
Dimos Raptis
8faf72f7b5
[ENT-5210] - Whitelist SNAPPY encoding (#6163)
* [ENT-5210] - Whitelist SNAPPY encoding

* Remove unused imports
2020-04-20 08:09:38 +01:00
Chris Rankin
6f437b5b09
CORDA-3716: Fix SandboxEnumSerializer to handle enums that override toString(). (#6159)
* CORDA-3716: Fix SandboxEnumSerializer to handle enums that override toString().

* Remove more uses of Enum.toString() from the Corda serializer.

* Add test coverage for this case to standard enum serializer.

* Increase maxWaitTimeout in IRSDemoTest to 150 seconds.
2020-04-19 23:29:08 +01:00
Ramzi El-Yafi
45b43f116d
[EG-503] Test cases for exposed notaryService (#6161) 2020-04-17 16:51:27 +01:00
Razvan Codreanu
f4c1119727
INFRA-284 switching from local k8s label (#6156) 2020-04-17 15:53:10 +01:00
Razvan Codreanu
4210c0d81f
INFRA-284 switching from local k8s label (#6157) 2020-04-17 15:52:47 +01:00
Razvan Codreanu
e5d554571f
INFRA-284 switching label (#6153) 2020-04-17 00:01:55 +01:00
Ramzi El-Yafi
6a07284324
[EG-503] Spent state audit tool (#6107)
* [EG-503] Spent state audit tool

Fixes

* Refinements to notary query interfaces. Feature complete.

* EG-503: Introduce optional `notaryService` in `ServiceHubCoreInternal`

* Remove redundant logic following change to use extensions API

Co-authored-by: Viktor Kolomeyko <viktor.kolomeyko@r3.com>
2020-04-16 16:05:21 +01:00
Adel El-Beik
27ea570fbb
CORDA-3696: JDK 11 Testing branch (#6131)
* CORDA-3696: Temporary update to enable JDK11 build and test. Will eventually be switchable.

* CORDA-3696: Filter out the Nashorn warning.

* CORDA-3696: Add JDK11 classifier.

* CORDA-3696: Updated match string to cope with JDK11.

* CORDA-3696: Filtering out SPHINCS256_SHA256 where failing due to JDK11.

* CORDA-3696: Now remove SPHINCS256_SHA256 only if JDK11.

* CORDA-3696: Fix test failure - switch to regex matching.

* CORDA-3696: Hide the illegal access warnings.

* CORDA-3696: Check for Java11 when disabling Java11 warnings.

* CORDA-3696: Fix unneccessary non null check.

* CORDA-3696: Reverting build env to JDK8

* CORDA-3696: Revert hiding of illegal access warnings via Unsafe class.

* CORDA-3696: Remove internal access warnings and new JDK11 version checker.

* CORDA-3696: Updated build file for OS

* CORDA-3696: Removed typo

* CORDA-3696: Fixed space typo.

* CORDA-3696: Open modules to remove the illegal access warnings.

Co-authored-by: Adel El-Beik <adelel-beik@19LDN-MAC108.local>
2020-04-16 10:20:30 +01:00
Razvan Codreanu
2ad996c0bd
INFRA-284 Testing out new aks template (#6150)
* INFRA-284 Testing out new aks template
* INFRA-284 switching back to k8s on all files
2020-04-16 07:56:39 +01:00
Ryan Fowler
7dc8aa8f7c
Corda 3675 update netty (#6146)
* CORDA-3675: Update netty for security

* Try to improve thread counting in tests
2020-04-14 12:31:02 +01:00
Chris Rankin
2ab1324806
CORDA-3562: Update SandboxToStringSerializer not to need extra sandbox task. (#6149) 2020-04-14 11:13:14 +01:00
Waldemar Żurowski
c4667c08e4
Changed frequency of Github Actions for sync between GH and Jira (#6148)
* run every hour instead every 15 minutes
* assign & close executed at different times
2020-04-14 10:17:44 +01:00
Dan Newton
896b0ab246
CORDA-3691 delete checkpoint record when complete (#6134)
* CORDA-3691 Delete checkpoint when flow finishes

The checkpoint and its related records in joined tables should be deleted
when a flow finishes.

Keeping these flows around will be completed in the future.

* CORDA-3691 Ignore some flow metadata tests

Ignore tests around recording the finish time of flow metadata records
since we are not currently keeping COMPLETED flows in the database.
2020-04-09 16:57:03 +01:00
Waldemar Żurowski
662b9ad4b4
Update README.md (#6144) 2020-04-09 15:31:19 +01:00
Dimitris Gounaris
c79540f661
Add github action for syncing assignees between github-jira (#6143)
Co-authored-by: Dimitris Gounaris <dimitrisgounaris@20LDN-MAC257.local>
2020-04-08 17:10:02 +01:00
Dimitris Gounaris
aac2476e09
Add github actions to sync open and closed issues in jira (#6138)
Co-authored-by: Dimitris Gounaris <dimitrisgounaris@20LDN-MAC257.local>
2020-04-07 19:17:01 +01:00
Kyriakos Tharrouniatis
501b766e71
CORDA-3604 Store failed and hospitalised errors along with corresponding statuses (#6061)
Flows that are kept for overnight observation:

- Save their Checkpoint.status as 'HOSPITALIZED' in the database
- Save the error that caused the hospitalization in the database

A new Event was added for this reason. Whenever the hospital determines
a flow for hospitalization, it adds this Event in the flow's fiber queue.
When processed it creates a new DB transaction, stores the checkpoint status along with
the error, and it adds a 'FlowContinuation.ProcessEvents' continuation so that the fiber keeps
processing events (effectively since there are no more events in the fiber's channel, the fiber will suspend).

Flows that error:

- Their checkpoints are kept in the database
- Save their Checkpoint.status as 'FAILED'
- Save the error that caused the error in the database

Upon erroring, the flow's Checkpoint.status gets updated('FAILED') and the checkpoint is stored
in the database instead of getting removed. The flow then propagates the error to counterparties,
sets its future with the error and gets removed from memory.
2020-04-07 17:58:00 +01:00
Chris Rankin
39cc5e3403
CORDA-3698: Require no classifier for Open Core and DJVM-related modules. (#6132)
* ENT-4967: Require no classifier for corda-node-djvm, corda-deserializers-djvm.

* Also remove classifiers from core, serialization and finance-contracts.

* Compile corda-serialization-djvm for Java 8 and remove its classifier.
2020-04-06 11:00:40 +01:00
Chris Rankin
e93e5f28a1
CORDA-3689: Fix scanning AppClassLoader on Java 11. (#6121)
* Upgrade ClassGraph to 4.6.68 to fix scanning AppClassLoader on JDK11.
* Revert CORDA-1575 to prevent CordaRPCClient logs from being clobbered.
2020-04-06 11:00:10 +01:00
Walter Oggioni
42211a6d45
fixed bug in error reporting (#6127)
the current code doesn't forward the exception to the logging system, this means that any cause inside the exception is lost as with all of the stacktraces (both the one of the thrown exception and the one belonging to its cause).
The correct way to log an exception is to pass both the message and the exception to the logging system.
2020-04-06 09:48:35 +01:00