split into separate adrs for protocol and chain versions

We were computing these functions incorrectly.
I'm not sure what distribution these numbers are, but it isn't the
normal exponential distribution. (We're making the probability of
getting a number of a particular bitlength equal, but the number in
that bitlength thats gets chosen is uniformly chosen)

We weren't using these functions anywhere in our codebase, and they
had a nomenclature error. (There aren't exponentially distributed
integers, instead they would be geometrically distributed)

CHANGELOG.md

@@ -1,16 +1,24 @@
 # Changelog
 
+## TBA
+
+BREAKING CHANGES:
+- [libs/common] remove exponentially distributed random numbers
+
+IMPROVEMENTS:
+- [config] Increase default send/recv rates to 5 mB/s
+
 ## 0.22.4
 
 *July 14th, 2018*
 
-FEATURES:
-- [tools] Merged in from github.com/tendermint/tools
-
-IMPROVEMENTS:
+BREAKING CHANGES:
 - [genesis] removed deprecated `app_options` field.
 - [types] Genesis.AppStateJSON -> Genesis.AppState
 
+FEATURES:
+- [tools] Merged in from github.com/tendermint/tools
+
 BUG FIXES:
 - [tools/tm-bench] Various fixes
 - [consensus] Wait for WAL to stop on shutdown

Makefile

@@ -114,7 +114,7 @@ protoc_libs:
 	## See https://stackoverflow.com/a/25518702
 	protoc $(INCLUDE) --go_out=plugins=grpc:. libs/common/*.proto
 	@echo "--> adding nolint declarations to protobuf generated files"
-	@awk '/package libs/common/ { print "//nolint: gas"; print; next }1' libs/common/types.pb.go > libs/common/types.pb.go.new
+	@awk '/package common/ { print "//nolint: gas"; print; next }1' libs/common/types.pb.go > libs/common/types.pb.go.new
 	@mv libs/common/types.pb.go.new libs/common/types.pb.go
 
 gen_certs: clean_certs

blockchain/pool_test.go

@@ -1,7 +1,6 @@
 package blockchain
 
 import (
-	"math/rand"
 	"testing"
 	"time"
 
@@ -25,7 +24,7 @@ func makePeers(numPeers int, minHeight, maxHeight int64) map[p2p.ID]testPeer {
 	peers := make(map[p2p.ID]testPeer, numPeers)
 	for i := 0; i < numPeers; i++ {
 		peerID := p2p.ID(cmn.RandStr(12))
-		height := minHeight + rand.Int63n(maxHeight-minHeight)
+		height := minHeight + cmn.RandInt63n(maxHeight-minHeight)
 		peers[peerID] = testPeer{peerID, height}
 	}
 	return peers

config/config.go

@@ -349,9 +349,9 @@ func DefaultP2PConfig() *P2PConfig {
 		AddrBookStrict:          true,
 		MaxNumPeers:             50,
 		FlushThrottleTimeout:    100,
-		MaxPacketMsgPayloadSize: 1024,   // 1 kB
-		SendRate:                512000, // 500 kB/s
-		RecvRate:                512000, // 500 kB/s
+		MaxPacketMsgPayloadSize: 1024,    // 1 kB
+		SendRate:                5120000, // 5 mB/s
+		RecvRate:                5120000, // 5 mB/s
 		PexReactor:              true,
 		SeedMode:                false,
 		AllowDuplicateIP:        true, // so non-breaking yet

