assumeutxo, blockstorage: Prevent core dump on invalid hash #28698
Conversation
|
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. Code CoverageFor detailed information about the code coverage, see the test coverage report. ReviewsSee the guideline for information on the review process.
If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update. |
|
Concept ACK I think in practice the most likely scenario for triggering this condition is that a user first successfully loads an UTXO snapshot with AssumeUTXO hash H in release version Y, and at some later point runs an earlier release version X on that same datadir (i.e. X < Y and Y includes H in the AssumeUTXO parameters, but X doesn't yet). This will probably not happen too often, but nevertheless the crash should be fixed. |
There was a problem hiding this comment.
Code review ACK caae1c9
Nice catch. It would be good to have a python test for this. A test can trigger the crash / error by just creating a chainstate_snapshot/base_blockhash file in the datadir with a random block hash.
From the command line this is also easy to test by running:
mkdir ~/.bitcoin/regtest/chainstate_snapshot
dd bs=32 count=1 if=/dev/urandom of=~/.bitcoin/regtest/chainstate_snapshot/base_blockhash
bitcoin -regtest
I've written a test using this idea, based on this PR on commit theStack@fb4eb16 (branch https://github.com/theStack/bitcoin/commits/pr28698_test_followup), feel free to include it here @pablomartin4btc. |
True, tested it, thanks @ryanofsky! |
pablomartin4btc
force-pushed
the
assumeutxo-safer-exit-on-init-core-dumped
branch
from
caae1c9
to
3d7c103
Compare
|
Rebased. I've also included suggestions from @Sjors, @ryanofsky and functional test from @theStack. Thanks to all for reviewing! |
|
Code review ACK 3d7c103 |
…rameters Co-authored-by: Russell Yanofsky <russ@yanofsky.org> Co-authored-by: Sebastian Falbesoner <sebastian.falbesoner@gmail.com>
pablomartin4btc
force-pushed
the
assumeutxo-safer-exit-on-init-core-dumped
branch
from
3d7c103
to
811067c
Compare
There was a problem hiding this comment.
ACK 811067c
nit, if you have to retouch: probably it would be good to also check for the specific error message ("Assumeutxo data not found for the given blockhash...") via assert_debug_log, rather than only the generic "fatal internal error" one which goes to stderr.
|
Agree with @theStack's suggestion, forgot to say that yesterday. |
|
ACK 811067c |
Github-Pull: bitcoin#28698 Rebased-from: 4a5be10
…rameters Co-authored-by: Russell Yanofsky <russ@yanofsky.org> Co-authored-by: Sebastian Falbesoner <sebastian.falbesoner@gmail.com> Github-Pull: bitcoin#28698 Reabsed-From: 811067c
|
Backported this to 26.x in #28754. |
Github-Pull: bitcoin#28698 Rebased-from: 4a5be10
…rameters Co-authored-by: Russell Yanofsky <russ@yanofsky.org> Co-authored-by: Sebastian Falbesoner <sebastian.falbesoner@gmail.com> Github-Pull: bitcoin#28698 Reabsed-From: 811067c
e4e8479 doc: update manual pages for v26.0rc2 (fanquake) 0b189a9 build: bump version to v26.0rc2 (fanquake) e097d4c gui: fix crash on selecting "Mask values" in transaction view (Sebastian Falbesoner) 05e8874 guix: update signapple (fanquake) deccc50 guix: Zip needs to include all files with time as SOURCE_DATE_EPOCH (Andrew Chow) fe57abd test: add coverage for snapshot chainstate not matching AssumeUTXO parameters (pablomartin4btc) b761a58 assumeutxo, blockstorage: prevent core dump on invalid hash (pablomartin4btc) d3ebf6e [test] Test i2p private key constraints (Vasil Dimov) 1f11784 [net] Check i2p private key constraints (dergoegge) 6544ffa bugfix: Mark CNoDestination and PubKeyDestination constructor explicit (MarcoFalke) Pull request description: Backports for v26.0rc2: * #28695 * #28698 * #28728 * #28757 * #28759 * bitcoin-core/gui#774 ACKs for top commit: josibake: ACK e4e8479 hebasto: re-ACK e4e8479, only a backport of bitcoin-core/gui#774 added since my [recent](#28754 (review)) review. TheCharlatan: Re-ACK e4e8479 Tree-SHA512: 4b95afd26b8bf91250cb883423de8b274cefa48dc474734f5900aeb756eee3a6c656116efcfa2caff3c250678c16b70cc6b7a5d840018dc7e2c1e8161622cd61
This is a follow-up on the invalid hash dump fix PR bitcoin#28698. bitcoin#28698 (review)
…bug_log on the assumeutxo invalid hash dump - follow-up #28698 7de7685 test, assumeutxo: Use assert_debug_log for error details (pablomartin4btc) Pull request description: This is a follow-up on the invalid hash dump fix #28698, [suggested](bitcoin/bitcoin#28698 (review)) by theStack and agreed by Sjors and ryanofsky. ACKs for top commit: Sjors: ACK 7de7685 maflcko: lgtm ACK 7de7685 Tree-SHA512: 036b3cef3084e3ead8923e8dcabe4fa7ebe97fb514d223aa38bc38df10337e3fe3113e42322178b58fb03fcd4511af4b5b56bceecbb7ded5b9758842c70db3f2
This is a follow-up on the invalid hash dump fix PR #28698. bitcoin/bitcoin#28698 (review)
While reviewing #27596 (ran
loadtxoutsetinmainnetbeforem_assumeutxo_datais empty as currently in master - back to 1b1d711), got acore dumped, so it seems there's a potential issue if new releases ever remove snapshot details or a semi-experienced user performs aloadtxoutseton a different "customised" binary version (not sure if this is a real use case).This is also happening before IBD is completed (
background validationstill being performed as it can be seen in rpcgetchainstates)Steps to reproduce the core dump error and its output:
loadtxoutsetinmainneton compiledbitcoindadding the block hash from Sjors's commit.masterwithout any changes on top.bitcoind, soon it'll crash with:After original change, error message output:
Alternative on error handling using
return error()instead ofreturn FatalError()used in this PR, which produces a different output and perhaps confusing:Current state (including ryanofsky suggestion), after code change, error message output: