Cluster mempool implementation #28676
Conversation
|
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. Code Coverage & BenchmarksFor details see: https://corecheck.dev/bitcoin/bitcoin/pulls/28676. ReviewsSee the guideline for information on the review process.
If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update. ConflictsReviewers, this pull request conflicts with the following ones:
If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first. |
9420af6 to
a254fba
Compare
190ada4 to
b4f69c3
Compare
033e7fe to
29f428f
Compare
src/policy/rbf.cpp
Outdated
| for (const CTxIn& txin : mi->GetTx().vin) { | ||
| parents_of_conflicts.insert(txin.prevout.hash); | ||
| // Exit early if we're going to fail (see below) | ||
| if (all_conflicts.size() > MAX_REPLACEMENT_CANDIDATES) { |
There was a problem hiding this comment.
Note: this is sticking with the same rule#5 instead of number of effected clusters. It would be more ideal if it were number of clusters to allow for better usage of adversarial-ish batched CPFPs
There was a problem hiding this comment.
There is room to relax this rule some, so if this is important we can do so. I think the requirement is a bound on the number of clusters that would have to be re-sorted in order to accept the new transaction. We can approximate that as the number of clusters that would be non-empty as a result of removing all the conflicting transactions from the mempool, and only process replacements for which that is below some target.
That would be a more complex logic though, so before implementing it I wanted to have some sense of whether we need to. Has the historical 100-transaction-conflict limit been problematic for use cases in the past? Note also that in the new code, we are calculating the number of conflicts exactly (the old code used an approximation, which could be gamed by an adversary).
There was a problem hiding this comment.
Ah! I wrote a huge response to this, then looked up our previous discussions, and realized I didn't actually read the code: #27677 (comment)
IIUC now, this is only counting direct conflicts, and not the descendants that are booted.
I think that's fine.
Actually no, the existing code comments were just misleading, looks like the issue still exists, see: #27677 (comment)
There was a problem hiding this comment.
Ah yes, in the new code I'm only counting direct conflicts right now, because every descendant of a direct conflict must be in the same cluster as that conflict. So this is already a relaxation of the existing rule.
There was a problem hiding this comment.
I think the requirement is a bound on the number of clusters that would have to be re-sorted in order to accept the new transaction.
As an alternative, we drop the replacement limit to like, 10 or something, and then only count the direct conflicts, not the direct conflicts and all the descendants?
There was a problem hiding this comment.
I believe I (finally) actually fixed this behavior to count the number of direct conflicts.
There was a problem hiding this comment.
Will comment elsewhere as well, but I just updated this limit to be a limit on the number of distinct clusters that are conflicted.
src/validation.cpp
Outdated
| } | ||
|
|
||
| ws.m_ancestors = *ancestors; | ||
| // Calculate in-mempool ancestors |
There was a problem hiding this comment.
the check two conditionals above:
if (!bypass_limits && ws.m_modified_fees < m_pool.m_min_relay_feerate.GetFee(ws.m_vsize))
This is still needed for the same reason as before: transaction that is above minrelay, but would be in a chunk below minrelay. We could immediately evict below minrelay chunks post-re-linearization f.e. which would allow 0-fee parents then relax this maybe.
| CTxMemPool& pool = *testing_setup.get()->m_node.mempool; | ||
|
|
||
| std::vector<CTransactionRef> transactions; | ||
| // Create 1000 clusters of 100 transactions each |
There was a problem hiding this comment.
numbers in comments are off
shower thought: Should we/can we bound the number of clusters in addition to total memory in TrimToSize? I can't think of a good way to do that that doesn't complicate things quite a bit, and perhaps practical mempool sizes make this moot. Just something to consider in case I missed something obvious.
There was a problem hiding this comment.
The immediate downside to a cap on number of clusters is that singleton, high-feerate transactions would not be accepted. And I don't think we need to -- the only places where having more clusters makes us slower is in eviction and mining, and for both of those use cases we could improve performance (if we need to) by maintaining the relevant heap data structures (or something equivalent) as chunks are modified, rather than all at once.
For now in this branch I've created these from scratch each time, but if it turns out that performance is meaningfully impacted when the mempool is busy, then I can optimize this further by just using a bit more memory.
src/node/miner.cpp
Outdated
| return a.first->fee*b.first->size < b.first->fee*a.first->size; | ||
| }; | ||
| // TODO: replace the heap with a priority queue | ||
| std::make_heap(heap_chunks.begin(), heap_chunks.end(), cmp); |
There was a problem hiding this comment.
don't ask why but I'm getting significant performance improvement(>10%) just push_heaping everything from scratch, and similarly with priority_queue
|
It would be useful to add a Benchmarks on a 2019 MacBook Pro (2,3 GHz 8-Core Intel Core i9), plugged in: Update: added bench for master@c2d4e40e454ba0c7c836a849b6d15db4850079f2: |
| } | ||
|
|
||
| BENCHMARK(MemPoolAncestorsDescendants, benchmark::PriorityLevel::HIGH); | ||
| BENCHMARK(MemPoolAddTransactions, benchmark::PriorityLevel::HIGH); |
There was a problem hiding this comment.
dd6684a: While you're touching this, can you rename MempoolCheck to MemPoolCheck, MempoolEviction to MemPoolEviction and ComplexMemPool to MempoolComplex? That makes -filter=MemPool.* work
As a workaround, -filter=.*Mem.* does work.
src/init.cpp
Outdated
| argsman.AddArg("-limitancestorsize=<n>", strprintf("Do not accept transactions whose size with all in-mempool ancestors exceeds <n> kilobytes (default: %u)", DEFAULT_ANCESTOR_SIZE_LIMIT_KVB), ArgsManager::ALLOW_ANY | ArgsManager::DEBUG_ONLY, OptionsCategory::DEBUG_TEST); | ||
| argsman.AddArg("-limitdescendantcount=<n>", strprintf("Do not accept transactions if any ancestor would have <n> or more in-mempool descendants (default: %u)", DEFAULT_DESCENDANT_LIMIT), ArgsManager::ALLOW_ANY | ArgsManager::DEBUG_ONLY, OptionsCategory::DEBUG_TEST); | ||
| argsman.AddArg("-limitdescendantsize=<n>", strprintf("Do not accept transactions if any ancestor would have more than <n> kilobytes of in-mempool descendants (default: %u).", DEFAULT_DESCENDANT_SIZE_LIMIT_KVB), ArgsManager::ALLOW_ANY | ArgsManager::DEBUG_ONLY, OptionsCategory::DEBUG_TEST); | ||
| argsman.AddArg("-limitclustercount=<n>", strprintf("Do not accept transactions connected to <n> or more existing in-mempool transactions (default: %u)", DEFAULT_CLUSTER_LIMIT), ArgsManager::ALLOW_ANY | ArgsManager::DEBUG_ONLY, OptionsCategory::DEBUG_TEST); |
There was a problem hiding this comment.
I made an attempt at dropping -limitdescendantsize and friends: https://github.com/Sjors/bitcoin/commits/2022/11/cluster-mempool
I (naively) replaced ancestor and descendent limits in coin selection with the new cluster limit. At least the tests pass *.
When we drop these settings anyone who uses them will get an error when starting the node. That's probably a good thing, since they should read about this change.
* = well, wallet_basic.py fails with:
Internal bug detected: Shared UTXOs among selection results
wallet/coinselection.h:340 (InsertInputs)
There was a problem hiding this comment.
I think we can do something similar to #32941 and just emit a warning (not error) for the first release, then remove it afterwards. We can't deprecate / continue supporting the options, but this is more user-friendly than dropping immediately.
InitWarning(_("Option '-limitdescendantcount' is set but no longer has any effect (see release notes about cluster limits). Please remove it from your configuration."));
Sjors
left a comment
There was a problem hiding this comment.
Couple more comments / questions. To be continued...
src/txmempool.cpp
Outdated
| { | ||
| m_chunks[entry.m_loc.first].txs.erase(entry.m_loc.second); | ||
|
|
||
| // Chunk (or cluster) may now be empty, but this will get cleaned up |
There was a problem hiding this comment.
54f39ca: what if the deleted transaction makes it so there are now two clusters? This is also safe to ignore?
There was a problem hiding this comment.
I wouldn't say it's safe to ignore, but the idea is that we often want to be able to batch deletions, and then clean things up in one pass. So the call sites should all be dealing with this issue and ensuring that we always clean up at some point.
(This is definitely an area where I expect that we'll be re-engineering all this logic and trying to come up with a better abstraction layer so that this is more robust and easier to think about!)
src/txmempool.cpp
Outdated
|
|
||
| for (auto txentry : txs) { | ||
| m_chunks.emplace_back(txentry.get().GetModifiedFee(), txentry.get().GetTxSize()); | ||
| m_chunks.back().txs.emplace_back(txentry); |
There was a problem hiding this comment.
54f39ca: So you're creating a chunk for each new transaction and then erasing it if the fee rate goes down. Why not the other way around?
Now that ancestor calculation never fails (due to ancestor/descendant limits being eliminated), we can eliminate the error handling from CalculateMemPoolAncestors.