docs/architecture/adr-chain-versions.md

@@ -0,0 +1,100 @@
+# Chain Versions
+
+## TODO
+
+- clarify how to handle slashing when ChainID changes
+
+## Changelog
+
+- 28-07-2018: Updates from review
+    - split into two ADRs - one for protocol, one for chains
+- 16-07-2018: Initial draft - was originally joint ADR for protocol and chain
+versions
+
+## Context
+
+Software and Protocol versions are covered in a separate ADR.
+
+Here we focus on chain versions.
+
+## Requirements
+
+We need to version blockchains across protocols, networks, forks, etc.
+We need chain identifiers and descriptions so we can talk about a multitude of chains,
+and especially the differences between them, in a meaningful way.
+
+### Networks
+
+We need to support many independent networks running the same version of the software,
+even possibly starting from the same initial state.
+They must have distinct identifiers so that peers know which one they are joining and so
+validators and users can prevent replay attacks.
+
+Call this the `NetworkName` (note we currently call this `ChainID` in the software. In this
+ADR, ChainID has a different meaning).
+It represents both the application being run and the community or intention
+of running it.
+
+Peers only connect to other peers with the same NetworkName.
+
+### Forks
+
+We need to support existing networks upgrading and forking, wherein they may do any of:
+
+	- revert back to some height, continue with the same versions but new blocks
+	- arbitrarily mutate state at some height, continue with the same versions (eg. Dao Fork)
+	- change the AppVersion at some height
+
+Note because of Tendermint's voting power threshold rules, a chain can only be extended under the "original" rules and under the new rules
+if 1/3 or more is double signing, which is expressly prohibited, and is supposed to result in their punishment on both chains. Since they can censor
+the punishment, the chain is expected to be hardforked to remove the validators. Thus, if both branches are to continue after a fork,
+they will each require a new identifier, and the old chain identifier will be retired (ie. only useful for syncing history, not for new blocks)..
+
+ TODO: explain how to handle slashing when chain id changed!
+
+We need a consistent way to describe forks.
+
+
+## Proposal
+
+### ChainDescription
+
+ChainDescription is a complete immutable description of a blockchain. It takes the following form:
+
+```
+ChainDescription = <NetworkName>/<BlockVersion>/<AppVersion>/<StateHash>/<ValHash>/<ConsensusParamsHash>
+```
+
+Here, StateHash is the merkle root of the initial state, ValHash is the merkle root of the initial Tendermint validator set,
+and ConsensusParamsHash is the merkle root of the initial Tendermint consensus parameters.
+
+The `genesis.json` file must contain enough information to compute this value. It need not contain the StateHash or ValHash itself,
+but contain the state from which they can be computed with the given protocol versions.
+
+NOTE: consider splitting NetworkName into NetworkName and AppName - this allows
+folks to independently use the same application for different networks (ie we
+could imagine multiple communities of validators wanting to put up a Hub using
+the same app but having a distinct network name. Arguably not needed if
+differences will come via different initial state / validators).
+
+#### ChainID
+
+Define `ChainID = TMHASH(ChainDescriptor)`. It's the unique ID of a blockchain.
+
+It should be Bech32 encoded when handled by users, eg. with `cosmoschain` prefix.
+
+#### Forks and Uprades
+
+When a chain forks or upgrades but continues the same history, it takes a new ChainDescription as follows:
+
+```
+ChainDescription = <ChainID>/x/<Height>/<ForkDescription>
+```
+
+Where
+    - ChainID is the ChainID from the previous ChainDescription (ie. its hash)
+    - `x` denotes that a change occured
+    - `Height` is the height the change occured
+    - ForkDescription has the same form as ChainDescription but for the fork
+        - this allows forks to specify new versions for tendermint or the app, as well as arbitrary changes to the state or validator set
+

