| blob | 7163b99a6784f38fd4644b043cae30b8800a2be4 |
1 // Copyright (c) 2009-2010 Satoshi Nakamoto
2 // Copyright (c) 2009-2016 The Bitcoin Core developers
3 // Distributed under the MIT software license, see the accompanying
4 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
38 #include <atomic>
39 #include <sstream>
41 #include <boost/algorithm/string/replace.hpp>
42 #include <boost/algorithm/string/join.hpp>
43 #include <boost/filesystem.hpp>
44 #include <boost/filesystem/fstream.hpp>
45 #include <boost/math/distributions/poisson.hpp>
46 #include <boost/thread.hpp>
50 #if defined(NDEBUG)
52 #endif
54 /**
55 * Global state
56 */
58 CCriticalSection cs_main;
60 BlockMap mapBlockIndex;
61 CChain chainActive;
63 CWaitableCriticalSection csBestBlock;
64 CConditionVariable cvBlockChange;
88 /** Constant stuff for coinbase transactions we create: */
89 CScript COINBASE_FLAGS;
93 // Internal stuff
96 struct CBlockIndexWorkComparator
97 {
99 // First sort by most total work, ...
103 // ... then by earliest time received, ...
107 // Use pointer address as tie breaker (should only happen with blocks
108 // loaded from disk, as those all have id 0).
112 // Identical blocks.
114 }
115 };
119 /**
120 * The set of all CBlockIndex entries with BLOCK_VALID_TRANSACTIONS (for itself and all ancestors) and
121 * as good as our current tip or better. Entries may be failed, though, and pruning nodes may be
122 * missing the data for the block.
123 */
125 /** All pairs A->B, where A (or one of its ancestors) misses transactions, but B has transactions.
126 * Pruned nodes may have entries where B is missing data.
127 */
130 CCriticalSection cs_LastBlockFile;
133 /** Global flag to indicate we should check to see if there are
134 * block/undo files that should be deleted. Set on startup
135 * or if we allocate more file space when we're in prune mode
136 */
139 /**
140 * Every received block is assigned a unique and increasing identifier, so we
141 * know which one to give priority in case of a fork.
142 */
143 CCriticalSection cs_nBlockSequenceId;
144 /** Blocks loaded from disk are assigned id 0, so start the counter at 1. */
146 /** Decreasing counter (used by subsequent preciousblock calls). */
148 /** chainwork for the last block that preciousblock has been applied to. */
151 /** Dirty block index entries. */
154 /** Dirty block file entries. */
159 {
160 // Find the first block the caller has in the main chain
164 {
170 }
171 }
172 }
174 }
180 FLUSH_STATE_NONE,
181 FLUSH_STATE_IF_NEEDED,
182 FLUSH_STATE_PERIODIC,
183 FLUSH_STATE_ALWAYS
184 };
186 // See definition for documentation
190 {
193 if ((int64_t)tx.nLockTime < ((int64_t)tx.nLockTime < LOCKTIME_THRESHOLD ? (int64_t)nBlockHeight : nBlockTime))
198 }
200 }
203 {
206 // By convention a negative value for flags indicates that the
207 // current network-enforced consensus rules should be used. In
208 // a future soft-fork scenario that would mean checking which
209 // rules would be enforced for the next block and setting the
210 // appropriate flags. At the present time no soft-forks are
211 // scheduled, so no flags are set.
214 // CheckFinalTx() uses chainActive.Height()+1 to evaluate
215 // nLockTime because when IsFinalTx() is called within
216 // CBlock::AcceptBlock(), the height of the block *being*
217 // evaluated is what is used. Thus if we want to know if a
218 // transaction can be part of the *next* block, we need to call
219 // IsFinalTx() with one more than chainActive.Height().
222 // BIP113 will require that time-locked transactions have nLockTime set to
223 // less than the median time of the previous block they're contained in.
224 // When the next block is created its previous block will be the current
225 // chain tip, so we use that to calculate the median time passed to
226 // IsFinalTx() if LOCKTIME_MEDIAN_TIME_PAST is set.
232 }
234 /**
235 * Calculates the block height and previous block's median time past at
236 * which the transaction will be considered final in the context of BIP 68.
237 * Also removes from the vector of input heights any entries which did not
238 * correspond to sequence locked inputs as they do not affect the calculation.
239 */
240 static std::pair<int, int64_t> CalculateSequenceLocks(const CTransaction &tx, int flags, std::vector<int>* prevHeights, const CBlockIndex& block)
241 {
244 // Will be set to the equivalent height- and time-based nLockTime
245 // values that would be necessary to satisfy all relative lock-
246 // time constraints given our view of block chain history.
247 // The semantics of nLockTime are the last invalid height/time, so
248 // use -1 to have the effect of any height or time being valid.
252 // tx.nVersion is signed integer so requires cast to unsigned otherwise
253 // we would be doing a signed comparison and half the range of nVersion
254 // wouldn't support BIP 68.
258 // Do not enforce sequence numbers as a relative lock time
259 // unless we have been instructed to
262 }
267 // Sequence numbers with the most significant bit set are not
268 // treated as relative lock-times, nor are they given any
269 // consensus-enforced meaning at this point.
271 // The height of this input is not relevant for sequence locks
274 }
280 // NOTE: Subtract 1 to maintain nLockTime semantics
281 // BIP 68 relative lock times have the semantics of calculating
282 // the first block or time at which the transaction would be
283 // valid. When calculating the effective block time or height
284 // for the entire transaction, we switch to using the
285 // semantics of nLockTime which is the last invalid block
286 // time or height. Thus we subtract 1 from the calculated
287 // time or height.
289 // Time-based relative lock-times are measured from the
290 // smallest allowed timestamp of the block containing the
291 // txout being spent, which is the median time past of the
292 // block prior.
293 nMinTime = std::max(nMinTime, nCoinTime + (int64_t)((txin.nSequence & CTxIn::SEQUENCE_LOCKTIME_MASK) << CTxIn::SEQUENCE_LOCKTIME_GRANULARITY) - 1);
295 nMinHeight = std::max(nMinHeight, nCoinHeight + (int)(txin.nSequence & CTxIn::SEQUENCE_LOCKTIME_MASK) - 1);
296 }
297 }
300 }
303 {
310 }
312 bool SequenceLocks(const CTransaction &tx, int flags, std::vector<int>* prevHeights, const CBlockIndex& block)
313 {
315 }
318 {
321 // If there are relative lock times then the maxInputBlock will be set
322 // If there are no relative lock times, the LockPoints don't depend on the chain
324 // Check whether chainActive is an extension of the block at which the LockPoints
325 // calculation was valid. If not LockPoints are no longer valid
328 }
329 }
331 // LockPoints still valid
333 }
335 bool CheckSequenceLocks(const CTransaction &tx, int flags, LockPoints* lp, bool useExistingLockPoints)
336 {
341 CBlockIndex index;
343 // CheckSequenceLocks() uses chainActive.Height()+1 to evaluate
344 // height based locks because when SequenceLocks() is called within
345 // ConnectBlock(), the height of the block *being*
346 // evaluated is what is used.
347 // Thus if we want to know if a transaction can be part of the
348 // *next* block, we need to use one more than chainActive.Height()
356 }
358 // pcoinsTip contains the UTXO set for chainActive.Tip()
364 CCoins coins;
367 }
369 // Assume all mempool transaction confirm in the next block
373 }
374 }
379 // Also store the hash of the block with the highest height of
380 // all the blocks which have sequence locked prevouts.
381 // This hash needs to still be on the chain
382 // for these LockPoint calculations to be valid
383 // Note: It is impossible to correctly calculate a maxInputBlock
384 // if any of the sequence locked inputs depend on unconfirmed txs,
385 // except in the special case where the relative lock time/height
386 // is 0, which is equivalent to no sequence lock. Since we assume
387 // input height of tip+1 for mempool txs and test the resulting
388 // lockPair from CalculateSequenceLocks against tip+1. We know
389 // EvaluateSequenceLocks will fail if there was a non-zero sequence
390 // lock on a mempool input, so we can use the return value of
391 // CheckSequenceLocks to indicate the LockPoints validity
394 // Can ignore mempool inputs since we'll fail if they had non-zero locks
397 }
398 }
400 }
401 }
403 }
407 {
410 {
412 }
414 {
416 }
418 }
421 {
427 {
431 }
433 }
435 int64_t GetTransactionSigOpCost(const CTransaction& tx, const CCoinsViewCache& inputs, int flags)
436 {
444 }
447 {
449 nSigOps += CountWitnessSigOps(tx.vin[i].scriptSig, prevout.scriptPubKey, i < tx.wit.vtxinwit.size() ? &tx.wit.vtxinwit[i].scriptWitness : NULL, flags);
450 }
452 }
458 bool CheckTransaction(const CTransaction& tx, CValidationState &state, bool fCheckDuplicateInputs)
459 {
460 // Basic checks that don't depend on any context
465 // Size limits (this doesn't take the witness into account, as that hasn't been checked for malleability)
466 if (::GetSerializeSize(tx, SER_NETWORK, PROTOCOL_VERSION | SERIALIZE_TRANSACTION_NO_WITNESS) > MAX_BLOCK_BASE_SIZE)
469 // Check for negative or overflow output values
472 {
480 }
482 // Check for duplicate inputs - note that this check is slow so we skip it in CheckBlock
486 {
489 }
490 }
493 {
496 }
497 else
498 {
502 }
505 }
516 }
518 /** Convert CValidationState to a human-readable message for logging */
520 {
525 }
527 bool AcceptToMemoryPoolWorker(CTxMemPool& pool, CValidationState& state, const CTransaction& tx, bool fLimitFree,
528 bool* pfMissingInputs, int64_t nAcceptTime, bool fOverrideMempoolLimit, const CAmount& nAbsurdFee,
530 {
539 // Coinbase is only valid in a block, not as a loose transaction
543 // Reject transactions with witness before segregated witness activates (override with -prematurewitness)
547 }
549 // Rather not work on nonstandard transactions (unless -testnet/-regtest)
550 string reason;
554 // Only accept nLockTime-using transactions that can be mined in the next
555 // block; we don't want our mempool filled up with transactions that can't
556 // be mined yet.
