Fix db leaks in LLMQ db (PIVX-Project#2914)

* Store rs_t key time in big endian Also implement ConvertInvalidTimeKeys to convert old entries. We can remove this later when we know that most MNs have run this code on testnet. The way we stored the time field in the past lead to CleanupOldRecoveredSigs iterating the keys in a strange order, causing no deletion at all and the LLMQ DB filling up. * Write batch in CleanupOldRecoveredSigs when it gets too large This avoids RAM filling up and OOM getting triggered. * Keep track of when a vote was written to the DB and clean up after week Instead of only deleting when the corresponding recovered sig is deleted. It sometimes happens that a masternode votes on something but a recovered sig is never created, which leaves us with a vote that will never be deleted. * Apply suggestions from code review Co-Authored-By: PastaPastaPasta <pasta@dashboost.org>
panleone · Nov 10, 2024 · 1d4b479 · 1d4b479
1 parent cdc0f12
commit 1d4b479
Show file tree

Hide file tree

Showing 2 changed files with 151 additions and 14 deletions.
diff --git a/src/llmq/quorums_signing.cpp b/src/llmq/quorums_signing.cpp
@@ -26,6 +26,90 @@ std::unique_ptr<CSigningManager> quorumSigningManager{nullptr};
 
 CRecoveredSigsDb::CRecoveredSigsDb(CDBWrapper& _db) : db(_db)
 {
+    if (Params().NetworkIDString() == CBaseChainParams::TESTNET) {
+        // TODO this can be completely removed after some time (when we're pretty sure the conversion has been run on most testnet MNs)
+        if (db.Exists(std::string("rs_upgraded"))) {
+            return;
+        }
+
+        ConvertInvalidTimeKeys();
+        AddVoteTimeKeys();
+
+        db.Write(std::string("rs_upgraded"), (uint8_t)1);
+    }
+}
+
+// This converts time values in "rs_t" from host endiannes to big endiannes, which is required to have proper ordering of the keys
+void CRecoveredSigsDb::ConvertInvalidTimeKeys()
+{
+    LogPrintf("CRecoveredSigsDb::%s -- converting invalid rs_t keys\n", __func__);
+
+    std::unique_ptr<CDBIterator> pcursor(db.NewIterator());
+
+    auto start = std::make_tuple(std::string("rs_t"), (uint32_t)0, (uint8_t)0, uint256());
+    pcursor->Seek(start);
+
+    CDBBatch batch(CLIENT_VERSION | ADDRV2_FORMAT);
+    size_t cnt = 0;
+    while (pcursor->Valid()) {
+        decltype(start) k;
+
+        if (!pcursor->GetKey(k) || std::get<0>(k) != "rs_t") {
+            break;
+        }
+
+        batch.Erase(k);
+        std::get<1>(k) = htobe32(std::get<1>(k));
+        batch.Write(k, (uint8_t)1);
+
+        cnt++;
+
+        pcursor->Next();
+    }
+    pcursor.reset();
+
+    db.WriteBatch(batch);
+
+    LogPrintf("CRecoveredSigsDb::%s -- converted %d invalid rs_t keys\n", __func__, cnt);
+}
+
+// This adds rs_vt keys for every rs_v entry to the DB. The time in the key is set to the current time.
+// This causes cleanup of all these votes a week later.
+void CRecoveredSigsDb::AddVoteTimeKeys()
+{
+    LogPrintf("CRecoveredSigsDb::%s -- adding rs_vt keys with current time\n", __func__);
+
+    auto curTime = GetAdjustedTime();
+
+    std::unique_ptr<CDBIterator> pcursor(db.NewIterator());
+
+    auto start = std::make_tuple(std::string("rs_v"), (uint8_t)0, uint256());
+    pcursor->Seek(start);
+
+    CDBBatch batch(CLIENT_VERSION | ADDRV2_FORMAT);
+    size_t cnt = 0;
+    while (pcursor->Valid()) {
+        decltype(start) k;
+
+        if (!pcursor->GetKey(k) || std::get<0>(k) != "rs_v") {
+            break;
+        }
+
+        uint8_t llmqType = std::get<1>(k);
+        const uint256& id = std::get<2>(k);
+
+        auto k2 = std::make_tuple(std::string("rs_vt"), (uint32_t)htobe32(curTime), llmqType, id);
+        batch.Write(k2, (uint8_t)1);
+
+        cnt++;
+
+        pcursor->Next();
+    }
+    pcursor.reset();
+
+    db.WriteBatch(batch);
+
+    LogPrintf("CRecoveredSigsDb::%s -- added %d rs_vt entries\n", __func__, cnt);
 }
 
