From 2cbd71da06a14ffe823440973f8a87032bbe0b1e Mon Sep 17 00:00:00 2001 From: Pieter Wuille Date: Sun, 30 Dec 2012 15:29:39 +0100 Subject: Make DisconnectBlock fault-tolerant --- src/main.h | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'src/main.h') diff --git a/src/main.h b/src/main.h index 8bceffbaf9..80fd76452b 100644 --- a/src/main.h +++ b/src/main.h @@ -1305,8 +1305,11 @@ public: } - // Undo the effects of this block (with given index) on the UTXO set represented by coins - bool DisconnectBlock(CBlockIndex *pindex, CCoinsViewCache &coins); + /** Undo the effects of this block (with given index) on the UTXO set represented by coins. + * In case pfClean is provided, operation will try to be tolerant about errors, and *pfClean + * will be true if no problems were found. Otherwise, the return value will be false in case + * of problems. Note that in any case, coins may be modified. */ + bool DisconnectBlock(CBlockIndex *pindex, CCoinsViewCache &coins, bool *pfClean = NULL); // Apply the effects of this block (with given index) on the UTXO set represented by coins bool ConnectBlock(CBlockIndex *pindex, CCoinsViewCache &coins, bool fJustCheck=false); -- cgit v1.2.3 From 8539361e66eace839060f77f39b770d045e7ce28 Mon Sep 17 00:00:00 2001 From: Pieter Wuille Date: Sun, 30 Dec 2012 23:41:41 +0100 Subject: Add checksums to undo data This should be compatible with older code that didn't write checksums. --- src/main.h | 46 +++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 45 insertions(+), 1 deletion(-) (limited to 'src/main.h') diff --git a/src/main.h b/src/main.h index 80fd76452b..557df8bc5f 100644 --- a/src/main.h +++ b/src/main.h @@ -746,7 +746,7 @@ public: READWRITE(vtxundo); ) - bool WriteToDisk(CDiskBlockPos &pos) + bool WriteToDisk(CDiskBlockPos &pos, const uint256 &hashBlock) { // Open history file to append CAutoFile fileout = CAutoFile(OpenUndoFile(pos), SER_DISK, CLIENT_VERSION); @@ -764,6 +764,12 @@ public: pos.nPos = (unsigned int)fileOutPos; fileout << *this; + // calculate & write checksum + CHashWriter hasher(SER_GETHASH, PROTOCOL_VERSION); + hasher << hashBlock; + hasher << *this; + fileout << hasher.GetHash(); + // Flush stdio buffers and commit to disk before returning fflush(fileout); if (!IsInitialBlockDownload()) @@ -771,6 +777,44 @@ public: return true; } + + bool ReadFromDisk(const CDiskBlockPos &pos, const uint256 &hashBlock) + { + // Open history file to read + CAutoFile filein = CAutoFile(OpenUndoFile(pos, true), SER_DISK, CLIENT_VERSION); + if (!filein) + return error("CBlockUndo::ReadFromDisk() : OpenBlockFile failed"); + + // Read block + uint256 hashChecksum; + try { + filein >> *this; + } + catch (std::exception &e) { + return error("%s() : deserialize or I/O error", __PRETTY_FUNCTION__); + } + + // for compatibility with pre-release code that didn't write checksums to undo data + // TODO: replace by a simply 'filein >> hashChecksum' in the above try block + try { + filein >> hashChecksum; + } catch (std::exception &e) { + hashChecksum = 0; + } + uint32_t hashInit = hashChecksum.Get64(0) & 0xFFFFFFFFUL; + if (hashChecksum == 0 || memcmp(&hashInit, pchMessageStart, 4) == 0) + return true; + + // Verify checksum + CHashWriter hasher(SER_GETHASH, PROTOCOL_VERSION); + hasher << hashBlock; + hasher << *this; + if (hashChecksum != hasher.GetHash()) + return error("CBlockUndo::ReadFromDisk() : checksum mismatch"); + + return true; + } + }; /** pruned version of CTransaction: only retains metadata and unspent transaction outputs -- cgit v1.2.3 From 1f355b66cd90f1bd96a862604a7216e8ba56f853 Mon Sep 17 00:00:00 2001 From: Pieter Wuille Date: Thu, 3 Jan 2013 15:29:07 +0100 Subject: New database check routine -checklevel gets a new meaning: 0: verify blocks can be read from disk (like before) 1: verify (contextless) block validity (like before) 2: verify undo files can be read and have good checksums 3: verify coin database is consistent with the last few blocks (close to level 6 before) 4: verify all validity rules of the last few blocks Level 3 is the new default, as it's reasonably fast. As level 3 and 4 are implemented using an in-memory rollback of the database, they are limited to as many blocks as possible without exceeding the limits set by -dbcache. The default of -dbcache=25 allows for some 150-200 blocks to be rolled back. In case an error is found, the application quits with a message instructing the user to restart with -reindex. Better instructions, and automatic recovery (when possible) or automatic reindexing are left as future work. --- src/main.h | 2 ++ 1 file changed, 2 insertions(+) (limited to 'src/main.h') diff --git a/src/main.h b/src/main.h index 557df8bc5f..2e3e1c5efe 100644 --- a/src/main.h +++ b/src/main.h @@ -126,6 +126,8 @@ FILE* OpenUndoFile(const CDiskBlockPos &pos, bool fReadOnly = false); bool LoadExternalBlockFile(FILE* fileIn, CDiskBlockPos *dbp = NULL); /** Load the block tree and coins database from disk */ bool LoadBlockIndex(); +/** Verify consistency of the block and coin databases */ +bool VerifyDB(); /** Print the loaded block tree */ void PrintBlockTree(); /** Find a block by height in the currently-connected chain */ -- cgit v1.2.3