Changes AddToMempool() helper to only apply changes if the mempool limits are respected. Fix package_rbf fuzz target to handle mempool policy violations
Add benchmarks for: - mempool update time when blocks are found - adding a transaction - performing the mempool's RBF calculation - calculating mempool ancestors/descendants
Including test coverage for mempool eviction and expiry
Co-authored-by: glozow <gloriajzhao@gmail.com>
This is in preparation for eliminating the block template building happening in mini_miner, in favor of directly using the linearizations done in the mempool.
…ScoreWithTopology() We use CompareMiningScoreWithTopology() for sorting transaction announcements during tx relay, and we use GetSortedScoreWithTopology() in CTxMemPool::check().
Calculating mempool ancestors for a new transaction should not be done until after cluster size limits have been enforced, to limit CPU DoS potential. Achieve this by reworking TRUC and RBF validation logic: - TRUC policy enforcement is now done using only mempool parents of new transactions, not all mempool ancestors. - RBF replacement checks are performed earlier (which allows for checking cluster size limits earlier, because cluster size checks cannot happen until after all conflicts are staged for removal). - Verifying that a new transaction doesn't conflict with an ancestor now happens later, in AcceptSingleTransaction() rather than in PreChecks(). This means that the test is not performed at all in AcceptMultipleTransactions(), but in package acceptance we already disallow RBF in situations where a package transaction has in-mempool parents. Also to ensure that all RBF validation logic is applied in both the single transaction and multiple transaction cases, remove the optimization that skips the PackageMempoolChecks() in the case of a single transaction being validated in AcceptMultipleTransactions().
989827e to
d3f8b63
Compare
17cf9ff Use cluster size limit for -maxmempool bound, and allow -maxmempool=0 in general (Suhas Daftuar) 315e43e Sanity check `GetFeerateDiagram()` in CTxMemPool::check() (Suhas Daftuar) de2e9a2 test: extend package rbf functional test to larger clusters (Suhas Daftuar) 4ef4ddb doc: update policy/packages.md for new package acceptance logic (Suhas Daftuar) 79f73ad Add check that GetSortedScoreWithTopology() agrees with CompareMiningScoreWithTopology() (Suhas Daftuar) a86ac11 Update comments for CTxMemPool class (Suhas Daftuar) 9567eaa Invoke TxGraph::DoWork() at appropriate times (Suhas Daftuar) 6c5c44f test: add functional test for new cluster mempool RPCs (Suhas Daftuar) 72f60c8 doc: Update mempool_replacements.md to reflect feerate diagram checks (Suhas Daftuar) 21693f0 Expose cluster information via rpc (Suhas Daftuar) 72e74e0 fuzz: try to add more code coverage for mempool fuzzing (Suhas Daftuar) f107417 bench: add more mempool benchmarks (Suhas Daftuar) 7976eb1 Avoid violating mempool policy limits in tests (Suhas Daftuar) 84de685 Stop tracking parents/children outside of txgraph (Suhas Daftuar) 88672e2 Rewrite GatherClusters to use the txgraph implementation (Suhas Daftuar) 1ca4f01 Fix miniminer_tests to work with cluster limits (Suhas Daftuar) 1902111 Eliminate CheckPackageLimits, which no longer does anything (Suhas Daftuar) 3a646ec Rework RBF and TRUC validation (Suhas Daftuar) 19b8479 Make getting parents/children a function of the mempool, not a mempool entry (Suhas Daftuar) 5560913 Rework truc_policy to use descendants, not children (Suhas Daftuar) a4458d6 Use txgraph to calculate descendants (Suhas Daftuar) c8b6f70 Use txgraph to calculate ancestors (Suhas Daftuar) 241a3e6 Simplify ancestor calculation functions (Suhas Daftuar) b9cec7f Make removeConflicts private (Suhas Daftuar) 0402e6c Remove unused limits from CalculateMemPoolAncestors (Suhas Daftuar) 08be765 Remove mempool logic designed to maintain ancestor/descendant state (Suhas Daftuar) fc4e3e6 Remove unused members from CTxMemPoolEntry (Suhas Daftuar) ff3b398 mempool: eliminate accessors to mempool entry ancestor/descendant cached state (Suhas Daftuar) b9a2039 Eliminate use of cached ancestor data in miniminer_tests and truc_policy (Suhas Daftuar) ba09fc9 mempool: Remove unused function CalculateDescendantMaximum (Suhas Daftuar) 8e49477 wallet: Replace max descendant count with cluster_count (Suhas Daftuar) e031085 Eliminate Single-Conflict RBF Carve Out (Suhas Daftuar) cf3ab8e Stop