 bool CRecoveredSigsDb::HasRecoveredSig(Consensus::LLMQType llmqType, const uint256& id, const uint256& msgHash)
@@ -143,13 +227,9 @@ void CRecoveredSigsDb::WriteRecoveredSig(const llmq::CRecoveredSig& recSig)
     auto k4 = std::make_tuple(std::string("rs_s"), signHash);
     batch.Write(k4, (uint8_t)1);
 
-    // remove the votedForId entry as we won't need it anymore
-    auto k5 = std::make_tuple(std::string("rs_v"), recSig.llmqType, recSig.id);
-    batch.Erase(k5);
-
     // store by current time. Allows fast cleanup of old recSigs
-    auto k6 = std::make_tuple(std::string("rs_t"), (uint32_t)GetAdjustedTime(), recSig.llmqType, recSig.id);
-    batch.Write(k6, (uint8_t)1);
+    auto k5 = std::make_tuple(std::string("rs_t"), (uint32_t)htobe32(GetAdjustedTime()), recSig.llmqType, recSig.id);
+    batch.Write(k5, (uint8_t)1);
 
     db.WriteBatch(batch);
 
@@ -167,9 +247,8 @@ void CRecoveredSigsDb::CleanupOldRecoveredSigs(int64_t maxAge)
 {
     std::unique_ptr<CDBIterator> pcursor(db.NewIterator());
 
-    static const uint256 maxUint256 = uint256S("ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff");
     auto start = std::make_tuple(std::string("rs_t"), (uint32_t)0, (uint8_t)0, uint256());
-    auto end = std::make_tuple(std::string("rs_t"), (uint32_t)(GetAdjustedTime() - maxAge), (uint8_t)255, maxUint256);
+    uint32_t endTime = (uint32_t)(GetAdjustedTime() - maxAge);
     pcursor->Seek(start);
 
     std::vector<std::pair<Consensus::LLMQType, uint256>> toDelete;
@@ -178,10 +257,10 @@ void CRecoveredSigsDb::CleanupOldRecoveredSigs(int64_t maxAge)
     while (pcursor->Valid()) {
         decltype(start) k;
 
-        if (!pcursor->GetKey(k)) {
+        if (!pcursor->GetKey(k) || std::get<0>(k) != "rs_t") {
             break;
         }
-        if (k >= end) {
+        if (be32toh(std::get<1>(k)) >= endTime) {
             break;
         }
 
@@ -211,16 +290,19 @@ void CRecoveredSigsDb::CleanupOldRecoveredSigs(int64_t maxAge)
             auto k2 = std::make_tuple(std::string("rs_r"), recSig.llmqType, recSig.id, recSig.msgHash);
             auto k3 = std::make_tuple(std::string("rs_h"), recSig.GetHash());
             auto k4 = std::make_tuple(std::string("rs_s"), signHash);
-            auto k5 = std::make_tuple(std::string("rs_v"), recSig.llmqType, recSig.id);
             batch.Erase(k1);
             batch.Erase(k2);
             batch.Erase(k3);
             batch.Erase(k4);
-            batch.Erase(k5);
 
             hasSigForIdCache.erase(std::make_pair((Consensus::LLMQType)recSig.llmqType, recSig.id));
             hasSigForSessionCache.erase(signHash);
             hasSigForHashCache.erase(recSig.GetHash());
+
+            if (batch.SizeEstimate() >= (1 << 24)) {
+                db.WriteBatch(batch);
+                batch.Clear();
+            }
         }
     }
 