560 // is it already in the memory pool?
564 // Check for conflicts with in-memory transactions
566 {
569 {
572 {
575 {
576 // Allow opt-out of transaction replacement by setting
577 // nSequence >= maxint-1 on all inputs.
578 //
579 // maxint-1 is picked to still allow use of nLockTime by
580 // non-replaceable transactions. All inputs rather than just one
581 // is for the sake of multi-party protocols, where we don't
582 // want a single party to be able to disable replacement.
583 //
584 // The opt-out ignores descendants as anyone relying on
585 // first-seen mempool behavior should be checking all
586 // unconfirmed ancestors anyway; doing otherwise is hopelessly
587 // insecure.
590 {
592 {
594 {
597 }
598 }
599 }
604 }
605 }
606 }
607 }
609 {
610 CCoinsView dummy;
614 LockPoints lp;
615 {
620 // do we already have it?
626 }
628 // do all inputs exist?
629 // Note that this does not check for the presence of actual outputs (see the next check for that),
630 // and only helps with filling in pfMissingInputs (to determine missing vs spent).
637 return false; // fMissingInputs and !state.IsInvalid() is used to detect this condition, don't set state.Invalid()
638 }
639 }
641 // are the actual inputs available?
645 // Bring the best block into scope
650 // we have all inputs cached now, so switch back to dummy, so we don't need to keep lock on mempool
653 // Only accept BIP68 sequence locked transactions that can be mined in the next
654 // block; we don't want our mempool filled up with transactions that can't
655 // be mined yet.
656 // Must keep pool.cs for this unless we change CheckSequenceLocks to take a
657 // CoinsViewCache instead of create its own
660 }
662 // Check for non-standard pay-to-script-hash in inputs
666 // Check for non-standard witness in P2WSH
674 // nModifiedFees includes any fee deltas from PrioritiseTransaction
679 CAmount inChainInputValue;
682 // Keep track of transactions that spend a coinbase, which we re-scan
683 // during reorgs to ensure COINBASE_MATURITY is still met.
690 }
691 }
693 CTxMemPoolEntry entry(tx, nFees, nAcceptTime, dPriority, chainActive.Height(), pool.HasNoInputsOf(tx), inChainInputValue, fSpendsCoinbase, nSigOpsCost, lp);
696 // Check that the transaction doesn't have an excessive number of
697 // sigops, making it impossible to mine. Since the coinbase transaction
698 // itself can contain sigops MAX_STANDARD_TX_SIGOPS is less than
699 // MAX_BLOCK_SIGOPS; we still consider this an invalid rather than
700 // merely non-standard transaction.
705 CAmount mempoolRejectFee = pool.GetMinFee(GetArg("-maxmempool", DEFAULT_MAX_MEMPOOL_SIZE) * 1000000).GetFee(nSize);
707 return state.DoS(0, false, REJECT_INSUFFICIENTFEE, "mempool min fee not met", false, strprintf("%d < %d", nFees, mempoolRejectFee));
708 } else if (GetBoolArg("-relaypriority", DEFAULT_RELAYPRIORITY) && nModifiedFees < ::minRelayTxFee.GetFee(nSize) && !AllowFree(entry.GetPriority(chainActive.Height() + 1))) {
709 // Require that free transactions have sufficient priority to be mined in the next block.
711 }
713 // Continuously rate-limit free (really, very-low-fee) transactions
714 // This mitigates 'penny-flooding' -- sending thousands of free transactions just to
715 // be annoying or make others' transactions take longer to confirm.
717 {
725 // Use an exponentially decaying ~10-minute window:
728 // -limitfreerelay unit is thousand-bytes-per-minute
729 // At default rate it would take over a month to fill 1GB
734 }
741 // Calculate in-mempool ancestors, up to a limit.
746 size_t nLimitDescendantSize = GetArg("-limitdescendantsize", DEFAULT_DESCENDANT_SIZE_LIMIT)*1000;
748 if (!pool.CalculateMemPoolAncestors(entry, setAncestors, nLimitAncestors, nLimitAncestorSize, nLimitDescendants, nLimitDescendantSize, errString)) {
750 }
752 // A transaction that spends outputs that would be replaced by it is invalid. Now
753 // that we have the set of all ancestors we can detect this
754 // pathological case by making sure setConflicts and setAncestors don't
755 // intersect.
757 {
760 {
766 }
767 }
769 // Check if it's economically rational to mine this transaction rather
770 // than the ones it replaces.
776 // If we don't hold the lock allConflicting might be incomplete; the
777 // subsequent RemoveStaged() and addUnchecked() calls don't guarantee
778 // mempool consistency for us.
781 {
787 {
792 // Save these to avoid repeated lookups
795 // Don't allow the replacement to reduce the feerate of the
796 // mempool.
797 //
798 // We usually don't want to accept replacements with lower
799 // feerates than what they replaced as that would lower the
800 // feerate of the next block. Requiring that the feerate always
801 // be increased is also an easy-to-reason about way to prevent
802 // DoS attacks via replacements.
803 //
804 // The mining code doesn't (currently) take children into
805 // account (CPFP) so we only consider the feerates of
806 // transactions being directly replaced, not their indirect
807 // descendants. While that does mean high feerate children are
808 // ignored when deciding whether or not to replace, we do
809 // require the replacement to pay more overall fees too,
810 // mitigating most cases.
813 {
820 }
823 {
825 }
828 }
829 // This potentially overestimates the number of actual descendants
830 // but we just want to be conservative to avoid doing too much
831 // work.
833 // If not too many to replace, then calculate the set of
834 // transactions that would have to be evicted
837 }
841 }
847 nConflictingCount,
848 maxDescendantsToVisit));
849 }
852 {
853 // We don't want to accept replacements that require low
854 // feerate junk to be mined first. Ideally we'd keep track of
855 // the ancestor feerates and make the decision based on that,
856 // but for now requiring all new inputs to be confirmed works.
858 {
859 // Rather than check the UTXO set - potentially expensive -
860 // it's cheaper to just check if the new input refers to a
861 // tx that's in the mempool.
867 }
868 }
870 // The replacement must pay greater fees than the transactions it
871 // replaces - if we did the bandwidth used by those conflicting
872 // transactions would not be paid for.
874 {
879 }
881 // Finally in addition to paying more fees than the conflicts the
882 // new transaction must pay for its own bandwidth.
885 {
892 }
893 }
898 }
900 // Check against previous transactions
901 // This is done last to help prevent CPU exhaustion denial-of-service attacks.
904 // SCRIPT_VERIFY_CLEANSTACK requires SCRIPT_VERIFY_WITNESS, so we
905 // need to turn both off, and compare against just turning off CLEANSTACK
906 // to see if the failure is specifically due to witness validation.
907 if (tx.wit.IsNull() && CheckInputs(tx, state, view, true, scriptVerifyFlags & ~(SCRIPT_VERIFY_WITNESS | SCRIPT_VERIFY_CLEANSTACK), true, txdata) &&
908 !CheckInputs(tx, state, view, true, scriptVerifyFlags & ~SCRIPT_VERIFY_CLEANSTACK, true, txdata)) {
909 // Only the witness is missing, so the transaction itself may be fine.
911 }
913 }
915 // Check again against just the consensus-critical mandatory script
916 // verification flags, in case of bugs in the standard flags that cause
917 // transactions to pass as valid when they're actually invalid. For
918 // instance the STRICTENC flag was incorrectly allowing certain
919 // CHECKSIG NOT scripts to pass, even though they were invalid.
920 //
921 // There is a similar check in CreateNewBlock() to prevent creating
922 // invalid blocks, however allowing such transactions into the mempool
923 // can be exploited as a DoS attack.
925 {
926 return error("%s: BUG! PLEASE REPORT THIS! ConnectInputs failed against MANDATORY but not STANDARD flags %s, %s",
928 }
930 // Remove conflicting transactions from the mempool
932 {
938 }
941 // Store transaction in memory
944 // trim mempool and check if tx was trimmed
946 LimitMempoolSize(pool, GetArg("-maxmempool", DEFAULT_MAX_MEMPOOL_SIZE) * 1000000, GetArg("-mempoolexpiry", DEFAULT_MEMPOOL_EXPIRY) * 60 * 60);
949 }
950 }
955 }
957 bool AcceptToMemoryPoolWithTime(CTxMemPool& pool, CValidationState &state, const CTransaction &tx, bool fLimitFree,
958 bool* pfMissingInputs, int64_t nAcceptTime, bool fOverrideMempoolLimit, const CAmount nAbsurdFee)
959 {
961 bool res = AcceptToMemoryPoolWorker(pool, state, tx, fLimitFree, pfMissingInputs, nAcceptTime, fOverrideMempoolLimit, nAbsurdFee, vHashTxToUncache);
965 }
966 // After we've (potentially) uncached entries, ensure our coins cache is still within its size limits
967 CValidationState stateDummy;
970 }
972 bool AcceptToMemoryPool(CTxMemPool& pool, CValidationState &state, const CTransaction &tx, bool fLimitFree,
974 {
975 return AcceptToMemoryPoolWithTime(pool, state, tx, fLimitFree, pfMissingInputs, GetTime(), fOverrideMempoolLimit, nAbsurdFee);
976 }
978 /** Return transaction in txOut, and if it was found inside a block, its hash is placed in hashBlock */
979 bool GetTransaction(const uint256 &hash, CTransactionRef &txOut, const Consensus::Params& consensusParams, uint256 &hashBlock, bool fAllowSlow)
980 {
987 {
990 }
993 CDiskTxPos postx;
998 CBlockHeader header;
1005 }
1010 }
1011 }
1015 {
1020 }
1023 }
1026 CBlock block;
1033 }
1034 }
1035 }
1036 }
1039 }
1046 //////////////////////////////////////////////////////////////////////////////
1047 //
1048 // CBlock and CBlockIndex
1049 //
1051 bool WriteBlockToDisk(const CBlock& block, CDiskBlockPos& pos, const CMessageHeader::MessageStartChars& messageStart)
1052 {
1053 // Open history file to append
1058 // Write index header
1062 // Write block
1070 }
1072 bool ReadBlockFromDisk(CBlock& block, const CDiskBlockPos& pos, const Consensus::Params& consensusParams)
1073 {
1076 // Open history file to read
1081 // Read block
1084 }
1087 }
1089 // Check the header
1094 }
1096 bool ReadBlockFromDisk(CBlock& block, const CBlockIndex* pindex, const Consensus::Params& consensusParams)
1097 {
1101 return error("ReadBlockFromDisk(CBlock&, CBlockIndex*): GetHash() doesn't match index for %s at %s",
1104 }
1107 {
1109 // Force block reward to zero when right shift is undefined.
