mempool: Fix missing locking in CTxMemPool::check(…) and CTxMemPool::setSanityCheck(…) #11689

1. 
   practicalswift commented at 10:37 pm on November 14, 2017: contributor

   Fix missing locking in CTxMemPool::check(const CCoinsViewCache *pcoins):

   • reading variable mapTx requires holding mutex cs
   • reading variable mapNextTx requires holding mutex cs
   • reading variable nCheckFrequency requires holding mutex cs

   Fix missing locking in CTxMemPool::setSanityCheck(double dFrequency):

   • writing variable nCheckFrequency requires holding mutex cs
2. fanquake added the label Mempool on Nov 14, 2017
3. practicalswift renamed this:
   Fix missing locking in CTxMemPool::check(const CCoinsViewCache *pcoins)
   mempool: Fix missing locking in CTxMemPool::check(const CCoinsViewCache *pcoins)
   on Nov 14, 2017
4. 
   promag commented at 9:37 am on November 15, 2017: member

   ACK 2abe610.

   Unrelated, but should read nCheckFrequency with the lock too?

5. 
   practicalswift commented at 9:44 am on November 15, 2017: contributor

   @promag Yes, nCheckFrequency should probably be guarded by the mutex cs too. Good catch!

   I’ll ping in @MarcoFalke and @TheBlueMatt for a comment. What do you say? :-)

    0$ git blame src/txmempool.h | grep nCheckFrequency
    1fada0c42 (MarcoFalke               2016-04-03 11:49:36 +0200 415)     uint32_t nCheckFrequency; //!< Value n means that n times in 2^32 we check.
    253a6590f (Matt Corallo             2017-09-11 15:43:49 -0400 510)     void setSanityCheck(double dFrequency = 1.0) { nCheckFrequency = static_cast<uint32_t>(dFrequency * 4294967295.0); }
    3$ git grep -E '(nCheckFrequency|setSanityCheck)'
    4src/init.cpp:        mempool.setSanityCheck(1.0 / ratio);
    5src/qt/test/rpcnestedtests.cpp:    //mempool.setSanityCheck(1.0);
    6src/test/test_bitcoin.cpp:        mempool.setSanityCheck(1.0);
    7src/txmempool.cpp:    nCheckFrequency = 0;
    8src/txmempool.cpp:                if (nCheckFrequency != 0) assert(!coin.IsSpent());
    9src/txmempool.cpp:    if (nCheckFrequency == 0)
   10src/txmempool.cpp:    if (GetRand(std::numeric_limits<uint32_t>::max()) >= nCheckFrequency)
   11src/txmempool.h:    uint32_t nCheckFrequency; //!< Value n means that n times in 2^32 we check.
   12src/txmempool.h:    void setSanityCheck(double dFrequency = 1.0) { nCheckFrequency = static_cast<uint32_t>(dFrequency * 4294967295.0); }
   

6. 
   promag commented at 9:54 am on November 15, 2017: member

   Actually nCheckFrequency doesn’t change, only set in

   0src/init.cpp:        mempool.setSanityCheck(1.0 / ratio);
   

7. 
   TheBlueMatt commented at 10:47 pm on November 15, 2017: member

   Technically there is no issue here - mempool (should only be) modified with cs_main and mempool.check is only called with cs_main. Indeed, probably just move the lock to the top of the function. Unless you want to go to the trouble of making nCheckFrequency a const, best to fix it for the static analysis just like the rest.
8. practicalswift force-pushed on Nov 16, 2017
9. practicalswift renamed this:
   mempool: Fix missing locking in CTxMemPool::check(const CCoinsViewCache *pcoins)
   mempool: Fix missing locking in CTxMemPool::check(…) and CTxMemPool::setSanityCheck(…)
   on Nov 16, 2017
10. 
    practicalswift commented at 9:10 am on November 16, 2017: contributor

    @TheBlueMatt @promag Thanks for reviewing! An updated version has now been pushed taking into account the formal locking requirements of nCheckFrequency too. Please re-review :-)
11. 
    practicalswift commented at 6:46 am on November 23, 2017: contributor

    Added a commit with the Clang thread safety analysis annotations to facilitate reviewing. @promag, would you mind re-reviewing? :-)
12. practicalswift force-pushed on Nov 29, 2017
13. 
    practicalswift commented at 11:06 pm on November 29, 2017: contributor

    Updated with annotations moved over to the header files.

    The EXCLUSIVE_LOCKS_REQUIRED(mempool.cs) annotations for BlockAssembler::SkipMapTxEntry and BlockAssembler::addPackageTxs should be placed in miner.h rather than miner.cpp, but the existence of mempool (and hence mempool.cs) is not currently not known in miner.h. Would extern CTxMemPool mempool; be acceptable in miner.h?

14. 
    TheBlueMatt commented at 5:46 pm on December 4, 2017: member

    As mentioned before, please do not place EXCLUSIVE_LOCKS_REQUIRED annotations on class member function declarations instead of their definitions. Placing them on declarations makes the annotations incredibly brittle and, thus, largely useless. Better to leave them off than to add them in a place where the order of functions in a file matters.
15. practicalswift force-pushed on Mar 12, 2018
16. practicalswift force-pushed on Mar 12, 2018
17. 
    practicalswift commented at 11:16 pm on March 12, 2018: contributor

    @TheBlueMatt Sorry, I had missed moving the annotations for SkipMapTxEntry, addPackageTxs, UpdateChildrenForRemoval and CalculateDescendants. Now fixed! Please re-review :-)
18. 
    sipa commented at 0:19 am on March 17, 2018: member

    utACK 661db1d63afcea4016ccb7f97fda6cde7f719826
19. practicalswift force-pushed on Apr 3, 2018
20. 
    practicalswift commented at 11:35 am on April 3, 2018: contributor

    Rebased!
21. practicalswift force-pushed on May 5, 2018
22. Fix missing locking in CTxMemPool::check(const CCoinsViewCache *pcoins)

    * reading variable 'mapTx' requires holding mutex 'cs'
    * reading variable 'mapNextTx' requires holding mutex 'cs'
    * reading variable 'nCheckFrequency' requires holding mutex 'cs'

    6bc5b7100b
23. Fix missing locking in CTxMemPool::setSanityCheck(double dFrequency)

    * writing variable 'nCheckFrequency' requires holding mutex 'cs'

    0e2dfa8a65
24. Add Clang thread safety analysis annotations 47782b49e6
25. practicalswift force-pushed on May 5, 2018
26. 
    practicalswift commented at 1:26 pm on May 14, 2018: contributor

    @promag @sipa Would you mind re-reviewing? @marcofalke Would you mind reviewing? :-)
27. 
    MarcoFalke commented at 2:16 pm on May 14, 2018: member

    utACK 47782b49e67599585cd766c8322ca01764fe5aa7
28. MarcoFalke merged this on May 14, 2018
29. MarcoFalke closed this on May 14, 2018

    ---

30. MarcoFalke referenced this in commit 0264836695 on May 14, 2018
31. PastaPastaPasta referenced this in commit 38420ef969 on Jun 17, 2020
32. PastaPastaPasta referenced this in commit 536bed0a91 on Jun 27, 2020
33. PastaPastaPasta referenced this in commit 57edfbde62 on Jun 28, 2020
34. PastaPastaPasta referenced this in commit c7319fd501 on Jun 29, 2020
35. PastaPastaPasta referenced this in commit 1d81e8dd52 on Jul 1, 2020
36. LarryRuane referenced this in commit f6656c3a57 on Mar 22, 2021
37. LarryRuane referenced this in commit ee61ed5ff8 on Mar 22, 2021
38. LarryRuane referenced this in commit bfcc1c7382 on Mar 22, 2021
39. practicalswift deleted the branch on Apr 10, 2021
40. LarryRuane referenced this in commit 357f9055f7 on Apr 26, 2021
41. LarryRuane referenced this in commit ac9da118f0 on Apr 26, 2021
42. LarryRuane referenced this in commit 9c4a2595b5 on Apr 26, 2021
43. LarryRuane referenced this in commit e7264d3de2 on May 27, 2021
44. LarryRuane referenced this in commit 74d70e9f1b on May 27, 2021
45. LarryRuane referenced this in commit 6e6f49de88 on May 27, 2021
46. str4d referenced this in commit e4278d6a91 on Sep 23, 2021
47. str4d referenced this in commit cb2d959b4c on Sep 23, 2021
48. str4d referenced this in commit 1a8e53968b on Sep 23, 2021
49. gades referenced this in commit e3e64baf53 on Mar 11, 2022
50. str4d referenced this in commit c272910e52 on May 14, 2022
51. str4d referenced this in commit 9b41cd4719 on May 14, 2022
52. str4d referenced this in commit 46dcd92bbf on May 14, 2022
53. DrahtBot locked this on Aug 18, 2022

Contributors
practicalswift promag TheBlueMatt sipa MarcoFalke

Labels
Mempool