locks: introduce mutex for tx download, flush rejection filters once per tip change #30111
Conversation
|
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. Code CoverageFor detailed information about the code coverage, see the test coverage report. ReviewsSee the guideline for information on the review process.
If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update. ConflictsReviewers, this pull request conflicts with the following ones:
If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first. |
c280fe7 to
5ba125d
Compare
ajtowns
left a comment
There was a problem hiding this comment.
I'm not sure how to be confident that the UpdateBlockTipSync / hashRecentRejectsChainTip would be correct and didn't miss an edge case. Rest looks good to me.
5ba125d to
063fc63
Compare
I (locally) split the commit into (1) update on validation interface callback and asserting that I've (locally) hit a bug though, so will figure out what's wrong and then push. |
FWIW I tried something similar, and got an assertion failure in one of the mempool functional tests (maybe mempool_reorg, and thus due to an invalidateblock call?), but it wasn't reliable, it only occurred when I ran many tests in parallel, not when I reran that test on its own. The bug will only trigger if the tip is updated via some other path and AlreadyHave is called before the tip is further updated via the expected path, so (1) doesn't seem like a terribly reliable check to me. |
063fc63 to
a1f36eb
Compare
Was it mempool_packages.py maybe? Mine tripped there on Hm. The alternative is to hold |
Ah, yes, I think it was. |
|
thanks for splitting this up, next on my review docket |
a1f36eb to
7c3fb97
Compare
|
Rebased for #29817 |
instagibbs
left a comment
There was a problem hiding this comment.
looking pretty straightforward but I'm not an expert in the current locking setup
will give another pass in a bit
7c3fb97 to
ef8de26
Compare
|
suggested changes were done, reviewed via |
instagibbs
left a comment
There was a problem hiding this comment.
utACK ef8de26be5478729328ac9d8a9ad6898351552b6
ef8de26 to
a9a6de5
Compare
|
Concept ACK |
mzumsande
left a comment
There was a problem hiding this comment.
Concept ACK - don't know the txrequest logic very well though.
The PR description should be updated (UpdatedBlockTipSync was renamed).
We need to synchronize between various tx download structures. TxRequest does not inherently need cs_main for synchronization, and it's not appropriate to lock all of the tx download logic under cs_main.
This is a synchronous callback notifying clients of all tip changes. It allows clients to respond to a new block immediately after it is connected. The synchronicity is important for things like m_recent_rejects, in which a transaction's validity can change (rejected vs accepted) when this event is processed. For example, the transaction might have a timelock condition that has just been met. This is distinct from something like m_recent_confirmed_transactions, in which the validation outcome is the same (valid vs already-have), so it does not need to be reset immediately.
17d41e7 to
3f274fb
Compare
|
Resetting m_recent_rejects once per block is more efficient than comparing hashRecentRejectsChainTip with the chain tip every time we call AlreadyHaveTx. We keep hashRecentRejectsChainTip for now to assert that updates happen correctly; it is removed in the next commit.
This also means AlreadyHaveTx no longer needs cs_main held.
The TxOrphanage is now guarded externally by m_tx_download_mutex.
3f274fb to
c85acce
Compare
|
reACK c85acce reviewed via |
| bool HasAllDesirableServiceFlags(ServiceFlags services) const override; | ||
| bool ProcessMessages(CNode* pfrom, std::atomic<bool>& interrupt) override | ||
| EXCLUSIVE_LOCKS_REQUIRED(!m_peer_mutex, !m_recent_confirmed_transactions_mutex, !m_most_recent_block_mutex, !m_headers_presync_mutex, g_msgproc_mutex); | ||
| EXCLUSIVE_LOCKS_REQUIRED(!m_peer_mutex, !m_most_recent_block_mutex, !m_headers_presync_mutex, g_msgproc_mutex, !m_tx_download_mutex); |
There was a problem hiding this comment.
The PeerManagerImpl::ProcessMessages implementation has multiple early return statements. In such a case, the Developer Notes suggest to:
Combine annotations in function declarations with run-time asserts in function definitions
i.e., AssertLockNotHeld(m_tx_download_mutex);
UPD. Same for other places, for instance, PeerManagerImpl::SendMessages.
| // | ||
| // Message: getdata (transactions) | ||
| // | ||
| LOCK(m_tx_download_mutex); |
There was a problem hiding this comment.