1114 // Subsidy is cut in half every 210,000 blocks which will occur approximately every 4 years.
1117 }
1120 {
1123 // Once this function has returned false, it must remain false.
1125 // Optimization: pre-test latch before taking the lock.
1136 if (chainActive.Tip()->nChainWork < UintToArith256(chainParams.GetConsensus().nMinimumChainWork))
1142 }
1149 {
1154 // Alert text should be plain ascii coming from a trusted source, but to
1155 // be safe we first strip anything not in safeChars, then add single quotes around
1156 // the whole string before passing it to the shell:
1163 }
1166 {
1168 // Before we get past initial download, we cannot reliably alert about forks
1169 // (we assume we don't get stuck on a fork before finishing our initial sync)
1173 // If our best fork is no longer within 72 blocks (+/- 12 hours if no one mines it)
1174 // of our head, drop it
1178 if (pindexBestForkTip || (pindexBestInvalid && pindexBestInvalid->nChainWork > chainActive.Tip()->nChainWork + (GetBlockProof(*chainActive.Tip()) * 6)))
1179 {
1181 {
1182 std::string warning = std::string("'Warning: Large-work fork detected, forking after block ") +
1185 }
1187 {
1188 LogPrintf("%s: Warning: Large valid fork found\n forking the chain at height %d (%s)\n lasting to height %d (%s).\nChain state database corruption likely.\n", __func__,
1192 }
1193 else
1194 {
1195 LogPrintf("%s: Warning: Found invalid chain at least ~6 blocks longer than our best chain.\nChain state database corruption likely.\n", __func__);
1197 }
1198 }
1199 else
1200 {
1203 }
1204 }
1207 {
1209 // If we are on a fork that is sufficiently large, set a warning flag
1213 {
1219 }
1221 // We define a condition where we should warn the user about as a fork of at least 7 blocks
1222 // with a tip within 72 blocks (+/- 12 hours if no one mines it) of ours
1223 // We use 7 blocks rather arbitrarily as it represents just under 10% of sustained network
1224 // hash rate operating on the fork.
1225 // or a chain that is entirely longer than ours and invalid (note that this should be detected by both)
1226 // We define it this way because it allows us to only store the highest fork tip (+ base) which meets
1227 // the 7-block condition and from this always have the most-likely-to-cause-warning fork
1228 if (pfork && (!pindexBestForkTip || (pindexBestForkTip && pindexNewForkTip->nHeight > pindexBestForkTip->nHeight)) &&
1231 {
1234 }
1237 }
1240 {
1251 tip->GetBlockHash().ToString(), chainActive.Height(), log(tip->nChainWork.getdouble())/log(2.0),
1254 }
1262 }
1263 }
1265 void UpdateCoins(const CTransaction& tx, CCoinsViewCache& inputs, CTxUndo &txundo, int nHeight)
1266 {
1267 // mark inputs spent
1276 // mark an outpoint spent, and construct undo information
1284 }
1285 }
1286 }
1287 // add outputs
1289 }
1292 {
1293 CTxUndo txundo;
1295 }
1299 const CScriptWitness *witness = (nIn < ptxTo->wit.vtxinwit.size()) ? &ptxTo->wit.vtxinwit[nIn].scriptWitness : NULL;
1300 if (!VerifyScript(scriptSig, scriptPubKey, witness, nFlags, CachingTransactionSignatureChecker(ptxTo, nIn, amount, cacheStore, *txdata), &error)) {
1302 }
1304 }
1307 {
1311 }
1314 bool CheckTxInputs(const CTransaction& tx, CValidationState& state, const CCoinsViewCache& inputs, int nSpendHeight)
1315 {
1316 // This doesn't trigger the DoS code on purpose; if it did, it would make it easier
1317 // for an attacker to attempt to split the network.
1324 {
1329 // If prev is coinbase, check that it's matured
1335 }
1337 // Check for negative or overflow input values
1342 }
1346 strprintf("value in (%s) < value out (%s)", FormatMoney(nValueIn), FormatMoney(tx.GetValueOut())));
1348 // Tally transaction fees
1356 }
1359 bool CheckInputs(const CTransaction& tx, CValidationState &state, const CCoinsViewCache &inputs, bool fScriptChecks, unsigned int flags, bool cacheStore, PrecomputedTransactionData& txdata, std::vector<CScriptCheck> *pvChecks)
1360 {
1362 {
1369 // The first loop above does all the inexpensive checks.
1370 // Only if ALL inputs pass do we perform expensive ECDSA signature checks.
1371 // Helps prevent CPU exhaustion attacks.
1373 // Skip ECDSA signature verification when connecting blocks before the
1374 // last block chain checkpoint. Assuming the checkpoints are valid this
1375 // is safe because block merkle hashes are still computed and checked,
1376 // and any change will be caught at the next checkpoint. Of course, if
1377 // the checkpoint is for a chain that's invalid due to false scriptSigs
1378 // this optimization would allow an invalid chain to be accepted.
1385 // Verify signature
1392 // Check whether the failure was caused by a
1393 // non-mandatory script verification check, such as
1394 // non-standard DER encodings or non-null dummy
1395 // arguments; if so, don't trigger DoS protection to
1396 // avoid splitting the network between upgraded and
1397 // non-upgraded nodes.
1401 return state.Invalid(false, REJECT_NONSTANDARD, strprintf("non-mandatory-script-verify-flag (%s)", ScriptErrorString(check.GetScriptError())));
1402 }
1403 // Failures of other flags indicate a transaction that is
1404 // invalid in new blocks, e.g. a invalid P2SH. We DoS ban
1405 // such nodes as they are not following the protocol. That
1406 // said during an upgrade careful thought should be taken
1407 // as to the correct behavior - we may want to continue
1408 // peering with non-upgraded nodes even after soft-fork
1409 // super-majority signaling has occurred.
1410 return state.DoS(100,false, REJECT_INVALID, strprintf("mandatory-script-verify-flag-failed (%s)", ScriptErrorString(check.GetScriptError())));
1411 }
1412 }
1413 }
1414 }
1417 }
1421 bool UndoWriteToDisk(const CBlockUndo& blockundo, CDiskBlockPos& pos, const uint256& hashBlock, const CMessageHeader::MessageStartChars& messageStart)
1422 {
1423 // Open history file to append
1428 // Write index header
1432 // Write undo data
1439 // calculate & write checksum
1446 }
1448 bool UndoReadFromDisk(CBlockUndo& blockundo, const CDiskBlockPos& pos, const uint256& hashBlock)
1449 {
1450 // Open history file to read
1455 // Read block
1456 uint256 hashChecksum;
1460 }
1463 }
1465 // Verify checksum
1473 }
1475 /** Abort with a message */
1477 {
1481 userMessage.empty() ? _("Error: A fatal internal error occurred, see debug.log for details") : userMessage,
1485 }
1487 bool AbortNode(CValidationState& state, const std::string& strMessage, const std::string& userMessage="")
1488 {
1491 }
1495 /**
1496 * Apply the undo operation of a CTxInUndo to the given chain state.
1497 * @param undo The undo object.
1498 * @param view The coins view to which to apply the changes.
1499 * @param out The out point that corresponds to the tx input.
1500 * @return True on success.
1501 */
1503 {
1508 // undo data contains height: this is the last output of the prevout tx being spent
1518 }
1526 }
1528 bool DisconnectBlock(const CBlock& block, CValidationState& state, const CBlockIndex* pindex, CCoinsViewCache& view, bool* pfClean)
1529 {
1537 CBlockUndo blockUndo;
1547 // undo transactions in reverse order
1552 // Check that all outputs are available and match the outputs in the block itself
1553 // exactly.
1554 {
1559 // The CCoins serialization does not serialize negative numbers.
1560 // No network rules currently depend on the version here, so an inconsistency is harmless
1561 // but it must be corrected before txout nversion ever influences a network rule.
1567 // remove outputs
1569 }
1571 // restore inputs
1581 }
1582 }
1583 }
1585 // move best block pointer to prevout block
1591 }
1594 }
1597 {
1608 }
1616 }
1617 }
1619 bool FindUndoPos(CValidationState &state, int nFile, CDiskBlockPos &pos, unsigned int nAddSize);
1626 }
1628 // Protected by cs_main
1629 VersionBitsCache versionbitscache;
1632 {
1637 ThresholdState state = VersionBitsState(pindexPrev, params, (Consensus::DeploymentPos)i, versionbitscache);
1640 }
1641 }
1644 }
1646 /**
1647 * Threshold condition checker that triggers when unknown versionbits are seen on the network.
1648 */
1650 {
1658 int64_t EndTime(const Consensus::Params& params) const { return std::numeric_limits<int64_t>::max(); }
1660 int Threshold(const Consensus::Params& params) const { return params.nRuleChangeActivationThreshold; }
1663 {
1667 }
1668 };
1670 // Protected by cs_main
1683 {
1688 // Check it again in case a previous version let a bad block in
1692 // verify that the view's current state corresponds to the previous block
1696 // Special case for the genesis block, skipping connection of its transactions
1697 // (its coinbase is unspendable)
1702 }
1708 // This block is an ancestor of a checkpoint: disable script checks
1710 }
1711 }
1714 LogPrint("bench", " - Sanity checks: %.2fms [%.2fs]\n", 0.001 * (nTime1 - nTimeStart), nTimeCheck * 0.000001);
1716 // Do not allow blocks that contain transactions which 'overwrite' older transactions,
1717 // unless those are already completely spent.
