refactor: TxDownloadManager + fuzzing#30110
Conversation
|
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. Code CoverageFor detailed information about the code coverage, see the test coverage report. ReviewsSee the guideline for information on the review process.
If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update. ConflictsReviewers, this pull request conflicts with the following ones:
If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first. |
glozow
force-pushed
the
2024-05-txdownload
branch
from
dc30dc1 to
1d9a82c
Compare
|
🚧 At least one of the CI tasks failed. Make sure to run all tests locally, according to the Possibly this is due to a silent merge conflict (the changes in this pull request being Leave a comment here, if you need help tracking down a confusing failure. |
glozow
force-pushed
the
2024-05-txdownload
branch
from
1d9a82c to
1d04155
Compare
glozow
force-pushed
the
2024-05-txdownload
branch
2 times, most recently
from
0937e08 to
2e58028
Compare
glozow
force-pushed
the
2024-05-txdownload
branch
3 times, most recently
from
0b40677 to
b1cc0c3
Compare
|
Rebased for #29817 and added a "ensure we can always download a tx as long as we have 1 good outbound peer" fuzz test |
glozow
force-pushed
the
2024-05-txdownload
branch
from
b1cc0c3 to
13622fc
Compare
glozow
force-pushed
the
2024-05-txdownload
branch
from
13622fc to
4340fb9
Compare
These invs are ignored anyway, and this allows us to more easily move the inv handling to TxDownloadManager in the next commit.
ProcessInvalidTx will return a PackageToValidate, so it needs to be defined afterward.
…Compact There does not appear to be any reason why orphan transactions should be given special treatment.
Move-only. Also delete external RecentRejectsFilter() access since it is no longer necessary.
Also delete external RecentRejectsReconsiderableFilter() access since it is no longer necessary.
…to TxDownloadMan internals
This is a slight behavior change: if a transaction is in both reconsiderable rejects and AlreadyHaveTx in another way, we don't try to return a 1p1c package. This is the correct thing to do, as we don't want to reconsider transactions that have multiple things wrong with them. For example, if a transaction is low feerate, and then later found to have a bad signature, we shouldn't try it again in a package.
This should never happen normally, but just in case.
Avoid the fuzzer situation where: 1. Orphanage has 2 transactions with the same txid, one with witness, one without witness. 2. The transaction with witness is found to have `TX_INPUTS_NOT_STANDARD` error. The txid is added to recent rejects filter, and the tx with witness is deleted from orphanage. 3. A low feerate parent is found. Find1P1CPackage finds the transaction with no witness in orphanage, and returns the package. 4. net_processing has just been handed a package in which the child is already in recent rejects.
Forward this bool to the TxRequestTracker ctor. This is needed for stablity in TxDownloadManager fuzzers
The txdownload_impl is similar but allows us to check specific invariants within its implementation. It will also change a lot more than the external interface (txdownloadman) will, so we will add more to this target later.
| bool m_ignore_inv_txid; | ||
| bool m_ignore_inv_wtxid; | ||
|
|
||
| // Constructor. We are passing and casting ints because they are more readable in a table (see all_expected_results). |
There was a problem hiding this comment.
| // Constructor. We are passing and casting ints because they are more readable in a table (see all_expected_results). | |
| // Constructor. We are passing and casting ints because they are more readable in a table (see expected_behaviors). |
There was a problem hiding this comment.
Will fix if I retouch / in the next PR
| // Jump ahead in time | ||
| time += fuzzed_data_provider.PickValueInArray(TIME_SKIPS); | ||
| CheckInvariants(txdownload_impl, max_orphan_count); |
There was a problem hiding this comment.
is it intentional to do no backward jumps in time here? (in contrast to the txdownloadman fuzz test above)
There was a problem hiding this comment.
Not intentional! I haven't tried negative yet.
instagibbs
left a comment
instagibbs
left a comment
There was a problem hiding this comment.
reACK 0f4bc63
could use some fuzzing c @marcofleon
src/node/txdownloadman_impl.cpp
Outdated
There was a problem hiding this comment.
Okay, so
/** New inv has been received. May be added as a candidate to txrequest. */ is inaccurate, right? There is no new INV received in p2p_inv=false case, but rather it's called from orphan consideration after processing a TX?
|
Fuzzed the two targets for about 250 cpu hours each. Coverage looks good. Finally, the children hanging out in the recent reject filter are quiet 😌 I'll look to run the one honest peer test as well once it's ready. |
|
light ACK 0f4bc63 |
|
Thanks for the reviews. Working on the followups + one_honest_peer fuzzer PR now |
14 participants
Part of #27463.
This PR does 3 things:
(1) It modularizes transaction download logic into a
TxDownloadManager. Transaction download logic refers to the process of deciding what transactions to request, download, and validate.[1] There should be no behavior changes. Using--color_moved=dimmed_zebra -wmay help.(2) It adds unit and fuzz (:magic_wand:) testing for transaction download.
(3) It makes a few small behavioral changes:
There are several benefits to this interface, such as:
assert_debug_log(not good) in functional tests.TxDownloadManagerinstead ofPeerManager, making it easier to review and test. See Package Relay 1/3: Introduce TxDownloadManager and improve orphan-handling #28031 for what this looks like.PeerManagerwill no longer know anything about / have access toTxOrphanage,TxRequestTrackeror the rejection caches. Its primary interface withTxDownloadManagerwould be much simpler:ValidationInterfacecallbackstxdownloadmanwhen a peer {connects, disconnects}txdownloadmanwhen a {transaction, package} is {accepted, rejected} from mempooltxdownloadmanwhen invs, notfounds, and txs are received.HaveMoreWorkfor theProessMessagesloop[1]: This module is concerned with tx download, not upload. It excludes transaction announcements/gossip which happens after we download/accept a transaction. Txreconciliation (erlay) is excluded from this module, as it only relates to deciding which
invs to send or helping the other peer decide whichinvs to send. It is independent from this logic.