docs/architecture/adr-protocol-versions.md

@@ -0,0 +1,238 @@
+# Protocol Versions
+
+## TODO
+
+- How do we want App to signal to Tendermint to update AppVersion? EndBlock tags
+  or new ProposeTx msg ?
+- How to handle peers syncing from old heights across AppVersion changes
+- How to / should we version the authenticated encryption handshake itself (ie.
+  upfront protocol negotiation for the P2PVersion)
+
+## Changelog
+
+- 28-07-2018: Updates from review
+    - split into two ADRs - one for protocol, one for chains
+    - include signalling for upgrades in header
+- 16-07-2018: Initial draft - was originally joint ADR for protocol and chain
+versions
+
+## Context
+
+The Software Version is covered by SemVer and described elsewhere.
+It is not relevant to the protocol description, suffice to say that if any protocol version
+changes, the software version changes, but not necessarily vice versa.
+
+Software version shoudl be included in NodeInfo for convenience/diagnostics.
+
+We are also interested in versioning across different blockchains in a
+meaningful way, for instance to differentiate branches of a contentious
+hard-fork. We leave that for a later ADR.
+
+Here we focus on protocol versions.
+
+## Requirements
+
+We need to version components of the blockchain that may be independently upgraded.
+We need to do it in a way that is scalable and maintainable - we can't just litter
+the code with conditionals.
+
+We can consider the complete version of the protocol to contain the following sub-versions:
+BlockVersion, P2PVersion, AppVersion. These versions reflect the major sub-components
+of the software that are likely to evolve together, at different rates, and in different ways,
+as described below.
+
+The BlockVersion defines the core of the blockchain data structures and
+should change infrequently.
+
+The P2PVersion defines how peers connect and communicate with eachother - it's
+not part of the blockchain data structures, but defines the protocols used to build the
+blockchain. It may change gradually.
+
+The AppVersion ensures we only connect to peers that will compute the same App
+state root. Tendermint otherwise doesn't care about the AppVersion, but it helps
+to make it a native field for observability sake.
+
+### BlockVersion
+
+- All tendermint hashed data-structures (headers, votes, txs, responses, etc.).
+	- Note the semantic meaning of a transaction may change according to the AppVersion,
+		but the way txs are merklized into the header is part of the BlockVersion
+- It should be the least frequent/likely to change.
+	- Tendermint should be stabilizing - it's just Atomic Broadcast.
+	- We can start considering for Tendermint v2.0 in a year
+- It's easy to determine the version of a block from its serialized form
+
+### P2PVersion
+
+- All p2p and reactor messaging (messages, detectable behaviour)
+- Will change gradually as reactors evolve to improve performance and support new features
+	- eg proposed new message types BatchTx in the mempool and HasBlockPart in the consensus
+- It's easy to determine the version of a peer from its first serialized message/s
+- New versions must be compatible with at least one old version to allow gradual upgrades
+
+### AppVersion
+
+- The ABCI state machine (txs, begin/endblock behaviour, commit hashing)
+- Behaviour and message types will change abruptly in the course of the life of a chain
+- Need to minimize complexity of the code for supporting different AppVersions at different heights
+- Ideally, each version of the software supports only a *single* AppVersion at one time
+    - this means we checkout different versions of the software at different heights instead of littering the code
+          with conditionals
+    - minimize the number of data migrations required across AppVersion (ie. most AppVersion should be able to read the same state from disk as previous AppVersion).
+- NOTE: we still need to support peers syncing from old heights across AppVersion changes
+    - this is a non-trivial and difficult point (!)
+
+## Ideal
+
+Each component of the software is independently versioned in a modular way and its easy to mix and match and upgrade.
+
+Good luck pal ;)
+
+## Proposal
+
+Each of BlockVersion, AppVersion, P2PVersion is a monotonically increasing int64.
+
+To use these versions, we need to update the block Header, the p2p NodeInfo, and the ABCI.
+
+### Header
+
+Block Header should include a `Version` struct as its first field like:
+
+```
+type Version struct {
+    BlockVersion ProtocolVersion
+
+    ChainID string
+    AppVersion ProtocolVersion
+}
+
+type ProtocolVersion struct {
+    Current int64
+    Next int64
+}
+```
+
+Note this effectively makes BlockVersion the first field in the block Header.
+Since we have settled on a proto3 header, the ability to read the BlockVersion out of the serialized header is unanimous.
+
+Using a Version struct gives us more flexibility to add fields without breaking
+the header.
+
+The ProtocolVersion struct lets block proposer's specify both the current
+Block and App versions, as well as proposed next versions.
+
+
+### NodeInfo
+
+NodeInfo should include a Version struct as its first field like:
+
+```
+type Version struct {
+    P2PVersion int64
+
+    ChainID string
+    BlockVersion int64
+    AppVersion int64
+    SoftwareVersion string
+}
+```
+
+Note this effectively makes P2PVersion the first field in the NodeInfo, so it
+should be easy to read this out of the serialized header if need be to facilitate an upgrade.
+
+The SoftwareVersion here should include the name of the software client and
+it's SemVer version - this is for convenience only. The other versions and
+ChainID will determine peer compatibility (described below).
+
+
+### ABCI
+
+RequestInfo should add support for protocol versions like:
+
+```
+message RequestInfo {
+  string software_version
+  int64 block_version
+  int64 p2p_version
+}
+```
+
+Similarly, ResponseInfo should return the versions:
+
+```
+message ResponseInfo {
+  string data
+
+  string software_version
+  int64 app_version
+
+  int64 last_block_height
+  bytes last_block_app_hash
+}
+```
+
+TODO: we need some way for the app to tell Tendermint it wants to signal for a
+Next AppVersion. Options:
+
+- use new ProposeTx ABCI msg for this
+- use tags in ResponseEndBlock and incorporate into Proposal, eg.
+    - KVPair: `("next_app_version", <new AppVersion>)`
+    - Could also include a tag for the height the upgrade should happen at or by
+
+### BlockVersion
+
+BlockVersion is included in both the Header and the NodeInfo.
+
+Only connect to peers with the same or higher BlockVersion.
+
+Changing BlockVersion should happen quite infrequently and ideally only for extreme emergency.
+
+Note Ethereum has not had to make an upgrade like this (everything has been at state machine level, AFAIK).
+
+### P2PVersion
+
+P2PVersion is not included in the block Header, just the NodeInfo.
+
+P2PVersion is the first field in the NodeInfo. NodeInfo is also proto3 so this is easy to read out.
+
+Each P2PVersion must be compatible with at least one previous version. For each P2PVersion, we keep a list of the previous
+versions it is compatible with.
+
+Note we need the peer/reactor protocols to take the versions of peers into account when sending messages:
+
+- don't send messages they don't understand
+- don't send messages they don't expect
+
+Doing this will be specific to the upgrades being made.
+
+Note we also include the list of reactor channels in the NodeInfo and already don't send messages for channels the peer doesn't understand.
+If upgrades always use new channels, this simplifies the development cost of backwards compatibility.
+
+Note NodeInfo is only exchanged after the authenticated encryption handshake to ensure that it's private.
+Doing any version exchange before encrypting could be considered information leakage, though I'm not sure
+how much that matters compared to being able to upgrade the protocol.
+
+XXX: if needed, can we change the meaning of the first byte of the first message to encode a handshake version?
+this is the first byte of a 32-byte ed25519 pubkey.
+
+### AppVersion
+
+AppVersion is also included in the block Header and the NodeInfo.
+
+AppVersion essentially defines how the AppHash is computed. Since peers with
+different AppVersion will likely compute different AppHash for blocks,
+we only maintain connections to peers with the correct AppVersion for the height they're at.
+That is, we only connect to current peers with the same AppVersion, and to old peers that have the right AppVersion for where they
+are in the syncing process.
+
+Note this requires all validators to upgrade their versions at exactly the required height.
+
+### Tendermint Changes
+
+Compatibility requirements at the peer layer have already been described.
+
+It may be valuable to support an `/unsafe_stop?height=_` endpoint to tell Tendermint to shutdown at a given height.
+This could be use by an external manager process that oversees upgrades by
+checking out and installing new software versions and restarting the process. It
+would subscribe to the relevant upgrade event tags and call `/unsafe_stop` at
+the correct height (of course only after getting approval from its user!)

