addrman: Remove addrman hotfixes #22496

pull jnewbery wants to merge 1 commits into bitcoin:master from jnewbery:2021-07-remove-addrman-hotfix changing 2 files +7 −40
  1. jnewbery commented at 12:21 PM on July 19, 2021: member

    PRs #22179 and #22112 (EDIT: later reverted in #22497) added hotfix code to addrman to remove invalid addresses and mutate the ports of I2P entries after entering into addrman. Those hotfixes included at least two addrman data corruption bugs:

    • #22467 (Assertion `nRndPos1 < vRandom.size() && nRndPos2 < vRandom.size()' failed)
    • #22470 (Changing I2P ports in addrman may wronly skip some entries from "new" buckets)

    Hotfixing addrman is inherently dangerous. There are many members that have implicit assumptions on each others' state, and mutating those directly can lead to violating addrman's internal invariants.

    Instead of trying to hotfix addrman, just don't insert any invalid addresses. For now, those are addresses which fail CNetAddr::IsValid().

  2. fanquake added the label P2P on Jul 19, 2021
  3. jnewbery renamed this:
    [addrman] Remove RemoveInvalid() and ResetI2PPorts()
    addrman: Remove RemoveInvalid() and ResetI2PPorts()
    on Jul 19, 2021
  4. jnewbery renamed this:
    addrman: Remove RemoveInvalid() and ResetI2PPorts()
    addrman: Remove addrman hotfixes
    on Jul 19, 2021
  5. DrahtBot commented at 6:11 PM on July 19, 2021: member

    <!--e57a25ab6845829454e8d69fc972939a-->

    The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

    <!--174a7506f384e20aa4161008e828411d-->

    Conflicts

    No conflicts as of last run.

  6. lsilva01 approved
  7. lsilva01 commented at 6:46 PM on July 19, 2021: contributor

    Code Review ACK https://github.com/bitcoin/bitcoin/pull/22496/commits/5dc4a74bad4274caf8d98a42d64385e2ab11c327.

    As I2P support hasn't even been released yet, it's much simpler and safer not to insert I2P addresses where port! = 0.

  8. hebasto commented at 6:52 PM on July 19, 2021: member

    Is this pr for 22.0 release?

  9. laanwj commented at 6:57 PM on July 19, 2021: member

    As I2P support hasn't even been released yet, it's much simpler and safer not to insert I2P addresses where port! = 0.

    The thing is that I2P does support ports other than 0, just not in the currently used SAM proxy version (3.1). But there is no reason future versions of bitcoin core, or other clients, couldn't support I2P with ports. So I'm kind of divided on ignoring them completely, as that will give problems with such addresses not propagating later. See previous discussion here: #21514 (comment) #21514 (comment) .

  10. MarcoFalke added this to the milestone 22.0 on Jul 19, 2021
  11. DrahtBot added the label Needs rebase on Jul 20, 2021
  12. vasild commented at 7:24 AM on July 20, 2021: member

    • In the long term we should keep in addrman and relay I2P addresses with port != 0. If dropping I2P entries with port != 0 is deemed necessary, then it should be a temporary measure for the same reasons e0a2b390c144e123e2fc8a289fdff36815476964 was temporary. I am a little bit inclined to leave I2P ports as they are, now that ResetI2PPorts() has been removed.

    • This PR seems to be complicating the already complicated Unserialize(). Complexity is a maintenance killer and a source of bugs. I find the isolated/separate method RemoveInvalid() easier to assess and test. Also it can be called from other places if needed (maybe from Check()?).

  13. [addrman] Remove RemoveInvalid()
    Instead of deserializing addresses, placing them in the buckets, and
then removing them if they're invalid, check first and don't place in
the buckets if they're invalid.
    65332b1178
  14. jnewbery force-pushed on Jul 20, 2021
  15. DrahtBot removed the label Needs rebase on Jul 20, 2021
  16. jnewbery commented at 10:53 AM on July 20, 2021: member

    In the long term we should keep in addrman and relay I2P addresses with port != 0. If dropping I2P entries with port != 0 is deemed necessary, then it should be a temporary measure for the same reasons e0a2b39 was temporary. I am a little bit inclined to leave I2P ports as they are, now that ResetI2PPorts() has been removed.

    I haven't been following the I2P work closely, but I really don't understand the motivation for adding code to addrman in #22112. There are only a handful of people using (pre-release) I2P support, so why was code added to master to patch their addrmans if the intention was to remove that code before release?

    I don't understand why we'd want to keep I2P addresses in addrman before bitcoind supports them. With the original version of this PR, it would have been easy to implement that - as soon as bitcoind supports non-port-0 I2P addresses, just remove the line from IsValidForAddrman() that disallows them.

    In any case, #22497 was opened shortly after this PR and quickly merged, removing all of the I2P-specific code from addrman, so I've dropped the first commit.

    This PR seems to be complicating the already complicated Unserialize(). Complexity is a maintenance killer and a source of bugs. I find the isolated/separate method RemoveInvalid() easier to assess and test. Also it can be called from other places if needed (maybe from Check()?).

    This PR is +7/-40 and makes the addrman code simpler rather than more complicated. Currently, addresses are deserialized from peers.dat, added into buckets, and then removed if they're invalid. It's much simpler to just not add them into those buckets if they're invalid.

  17. jnewbery commented at 11:57 AM on July 20, 2021: member

    Removing the v22 milestone. Now that the changes from #22112 have been reverted, this isn't urgent.

  18. jnewbery removed this from the milestone 22.0 on Jul 20, 2021
  19. MarcoFalke commented at 2:28 PM on July 21, 2021: member

    Needs OP adjusted?

  20. jnewbery commented at 3:47 PM on July 21, 2021: member

    Needs OP adjusted?

    Done

  21. vasild commented at 12:04 PM on July 22, 2021: member

    ... so why was code added to master to patch their addrmans if the intention was to remove that code before release?

    Just to answer the question: the intention was to include it in 22.0, see the commit message of e0a2b390c144e123e2fc8a289fdff36815476964. The reasons why it was removed earlier are stated in the commit message of the removal: d4b67c8ebc2bb7488bcaaccc3a801cdef1cf1678.

  22. sipa commented at 6:49 PM on July 22, 2021: member

    utACK 65332b1178c75e1f83415bad24918996a1524866. I tried to reason through scenarios that could introduce inconsistencies with this code, but can't find any.

    I'm also working on a POC that replaces addrman's representation with something multiindex based, which is hopefully more easily reviewable for correctness/consistencies. But I'd like the existing addrman PRs in the pipeline to settle first.

  23. practicalswift commented at 7:55 PM on July 24, 2021: contributor

    Concept ACK

  24. fanquake approved
  25. fanquake commented at 7:33 AM on August 3, 2021: member

    ACK 65332b1178c75e1f83415bad24918996a1524866 - Skipping the addition of invalid addresses (this code was initially added for Tor addrs) rather than adding all the invalids then removing them all when finishing unserializing seems like an improvement. Especially if it can be achieved with less code.

  26. fanquake merged this on Aug 3, 2021
  27. fanquake closed this on Aug 3, 2021
  28. laanwj commented at 7:47 AM on August 3, 2021: member

    Post-merge ACK.

  29. jnewbery deleted the branch on Aug 3, 2021
  30. sidhujag referenced this in commit 809d56fdb2 on Aug 4, 2021
  31. DrahtBot locked this on Aug 18, 2022
Contributors
jnewberyDrahtBotlsilva01hebastolaanwjvasildMarcoFalkesipapracticalswiftfanquake
Labels
P2P
Linked (view graph)
#22112 Force port 0 in I2P#22179 Torv2 removal followups#22467 Assertion `nRndPos1 < vRandom.size() && nRndPos2 < vRandom.size()' failed#22470 Changing I2P ports in addrman may wrongly skip some entries from "new" buckets#22497 scripted-diff: remove ResetI2PPorts() (revert e0a2b390c14)
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-17 09:14 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me