p2p: Ensure transaction announcements are only queued for fully connected peers #26569
Conversation
|
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. ReviewsSee the guideline for information on the review process.
If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update. ConflictsReviewers, this pull request conflicts with the following ones:
If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first. |
8ea1f7d to
c51d8b9
Compare
c51d8b9 to
4dc67b2
Compare
|
Concept ACK. Did you consider setting |
|
@jnewbery Really good question! I should have put my reasoning for this in the PR description.
This actually was my initial approach, however I ended up going with
|
There was a problem hiding this comment.
ACK 4dc67b2
Agree with the approach to not add to m_tx_inventory_to_send until the handshake completes, and that not knowing wtxidrelay yet is also a good reason. Likewise not a fan of ForEachNode here but don't see a way around it given only CNode knows whether it's fully connected.
4dc67b2 to
959cc24
Compare
|
Concept ACK. Looking forward to resolving the comments :) |
… fully connected peers
8c7d192 to
1220dfa
Compare
1220dfa to
152a42a
Compare
… pre-verack This commit documents our assumption about TxRelay::m_tx_inventory_to_send being empty prior to version handshake completion. The added Assume acts as testing oracle for our fuzzing tests to potentially detect if the assumption is violated.
152a42a to
fbcd991
Compare
fbcd991 to
8f2dac5
Compare
|
Concept ACK |
There was a problem hiding this comment.
ACK 8f2dac5 🔝
Show signature
Signature:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
ACK 8f2dac54096c20afd8fd12c21a2ee5465fea085e 🔝
-----BEGIN PGP SIGNATURE-----
iQGzBAEBCgAdFiEE+rVPoUahrI9sLGYTzit1aX5ppUgFAlwqrYAACgkQzit1aX5p
pUghBAwAyGNtXO8fvuygZ5qpYaJJCN8updyEfpF8Q//EHzHYtA7gyW1HhZKTXASV
7/R41rYKVtSE6XqJ8piivfuYNNTDZmpa1/LX030yZnSJsUGfr28bWPkXxrcUmdNE
CsiwIUbrPAzwfiPciowfipA/7d894Ado8X54ESkADJFZvYMuZ63aUuby/aPa/lCC
4GotuNiYjXJpC8FfeR6VL7yJORVdgMav8jNPzvUYM5DNfGex39Uzh1kACtXrtXTn
zeT3zqrVf/rhr9izKqQKN5utGt3vcK9+8F8zh82NOr4heNG8ZufPWHP8F+D/uQPY
h/qNQhvT47NOODa4KKurLYWSEQXYaYRdOVLXq40lZOPMbU5ByAGwMjNWusemAb4/
Af+Xt7UlK4irsQQOj+D9EClqzllVL0gfqPvDmYYutgr/6co2rgg+MJSg8LHN9t+X
rTe2pwtee+wvLTYZGgKg7uJrcanmrUL87sSFvXutOy0TXbnJ67FR3B5fGCFkXnbJ
wYTAXZpf
=/QGZ
-----END PGP SIGNATURE-----
| Assume(WITH_LOCK( | ||
| tx_relay->m_tx_inventory_mutex, | ||
| return tx_relay->m_tx_inventory_to_send.empty() && | ||
| tx_relay->m_next_inv_send_time == 0s)); |
There was a problem hiding this comment.
(not in this PR) it might be nice to set explicitly set m_next_inv_send_time to a future time here. It's slightly odd that we go through the transaction sending logic on the first pass through SendMessages() even though m_tx_inventory_to_send will be empty.
… fully connected peers Github-Pull: bitcoin#26569 Rebased-From: 845e3a3
… pre-verack This commit documents our assumption about TxRelay::m_tx_inventory_to_send being empty prior to version handshake completion. The added Assume acts as testing oracle for our fuzzing tests to potentially detect if the assumption is violated. Github-Pull: bitcoin#26569 Rebased-From: ce63fca
Github-Pull: bitcoin#26569 Rebased-From: 8f2dac5
|
Added this for backport in #26616. |
…ueued for fully connected peers
|
Love that it was merged in less than 10 days, improves bitcoin and reviewed by more than 6 devs :) |
8b726bf test: Coin Selection, duplicated preset inputs selection (furszy) 9d73176 test: wallet, coverage for CoinsResult::Erase function (furszy) 195f0df wallet: bugfix, 'CoinsResult::Erase' is erasing only one output of the set (furszy) e5d097b [test] Add p2p_tx_privacy.py (dergoegge) c842670 [net processing] Assume that TxRelay::m_tx_inventory_to_send is empty pre-verack (dergoegge) e15b306 [net processing] Ensure transaction announcements are only queued for fully connected peers (dergoegge) 95fded1 wallet: Explicitly say migratewallet on encrypted wallets is unsupported (Andrew Chow) d464b2a tests: Test for migrating encrypted wallets (Andrew Chow) 7a97a56 wallet: Avoid null pointer deref when cleaning up migratewallet (Andrew Chow) Pull request description: Backports remaining changes on the 24.0.1 milestone. Currently backports: * #26594 * #26569 * #26560 ACKs for top commit: josibake: ACK 8b726bf Tree-SHA512: db77ec1a63a7b6a4412750a0f4c0645681fc346a5df0a7cd38d5d27384e1d0fa95f3953af90042afe131ddbd4b6a6e009527095f13e9f58c0190cd378738a9e5
TxRelay::m_next_inv_send_timeis initialized to 0, which means that any txids inTxRelay::m_tx_inventory_to_sendwill be announced on the first call toPeerManagerImpl::SendMessagesfor a fully connected peer (i.e. it completed the version handshake).Prior to #21160,
TxRelay::m_tx_inventory_to_sendwas guaranteed to be empty on the firstSendMessagescall, as transaction announcements were only queued for fully connected peers. #21160 replaced aCConnman::ForEachNodecall with a loop overPeerManagerImpl::m_peer_map, in which the txid for a transaction to be relayed is added toTxRelay::m_tx_inventory_to_sendfor all peers. Even for those peers that have not completed the version handshake. Prior to the PR this was not the case asForEachNodehas a "fully connected check" before calling a function for each node.