fix race that could fail to persist a ban #7959

pull kazcw wants to merge 1 commits into bitcoin:master from kazcw:banmap_race changing 1 files +3 −2
  1. kazcw commented at 4:43 PM on April 27, 2016: contributor

    DumpBanList currently does this:

    • with lock: take a copy of the banmap
    • perform I/O (write out the banmap)
    • with lock: mark the banmap non-dirty

    If a new ban is added during the I/O operation, it may never be persisted to disk.

    Reorder operations so that the data to be persisted cannot be older than the time at which the banmap was marked non-dirty.

  2. fix race that could fail to persist a ban
    DumpBanList currently does this:
  - with lock: take a copy of the banmap
  - perform I/O (write out the banmap)
  - with lock: mark the banmap non-dirty
If a new ban is added during the I/O operation, it may never be persisted to
disk.

Reorder operations so that the data to be persisted cannot be older than the
time at which the banmap was marked non-dirty.
    f4ac02ee7c
  4. jonasschnelli added the label P2P on Apr 28, 2016
  5. in src/net.cpp:None in f4ac02ee7c 
    2633 | @@ -2634,9 +2634,10 @@ void DumpBanlist()
2634 |  
2635 |      CBanDB bandb;
2636 |      banmap_t banmap;
2637 | +    CNode::SetBannedSetDirty(false);
    jonasschnelli commented at 8:30 AM on April 28, 2016:

    What about doing the whole bandb.Write(ban map) & CNode::SetBannedSetDirty(false); while holding LOCK(cs_setBanned);? Otherwise there will always be a possible race condition that someone is adding a ban after CNode::SetBannedSetDirty(false); and before bandb.Write(banmap) or CNode::GetBanned(banmap).

    laanwj commented at 10:36 AM on April 28, 2016:

    Otherwise there will always be a possible race condition that someone is adding a ban after CNode::SetBannedSetDirty(false); and before bandb.Write(banmap) or CNode::GetBanned(banmap).

    That wouldn't be a race condition, but the way it's structured on purpose: because the change to the ban map will re-mark the map as dirty, the next write will catch it (there is a very slight window between CNode::SetBannedSetDirty and CNode::GetBanned in which a false-positive dirty could happen, but unlike the other way around that's harmless). This is not the case right now.

    Putting it in a huge lock would hold up the entire P2P for the time of the I/O, which would be unfortunate.

  7. jonasschnelli commented at 11:34 AM on April 29, 2016: contributor

    utACK f4ac02ee7c6530c273503d8575a492e9b2ac1f13

  8. laanwj merged this on May 2, 2016
  9. laanwj closed this on May 2, 2016
  10. laanwj referenced this in commit 03cf6e8675 on May 2, 2016
  11. kazcw deleted the branch on May 5, 2016
  12. zkbot referenced this in commit f40121446d on Nov 12, 2020
  13. zkbot referenced this in commit 049951dc45 on Feb 11, 2021
  14. zkbot referenced this in commit b3a6729944 on Feb 16, 2021
  15. zkbot referenced this in commit e85265fbd5 on Feb 17, 2021
  16. zkbot referenced this in commit b4b07a1bbd on Feb 17, 2021
  17. DrahtBot locked this on Sep 8, 2021
Contributors
kazcwtheunijonasschnellilaanwj
Labels
P2P
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-05-02 12:15 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me