diff options
| author | Alex Morcos <morcos@chaincode.com> | 2016-11-07 15:30:41 -0500 |
|---|---|---|
| committer | Alex Morcos <morcos@chaincode.com> | 2017-01-04 11:20:42 -0500 |
| commit | b50cd7a67e71051db59199a4185e7c82b669c659 (patch) | |
| tree | 9708654395f01d61688c9b979325c0a088029c02 /src/coins.h | |
| parent | caa2f106d704ec3ade63498031dd58d34510bc76 (diff) | |
| download | bitcoin-b50cd7a67e71051db59199a4185e7c82b669c659.tar.xz | |
Fix dangerous condition in ModifyNewCoins.
We were marking coins FRESH before being sure they were not overwriting dirty undo data. This condition was never reached in existing code because undo data was always flushed before UpdateCoins was called with new transactions, but could have been exposed in an otherwise safe refactor.
Clarify in the comments the assumptions made in ModifyNewCoins.
Add ability to undo transactions to UpdateCoins unit test.
Thanks to Russ Yanofsky for suggestion on how to make logic clearer and fixing up the ccoins_modify_new test cases.
Diffstat (limited to 'src/coins.h')
| -rw-r--r-- | src/coins.h | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/coins.h b/src/coins.h index dd6ef6cc3a..6244606356 100644 --- a/src/coins.h +++ b/src/coins.h @@ -269,6 +269,11 @@ struct CCoinsCacheEntry enum Flags { DIRTY = (1 << 0), // This cache entry is potentially different from the version in the parent view. FRESH = (1 << 1), // The parent view does not have this entry (or it is pruned). + /* Note that FRESH is a performance optimization with which we can + * erase coins that are fully spent if we know we do not need to + * flush the changes to the parent cache. It is always safe to + * not mark FRESH if that condition is not guaranteed. + */ }; CCoinsCacheEntry() : coins(), flags(0) {} |