Do we need to hold m_tx_download_mutex for this call:
bitcoin/src/net_processing.cpp
Lines 6327 to 6328 in c85acce
theStack
left a comment
There was a problem hiding this comment.
Light code-review ACK c85acce
Fwiw, I've also spun up a fresh mainnet node instance on a publicly reachable machine running this PR for the last few days (out of IBD since Friday morning) and didn't notice any problems so far.
| for (const auto& ptx : pblock->vtx) { | ||
| m_recent_confirmed_transactions.insert(ptx->GetHash().ToUint256()); | ||
| if (ptx->HasWitness()) { | ||
| m_recent_confirmed_transactions.insert(ptx->GetWitnessHash().ToUint256()); | ||
| } | ||
| } | ||
| { | ||
| for (const auto& ptx : pblock->vtx) { | ||
| m_txrequest.ForgetTxHash(ptx->GetHash()); | ||
| m_txrequest.ForgetTxHash(ptx->GetWitnessHash()); | ||
| } | ||
| for (const auto& ptx : pblock->vtx) { | ||
| m_txrequest.ForgetTxHash(ptx->GetHash()); | ||
| m_txrequest.ForgetTxHash(ptx->GetWitnessHash()); |
There was a problem hiding this comment.
nit: as a follow-up, could maybe consolidate those two loops into a single one, as they operate now under the same lock
In the master branch, the design of the If still insisting on the |
See #30111 (comment) for background.
I've opened #30507 to add documentation to txorphanage.h, as well as the other suggestions from @hebasto and @theStack (thanks!). |
7c29e55 m_tx_download_mutex followups (glozow) e543c65 release m_tx_download_mutex before MakeAndPushMessage GETDATA (glozow) bce5f37 [refactor] change ActiveTipChange to use CBlockIndex ref instead of ptr (glozow) 7cc5ac5 [doc] TxOrphanage is no longer thread-safe (glozow) 6f49548 [refactor] combine block vtx loops in BlockConnected (glozow) Pull request description: Followup to #30111. Includes suggestions: - #30111 (comment) - #30111 (comment) - #30111 (comment) - #30111 (comment) - #30111 (comment) ACKs for top commit: instagibbs: reACK 7c29e55 theStack: re-ACK 7c29e55 dergoegge: reACK 7c29e55 Tree-SHA512: 79a9002d74739367789bbc64bb1d431f4d43a25a7934231e55814c2cb6981c15ef2d8465544ae2a4fbd734d9bed6cc41b37a923938a88cb8fea139523c1e98da
See #27463 for full project tracking.
This contains the first few commits of #30110, which require some thinking about thread safety in review.
m_tx_download_mutexwhich guards the transaction download data structures includingm_txrequest, the rolling bloom filters, andm_orphanage. Later this should become the mutex guardingTxDownloadManager.m_txrequestdoesn't need to be guarded usingcs_mainanymorem_recent_confirmed_transactionsdoesn't need its own lock anymorem_orphanagedoesn't need its own lock anymoreValidationInterfaceevent,ActiveTipChanged, which is a synchronous callback whenever the tip of the active chainstate changes.m_recent_rejectsandm_recent_rejects_reconsiderableonActiveTipChangedjust once instead of checking the tip every timeAlreadyHaveTxis called. This should speed up calls to that function (no longer comparing a block hash each time) and removes the need to lockcs_mainevery time it is called.Motivation:
m_tx_download_mutex, these should hold:m_txrequestis not also inm_orphanagem_txrequestis not also inm_recent_rejectsorm_recent_confirmed_transactionsm_orphanage, and not inm_txrequest, etc.cs_mainis used to e.g. sync accesses tom_txrequest. We should not broaden the scope of things it locks.AlreadyHaveTxso we can decide whether we should update it. Every call compares the current tip hash withhashRecentRejectsChainTip. It is more efficient to have a validation interface callback that updates the rejection filters whenever the chain tip changes.