validation: Remove REJECT code from CValidationState #17004
Conversation
|
|
|
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. ConflictsReviewers, this pull request conflicts with the following ones:
If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first. |
|
Thanks for the review @ryanofsky . I've updated the release notes as requested. |
|
Nice cleanup. |
3f4c6b8 to
982ff1a
Compare
|
Rebased |
I didn't see this in my previous reviews, and I'm not really sure what the implications are. It might help for the comment to say what the original reason for not calling MaybePunish was, and why it's no longer applicable or important now |
|
Was about to ask the same question, thanks @ryanofsky |
982ff1a to
d938bb4
Compare
|
It looks like the bug was introduced here: https://github.com/bitcoin/bitcoin/pull/10135/files. That PR fixed a bug where we'd send out REJECT messages with a reject code of 0 (not valid in BIP 61), but it also inadvertently stopped us from punishing nodes that sent a block that failed here https://github.com/jnewbery/bitcoin/blob/5d08c9c579ba8cc7b684105c6a08263992b08d52/src/validation.cpp#L3077 and here https://github.com/jnewbery/bitcoin/blob/5d08c9c579ba8cc7b684105c6a08263992b08d52/src/validation.cpp#L3088 where the reject code wasn't set in the This PR restores that old behaviour of maybe punishing peers that send us blocks that fail I've updated the commit log with more detail, and added a comment in the net_processing |
|
Code review ACK d938bb4. Only comment and formatting changes since my last review. Thanks for digging up the history! IIUC, could maybe update the PR description to clarify that the "minor change in p2p behaviour" is a bugfix. |
|
Updated the PR description. Thanks for the review! |
doc/release-notes-15437.md
Outdated
| code when a transaction is not accepted to the mempool. They still return the | ||
| verbal reject reason. | ||
|
|
||
| * Log messages that previously reported the REJECT reason when a transaction was |
There was a problem hiding this comment.
Not sure about this statement, at least the reject-reason should be logged for the broadcastTransaction call in SubmitMemoryPoolAndRelay, which ones were you thinking off ?
There was a problem hiding this comment.
Sorry, this should say REJECT code, not REJECT reason. I'll update the docs.
| if (state.IsInvalid()) { | ||
| // Don't send reject message with code 0 or an internal reject code. | ||
| if (it != mapBlockSource.end() && State(it->second.first) && state.GetRejectCode() > 0 && state.GetRejectCode() < REJECT_INTERNAL) { | ||
| // If the block failed validation, we know where it came from and we're still connected | ||
| // to that peer, maybe punish. | ||
| if (state.IsInvalid() && | ||
| it != mapBlockSource.end() && | ||
| State(it->second.first)) { |
There was a problem hiding this comment.
Just a suggestion, but imo it wouldn't be a bad idea to break this commit up to separate the behavior changes from the refactoring changes. It probably says something bad about my own code review practices, but I completely missed this change the first time I first reviewed and ACKed this PR. It seems like this commit could nicely be broken into 3 commits: 1) P2P behavior change 2) RPC and logging changes 3) Refactor to remove reject constants arguments
There was a problem hiding this comment.
Good idea. I'll do that. That'll also make it easier to back-port the bugfix if we want to do that.
Because the call to MaybePunishNode() in PeerLogicValidation::BlockChecked() only previously happened if the REJECT code was > 0 and < REJECT_INTERNAL, then there are cases were MaybePunishNode() can get called where it wasn't previously: - when AcceptBlockHeader() fails with CACHED_INVALID. - when AcceptBlockHeader() fails with BLOCK_MISSING_PREV. Note that BlockChecked() cannot fail with an 'internal' reject code. The only internal reject code was REJECT_HIGHFEE, which was only set in ATMP. This change restores the behaviour pre-commit 5d08c9c which did punish nodes that sent us CACHED_INVALID and BLOCK_MISSING_PREV blocks.
Remove the BIP61 REJECT code from error messages and logs when a transaction is rejected. BIP61 support was removed from Bitcoin Core in fa25f43. The REJECT codes will be removed from the codebase entirely in the following commit.
src/validation.h
Outdated
| @@ -783,9 +783,6 @@ int32_t ComputeBlockVersion(const CBlockIndex* pindexPrev, const Consensus::Para | |||
| * for transactions, to signal internal conditions. They cannot and should not | |||
There was a problem hiding this comment.
Comment should also be removed
We no longer send BIP 61 REJECT messages, so there's no need to set a REJECT code in the CValidationState object.