@@ -229,6 +311,8 @@ void CRecoveredSigsDb::CleanupOldRecoveredSigs(int64_t maxAge)
     }
 
     db.WriteBatch(batch);
+
+    LogPrint(BCLog::LLMQ, "CRecoveredSigsDb::%d -- deleted %d entries\n", __func__, toDelete.size());
 }
 
 bool CRecoveredSigsDb::HasVotedOnId(Consensus::LLMQType llmqType, const uint256& id)
@@ -245,8 +329,55 @@ bool CRecoveredSigsDb::GetVoteForId(Consensus::LLMQType llmqType, const uint256&
 
 void CRecoveredSigsDb::WriteVoteForId(Consensus::LLMQType llmqType, const uint256& id, const uint256& msgHash)
 {
-    auto k = std::make_tuple(std::string("rs_v"), (uint8_t)llmqType, id);
-    db.Write(k, msgHash);
+    auto k1 = std::make_tuple(std::string("rs_v"), (uint8_t)llmqType, id);
+    auto k2 = std::make_tuple(std::string("rs_vt"), (uint32_t)htobe32(GetAdjustedTime()), (uint8_t)llmqType, id);
+
+    CDBBatch batch(CLIENT_VERSION | ADDRV2_FORMAT);
+    batch.Write(k1, msgHash);
+    batch.Write(k2, (uint8_t)1);
+
+    db.WriteBatch(batch);
+}
+
+void CRecoveredSigsDb::CleanupOldVotes(int64_t maxAge)
+{
+    std::unique_ptr<CDBIterator> pcursor(db.NewIterator());
+
+    auto start = std::make_tuple(std::string("rs_vt"), (uint32_t)0, (uint8_t)0, uint256());
+    uint32_t endTime = (uint32_t)(GetAdjustedTime() - maxAge);
+    pcursor->Seek(start);
+
+    CDBBatch batch(CLIENT_VERSION | ADDRV2_FORMAT);
+    size_t cnt = 0;
+    while (pcursor->Valid()) {
+        decltype(start) k;
+
+        if (!pcursor->GetKey(k) || std::get<0>(k) != "rs_vt") {
+            break;
+        }
+        if (be32toh(std::get<1>(k)) >= endTime) {
+            break;
+        }
+
+        uint8_t llmqType = std::get<2>(k);
+        const uint256& id = std::get<3>(k);
+
+        batch.Erase(k);
+        batch.Erase(std::make_tuple(std::string("rs_v"), llmqType, id));
+
+        cnt++;
+
+        pcursor->Next();
+    }
+    pcursor.reset();
+
+    if (cnt == 0) {
+        return;
+    }
+
+    db.WriteBatch(batch);
+
+    LogPrint(BCLog::LLMQ, "CRecoveredSigsDb::%d -- deleted %d entries\n", __func__, cnt);
 }
 
 //////////////////
@@ -520,6 +651,7 @@ void CSigningManager::Cleanup()
     int64_t maxAge = DEFAULT_MAX_RECOVERED_SIGS_AGE;
 
     db.CleanupOldRecoveredSigs(maxAge);
+    db.CleanupOldVotes(maxAge);
 
     lastCleanupTime = GetTimeMillis();
 }

diff --git a/src/llmq/quorums_signing.h b/src/llmq/quorums_signing.h
@@ -67,6 +67,9 @@ class CRecoveredSigsDb
 public:
     CRecoveredSigsDb(CDBWrapper& _db);
 
+    void ConvertInvalidTimeKeys();
+    void AddVoteTimeKeys();
+
     bool HasRecoveredSig(Consensus::LLMQType llmqType, const uint256& id, const uint256& msgHash);
     bool HasRecoveredSigForId(Consensus::LLMQType llmqType, const uint256& id);
     bool HasRecoveredSigForSession(const uint256& signHash);
@@ -82,6 +85,8 @@ class CRecoveredSigsDb
     bool GetVoteForId(Consensus::LLMQType llmqType, const uint256& id, uint256& msgHashRet);
     void WriteVoteForId(Consensus::LLMQType llmqType, const uint256& id, const uint256& msgHash);
 
+    void CleanupOldVotes(int64_t maxAge);
+
 private:
     bool ReadRecoveredSig(Consensus::LLMQType llmqType, const uint256& id, CRecoveredSig& ret);
 };