Skip to content
This repository has been archived by the owner on Nov 6, 2020. It is now read-only.

Unify engine error to reject blocks #9085

Merged
merged 9 commits into from
Jul 16, 2018
Merged

Unify engine error to reject blocks #9085

merged 9 commits into from
Jul 16, 2018

Conversation

sorpaas
Copy link
Collaborator

@sorpaas sorpaas commented Jul 10, 2018
edited
Loading

Currently in our code, we have several places that deal with engine errors with different behavior. On engine error:

  • If on_new_block fails, blocks are rejected if it's imported externally.
  • If on_new_block fails, the client panics if it's created internally.
  • If on_close_block fails, the error is ignored and we print a warning.

I think the rejected behavior is the most reasonable. So this PR changes all three cases to rejecting blocks.

  • If we ignore the error and only print a warning, it might be ignored by the node operator as well. It may end up making the chain not having the same best block, which is bad.
  • In some cases, a consensus failure might be recoverable. For example, we might have a certain combination of transactions that cause on_close_block to fail on a consensus smart contract. In that case, if rejected behavior is used, node operators may be able to push/replace transactions and cause the current node to create a new valid block, without bringing down the node.

@sorpaas sorpaas added A0-pleasereview 🤓 Pull request needs code review. M4-core ⛓ Core client code / Rust. B7-releasenotes 📜 Changes should be mentioned in the release notes of the next minor version release. labels Jul 10, 2018
@sorpaas sorpaas added this to the 2.0 milestone Jul 10, 2018
@5chdn 5chdn added the A1-onice 🌨 Pull request is reviewed well, but should not yet be merged. label Jul 10, 2018
@5chdn 5chdn modified the milestones: 2.0, 2.1 Jul 10, 2018
@5chdn 5chdn removed the A1-onice 🌨 Pull request is reviewed well, but should not yet be merged. label Jul 11, 2018
@debris debris added A8-looksgood 🦄 Pull request is reviewed well. and removed A0-pleasereview 🤓 Pull request needs code review. labels Jul 12, 2018
@5chdn 5chdn requested a review from tomusdrw July 13, 2018 10:19
tomusdrw
tomusdrw reviewed Jul 13, 2018
View reviewed changes
Copy link
Collaborator

@tomusdrw tomusdrw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, I'd add more debug info to the warnings.

ethcore/src/miner/miner.rs Outdated
)
) {
Ok(block) => block,
Err(_) => return None,
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we print a warning here?

ethcore/src/miner/miner.rs Outdated
let block = match open_block.close() {
Ok(block) => block,
Err(_) => {
warn!(target: "miner", "Closing the block failed due to an engine error. Please check your chain specifications and consensus smart contracts.");
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe display the original error as well? Will give some additional input for debugging.

ethcore/src/miner/miner.rs Outdated
self.prepare_work(block, original_work_hash)
},
None => {
prepare_new = false;
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Isn't that a bit misleading? The function should return true if new pending block had to be prepared. And in that case it had to be prepared, but the preparation failed.
Just thinking if it won't break any other assumptions, maybe at least update the function comment.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I added BlockPreparationStatus which distinguishes three different status.

I think previously I set prepare_new = false here is indeed not quite right. We only use the result for prepare_pending_block in prepare_and_update_sealing. If we don't have to prepare a new block, the function then call update_sealing. So if the block had to be prepared but failed, then we shouldn't continue the if statement. (update_sealing will also just call prepare_block again and early return if it finds out that the conditions does not hold.)

@debris debris merged commit 5059619 into master Jul 16, 2018
@debris debris deleted the sp-close-block branch July 16, 2018 11:53
@sorpaas sorpaas mentioned this pull request Aug 22, 2018
Merged
@5chdn 5chdn removed the B7-releasenotes 📜 Changes should be mentioned in the release notes of the next minor version release. label Sep 13, 2018
@5chdn
Copy link
Contributor

5chdn commented Sep 13, 2018

Removing relnotes flag as this is not relevant for users. Or is it?

@debris
Copy link
Collaborator

debris commented Sep 13, 2018

it is not

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@tomusdrw tomusdrw tomusdrw approved these changes

@debris debris debris approved these changes

Assignees
No one assigned
Labels
A8-looksgood 🦄 Pull request is reviewed well. M4-core ⛓ Core client code / Rust.
Projects
None yet
Milestone
2.1 Whatever
Development

Successfully merging this pull request may close these issues.
4 participants
@sorpaas @5chdn @debris @tomusdrw