docs/tendermint-core/configuration.md

@@ -121,10 +121,10 @@ max_num_peers = 50
 max_packet_msg_payload_size = 1024
 
 # Rate at which packets can be sent, in bytes/second
-send_rate = 512000
+send_rate = 5120000
 
 # Rate at which packets can be received, in bytes/second
-recv_rate = 512000
+recv_rate = 5120000
 
 # Set true to enable the peer-exchange reactor
 pex = true

libs/clist/clist_test.go

@@ -2,11 +2,12 @@ package clist
 
 import (
 	"fmt"
-	"math/rand"
 	"runtime"
 	"sync/atomic"
 	"testing"
 	"time"
+
+	cmn "github.com/tendermint/tendermint/libs/common"
 )
 
 func TestSmall(t *testing.T) {
@@ -131,7 +132,7 @@ func _TestGCRandom(t *testing.T) {
 		els = append(els, el)
 	}
 
-	for _, i := range rand.Perm(numElements) {
+	for _, i := range cmn.RandPerm(numElements) {
 		el := els[i]
 		l.Remove(el)
 		_ = el.Next()
@@ -189,7 +190,7 @@ func TestScanRightDeleteRandom(t *testing.T) {
 	// Remove an element, push back an element.
 	for i := 0; i < numTimes; i++ {
 		// Pick an element to remove
-		rmElIdx := rand.Intn(len(els))
+		rmElIdx := cmn.RandIntn(len(els))
 		rmEl := els[rmElIdx]
 
 		// Remove it
@@ -243,7 +244,7 @@ func TestWaitChan(t *testing.T) {
 		for i := 1; i < 100; i++ {
 			l.PushBack(i)
 			pushed++
-			time.Sleep(time.Duration(rand.Intn(100)) * time.Millisecond)
+			time.Sleep(time.Duration(cmn.RandIntn(100)) * time.Millisecond)
 		}
 		close(done)
 	}()

libs/common/os_test.go

@@ -3,17 +3,14 @@ package common
 import (
 	"bytes"
 	"io/ioutil"
-	"math/rand"
 	"os"
 	"testing"
-	"time"
 )
 
 func TestWriteFileAtomic(t *testing.T) {
 	var (
-		seed             = rand.New(rand.NewSource(time.Now().UnixNano()))
-		data             = []byte(RandStr(seed.Intn(2048)))
-		old              = RandBytes(seed.Intn(2048))
+		data             = []byte(RandStr(RandIntn(2048)))
+		old              = RandBytes(RandIntn(2048))
 		perm os.FileMode = 0600
 	)
 

libs/common/random.go

@@ -11,9 +11,13 @@ const (
 	strChars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz" // 62 characters
 )
 
-// pseudo random number generator.
-// seeded with OS randomness (crand)
-
+// Rand is a prng, that is seeded with OS randomness.
+// The OS randomness is obtained from crypto/rand, however none of the provided
+// methods are suitable for cryptographic usage.
+// They all utilize math/rand's prng internally.
+//
+// All of the methods here are suitable for concurrent use.
+// This is achieved by using a mutex lock on all of the provided methods.
 type Rand struct {
 	sync.Mutex
 	rand *mrand.Rand
@@ -105,18 +109,6 @@ func RandInt63n(n int64) int64 {
 	return grand.Int63n(n)
 }
 
