WIP: net processing: Don't reach into CBlockIndex to check for block mutation #17485
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
9fdf05d resolved some lock inversion warnings in denialofservice_tests, but left in a number of cs_main locks that are unnecessary (introducing lock inversion warnings in future changes).
Contributor
|
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. ConflictsReviewers, this pull request conflicts with the following ones:
If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first. |
jnewbery
force-pushed
the
2019-11-processnewblock-early-return2
branch
from
b1ede02 to
e0f5505
Compare
Co-authored-by: Carl Dong <[email protected]>
This is a pure refactor commit. This commit enables the caller of ProcessNewBlock to access the final BlockValidationState passed around between CheckBlock(), AcceptBlock(), and BlockChecked() inside ProcessNewBlock(). This is useful because in a future commit, we will move the BlockChecked() call out of ProcessNewBlock(), and BlockChecked() still needs to be able to access the BlockValidationState. Co-authored-by: John Newbery <[email protected]> Co-authored-by: Carl Dong <[email protected]>
This is a pure refactor commit. Since BlockChecked() doesn't actually depend on all of PeerLogicValidation but just PeerLogicValidation's CConnman, we can make a standalone, static function that simply has an extra CConnman parameter and have the non-static version call the static one. This also means that, in a future commit, when we move the BlockChecked() call out of ProcessNewBlock(), the caller of ProcessNewBlock() can call BlockChecked() directly even if they only have a CConnman. Co-authored-by: John Newbery <[email protected]> Co-authored-by: Carl Dong <[email protected]>
…ProcessNewBlock Net processing now passes a BlockValidationState object into ProcessNewBlock(). If CheckBlock() or AcceptBlock() fails, then PNB returns to net processing without calling the (asynchronous) BlockChecked Validation Interface method. net processing can use the invalid BlockValidationState returned to punish peers. CheckBlock() and AcceptBlock() represent the DoS checks on a block (ie PoW and malleability). Net processing wants to know about those failed checks immediately and shouldn't have to wait on a callback. Other validation interface clients don't care about net processing submitting bogus malleated blocks to validation, so they don't need to be notified of BlockChecked. Furthermore, if PNB returns a valid BlockValidationState, we never need to try to process (non-malleated) copies of the block from other peers. That makes it much easier to move the best chain activation logic to a background thread in future work. Co-authored-by: John Newbery <[email protected]> Co-authored-by: Carl Dong <[email protected]>
This is a pure refactor commit. Co-authored-by: John Newbery <[email protected]> Co-authored-by: Carl Dong <[email protected]>
Co-authored-by: John Newbery <[email protected]> Co-authored-by: Carl Dong <[email protected]>
The previous name was misleading, since we can call the function even when the block has not been received.
…tion If a CMPCTBLOCK is in flight from peer A and we then succesfully reconstruct it during CMPCTBLOCK processing from peer B, we need to clear the in-flight state for the block from peer A. We can only do that once we've ensured that the block hasn't been mutated (otherwise peer B could interfere with our block relay from peer A by providing a mutated block). Mutation-checking used to be done indirectly by checking that the block had been writted to disk by checking the CBlockIndex. Now that ProcessNewBlock returns a BlockValidationState, we can check that state directly to determine whether to mark the block as no longer in-flight.
jnewbery
force-pushed
the
2019-11-processnewblock-early-return2
branch
from
e0f5505 to
11b7abd
Compare
Contributor
| Needs rebase |
jnewbery
changed the title
Contributor
Author
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
4 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
BUILDS ON #17479. PLEASE REVIEW THAT PR FIRST.
If a CMPCTBLOCK is in flight from peer A and we then succesfully
reconstruct it during CMPCTBLOCK processing from peer B, we need to
clear the in-flight state for the block from peer A.
We can only do that once we've ensured that the block hasn't been
mutated (otherwise peer B could interfere with our block relay from peer
A by providing a mutated block).
Mutation-checking used to be done indirectly by checking that the block
had been writted to disk by checking the CBlockIndex. Now that
ProcessNewBlock returns a BlockValidationState, we can check that state
directly to determine whether to mark the block as no longer in-flight.
This PR also renames
MarkBlockAsReceived()toMarkBlockAsNotInFlight()since that function can be called when the block has not been received. It also improves the comments forMarkBlockAsNotFlight()andMarkBlockAsNotInFlight()