enforcing descendant size/count limits (Suhas Daftuar) 89ae38f test: remove rbf carveout test from mempool_limit.py (Suhas Daftuar) c0bd04d Calculate descendant information for mempool RPC output on-the-fly (Suhas Daftuar) bdcefb8 Use mempool/txgraph to determine if a tx has descendants (Suhas Daftuar) 69e1eaa Add test case for cluster size limits to TRUC logic (Suhas Daftuar) 9cda64b Stop enforcing ancestor size/count limits (Suhas Daftuar) 1f93227 Remove dependency on cached ancestor data in mini-miner (Suhas Daftuar) 9fbe0a4 rpc: Calculate ancestor data from scratch for mempool rpc calls (Suhas Daftuar) 7961496 Reimplement GetTransactionAncestry() to not rely on cached data (Suhas Daftuar) feceaa4 Remove CTxMemPool::GetSortedDepthAndScore (Suhas Daftuar) 21b5cea Use cluster linearization for transaction relay sort order (Suhas Daftuar) 6445aa7 Remove the ancestor and descendant indices from the mempool (Suhas Daftuar) 216e693 Implement new RBF logic for cluster mempool (Suhas Daftuar) ff8f115 policy: Remove CPFP carveout rule (Suhas Daftuar) c3f1afc test: rewrite PopulateMempool to not violate mempool policy (cluster size) limits (Suhas Daftuar) 47ab32f Select transactions for blocks based on chunk feerate (Suhas Daftuar) dec138d fuzz: remove comparison between mini_miner block construction and miner (Suhas Daftuar) 6c2bceb bench: rewrite ComplexMemPool to not create oversized clusters (Suhas Daftuar) 1ad4590 Limit mempool size based on chunk feerate (Suhas Daftuar) b11c89c Rework miner_tests to not require large cluster limit (Suhas Daftuar) 95a8297 Check cluster limits when using -walletrejectlongchains (Suhas Daftuar) 95762e6 Do not allow mempool clusters to exceed configured limits (Suhas Daftuar) edb3e7c [test] rework/delete feature_rbf tests requiring large clusters (glozow) 435fd56 test: update feature_rbf.py replacement test (Suhas Daftuar) 34e3298 Add new (unused) limits for cluster size/count (Suhas Daftuar) 838d7e3 Add transactions to txgraph, but without cluster dependencies (Suhas Daftuar) d5ed9cb Add accessor for sigops-adjusted weight (Suhas Daftuar) 1bf3b51 Add sigops adjusted weight calculator (Suhas Daftuar) c18c68a Create a txgraph inside CTxMemPool (Suhas Daftuar) 29a94d5 Make CTxMemPoolEntry derive from TxGraph::Ref (Suhas Daftuar) 92b0079 Allow moving CTxMemPoolEntry objects, disallow copying (Suhas Daftuar) 6c73e47 mempool: Store iterators into mapTx in mapNextTx (Suhas Daftuar) 5143068 Allow moving an Epoch::Marker (Suhas Daftuar) Pull request description: [Reopening #28676 here as a new PR, because GitHub is slow to load the page making it hard to scroll through and see comments. Also, that PR was originally opened with a prototype implementation which has changed significantly with the introduction of `TxGraph`.] This is an implementation of the [cluster mempool proposal](https://delvingbitcoin.org/t/an-overview-of-the-cluster-mempool-proposal/393). This branch implements the following observable behavior changes: - Maintains a partitioning of the mempool into connected clusters (via the `txgraph` class), which are limited in vsize to 101 kvB by default, and limited in count to 64 by default. - Each cluster is sorted ("linearized") to try to optimize for selecting highest-feerate-subsets of a cluster first - Transaction selection for mining is updated to use the cluster linearizations, selecting highest feerate "chunks" first for inclusion in a block template. - Mempool eviction is updated to use the cluster linearizations, selecting lowest feerate "chunks" first for removal. - The RBF rules are updated to: (a) drop the requirement that no new inputs are introduced; (b) change the feerate requirement to instead check that the feerate diagram of the mempool will strictly improve; (c) replace the direct conflicts limit with a directly-conflicting-clusters limit. - The CPFP carveout rule is eliminated (it doesn't make sense in a cluster-limited mempool) - The ancestor and descendant limits are no longer enforced. - New cluster count/cluster vsize limits are now enforced instead. - Transaction relay now uses chunk feerate comparisons to determine the order that newly received transactions are announced to peers. Additionally, the cached ancestor and descendant data are dropped from the mempool, along with the multi_index indices that were maintained to sort the mempool by ancestor and descendant feerates. For compatibility (eg with wallet behavior or RPCs exposing this), this information is now calculated dynamically instead. ACKs for top commit: instagibbs: reACK 17cf9ff glozow: reACK 17cf9ff sipa: ACK 17cf9ff Tree-SHA512: bbde46d913d56f8d9c0426cb0a6c4fa80b01b0a4c2299500769921f886082fb4f51f1694e0ee1bc318c52e1976d7ebed8134a64eda0b8044f3a708c04938eee7