-func RandUint16Exp() uint16 {
-	return grand.Uint16Exp()
-}
-
-func RandUint32Exp() uint32 {
-	return grand.Uint32Exp()
-}
-
-func RandUint64Exp() uint64 {
-	return grand.Uint64Exp()
-}
-
 func RandFloat32() float32 {
 	return grand.Float32()
 }
@@ -150,8 +142,7 @@ func (r *Rand) Seed(seed int64) {
 	r.Unlock()
 }
 
-// Constructs an alphanumeric string of given length.
-// It is not safe for cryptographic usage.
+// Str constructs a random alphanumeric string of given length.
 func (r *Rand) Str(length int) string {
 	chars := []byte{}
 MAIN_LOOP:
@@ -175,12 +166,10 @@ MAIN_LOOP:
 	return string(chars)
 }
 
-// It is not safe for cryptographic usage.
 func (r *Rand) Uint16() uint16 {
 	return uint16(r.Uint32() & (1<<16 - 1))
 }
 
-// It is not safe for cryptographic usage.
 func (r *Rand) Uint32() uint32 {
 	r.Lock()
 	u32 := r.rand.Uint32()
@@ -188,12 +177,10 @@ func (r *Rand) Uint32() uint32 {
 	return u32
 }
 
-// It is not safe for cryptographic usage.
 func (r *Rand) Uint64() uint64 {
 	return uint64(r.Uint32())<<32 + uint64(r.Uint32())
 }
 
-// It is not safe for cryptographic usage.
 func (r *Rand) Uint() uint {
 	r.Lock()
 	i := r.rand.Int()
@@ -201,22 +188,18 @@ func (r *Rand) Uint() uint {
 	return uint(i)
 }
 
-// It is not safe for cryptographic usage.
 func (r *Rand) Int16() int16 {
 	return int16(r.Uint32() & (1<<16 - 1))
 }
 
-// It is not safe for cryptographic usage.
 func (r *Rand) Int32() int32 {
 	return int32(r.Uint32())
 }
 
-// It is not safe for cryptographic usage.
 func (r *Rand) Int64() int64 {
 	return int64(r.Uint64())
 }
 
-// It is not safe for cryptographic usage.
 func (r *Rand) Int() int {
 	r.Lock()
 	i := r.rand.Int()
@@ -224,7 +207,6 @@ func (r *Rand) Int() int {
 	return i
 }
 
-// It is not safe for cryptographic usage.
 func (r *Rand) Int31() int32 {
 	r.Lock()
 	i31 := r.rand.Int31()
@@ -232,7 +214,6 @@ func (r *Rand) Int31() int32 {
 	return i31
 }
 
-// It is not safe for cryptographic usage.
 func (r *Rand) Int31n(n int32) int32 {
 	r.Lock()
 	i31n := r.rand.Int31n(n)
@@ -240,7 +221,6 @@ func (r *Rand) Int31n(n int32) int32 {
 	return i31n
 }
 
-// It is not safe for cryptographic usage.
 func (r *Rand) Int63() int64 {
 	r.Lock()
 	i63 := r.rand.Int63()
@@ -248,7 +228,6 @@ func (r *Rand) Int63() int64 {
 	return i63
 }
 
-// It is not safe for cryptographic usage.
 func (r *Rand) Int63n(n int64) int64 {
 	r.Lock()
 	i63n := r.rand.Int63n(n)
@@ -256,43 +235,6 @@ func (r *Rand) Int63n(n int64) int64 {
 	return i63n
 }
 
-// Distributed pseudo-exponentially to test for various cases
-// It is not safe for cryptographic usage.
-func (r *Rand) Uint16Exp() uint16 {
-	bits := r.Uint32() % 16
-	if bits == 0 {
-		return 0
-	}
-	n := uint16(1 << (bits - 1))
-	n += uint16(r.Int31()) & ((1 << (bits - 1)) - 1)
-	return n
-}
-
-// Distributed pseudo-exponentially to test for various cases
-// It is not safe for cryptographic usage.
-func (r *Rand) Uint32Exp() uint32 {
-	bits := r.Uint32() % 32
-	if bits == 0 {
-		return 0
-	}
-	n := uint32(1 << (bits - 1))
-	n += uint32(r.Int31()) & ((1 << (bits - 1)) - 1)
-	return n
-}
-
-// Distributed pseudo-exponentially to test for various cases
-// It is not safe for cryptographic usage.
-func (r *Rand) Uint64Exp() uint64 {
-	bits := r.Uint32() % 64
-	if bits == 0 {
-		return 0
-	}
-	n := uint64(1 << (bits - 1))
-	n += uint64(r.Int63()) & ((1 << (bits - 1)) - 1)
-	return n
-}
-
-// It is not safe for cryptographic usage.
 func (r *Rand) Float32() float32 {
 	r.Lock()
 	f32 := r.rand.Float32()
@@ -300,7 +242,6 @@ func (r *Rand) Float32() float32 {
 	return f32
 }
 
-// It is not safe for cryptographic usage.
 func (r *Rand) Float64() float64 {
 	r.Lock()
 	f64 := r.rand.Float64()
@@ -308,13 +249,12 @@ func (r *Rand) Float64() float64 {
 	return f64
 }
 
-// It is not safe for cryptographic usage.
 func (r *Rand) Time() time.Time {
-	return time.Unix(int64(r.Uint64Exp()), 0)
+	return time.Unix(int64(r.Uint64()), 0)
 }
 
-// RandBytes returns n random bytes from the OS's source of entropy ie. via crypto/rand.
-// It is not safe for cryptographic usage.
+// Bytes returns n random bytes generated from the internal
+// prng.
 func (r *Rand) Bytes(n int) []byte {
 	// cRandBytes isn't guaranteed to be fast so instead
 	// use random bytes generated from the internal PRNG
@@ -325,9 +265,8 @@ func (r *Rand) Bytes(n int) []byte {
 	return bs
 }
 
-// RandIntn returns, as an int, a non-negative pseudo-random number in [0, n).
+// Intn returns, as an int, a uniform pseudo-random number in the range [0, n).
 // It panics if n <= 0.
-// It is not safe for cryptographic usage.
 func (r *Rand) Intn(n int) int {
 	r.Lock()
 	i := r.rand.Intn(n)
@@ -335,8 +274,7 @@ func (r *Rand) Intn(n int) int {
 	return i
 }
 
-// RandPerm returns a pseudo-random permutation of n integers in [0, n).
-// It is not safe for cryptographic usage.
+// Perm returns a pseudo-random permutation of n integers in [0, n).
 func (r *Rand) Perm(n int) []int {
 	r.Lock()
 	perm := r.rand.Perm(n)

libs/common/random_test.go

@@ -73,9 +73,6 @@ func testThemAll() string {
 	fmt.Fprintf(out, "randInt64: %d\n", RandInt64())
 	fmt.Fprintf(out, "randUint32: %d\n", RandUint32())
 	fmt.Fprintf(out, "randUint64: %d\n", RandUint64())
-	fmt.Fprintf(out, "randUint16Exp: %d\n", RandUint16Exp())
-	fmt.Fprintf(out, "randUint32Exp: %d\n", RandUint32Exp())
-	fmt.Fprintf(out, "randUint64Exp: %d\n", RandUint64Exp())
 	return out.String()
 }
 

libs/common/repeat_timer_test.go

@@ -1,7 +1,6 @@
 package common
 
 import (
-	"math/rand"
 	"sync"
 	"testing"
 	"time"
@@ -131,7 +130,7 @@ func TestRepeatTimerReset(t *testing.T) {
 
 	// just random calls
 	for i := 0; i < 100; i++ {
-		time.Sleep(time.Duration(rand.Intn(40)) * time.Millisecond)
+		time.Sleep(time.Duration(RandIntn(40)) * time.Millisecond)
 		timer.Reset()
 	}
 }

libs/events/events_test.go

@@ -2,11 +2,11 @@ package events
 
 import (
 	"fmt"
-	"math/rand"
 	"testing"
 	"time"
 
 	"github.com/stretchr/testify/assert"
+	cmn "github.com/tendermint/tendermint/libs/common"
 )
 
 // TestAddListenerForEventFireOnce sets up an EventSwitch, subscribes a single
@@ -306,8 +306,8 @@ func TestRemoveListenersAsync(t *testing.T) {
 	// collect received events for event2
 	go sumReceivedNumbers(numbers2, doneSum2)
 	addListenersStress := func() {
-		s1 := rand.NewSource(time.Now().UnixNano())
-		r1 := rand.New(s1)
+		r1 := cmn.NewRand()
+		r1.Seed(time.Now().UnixNano())
 		for k := uint16(0); k < 400; k++ {
 			listenerNumber := r1.Intn(100) + 3
 			eventNumber := r1.Intn(3) + 1
@@ -317,8 +317,8 @@ func TestRemoveListenersAsync(t *testing.T) {
 		}
 	}
 	removeListenersStress := func() {
-		s2 := rand.NewSource(time.Now().UnixNano())
-		r2 := rand.New(s2)
+		r2 := cmn.NewRand()
+		r2.Seed(time.Now().UnixNano())
 		for k := uint16(0); k < 80; k++ {
 			listenerNumber := r2.Intn(100) + 3
 			go evsw.RemoveListener(fmt.Sprintf("listener%v", listenerNumber))

libs/pubsub/pubsub.go

@@ -163,6 +163,8 @@ func (s *Server) Subscribe(ctx context.Context, clientID string, query Query, ou
 		return nil
 	case <-ctx.Done():
 		return ctx.Err()
+	case <-s.Quit():
+		return nil
 	}
 }
 
@@ -190,6 +192,8 @@ func (s *Server) Unsubscribe(ctx context.Context, clientID string, query Query)
 		return nil
 	case <-ctx.Done():
 		return ctx.Err()
+	case <-s.Quit():
+		return nil
 	}
 }
 
@@ -211,6 +215,8 @@ func (s *Server) UnsubscribeAll(ctx context.Context, clientID string) error {
 		return nil
 	case <-ctx.Done():
 		return ctx.Err()
+	case <-s.Quit():
+		return nil
 	}
 }
 
@@ -229,6 +235,8 @@ func (s *Server) PublishWithTags(ctx context.Context, msg interface{}, tags TagM
 		return nil
 	case <-ctx.Done():
 		return ctx.Err()
+	case <-s.Quit():
+		return nil
 	}
 }
 

lite/performance_test.go

@@ -2,13 +2,12 @@ package lite
 
 import (
 	"fmt"
-	"math/rand"
 	"sync"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
-
+	cmn "github.com/tendermint/tendermint/libs/common"
 	liteErr "github.com/tendermint/tendermint/lite/errors"
 )
 
@@ -280,7 +279,11 @@ func BenchmarkMemStoreProviderGetByHeightBinarySearch1000(b *testing.B) {
 	benchmarkMemStoreProvidergetByHeight(b, fcs1000, h1000, binarySearch)
 }
 
-var rng = rand.New(rand.NewSource(10))
+var rng = cmn.NewRand()
+
+func init() {
+	rng.Seed(10)
+}
 
 func benchmarkMemStoreProvidergetByHeight(b *testing.B, fcs []FullCommit, fHeights []int64, algo algo) {
 	lazyGenerateFullCommits(b)

node/node.go

@@ -486,9 +486,16 @@ func (n *Node) OnStop() {
 	n.BaseService.OnStop()
 
 	n.Logger.Info("Stopping Node")
+
+	// first stop the non-reactor services
+	n.eventBus.Stop()
+	n.indexerService.Stop()
+
+	// now stop the reactors
 	// TODO: gracefully disconnect from peers.
 	n.sw.Stop()
 
+	// finally stop the listeners / external services
 	for _, l := range n.rpcListeners {
 		n.Logger.Info("Closing rpc listener", "listener", l)
 		if err := l.Close(); err != nil {
@@ -496,9 +503,6 @@ func (n *Node) OnStop() {
 		}
 	}
 
-	n.eventBus.Stop()
-	n.indexerService.Stop()
-
 	if pvsc, ok := n.privValidator.(*privval.SocketPV); ok {
 		if err := pvsc.Stop(); err != nil {
 			n.Logger.Error("Error stopping priv validator socket client", "err", err)

node/node_test.go

@@ -2,6 +2,9 @@ package node
 
 import (
 	"context"
+	"fmt"
+	"os"
+	"syscall"
 	"testing"
 	"time"
 
@@ -43,6 +46,13 @@ func TestNodeStartStop(t *testing.T) {
 	select {
 	case <-n.Quit():
 	case <-time.After(5 * time.Second):
+		pid := os.Getpid()
+		p, err := os.FindProcess(pid)
+		if err != nil {
+			panic(err)
+		}
+		err = p.Signal(syscall.SIGABRT)
+		fmt.Println(err)
 		t.Fatal("timed out waiting for shutdown")
 	}
 }

p2p/peer_set_test.go

@@ -1,7 +1,6 @@
 package p2p
 
 import (
-	"math/rand"
 	"net"
 	"sync"
 	"testing"
@@ -22,7 +21,7 @@ func randPeer(ip net.IP) *peer {
 	p := &peer{
 		nodeInfo: NodeInfo{
 			ID:         nodeKey.ID(),
-			ListenAddr: cmn.Fmt("%v.%v.%v.%v:26656", rand.Int()%256, rand.Int()%256, rand.Int()%256, rand.Int()%256),
+			ListenAddr: cmn.Fmt("%v.%v.%v.%v:26656", cmn.RandInt()%256, cmn.RandInt()%256, cmn.RandInt()%256, cmn.RandInt()%256),
 		},
 	}
 

