Use util::Result in for calculating mempool ancestors #26289
Conversation
|
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. ReviewsSee the guideline for information on the review process.
If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update. ConflictsReviewers, this pull request conflicts with the following ones:
If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first. |
stickies-v
force-pushed
the
mempool-use-result
branch
from
425ae6d to
a425537
Compare
glozow
left a comment
glozow
left a comment
There was a problem hiding this comment.
Concept ACK, definitely prefer this over out-params.
|
Concept ACK |
aureleoules
left a comment
aureleoules
left a comment
There was a problem hiding this comment.
ACK a425537fbfc20d87c325b5ae2f06f2597a31cf0e - LGTM and no behavior change
|
If there's an actual bug, it should be fixed before/independently of the refactor (and only that fix backported). |
stickies-v
force-pushed
the
mempool-use-result
branch
from
a425537 to
c7f8236
Compare
|
Force pushed to address review comments.
I added c25c6a6 Most of the changes address furszy's comments. In summary: ancestors/descendant limits unexpectedly getting hit no longer result in an assertion error (unless on debug builds) but in an error log message instead to avoid the node from crashing in case of a (non-fatal) unexpected error. |
|
Marking as draft until I've resolved the CI issues. |
stickies-v
force-pushed
the
mempool-use-result
branch
from
c7f8236 to
2f832f0
Compare
|
PR is now ready for re-review - CI issues fixed. Looks like the argument forwarding was causing issues on some platforms (ARM, Win64) - so I've just updated it to not use forwarding, since debugging it was going too slow and this approach is clean enough. |
aureleoules
left a comment
aureleoules
left a comment
There was a problem hiding this comment.
reACK 2f832f0c45aae3b51353db72691b4bc6450a7e9a
|
Would there be any merit to an alternative approach of logging how many current ancestors were passed in, and then subtracting that for the invariant check? That way you allocate less memory in the package code? |
Having trouble understanding the question, can you elaborate on where the subtraction would be and which memory allocation you're referring to? |
For example in |
Agree with @stickies-v, we definitely require the actual entries themselves at several Lines 42 to 48 in a035b6a And some only require that the limits are checked - we could split those into 2 different functions e.g. |
willcl-ark
left a comment
willcl-ark
left a comment
There was a problem hiding this comment.
ACK 1f89af219a89da155d5302ca4fdc4f8f1f8612aa
I am unsure about the benefit of the first commit which is later removed, but it seems this might still be up for discussion.
The larger refactor related to removing out params and using Result looks good.
Avoid using setAncestors outparameter, simplify function signatures and avoid creating unused dummy strings.
stickies-v
force-pushed
the
mempool-use-result
branch
from
1f89af2 to
4f1e03c
Compare
stickies-v
left a comment
stickies-v
left a comment
There was a problem hiding this comment.
Force pushed to remove the bugfix commit and address review comments re instantiating invalid_too_long making the state invalid even when the failure path isn't hit
stickies-v
requested review from
aureleoules and
willcl-ark
and removed request for
aureleoules and
willcl-ark
|
CI is red @stickies-v |
stickies-v
force-pushed
the
mempool-use-result
branch
from
4f1e03c to
3cbed28
Compare
Sorry, fixed now by capturing the original error message in a variable, so we don't show the error message from trying the cpfp carve-out. |
Avoid using setAncestors outparameter, simplify function signatures and avoid creating unused dummy strings.
There are quite a few places that assume CalculateMemPoolAncestors will return a value without raising an error. This helper function adds logging (and Assume for debug builds) that ensures robustness but increases visibility in case of unexpected failures
When CalculateMemPoolAncestors fails unexpectedly (e.g. it exceeds ancestor/descendant limits even though we expect no limits to be applied), add an error log entry for increased visibility. For debug builds, the application will even halt completely since this is not supposed to happen.
stickies-v
force-pushed
the
mempool-use-result
branch
from
3cbed28 to
47c4b1f
Compare
|
Force pushed to avoid set copy operations when calling |
| CTxMemPool::setEntries CTxMemPool::AssumeCalculateMemPoolAncestors( | ||
| std::string_view calling_fn_name, | ||
| const CTxMemPoolEntry &entry, | ||
| const Limits& limits, |
There was a problem hiding this comment.
Non-blocking point:
Could remove the limits arg. All the callers use CTxMemPool::Limits::NoLimits() and the only way CalculateMemPoolAncestors fail is due a limit restriction.
| CTxMemPool::setEntries CTxMemPool::AssumeCalculateMemPoolAncestors( | ||
| std::string_view calling_fn_name, |
There was a problem hiding this comment.
Non-blocking nit:
This should be a helper/util static function rather than a class method. It's weird for a class method to receive the caller's function name just to log it internally.
aureleoules
left a comment
aureleoules
left a comment
There was a problem hiding this comment.
ACK 47c4b1f
Great refactor that fixes a confusing function signature.
|
ACK 47c4b1f |
13 participants
Upon reviewing the documentation for
CTxMemPool::CalculateMemPoolAncestors, I noticedsetAncestorswas meant to be anoutparameter but actually is anin,outparameter, as can be observed by addingassert(setAncestors.empty());as the first line in the function and runningmake check. This PR fixes this unexpected behaviour and introduces refactoring improvements to make intents and effects of the code more clear.Unexpected behaviour
This behaviour occurs only in the package acceptance path, currently only triggered by
testmempoolacceptandsubmitpackageRPCs.In
MemPoolAccept::AcceptMultipleTransactions(), we first callPreChecks()and thenSubmitPackage()with the sameWorkspace wsreference.PreChecksleavesws.m_ancestorsin a potentially non-empty state, before it is passed on toMemPoolAccept::SubmitPackage.SubmitPackageis the only place wheresetAncestorsisn't guaranteed to be empty before callingCalculateMemPoolAncestors. The most straightforward fix is to just forcefully clearsetAncestorsat the beginning of CalculateMemPoolAncestors, which is done in the first bugfix commit.Improvements
Return value instead of out-parameters
This PR updates the function signatures for
CTxMemPool::CalculateMemPoolAncestorsandCTxMemPool::CalculateAncestorsAndCheckLimitsto use autil::Resultreturn type and eliminate both thesetAncestorsin,out-parameter as well as the error string. It simplifies the code and makes the intent and effects more explicit.Observability
There are 7 instances where we currently call
CalculateMemPoolAncestorswithout actually checking if the function succeeded because we assume that it can't fail, such as in miner.cpp. This PR adds a new wrapperAssumeCalculateMemPoolAncestorsfunction that logs such unexpected failures, or in case of debug builds even halts the program. It's not crucial to the objective, more of an observability improvement that seems sensible to add on here.