aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSuhas Daftuar <sdaftuar@gmail.com>2019-01-31 15:47:25 -0500
committerSuhas Daftuar <sdaftuar@gmail.com>2019-06-05 05:05:37 -0400
commit4433ed0f730cfd60eeba3694ff3c283ce2c0c8ee (patch)
treeb602afba38a577d001a6106ac28e7fb41816ad57
parent3b19d8e341a5234c3e41f59f7b3de8febfc51c21 (diff)
[validation] Crash if disconnecting a block fails
If we're unable to disconnect a block during normal operation, then that is a failure of our local system (such as disk failure) or the chain that we are on (eg CVE-2018-17144), but cannot be due to failure of the (more work) chain that we're trying to validate. We should abort rather than stay on a less work chain.
-rw-r--r--src/validation.cpp7
1 files changed, 6 insertions, 1 deletions
diff --git a/src/validation.cpp b/src/validation.cpp
index de9c0d96db..83a17de092 100644
--- a/src/validation.cpp
+++ b/src/validation.cpp
@@ -2295,7 +2295,7 @@ bool CChainState::DisconnectTip(CValidationState& state, const CChainParams& cha
std::shared_ptr<CBlock> pblock = std::make_shared<CBlock>();
CBlock& block = *pblock;
if (!ReadBlockFromDisk(block, pindexDelete, chainparams.GetConsensus()))
- return AbortNode(state, "Failed to read block");
+ return error("DisconnectTip(): Failed to read block");
// Apply the block atomically to the chain state.
int64_t nStart = GetTimeMicros();
{
@@ -2551,6 +2551,11 @@ bool CChainState::ActivateBestChainStep(CValidationState& state, const CChainPar
// This is likely a fatal error, but keep the mempool consistent,
// just in case. Only remove from the mempool in this case.
UpdateMempoolForReorg(disconnectpool, false);
+
+ // If we're unable to disconnect a block during normal operation,
+ // then that is a failure of our local system -- we should abort
+ // rather than stay on a less work chain.
+ AbortNode(state, "Failed to disconnect block; see debug.log for details");
return false;
}
fBlocksDisconnected = true;