1718 // If such overwrites are allowed, coinbases and transactions depending upon those
1719 // can be duplicated to remove the ability to spend the first instance -- even after
1720 // being sent to another address.
1721 // See BIP30 and http://r6.ca/blog/20120206T005236Z.html for more information.
1722 // This logic is not necessary for memory pool transactions, as AcceptToMemoryPool
1723 // already refuses previously-known transaction ids entirely.
1724 // This rule was originally applied to all blocks with a timestamp after March 15, 2012, 0:00 UTC.
1725 // Now that the whole chain is irreversibly beyond that time it is applied to all blocks except the
1726 // two in the chain that violate it. This prevents exploiting the issue against nodes during their
1727 // initial block download.
1728 bool fEnforceBIP30 = (!pindex->phashBlock) || // Enforce on CreateNewBlock invocations which don't have a hash.
1729 !((pindex->nHeight==91842 && pindex->GetBlockHash() == uint256S("0x00000000000a4d0a398161ffc163c503763b1f4360639393e0e4c8e300e0caec")) ||
1730 (pindex->nHeight==91880 && pindex->GetBlockHash() == uint256S("0x00000000000743f190a18c5577a3c2d2a1f610ae9601ac046a38084ccb7cd721")));
1732 // Once BIP34 activated it was not possible to create new duplicate coinbases and thus other than starting
1733 // with the 2 existing duplicate coinbase pairs, not possible to create overwriting txs. But by the
1734 // time BIP34 activated, in each of the existing pairs the duplicate coinbase had overwritten the first
1735 // before the first had been spent. Since those coinbases are sufficiently buried its no longer possible to create further
1736 // duplicate transactions descending from the known pairs either.
1737 // If we're on the known chain at height greater than where BIP34 activated, we can save the db accesses needed for the BIP30 check.
1738 CBlockIndex *pindexBIP34height = pindex->pprev->GetAncestor(chainparams.GetConsensus().BIP34Height);
1739 //Only continue to enforce if we're below BIP34 activation height or the block hash at that height doesn't correspond.
1740 fEnforceBIP30 = fEnforceBIP30 && (!pindexBIP34height || !(pindexBIP34height->GetBlockHash() == chainparams.GetConsensus().BIP34Hash));
1748 }
1749 }
1751 // BIP16 didn't become active until Apr 1 2012
1757 // Start enforcing the DERSIG (BIP66) rule
1760 }
1762 // Start enforcing CHECKLOCKTIMEVERIFY (BIP65) rule
1765 }
1767 // Start enforcing BIP68 (sequence locks) and BIP112 (CHECKSEQUENCEVERIFY) using versionbits logic.
1769 if (VersionBitsState(pindex->pprev, chainparams.GetConsensus(), Consensus::DEPLOYMENT_CSV, versionbitscache) == THRESHOLD_ACTIVE) {
1772 }
1774 // Start enforcing WITNESS rules using versionbits logic.
1778 }
1781 LogPrint("bench", " - Fork checks: %.2fms [%.2fs]\n", 0.001 * (nTime2 - nTime1), nTimeForks * 0.000001);
1783 CBlockUndo blockundo;
1785 CCheckQueueControl<CScriptCheck> control(fScriptChecks && nScriptCheckThreads ? &scriptcheckqueue : NULL);
1796 txdata.reserve(block.vtx.size()); // Required so that pointers to individual PrecomputedTransactionData don't get invalidated
1798 {
1804 {
1809 // Check that transaction is BIP68 final
1810 // BIP68 lock checks (as opposed to nLockTime checks) must
1811 // be in ConnectBlock because they require the UTXO set
1815 }
1820 }
1821 }
1823 // GetTransactionSigOpCost counts 3 types of sigops:
1824 // * legacy (always)
1825 // * p2sh (when P2SH enabled in flags and excludes coinbase)
1826 // * witness (when witness enabled in flags and excludes coinbase)
1834 {
1838 bool fCacheResults = fJustCheck; /* Don't cache results if we're actually connecting blocks (still consult the cache, though) */
1839 if (!CheckInputs(tx, state, view, fScriptChecks, flags, fCacheResults, txdata[i], nScriptCheckThreads ? &vChecks : NULL))
1843 }
1845 CTxUndo undoDummy;
1848 }
1853 }
1855 LogPrint("bench", " - Connect %u transactions: %.2fms (%.3fms/tx, %.3fms/txin) [%.2fs]\n", (unsigned)block.vtx.size(), 0.001 * (nTime3 - nTime2), 0.001 * (nTime3 - nTime2) / block.vtx.size(), nInputs <= 1 ? 0 : 0.001 * (nTime3 - nTime2) / (nInputs-1), nTimeConnect * 0.000001);
1867 LogPrint("bench", " - Verify %u txins: %.2fms (%.3fms/txin) [%.2fs]\n", nInputs - 1, 0.001 * (nTime4 - nTime2), nInputs <= 1 ? 0 : 0.001 * (nTime4 - nTime2) / (nInputs-1), nTimeVerify * 0.000001);
1872 // Write undo information to disk
1874 {
1876 CDiskBlockPos _pos;
1877 if (!FindUndoPos(state, pindex->nFile, _pos, ::GetSerializeSize(blockundo, SER_DISK, CLIENT_VERSION) + 40))
1879 if (!UndoWriteToDisk(blockundo, _pos, pindex->pprev->GetBlockHash(), chainparams.MessageStart()))
1882 // update nUndoPos in block index
1885 }
1889 }
1895 // add this block to the view's block chain
1899 LogPrint("bench", " - Index writing: %.2fms [%.2fs]\n", 0.001 * (nTime5 - nTime4), nTimeIndex * 0.000001);
1901 // Watch for changes to the previous coinbase transaction.
1908 LogPrint("bench", " - Callbacks: %.2fms [%.2fs]\n", 0.001 * (nTime6 - nTime5), nTimeCallbacks * 0.000001);
1911 }
1913 /**
1914 * Update the on-disk chain state.
1915 * The caches and indexes are flushed depending on the mode we're called with
1916 * if they're too large, if it's been a while since the last write,
1917 * or always and in all cases if we're in prune mode and are deleting files.
1918 */
1936 }
1937 }
1938 }
1940 // Avoid writing/flushing immediately after startup.
1943 }
1946 }
1949 }
1951 // The cache is large and close to the limit, but we have time now (not in the middle of a block processing).
1953 // The cache is over the limit, we have to write now.
1955 // It's been a while since we wrote the block index to disk. Do this frequently, so we don't need to redownload after a crash.
1956 bool fPeriodicWrite = mode == FLUSH_STATE_PERIODIC && nNow > nLastWrite + (int64_t)DATABASE_WRITE_INTERVAL * 1000000;
1957 // It's been very long since we flushed the cache. Do this infrequently, to optimize cache usage.
1958 bool fPeriodicFlush = mode == FLUSH_STATE_PERIODIC && nNow > nLastFlush + (int64_t)DATABASE_FLUSH_INTERVAL * 1000000;
1959 // Combine all conditions that result in a full cache flush.
1960 bool fDoFullFlush = (mode == FLUSH_STATE_ALWAYS) || fCacheLarge || fCacheCritical || fPeriodicFlush || fFlushForPrune;
1961 // Write blocks and block index to disk.
1963 // Depend on nMinDiskSpace to ensure we can write block index
1966 // First make sure all block and undo data is flushed to disk.
1968 // Then update all block file information (which may refer to block and undo files).
1969 {
1975 }
1978 for (set<CBlockIndex*>::iterator it = setDirtyBlockIndex.begin(); it != setDirtyBlockIndex.end(); ) {
1981 }
1984 }
1985 }
1986 // Finally remove any pruned files
1990 }
1991 // Flush best chain related state. This can only be done if the blocks / block index write was also done.
1993 // Typical CCoins structures on disk are around 128 bytes in size.
1994 // Pushing a new one to the database can cause it to be written
1995 // twice (once in the log, and once in the tables). This is already
1996 // an overestimation, as most will delete an existing entry or
1997 // overwrite one. Still, use a conservative safety factor of 2.
2000 // Flush the chainstate (which may refer to block index entries).
2004 }
2005 if (fDoFullFlush || ((mode == FLUSH_STATE_ALWAYS || mode == FLUSH_STATE_PERIODIC) && nNow > nLastSetChain + (int64_t)DATABASE_WRITE_INTERVAL * 1000000)) {
2006 // Update best block in wallet (so we can detect restored wallets).
2009 }
2012 }
2014 }
2017 CValidationState state;
2019 }
2022 CValidationState state;
2025 }
2027 /** Update chainActive and related internal data structures. */
2031 // New best block
2039 {
2044 ThresholdState state = checker.GetStateFor(pindex, chainParams.GetConsensus(), warningcache[bit]);
2051 }
2053 warningMessages.push_back(strprintf("unknown new rules are about to activate (versionbit %i)", bit));
2054 }
2055 }
2056 }
2057 // Check the version of the last 100 blocks to see if we need to upgrade:
2059 {
2061 if (pindex->nVersion > VERSIONBITS_LAST_OLD_BLOCK_VERSION && (pindex->nVersion & ~nExpectedVersion) != 0)
2064 }
2066 warningMessages.push_back(strprintf("%d of last 100 blocks have unexpected version", nUpgraded));
2068 {
2069 // strMiscWarning is read by GetWarnings(), called by Qt and the JSON-RPC code to warn the user:
2070 strMiscWarning = _("Warning: Unknown block versions being mined! It's possible unknown rules are in effect");
2074 }
2075 }
2076 }
2077 LogPrintf("%s: new best=%s height=%d version=0x%08x log2_work=%.8g tx=%lu date='%s' progress=%f cache=%.1fMiB(%utx)", __func__,
2078 chainActive.Tip()->GetBlockHash().ToString(), chainActive.Height(), chainActive.Tip()->nVersion,
2079 log(chainActive.Tip()->nChainWork.getdouble())/log(2.0), (unsigned long)chainActive.Tip()->nChainTx,
2081 Checkpoints::GuessVerificationProgress(chainParams.Checkpoints(), chainActive.Tip()), pcoinsTip->DynamicMemoryUsage() * (1.0 / (1<<20)), pcoinsTip->GetCacheSize());
2086 }
2088 /** Disconnect chainActive's tip. You probably want to call mempool.removeForReorg and manually re-limit mempool size after this, with cs_main held. */
2089 bool static DisconnectTip(CValidationState& state, const CChainParams& chainparams, bool fBare = false)
2090 {
2093 // Read block from disk.