p2p/pex/addrbook_test.go

@@ -4,14 +4,13 @@ import (
 	"encoding/hex"
 	"fmt"
 	"io/ioutil"
-	"math/rand"
 	"os"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
-	"github.com/tendermint/tendermint/p2p"
 	cmn "github.com/tendermint/tendermint/libs/common"
 	"github.com/tendermint/tendermint/libs/log"
+	"github.com/tendermint/tendermint/p2p"
 )
 
 func createTempFileName(prefix string) string {
@@ -202,12 +201,12 @@ func randNetAddressPairs(t *testing.T, n int) []netAddressPair {
 func randIPv4Address(t *testing.T) *p2p.NetAddress {
 	for {
 		ip := fmt.Sprintf("%v.%v.%v.%v",
-			rand.Intn(254)+1,
-			rand.Intn(255),
-			rand.Intn(255),
-			rand.Intn(255),
+			cmn.RandIntn(254)+1,
+			cmn.RandIntn(255),
+			cmn.RandIntn(255),
+			cmn.RandIntn(255),
 		)
-		port := rand.Intn(65535-1) + 1
+		port := cmn.RandIntn(65535-1) + 1
 		id := p2p.ID(hex.EncodeToString(cmn.RandBytes(p2p.IDByteLength)))
 		idAddr := p2p.IDAddressString(id, fmt.Sprintf("%v:%v", ip, port))
 		addr, err := p2p.NewNetAddressString(idAddr)

rpc/lib/rpc_test.go

@@ -6,7 +6,6 @@ import (
 	crand "crypto/rand"
 	"encoding/json"
 	"fmt"
-	"math/rand"
 	"net/http"
 	"os"
 	"os/exec"
@@ -206,7 +205,7 @@ func testWithHTTPClient(t *testing.T, cl client.HTTPClient) {
 	require.Nil(t, err)
 	assert.Equal(t, got3, val3)
 
-	val4 := rand.Intn(10000)
+	val4 := cmn.RandIntn(10000)
 	got4, err := echoIntViaHTTP(cl, val4)
 	require.Nil(t, err)
 	assert.Equal(t, got4, val4)
@@ -370,7 +369,7 @@ func TestWSClientPingPong(t *testing.T) {
 }
 
 func randBytes(t *testing.T) []byte {
-	n := rand.Intn(10) + 2
+	n := cmn.RandIntn(10) + 2
 	buf := make([]byte, n)
 	_, err := crand.Read(buf)
 	require.Nil(t, err)

types/event_bus.go

@@ -4,9 +4,9 @@ import (
 	"context"
 	"fmt"
 
-	tmpubsub "github.com/tendermint/tendermint/libs/pubsub"
 	cmn "github.com/tendermint/tendermint/libs/common"
 	"github.com/tendermint/tendermint/libs/log"
+	tmpubsub "github.com/tendermint/tendermint/libs/pubsub"
 )
 
 const defaultCapacity = 0
@@ -49,7 +49,7 @@ func (b *EventBus) OnStart() error {
 }
 
 func (b *EventBus) OnStop() {
-	b.pubsub.OnStop()
+	b.pubsub.Stop()
 }
 
 func (b *EventBus) Subscribe(ctx context.Context, subscriber string, query tmpubsub.Query, out chan<- interface{}) error {

types/event_bus_test.go

@@ -3,7 +3,6 @@ package types
 import (
 	"context"
 	"fmt"
-	"math/rand"
 	"testing"
 	"time"
 
@@ -150,7 +149,7 @@ func BenchmarkEventBus(b *testing.B) {
 
 func benchmarkEventBus(numClients int, randQueries bool, randEvents bool, b *testing.B) {
 	// for random* functions
-	rand.Seed(time.Now().Unix())
+	cmn.Seed(time.Now().Unix())
 
 	eventBus := NewEventBusWithBufferCapacity(0) // set buffer capacity to 0 so we are not testing cache
 	eventBus.Start()
@@ -199,7 +198,7 @@ var events = []string{
 	EventVote}
 
 func randEvent() string {
-	return events[rand.Intn(len(events))]
+	return events[cmn.RandIntn(len(events))]
 }
 
 var queries = []tmpubsub.Query{
@@ -217,5 +216,5 @@ var queries = []tmpubsub.Query{
 	EventQueryVote}
 
 func randQuery() tmpubsub.Query {
-	return queries[rand.Intn(len(queries))]
+	return queries[cmn.RandIntn(len(queries))]
 }