b8d279a doc: add comment to explain correctness of GatherClusters() (Suhas Daftuar) aba7500 Fix parameter name in getmempoolcluster rpc (Suhas Daftuar) 6c1325a Rename weight -> clusterweight in RPC output, and add doc explaining mempool terminology (Suhas Daftuar) bc2eb93 Require mempool lock to be held when invoking TRUC checks (Suhas Daftuar) 957ae23 Improve comments for getTransactionAncestry to reference cluster counts instead of descendants (Suhas Daftuar) d97d619 Fix comment to reference cluster limits, not chain limits (Suhas Daftuar) a1b341e Sanity check feerate diagram in CTxMemPool::check() (Suhas Daftuar) 23d6f45 rpc: improve getmempoolcluster output (Suhas Daftuar) d2dcd37 Avoid using mapTx.modify() to update modified fees (Suhas Daftuar) d84ffc2 doc: add release notes snippet for cluster mempool (Suhas Daftuar) b0417ba doc: Add design notes for cluster mempool and explain new mempool limits (Suhas Daftuar) 2d88966 miner: replace "package" with "chunk" (Suhas Daftuar) 6f3e8eb Add a GetFeePerVSize() accessor to CFeeRate, and use it in the BlockAssembler (Suhas Daftuar) b5f245f Remove unused DEFAULT_ANCESTOR_SIZE_LIMIT_KVB and DEFAULT_DESCENDANT_SIZE_LIMIT_KVB (Suhas Daftuar) 1dac54d Use cluster size limit instead of ancestor size limit in txpackage unit test (Suhas Daftuar) 04f6548 Use cluster size limit instead of ancestor/descendant size limits when sanity checking TRUC policy limits (Suhas Daftuar) 634291a Use cluster limits instead of ancestor/descendant limits when sanity checking package policy limits (Suhas Daftuar) fc18ef1 Remove ancestor and descendant vsize limits from MemPoolLimits (Suhas Daftuar) ed8e819 Warn user if using -limitancestorsize/-limitdescendantsize that the options have no effect (Suhas Daftuar) 80d8df2 Invoke removeUnchecked() directly in removeForBlock() (Suhas Daftuar) 9292570 Rewrite GetChildren without sets (Suhas Daftuar) 3e39ea8 Rewrite removeForReorg to avoid using sets (Suhas Daftuar) a3c31df scripted-diff: rename AddToMempool -> TryAddToMempool (Suhas Daftuar) a5a7905 Simplify removeRecursive (Suhas Daftuar) 01d8520 Remove unused argument to RemoveStaged (Suhas Daftuar) bc64013 Remove unused variable (cacheMap) in mempool (Suhas Daftuar) Pull request description: As suggested in the main cluster mempool PR (#28676 (review)), I've pulled out some of the non-essential optimizations and cleanups into this separate PR. Will continue to add more commits here to address non-blocking suggestions/improvements as they come up. ACKs for top commit: instagibbs: ACK b8d279a sipa: ACK b8d279a Tree-SHA512: 1a05e99eaf8db2e274a1801307fed5d82f8f917e75ccb9ab0e1b0eb2f9672b13c79d691d78ea7cd96900d0e7d5031a3dd582ebcccc9b1d66eb7455b1d3642235
This is a draft implementation of the cluster mempool design described in #27677. I'm opening this as a draft PR now to share the branch I'm working on with others, so that we can start to think about in-progress projects (like package relay, package validation, and package rbf) in the context of this design. Also, I can use some help from others for parts of this work, including the interaction between the mempool and the wallet, and also reworking some of our existing test cases to fit a cluster-mempool world.
Note that the design of this implementation is subject to change as I continue to iterate on the code (to make the code more hygienic and robust, in particular). At this point though I think the performance is pretty reasonable and I'm not currently aware of any bugs. There are some microbenchmarks added here, and some improved fuzz tests; it would be great if others ran both of those on their own hardware as well and reported back on any findings.
This branch implements the following observable behavior changes:
Some less observable behavior changes:
epochs (resulting in a significant performance improvement, according to the benchmarks I've looked at)Still to do:
partially_downloaded_blockfuzz target to not add duplicate transactions to the mempool (fuzz: don't allow adding duplicate transactions to the mempool #29990).For discussion/feedback: