net: disconnect evicted inbound peers immediately #35265

pull CruzMolina wants to merge 1 commits into bitcoin:master from CruzMolina:i2p-inbound-eviction-v2 changing 3 files +60 −5
  1. CruzMolina commented at 8:14 PM on May 11, 2026: none

    Summary

    CreateNodeFromAcceptedSocket() enforces the inbound connection limit by calling AttemptToEvictConnection() before accepting a replacement peer. Previously, the selected peer was only marked with fDisconnect and remained in m_nodes until the socket handler later ran DisconnectNodes().

    That is enough for inbound TCP accepts, which run in the socket handler thread, but not for accept loops outside the socket handler. In particular, ThreadI2PAcceptIncoming() can continue accepting replacement peers before the socket handler drains the evicted peers, temporarily exceeding -maxconnections.

    This removes an evicted inbound peer from m_nodes immediately, closes/releases it into m_nodes_disconnected, and guards m_nodes_disconnected with m_nodes_mutex because it can now be updated from the eviction path as well as the socket handler path.

    The regression test fills the inbound slots, accepts one more socket, and checks that the live node set remains capped while one original node is marked disconnected and replaced. As a regression check, transplanting the new test onto unpatched origin/master fails with:

    nodes.size() == static_cast<size_t>(max_inbound) has failed [30 != 29]

    Local I2P Repro

    As supporting evidence, I also reproduced the behavior with a local i2pd SAM router using -maxconnections=40 and 120 SAM STREAM CONNECT attempts:

    origin/master d406cffafdd1: 120/120 streams succeeded, peak connections_in=35
patched branch (same patch): 120/120 streams succeeded, peak connections_in=29

    Test

    cmake --build build --target test_bitcoin
build/bin/test_bitcoin --run_test=net_peer_connection_tests

    Fixes #27843.

  2. net: disconnect evicted inbound peers immediately
    CreateNodeFromAcceptedSocket() enforces the inbound limit by calling
AttemptToEvictConnection() when the inbound slots are full. Previously,
the selected peer was only marked for disconnect and removed later by
ThreadSocketHandler().

That is sufficient for TCP accepts, which run in the socket handler
thread, but not for I2P accepts from ThreadI2PAcceptIncoming(). During an
I2P inbound burst, replacements can be accepted before the socket handler
drains the evicted peers, temporarily exceeding the connection limit.

Remove accepted inbound eviction candidates from m_nodes immediately,
close their sockets, and queue them for deferred deletion. Guard
m_nodes_disconnected with m_nodes_mutex now that it can be updated from
the eviction path.

Add a regression test covering the replacement case.
    fb385706c6
  3. DrahtBot added the label P2P on May 11, 2026
  4. DrahtBot commented at 8:14 PM on May 11, 2026: contributor

    <!--e57a25ab6845829454e8d69fc972939a-->

    The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

    <!--006a51241073e994b41acfe9ec718e94-->

    Code Coverage & Benchmarks

    For details see: https://corecheck.dev/bitcoin/bitcoin/pulls/35265.

    <!--021abf342d371248e50ceaed478a90ca-->

    Reviews

    See the guideline for information on the review process. A summary of reviews will appear here.

    <!--5faf32d7da4f0f540f40219e4f7537a3-->

  5. CruzMolina marked this as ready for review on May 11, 2026
  6. maflcko closed this on May 12, 2026
  7. maflcko commented at 8:15 AM on May 12, 2026: member

    llm bot spamming duplicates

Contributors
CruzMolinaDrahtBotmaflcko
Labels
P2P
Linked (view graph)
#27843 ThreadI2PAcceptIncoming temporarily bypasses 125 connection ceiling
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-05-19 12:50 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me