d938bb4 to
9075d13
Compare
|
Fixed all @ryanofsky @ariard @fjahr comments. Thanks for the review! |
|
ACK 9075d13, changes since last reviewed are splitting them in separate commits to ease understanding and fix nits |
|
ACK 9075d13, confirmed diff to last review was fixing nits in docs/comments. |
9075d13 [docs] Add release notes for removal of REJECT reasons (John Newbery) 04a2f32 [validation] Fix REJECT message comments (John Newbery) e9d5a59 [validation] Remove REJECT code from CValidationState (John Newbery) 0053e16 [logging] Don't log REJECT code when transaction is rejected (John Newbery) a1a07cf [validation] Fix peer punishment for bad blocks (John Newbery) Pull request description: We no longer send BIP 61 REJECT messages, so there's no need to set a REJECT code in the CValidationState object. Note that there is a minor bug fix in p2p behaviour here. Because the call to `MaybePunishNode()` in `PeerLogicValidation::BlockChecked()` only previously happened if the REJECT code was > 0 and < `REJECT_INTERNAL`, then there are cases were `MaybePunishNode()` can get called where it wasn't previously: - when `AcceptBlockHeader()` fails with `CACHED_INVALID`. - when `AcceptBlockHeader()` fails with `BLOCK_MISSING_PREV`. Note that `BlockChecked()` cannot fail with an 'internal' reject code. The only internal reject code was `REJECT_HIGHFEE`, which was only set in ATMP. This reverts a minor bug introduced in 5d08c9c. ACKs for top commit: ariard: ACK 9075d13, changes since last reviewed are splitting them in separate commits to ease understanding and fix nits fjahr: ACK 9075d13, confirmed diff to last review was fixing nits in docs/comments. ryanofsky: Code review ACK 9075d13. Only changes since last review are splitting the main commit and updating comments Tree-SHA512: 58e8a1a4d4e6f156da5d29fb6ad6a62fc9c594bbfc6432b3252e962d0e9e10149bf3035185dc5320c46c09f3e49662bc2973ec759679c0f3412232087cb8a3a7
|
It looks like the runtime sanity assert assert (state.GetRejectCode() < REJECT_INTERNAL); // Blocks are never rejected with internal reject codeswas transformed into a less fatal if check in 5d08c9c and now removed completely. What is the reason for removing it? |
|
Oh, I see we used to punish peers when the reject code was |
b1b0cfe test: Remove REJECT message code (Hennadii Stepanov) Pull request description: We no longer use REJECT p2p message: - bitcoin#15437 - bitcoin#17004 ACKs for top commit: theStack: ACK bitcoin@b1b0cfe (nice dead code find) Tree-SHA512: 0a662b282e921c3991aeb15f54d077837f1ef20bc2e3b0b35117bb97a21d1bd1c3e21458e5c18ba0ca02030d559e3e8e74dbd3d3e2b46dbe7bede550948c3b55
Summary: > Because the call to MaybePunishNode() in > PeerLogicValidation::BlockChecked() only previously happened if the > REJECT code was > 0 and < REJECT_INTERNAL, then there are cases were > MaybePunishNode() can get called where it wasn't previously: > > - when AcceptBlockHeader() fails with CACHED_INVALID. > - when AcceptBlockHeader() fails with BLOCK_MISSING_PREV. > > Note that BlockChecked() cannot fail with an 'internal' reject code. The > only internal reject code was REJECT_HIGHFEE, which was only set in > ATMP. > > This change restores the behaviour pre-commit > bitcoin/bitcoin@5d08c9c > which did punish nodes that > sent us CACHED_INVALID and BLOCK_MISSING_PREV blocks. This is a backport of Core [[bitcoin/bitcoin#17004 | PR17004]] [1/5] Commit bitcoin/bitcoin@a1a07cf Test Plan: `ninja all check-all` Reviewers: O1 Bitcoin ABC, #bitcoin_abc, jasonbcox Reviewed By: O1 Bitcoin ABC, #bitcoin_abc, jasonbcox Differential Revision: https://reviews.bitcoinabc.org/D8181
Summary: > We no longer send BIP 61 REJECT messages, so there's no need to set > a REJECT code in the CValidationState object. This is a backport of Core [[bitcoin/bitcoin#17004 | PR17004]] [3/5] Commit bitcoin/bitcoin@e9d5a59 Depends on D8182 Test Plan: `ninja all check-all` Reviewers: O1 Bitcoin ABC, #bitcoin_abc, deadalnix Reviewed By: O1 Bitcoin ABC, #bitcoin_abc, deadalnix Differential Revision: https://reviews.bitcoinabc.org/D8183
Summary: Comments change only. This is a backport of Core [[bitcoin/bitcoin#17004 | PR17004]] [4/5] Commit bitcoin/bitcoin@04a2f32 Depends on D8183 Test Plan: `ninja` Reviewers: O1 Bitcoin ABC, #bitcoin_abc, deadalnix Reviewed By: O1 Bitcoin ABC, #bitcoin_abc, deadalnix Differential Revision: https://reviews.bitcoinabc.org/D8184
Summary: Add some release notes related to the user-facing changes introduced by [[bitcoin/bitcoin#17004 | PR17004]]. The original 5th commit of the PR also added release notes related to changes in other PR, which were backported for our previous release (0.22.5). We only mention the changes to logging. This concludes the backport of Core [[bitcoin/bitcoin#17004 | PR17004]] [5/5] Inspired by commit bitcoin/bitcoin@9075d13 Depends on D8184 Test Plan: Proof-reading Reviewers: O1 Bitcoin ABC, #bitcoin_abc, jasonbcox Reviewed By: O1 Bitcoin ABC, #bitcoin_abc, jasonbcox Differential Revision: https://reviews.bitcoinabc.org/D8185
We no longer send BIP 61 REJECT messages, so there's no need to set
a REJECT code in the CValidationState object.
Note that there is a minor bug fix in p2p behaviour here. Because the
call to
MaybePunishNode()inPeerLogicValidation::BlockChecked()onlypreviously happened if the REJECT code was > 0 and <
REJECT_INTERNAL,then there are cases were
MaybePunishNode()can get called where itwasn't previously:
AcceptBlockHeader()fails withCACHED_INVALID.AcceptBlockHeader()fails withBLOCK_MISSING_PREV.Note that
BlockChecked()cannot fail with an 'internal' reject code. Theonly internal reject code was
REJECT_HIGHFEE, which was only set inATMP.
This reverts a minor bug introduced in 5d08c9c.