2094 CBlock block;
2097 // Apply the block atomically to the chain state.
2099 {
2102 return error("DisconnectTip(): DisconnectBlock %s failed", pindexDelete->GetBlockHash().ToString());
2104 }
2106 // Write the chain state to disk, if necessary.
2111 // Resurrect mempool transactions from the disconnected block.
2115 // ignore validation errors in resurrected transactions
2116 CValidationState stateDummy;
2121 }
2122 }
2123 // AcceptToMemoryPool/addUnchecked all assume that new mempool entries have
2124 // no in-mempool children, which is generally not true when adding
2125 // previously-confirmed transactions back to the mempool.
2126 // UpdateTransactionsFromBlock finds descendants of any transactions in this
2127 // block that were added back and cleans up the mempool state.
2129 }
2131 // Update chainActive and related variables.
2133 // Let wallets know transactions went from 1-confirmed to
2134 // 0-confirmed or conflicted:
2136 GetMainSignals().SyncTransaction(*tx, pindexDelete->pprev, CMainSignals::SYNC_TRANSACTION_NOT_IN_BLOCK);
2137 }
2139 }
2147 /**
2148 * Used to track blocks whose transactions were applied to the UTXO state as a
2149 * part of a single ActivateBestChainStep call.
2150 */
2153 };
2155 /**
2156 * Connect a new block to chainActive. pblock is either NULL or a pointer to a CBlock
2157 * corresponding to pindexNew, to bypass loading it again from disk.
2158 *
2159 * The block is always added to connectTrace (either after loading from disk or by copying
2160 * pblock) - if that is not intended, care must be taken to remove the last entry in
2161 * blocksConnected in case of failure.
2162 */
2163 bool static ConnectTip(CValidationState& state, const CChainParams& chainparams, CBlockIndex* pindexNew, const std::shared_ptr<const CBlock>& pblock, ConnectTrace& connectTrace)
2164 {
2166 // Read block from disk.
2175 }
2177 // Apply the block atomically to the chain state.
2180 LogPrint("bench", " - Load block from disk: %.2fms [%.2fs]\n", (nTime2 - nTime1) * 0.001, nTimeReadFromDisk * 0.000001);
2181 {
2189 }
2191 LogPrint("bench", " - Connect total: %.2fms [%.2fs]\n", (nTime3 - nTime2) * 0.001, nTimeConnectTotal * 0.000001);
2193 }
2195 LogPrint("bench", " - Flush: %.2fms [%.2fs]\n", (nTime4 - nTime3) * 0.001, nTimeFlush * 0.000001);
2196 // Write the chain state to disk, if necessary.
2200 LogPrint("bench", " - Writing chainstate: %.2fms [%.2fs]\n", (nTime5 - nTime4) * 0.001, nTimeChainState * 0.000001);
2201 // Remove conflicting transactions from the mempool.;
2203 // Update chainActive & related variables.
2206 int64_t nTime6 = GetTimeMicros(); nTimePostConnect += nTime6 - nTime5; nTimeTotal += nTime6 - nTime1;
2207 LogPrint("bench", " - Connect postprocess: %.2fms [%.2fs]\n", (nTime6 - nTime5) * 0.001, nTimePostConnect * 0.000001);
2208 LogPrint("bench", "- Connect block: %.2fms [%.2fs]\n", (nTime6 - nTime1) * 0.001, nTimeTotal * 0.000001);
2210 }
2212 /**
2213 * Return the tip of the chain with the most work in it, that isn't
2214 * known to be invalid (it's however far from certain to be valid).
2215 */
2220 // Find the best candidate header.
2221 {
2222 std::set<CBlockIndex*, CBlockIndexWorkComparator>::reverse_iterator it = setBlockIndexCandidates.rbegin();
2226 }
2228 // Check whether all blocks on the path between the currently active chain and the candidate are valid.
2229 // Just going until the active chain is an optimization, as we know all blocks in it are valid already.
2235 // Pruned nodes may have entries in setBlockIndexCandidates for
2236 // which block files have been deleted. Remove those as candidates
2237 // for the most work chain if we come across them; we can't switch
2238 // to a chain unless we have all the non-active-chain parent blocks.
2242 // Candidate chain is not usable (either invalid or missing data)
2243 if (fFailedChain && (pindexBestInvalid == NULL || pindexNew->nChainWork > pindexBestInvalid->nChainWork))
2246 // Remove the entire chain from the set.
2251 // If we're missing data, then add back to mapBlocksUnlinked,
2252 // so that if the block arrives in the future we can try adding
2253 // to setBlockIndexCandidates again.
2255 }
2258 }
2262 }
2264 }
2268 }
2270 /** Delete all entries in setBlockIndexCandidates that are worse than the current tip. */
2272 // Note that we can't delete the current block itself, as we may need to return to it later in case a
2273 // reorganization to a better block fails.
2274 std::set<CBlockIndex*, CBlockIndexWorkComparator>::iterator it = setBlockIndexCandidates.begin();
2275 while (it != setBlockIndexCandidates.end() && setBlockIndexCandidates.value_comp()(*it, chainActive.Tip())) {
2277 }
2278 // Either the current tip or a successor of it we're working towards is left in setBlockIndexCandidates.
2280 }
2282 /**
2283 * Try to make some progress towards making pindexMostWork the active block.
2284 * pblock is either NULL or a pointer to a CBlock corresponding to pindexMostWork.
2285 */
2286 static bool ActivateBestChainStep(CValidationState& state, const CChainParams& chainparams, CBlockIndex* pindexMostWork, const std::shared_ptr<const CBlock>& pblock, bool& fInvalidFound, ConnectTrace& connectTrace)
2287 {
2292 // Disconnect active blocks which are no longer in the best chain.
2298 }
2300 // Build list of new blocks to connect.
2305 // Don't iterate the entire list of potential improvements toward the best tip, as we likely only need
2306 // a few blocks along the way.
2314 }
2317 // Connect new blocks.
2319 if (!ConnectTip(state, chainparams, pindexConnect, pindexConnect == pindexMostWork ? pblock : std::shared_ptr<const CBlock>(), connectTrace)) {
2321 // The block violates a consensus rule.
2327 // If we didn't actually connect the block, don't notify listeners about it
2331 // A system error occurred (disk space, database error, ...).
2333 }
2337 // We're in a better position than we were. Return temporarily to release the lock.
2340 }
2341 }
2342 }
2343 }
2346 mempool.removeForReorg(pcoinsTip, chainActive.Tip()->nHeight + 1, STANDARD_LOCKTIME_VERIFY_FLAGS);
2347 LimitMempoolSize(mempool, GetArg("-maxmempool", DEFAULT_MAX_MEMPOOL_SIZE) * 1000000, GetArg("-mempoolexpiry", DEFAULT_MEMPOOL_EXPIRY) * 60 * 60);
2348 }
2351 // Callbacks/notifications for a new best chain.
2354 else
2358 }
2365 {
2373 }
2374 }
2375 // Send block tip changed notifications without cs_main
2378 }
2379 }
2381 /**
2382 * Make the best chain active, in multiple steps. The result is either failure
2383 * or an activated best chain. pblock is either NULL or a pointer to a block
2384 * that is already loaded (to avoid loading it again from disk).
2385 */
2386 bool ActivateBestChain(CValidationState &state, const CChainParams& chainparams, std::shared_ptr<const CBlock> pblock) {
2395 ConnectTrace connectTrace;
2397 {
2402 }
2404 // Whether we have anything to do at all.
2410 if (!ActivateBestChainStep(state, chainparams, pindexMostWork, pblock && pblock->GetHash() == pindexMostWork->GetBlockHash() ? pblock : nullBlockPtr, fInvalidFound, connectTrace))
2414 // Wipe cache, we may need another branch now.
2416 }
2420 }
2421 // When we reach this point, we switched to a new tip (stored in pindexNewTip).
2423 // Notifications/callbacks that can run without cs_main
2425 // throw all transactions though the signal-interface
2426 // while _not_ holding the cs_main lock
2432 }
2434 // Notify external listeners about the new tip.
2437 // Always notify the UI if a new block tip was connected
2440 }
2444 // Write changes periodically to disk, after relay.
2447 }
2450 }
2454 {
2455 {
2458 // Nothing to do, this block is not at the tip.
2460 }
2462 // The chain has been extended since the last call, reset the counter.
2464 }
2469 // We can't keep reducing the counter if somebody really wants to
2470 // call preciousblock 2**31-1 times on the same set of tips...
2471 nBlockReverseSequenceId--;
2472 }
2476 }
2477 }
2480 }
2482 bool InvalidateBlock(CValidationState& state, const CChainParams& chainparams, CBlockIndex *pindex)
2483 {
2486 // Mark the block itself as invalid.
2496 // ActivateBestChain considers blocks already in chainActive
2497 // unconditionally valid already, so force disconnect away from it.
2499 mempool.removeForReorg(pcoinsTip, chainActive.Tip()->nHeight + 1, STANDARD_LOCKTIME_VERIFY_FLAGS);
2501 }
2502 }
2504 LimitMempoolSize(mempool, GetArg("-maxmempool", DEFAULT_MAX_MEMPOOL_SIZE) * 1000000, GetArg("-mempoolexpiry", DEFAULT_MEMPOOL_EXPIRY) * 60 * 60);
2506 // The resulting new best tip may not be in setBlockIndexCandidates anymore, so
2507 // add it again.
2510 if (it->second->IsValid(BLOCK_VALID_TRANSACTIONS) && it->second->nChainTx && !setBlockIndexCandidates.value_comp()(it->second, chainActive.Tip())) {
2512 }
2513 it++;
2514 }
2517 mempool.removeForReorg(pcoinsTip, chainActive.Tip()->nHeight + 1, STANDARD_LOCKTIME_VERIFY_FLAGS);
2520 }
2527 // Remove the invalidity flag from this block and all its descendants.
2533 if (it->second->IsValid(BLOCK_VALID_TRANSACTIONS) && it->second->nChainTx && setBlockIndexCandidates.value_comp()(chainActive.Tip(), it->second)) {
2535 }
2537 // Reset invalid block marker if it was pointing to one of those.
2539 }
2540 }
2541 it++;
2542 }
2544 // Remove the invalidity flag from all ancestors too.
2549 }
2551 }
2553 }
2556 {
2557 // Check for duplicate
2563 // Construct new block index object
2566 // We assign the sequence id to blocks only when the full data is available,
2567 // to avoid miners withholding blocks but broadcasting headers, to get a
2568 // competitive advantage.
2574 {
2578 }
2579 pindexNew->nChainWork = (pindexNew->pprev ? pindexNew->pprev->nChainWork : 0) + GetBlockProof(*pindexNew);
2587 }
2589 /** Mark a block as having its data received and checked (up to BLOCK_VALID_TRANSACTIONS). */
2590 bool ReceivedBlockTransactions(const CBlock &block, CValidationState& state, CBlockIndex *pindexNew, const CDiskBlockPos& pos)
2591 {
2600 }
2605 // If pindexNew is the genesis block or all parents are BLOCK_VALID_TRANSACTIONS.
2609 // Recursively process any descendant blocks that now may be eligible to be connected.
2614 {
2617 }
2618 if (chainActive.Tip() == NULL || !setBlockIndexCandidates.value_comp()(pindex, chainActive.Tip())) {
2620 }
2621 std::pair<std::multimap<CBlockIndex*, CBlockIndex*>::iterator, std::multimap<CBlockIndex*, CBlockIndex*>::iterator> range = mapBlocksUnlinked.equal_range(pindex);
2627 }
2628 }
2632 }
2633 }
2636 }
2638 bool FindBlockPos(CValidationState &state, CDiskBlockPos &pos, unsigned int nAddSize, unsigned int nHeight, uint64_t nTime, bool fKnown = false)
2639 {
2645 }
2649 nFile++;
2652 }
2653 }
2656 }
2660 LogPrintf("Leaving block file %i: %s\n", nLastBlockFile, vinfoBlockFile[nLastBlockFile].ToString());
2661 }
2664 }
2669 else
2674 unsigned int nNewChunks = (vinfoBlockFile[nFile].nSize + BLOCKFILE_CHUNK_SIZE - 1) / BLOCKFILE_CHUNK_SIZE;
2681 LogPrintf("Pre-allocating up to position 0x%x in blk%05u.dat\n", nNewChunks * BLOCKFILE_CHUNK_SIZE, pos.nFile);
2684 }
2685 }
2686 else
2688 }
2689 }
2693 }
2695 bool FindUndoPos(CValidationState &state, int nFile, CDiskBlockPos &pos, unsigned int nAddSize)
2696 {
2714 LogPrintf("Pre-allocating up to position 0x%x in rev%05u.dat\n", nNewChunks * UNDOFILE_CHUNK_SIZE, pos.nFile);
2717 }
2718 }
2719 else
2721 }
2724 }
2726 bool CheckBlockHeader(const CBlockHeader& block, CValidationState& state, const Consensus::Params& consensusParams, bool fCheckPOW)
2727 {
2728 // Check proof of work matches claimed amount
2733 }
2735 bool CheckBlock(const CBlock& block, CValidationState& state, const Consensus::Params& consensusParams, bool fCheckPOW, bool fCheckMerkleRoot)
2736 {
2737 // These are checks that are independent of context.
2742 // Check that the header is valid (particularly PoW). This is mostly
2743 // redundant with the call in AcceptBlockHeader.
2747 // Check the merkle root.
2752 return state.DoS(100, false, REJECT_INVALID, "bad-txnmrklroot", true, "hashMerkleRoot mismatch");
2754 // Check for merkle tree malleability (CVE-2012-2459): repeating sequences
2755 // of transactions in a block without affecting the merkle root of a block,
2756 // while still invalidating it.
2758 return state.DoS(100, false, REJECT_INVALID, "bad-txns-duplicate", true, "duplicate transaction");
2759 }
2761 // All potential-corruption validation must be done before we do any
2762 // transaction validation, as otherwise we may mark the header as invalid
2763 // because we receive the wrong transactions for it.
2764 // Note that witness malleability is checked in ContextualCheckBlock, so no
2765 // checks that use witness data may be performed here.
2767 // Size limits
2768 if (block.vtx.empty() || block.vtx.size() > MAX_BLOCK_BASE_SIZE || ::GetSerializeSize(block, SER_NETWORK, PROTOCOL_VERSION | SERIALIZE_TRANSACTION_NO_WITNESS) > MAX_BLOCK_BASE_SIZE)
2771 // First transaction must be coinbase, the rest must not be
2773 return state.DoS(100, false, REJECT_INVALID, "bad-cb-missing", false, "first tx is not coinbase");
2776 return state.DoS(100, false, REJECT_INVALID, "bad-cb-multiple", false, "more than one coinbase");
2778 // Check transactions
2782 strprintf("Transaction check failed (tx hash %s) %s", tx->GetHash().ToString(), state.GetDebugMessage()));
2786 {
2788 }
2790 return state.DoS(100, false, REJECT_INVALID, "bad-blk-sigops", false, "out-of-bounds SigOpCount");
2796 }
2798 static bool CheckIndexAgainstCheckpoint(const CBlockIndex* pindexPrev, CValidationState& state, const CChainParams& chainparams, const uint256& hash)
2799 {
2804 // Don't accept any forks from the main chain prior to last checkpoint
2807 return state.DoS(100, error("%s: forked chain older than last checkpoint (height %d)", __func__, nHeight));
2810 }
2813 {
2815 return (VersionBitsState(pindexPrev, params, Consensus::DEPLOYMENT_SEGWIT, versionbitscache) == THRESHOLD_ACTIVE);
2816 }
2818 // Compute at which vout of the block's coinbase transaction the witness
2819 // commitment occurs, or -1 if not found.
2821 {
2824 if (block.vtx[0]->vout[o].scriptPubKey.size() >= 38 && block.vtx[0]->vout[o].scriptPubKey[0] == OP_RETURN && block.vtx[0]->vout[o].scriptPubKey[1] == 0x24 && block.vtx[0]->vout[o].scriptPubKey[2] == 0xaa && block.vtx[0]->vout[o].scriptPubKey[3] == 0x21 && block.vtx[0]->vout[o].scriptPubKey[4] == 0xa9 && block.vtx[0]->vout[o].scriptPubKey[5] == 0xed) {
2826 }
2827 }
2829 }
2831 void UpdateUncommittedBlockStructures(CBlock& block, const CBlockIndex* pindexPrev, const Consensus::Params& consensusParams)
2832 {
2835 if (commitpos != -1 && IsWitnessEnabled(pindexPrev, consensusParams) && block.vtx[0]->wit.IsEmpty()) {
2841 }
2842 }
2844 std::vector<unsigned char> GenerateCoinbaseCommitment(CBlock& block, const CBlockIndex* pindexPrev, const Consensus::Params& consensusParams)
2845 {
2853 CTxOut out;
2867 }
2868 }
2871 }
2873 bool ContextualCheckBlockHeader(const CBlockHeader& block, CValidationState& state, const Consensus::Params& consensusParams, const CBlockIndex* pindexPrev, int64_t nAdjustedTime)
2874 {
2876 // Check proof of work
2878 return state.DoS(100, false, REJECT_INVALID, "bad-diffbits", false, "incorrect proof of work");
2880 // Check timestamp against prev
2884 // Check timestamp
2886 return state.Invalid(false, REJECT_INVALID, "time-too-new", "block timestamp too far in the future");
2888 // Reject outdated version blocks when 95% (75% on testnet) of the network has upgraded:
2889 // check for version 2, 3 and 4 upgrades
2897 }
2899 bool ContextualCheckBlock(const CBlock& block, CValidationState& state, const Consensus::Params& consensusParams, const CBlockIndex* pindexPrev)
2900 {
2903 // Start enforcing BIP113 (Median Time Past) using versionbits logic.
2905 if (VersionBitsState(pindexPrev, consensusParams, Consensus::DEPLOYMENT_CSV, versionbitscache) == THRESHOLD_ACTIVE) {
2907 }
2913 // Check that all transactions are finalized
2916 return state.DoS(10, false, REJECT_INVALID, "bad-txns-nonfinal", false, "non-final transaction");
2917 }
2918 }
2920 // Enforce rule that the coinbase starts with serialized block height
2922 {
2926 return state.DoS(100, false, REJECT_INVALID, "bad-cb-height", false, "block height mismatch in coinbase");
2927 }
2928 }
2930 // Validation for witness commitments.
2931 // * We compute the witness hash (which is the hash including witnesses) of all the block's transactions, except the
2932 // coinbase (where 0x0000....0000 is used instead).
2933 // * The coinbase scriptWitness is a stack of a single 32-byte vector, containing a witness nonce (unconstrained).
2934 // * We build a merkle tree with all those witness hashes as leaves (similar to the hashMerkleRoot in the block header).
2935 // * There must be at least one output whose scriptPubKey is a single 36-byte push, the first 4 bytes of which are
2936 // {0xaa, 0x21, 0xa9, 0xed}, and the following 32 bytes are SHA256^2(witness root, witness nonce). In case there are
2937 // multiple, the last one is used.
2939 if (VersionBitsState(pindexPrev, consensusParams, Consensus::DEPLOYMENT_SEGWIT, versionbitscache) == THRESHOLD_ACTIVE) {
2944 // The malleation check is ignored; as the transaction tree itself
2945 // already does not permit it, it is impossible to trigger in the
2946 // witness tree.
2947 if (block.vtx[0]->wit.vtxinwit.size() != 1 || block.vtx[0]->wit.vtxinwit[0].scriptWitness.stack.size() != 1 || block.vtx[0]->wit.vtxinwit[0].scriptWitness.stack[0].size() != 32) {
2948 return state.DoS(100, false, REJECT_INVALID, "bad-witness-nonce-size", true, strprintf("%s : invalid witness nonce size", __func__));
2949 }
2950 CHash256().Write(hashWitness.begin(), 32).Write(&block.vtx[0]->wit.vtxinwit[0].scriptWitness.stack[0][0], 32).Finalize(hashWitness.begin());
2952 return state.DoS(100, false, REJECT_INVALID, "bad-witness-merkle-match", true, strprintf("%s : witness merkle commitment mismatch", __func__));
2953 }
2955 }
2956 }
2958 // No witness data is allowed in blocks that don't commit to witness data, as this would otherwise leave room for spam
2962 return state.DoS(100, false, REJECT_INVALID, "unexpected-witness", true, strprintf("%s : unexpected witness data found", __func__));
2963 }
2964 }
2965 }
2967 // After the coinbase witness nonce and commitment are verified,
2968 // we can check if the block weight passes (before we've checked the
2969 // coinbase witness, it would be possible for the weight to be too
2970 // large by filling up the coinbase witness, which doesn't change
2971 // the block hash, so we couldn't mark the block as permanently
2972 // failed).
2974 return state.DoS(100, false, REJECT_INVALID, "bad-blk-weight", false, strprintf("%s : weight limit failed", __func__));
2975 }
2978 }
2980 static bool AcceptBlockHeader(const CBlockHeader& block, CValidationState& state, const CChainParams& chainparams, CBlockIndex** ppindex)
2981 {
2983 // Check for duplicate
2990 // Block header is already known.
2995 return state.Invalid(error("%s: block %s is marked invalid", __func__, hash.ToString()), 0, "duplicate");
2997 }
3000 return error("%s: Consensus::CheckBlockHeader: %s, %s", __func__, hash.ToString(), FormatStateMessage(state));
3002 // Get prev block index
3009 return state.DoS(100, error("%s: prev block invalid", __func__), REJECT_INVALID, "bad-prevblk");
3013 return error("%s: CheckIndexAgainstCheckpoint(): %s", __func__, state.GetRejectReason().c_str());
3015 if (!ContextualCheckBlockHeader(block, state, chainparams.GetConsensus(), pindexPrev, GetAdjustedTime()))
3016 return error("%s: Consensus::ContextualCheckBlockHeader: %s, %s", __func__, hash.ToString(), FormatStateMessage(state));
3017 }
3027 }
3029 // Exposed wrapper for AcceptBlockHeader
3030 bool ProcessNewBlockHeaders(const std::vector<CBlockHeader>& headers, CValidationState& state, const CChainParams& chainparams, CBlockIndex** ppindex)
3031 {
3032 {
3037 }
3038 }
3039 }
3042 }
3044 /** Store block on disk. If dbp is non-NULL, the file is known to already reside on disk */
3045 static bool AcceptBlock(const CBlock& block, CValidationState& state, const CChainParams& chainparams, CBlockIndex** ppindex, bool fRequested, const CDiskBlockPos* dbp, bool* fNewBlock)
3046 {
3056 // Try to process all requested blocks that we don't have, but only
3057 // process an unrequested block if it's new and has enough work to
3058 // advance our tip, and isn't too many blocks ahead.
3060 bool fHasMoreWork = (chainActive.Tip() ? pindex->nChainWork > chainActive.Tip()->nChainWork : true);
3061 // Blocks that are too out-of-order needlessly limit the effectiveness of
3062 // pruning, because pruning will not delete block files that contain any
3063 // blocks which are too close in height to the tip. Apply this test
3064 // regardless of whether pruning is enabled; it should generally be safe to
3065 // not process unrequested blocks.
3068 // TODO: Decouple this function from the block download logic by removing fRequested
3069 // This requires some new chain datastructure to efficiently look up if a
3070 // block is in a chain leading to a candidate for best tip, despite not
3071 // being such a candidate itself.
3073 // TODO: deal better with return value and error conditions for duplicate
3074 // and unrequested blocks.
3080 }
3088 }
3090 }
3094 // Write block to history file
3097 CDiskBlockPos blockPos;
3109 }
3112 FlushStateToDisk(state, FLUSH_STATE_NONE); // we just allocated more disk space for block files
3115 }
3117 bool ProcessNewBlock(const CChainParams& chainparams, const std::shared_ptr<const CBlock> pblock, bool fForceProcessing, const CDiskBlockPos* dbp, bool *fNewBlock)
3118 {
3119 {
3122 // Store to disk
3125 CValidationState state;
3126 bool ret = AcceptBlock(*pblock, state, chainparams, &pindex, fForceProcessing, dbp, fNewBlock);
3131 }
3132 }
3141 }
3143 bool TestBlockValidity(CValidationState& state, const CChainParams& chainparams, const CBlock& block, CBlockIndex* pindexPrev, bool fCheckPOW, bool fCheckMerkleRoot)
3144 {
3147 if (fCheckpointsEnabled && !CheckIndexAgainstCheckpoint(pindexPrev, state, chainparams, block.GetHash()))
3148 return error("%s: CheckIndexAgainstCheckpoint(): %s", __func__, state.GetRejectReason().c_str());
3155 // NOTE: CheckBlockHeader is called by CheckBlock
3156 if (!ContextualCheckBlockHeader(block, state, chainparams.GetConsensus(), pindexPrev, GetAdjustedTime()))
3157 return error("%s: Consensus::ContextualCheckBlockHeader: %s", __func__, FormatStateMessage(state));
3167 }
3169 /**
3170 * BLOCK PRUNING CODE
3171 */
3173 /* Calculate the amount of disk space the block & undo files currently use */
3175 {
3179 }
3181 }
3183 /* Prune a block file (modify associated database entries)*/
3185 {
3196 // Prune from mapBlocksUnlinked -- any block we prune would have
3197 // to be downloaded again in order to consider its chain, at which
3198 // point it would be considered as a candidate for
3199 // mapBlocksUnlinked or setBlockIndexCandidates.
3200 std::pair<std::multimap<CBlockIndex*, CBlockIndex*>::iterator, std::multimap<CBlockIndex*, CBlockIndex*>::iterator> range = mapBlocksUnlinked.equal_range(pindex->pprev);
3206 }
3207 }
3208 }
3209 }
3213 }
3217 {
3223 }
3224 }
3226 /* Calculate the block/rev files that should be deleted to remain under target*/
3228 {
3232 }
3235 }
3239 // We don't check to prune until after we've allocated new space for files
3240 // So we should leave a buffer under our target to account for another allocation
3241 // before the next pruning.
3256 // don't prune files that could have a block within MIN_BLOCKS_TO_KEEP of the main chain's tip but keep scanning
3261 // Queue up the files for removal
3264 count++;
3265 }
3266 }
3268 LogPrint("prune", "Prune: target=%dMiB actual=%dMiB diff=%dMiB max_prune_height=%d removed %d blk/rev pairs\n",
3272 }
3275 {
3278 // Check for nMinDiskSpace bytes (currently 50MB)
3283 }
3286 {
3297 }
3303 }
3304 }
3306 }
3310 }
3314 }
3317 {
3319 }
3322 {
3326 // Return existing
3331 // Create new
3339 }
3342 {
3348 // Calculate nChainWork
3352 {
3355 }
3358 {
3361 // We can link the chain of blocks for which we've received transactions at some point.
3362 // Pruned nodes may have deleted the block.
3370 }
3373 }
3374 }
3377 if (pindex->nStatus & BLOCK_FAILED_MASK && (!pindexBestInvalid || pindex->nChainWork > pindexBestInvalid->nChainWork))
3381 if (pindex->IsValid(BLOCK_VALID_TREE) && (pindexBestHeader == NULL || CBlockIndexWorkComparator()(pindexBestHeader, pindex)))
3383 }
3385 // Load block file info
3391 }
3392 LogPrintf("%s: last block file info: %s\n", __func__, vinfoBlockFile[nLastBlockFile].ToString());
3394 CBlockFileInfo info;
3399 }
3400 }
3402 // Check presence of blk files
3406 {
3410 }
3411 }
3413 {
3417 }
3418 }
3420 // Check whether we have ever pruned block & undo files
3425 // Check whether we need to continue reindexing
3430 // Check whether we have a transaction index
3434 // Load pointer to end of best chain
3448 }
3451 {
3453 }
3456 {
3458 }
3460 bool CVerifyDB::VerifyDB(const CChainParams& chainparams, CCoinsView *coinsview, int nCheckLevel, int nCheckDepth)
3461 {
3466 // Verify blocks in the best chain
3477 CValidationState state;
3481 {
3483 int percentageDone = std::max(1, std::min(99, (int)(((double)(chainActive.Height() - pindex->nHeight)) / (double)nCheckDepth * (nCheckLevel >= 4 ? 50 : 100))));
3485 // report every 10% step
3488 }
3493 // If pruning, only go back as far as we have data.
3494 LogPrintf("VerifyDB(): block verification stopping at height %d (pruning, no data)\n", pindex->nHeight);
3496 }
3497 CBlock block;
3498 // check level 0: read from disk
3500 return error("VerifyDB(): *** ReadBlockFromDisk failed at %d, hash=%s", pindex->nHeight, pindex->GetBlockHash().ToString());
3501 // check level 1: verify block validity
3505 // check level 2: verify undo validity
3507 CBlockUndo undo;
3511 return error("VerifyDB(): *** found bad undo data at %d, hash=%s\n", pindex->nHeight, pindex->GetBlockHash().ToString());
3512 }
3513 }
3514 // check level 3: check for inconsistencies during memory-only disconnect of tip blocks
3515 if (nCheckLevel >= 3 && pindex == pindexState && (coins.DynamicMemoryUsage() + pcoinsTip->DynamicMemoryUsage()) <= nCoinCacheUsage) {
3518 return error("VerifyDB(): *** irrecoverable inconsistency in block data at %d, hash=%s", pindex->nHeight, pindex->GetBlockHash().ToString());
3525 }
3528 }
3530 return error("VerifyDB(): *** coin database inconsistencies found (last %i blocks, %i good transactions before that)\n", chainActive.Height() - pindexFailure->nHeight + 1, nGoodTransactions);
3532 // check level 4: try reconnecting blocks
3537 uiInterface.ShowProgress(_("Verifying blocks..."), std::max(1, std::min(99, 100 - (int)(((double)(chainActive.Height() - pindex->nHeight)) / (double)nCheckDepth * 50))));
3539 CBlock block;
3541 return error("VerifyDB(): *** ReadBlockFromDisk failed at %d, hash=%s", pindex->nHeight, pindex->GetBlockHash().ToString());
3543 return error("VerifyDB(): *** found unconnectable block at %d, hash=%s", pindex->nHeight, pindex->GetBlockHash().ToString());
3544 }
3545 }
3548 LogPrintf("No coin database inconsistencies in last %i blocks (%i transactions)\n", chainActive.Height() - pindexState->nHeight, nGoodTransactions);
3551 }
3554 {
3559 if (IsWitnessEnabled(chainActive[nHeight - 1], params.GetConsensus()) && !(chainActive[nHeight]->nStatus & BLOCK_OPT_WITNESS)) {
3561 }
3562 nHeight++;
3563 }
3565 // nHeight is now the height of the first insufficiently-validated block, or tipheight + 1
3566 CValidationState state;
3570 // If pruning, don't try rewinding past the HAVE_DATA point;
3571 // since older blocks can't be served anyway, there's
3572 // no need to walk further, and trying to DisconnectTip()
3573 // will fail (and require a needless reindex/redownload
3574 // of the blockchain).
3576 }
3579 }
3580 // Occasionally flush state to disk.
3583 }
3585 // Reduce validity flag and have-data flags.
3586 // We do this after actual disconnecting, otherwise we'll end up writing the lack of data
3587 // to disk before writing the chainstate, resulting in a failure to continue if interrupted.
3591 // Note: If we encounter an insufficiently validated block that
3592 // is on chainActive, it must be because we are a pruning node, and
3593 // this block or some successor doesn't HAVE_DATA, so we were unable to
3594 // rewind all the way. Blocks remaining on chainActive at this point
3595 // must not have their validity reduced.
3596 if (IsWitnessEnabled(pindexIter->pprev, params.GetConsensus()) && !(pindexIter->nStatus & BLOCK_OPT_WITNESS) && !chainActive.Contains(pindexIter)) {
3597 // Reduce validity
3598 pindexIter->nStatus = std::min<unsigned int>(pindexIter->nStatus & BLOCK_VALID_MASK, BLOCK_VALID_TREE) | (pindexIter->nStatus & ~BLOCK_VALID_MASK);
3599 // Remove have-data flags.
3601 // Remove storage location.
3605 // Remove various other things
3609 // Make sure it gets written.
3611 // Update indexes
3613 std::pair<std::multimap<CBlockIndex*, CBlockIndex*>::iterator, std::multimap<CBlockIndex*, CBlockIndex*>::iterator> ret = mapBlocksUnlinked.equal_range(pindexIter->pprev);
3619 }
3620 }
3623 }
3624 }
3632 }
3635 }
3637 // May NOT be used after any connections are up as much
3638 // of the peer-processing logic assumes a consistent
3639 // block index state
3641 {
3657 }
3661 }
3664 }
3667 {
3668 // Load block index from databases
3672 }
3675 {
3678 // Check whether we're already initialized
3682 // Use the provided setting for -txindex in the new database
3687 // Only add the genesis block if not reindexing (in which case we reuse the one already on disk)
3691 // Start new block file
3693 CDiskBlockPos blockPos;
3694 CValidationState state;
3702 // Force a chainstate write so that when we VerifyDB in a moment, it doesn't check stale data
3706 }
3707 }
3710 }
3713 {
3714 // Map of disk positions for blocks with unknown parent (only used for reindex)
3720 // This takes over fileIn and calls fclose() on it in the CBufferedFile destructor
3721 CBufferedFile blkdat(fileIn, 2*MAX_BLOCK_SERIALIZED_SIZE, MAX_BLOCK_SERIALIZED_SIZE+8, SER_DISK, CLIENT_VERSION);
3731 // locate a header
3738 // read size
3743 // no valid block header found; don't complain
3745 }
3747 // read block
3753 CBlock block;
3757 // detect out of order blocks, and store them for later
3759 if (hash != chainparams.GetConsensus().hashGenesisBlock && mapBlockIndex.find(block.hashPrevBlock) == mapBlockIndex.end()) {
3760 LogPrint("reindex", "%s: Out of order block %s, parent %s not known\n", __func__, hash.ToString(),
3765 }
3767 // process in case the block isn't known yet
3770 CValidationState state;
3772 nLoaded++;
3775 } else if (hash != chainparams.GetConsensus().hashGenesisBlock && mapBlockIndex[hash]->nHeight % 1000 == 0) {
3776 LogPrint("reindex", "Block Import: already had block %s at height %d\n", hash.ToString(), mapBlockIndex[hash]->nHeight);
3777 }
3779 // Activate the genesis block so normal node progress can continue
3781 CValidationState state;
3784 }
3785 }
3789 // Recursively process earlier encountered successors of this block
3795 std::pair<std::multimap<uint256, CDiskBlockPos>::iterator, std::multimap<uint256, CDiskBlockPos>::iterator> range = mapBlocksUnknownParent.equal_range(head);
3799 {
3800 LogPrint("reindex", "%s: Processing out of order child %s of %s\n", __func__, block.GetHash().ToString(),
3803 CValidationState dummy;
3805 {
3806 nLoaded++;
3808 }
3809 }
3813 }
3814 }
3817 }
3818 }
3821 }
3825 }
3828 {
3831 }
3835 // During a reindex, we read the genesis block and call CheckBlockIndex before ActivateBestChain,
3836 // so we have the genesis block in mapBlockIndex but no active chain. (A few of the tests when
3837 // iterating the block tree require that chainActive has been initialized.)
3841 }
3843 // Build forward-pointing map of the entire block tree.
3847 }
3851 std::pair<std::multimap<CBlockIndex*,CBlockIndex*>::iterator,std::multimap<CBlockIndex*,CBlockIndex*>::iterator> rangeGenesis = forward.equal_range(NULL);
3854 assert(rangeGenesis.first == rangeGenesis.second); // There is only one index entry with parent NULL.
3856 // Iterate over the entire block tree, using depth-first search.
3857 // Along the way, remember whether there are blocks on the path from genesis
3858 // block being explored which are the first to have certain properties.
3862 CBlockIndex* pindexFirstMissing = NULL; // Oldest ancestor of pindex which does not have BLOCK_HAVE_DATA.
3863 CBlockIndex* pindexFirstNeverProcessed = NULL; // Oldest ancestor of pindex for which nTx == 0.
3864 CBlockIndex* pindexFirstNotTreeValid = NULL; // Oldest ancestor of pindex which does not have BLOCK_VALID_TREE (regardless of being valid or not).
3865 CBlockIndex* pindexFirstNotTransactionsValid = NULL; // Oldest ancestor of pindex which does not have BLOCK_VALID_TRANSACTIONS (regardless of being valid or not).
3866 CBlockIndex* pindexFirstNotChainValid = NULL; // Oldest ancestor of pindex which does not have BLOCK_VALID_CHAIN (regardless of being valid or not).
3867 CBlockIndex* pindexFirstNotScriptsValid = NULL; // Oldest ancestor of pindex which does not have BLOCK_VALID_SCRIPTS (regardless of being valid or not).
3869 nNodes++;
3870 if (pindexFirstInvalid == NULL && pindex->nStatus & BLOCK_FAILED_VALID) pindexFirstInvalid = pindex;
3871 if (pindexFirstMissing == NULL && !(pindex->nStatus & BLOCK_HAVE_DATA)) pindexFirstMissing = pindex;
3873 if (pindex->pprev != NULL && pindexFirstNotTreeValid == NULL && (pindex->nStatus & BLOCK_VALID_MASK) < BLOCK_VALID_TREE) pindexFirstNotTreeValid = pindex;
3874 if (pindex->pprev != NULL && pindexFirstNotTransactionsValid == NULL && (pindex->nStatus & BLOCK_VALID_MASK) < BLOCK_VALID_TRANSACTIONS) pindexFirstNotTransactionsValid = pindex;
3875 if (pindex->pprev != NULL && pindexFirstNotChainValid == NULL && (pindex->nStatus & BLOCK_VALID_MASK) < BLOCK_VALID_CHAIN) pindexFirstNotChainValid = pindex;
3876 if (pindex->pprev != NULL && pindexFirstNotScriptsValid == NULL && (pindex->nStatus & BLOCK_VALID_MASK) < BLOCK_VALID_SCRIPTS) pindexFirstNotScriptsValid = pindex;
3878 // Begin: actual consistency checks.
3880 // Genesis block checks.
3881 assert(pindex->GetBlockHash() == consensusParams.hashGenesisBlock); // Genesis block's hash must match.
3882 assert(pindex == chainActive.Genesis()); // The current active chain's genesis block must be this block.
3883 }
3884 if (pindex->nChainTx == 0) assert(pindex->nSequenceId <= 0); // nSequenceId can't be set positive for blocks that aren't linked (negative is used for preciousblock)
3885 // VALID_TRANSACTIONS is equivalent to nTx > 0 for all nodes (whether or not pruning has occurred).
3886 // HAVE_DATA is only equivalent to nTx > 0 (or VALID_TRANSACTIONS) if no pruning has occurred.
3888 // If we've never pruned, then HAVE_DATA should be equivalent to nTx > 0
3892 // If we have pruned, then we can only say that HAVE_DATA implies nTx > 0
3894 }
3896 assert(((pindex->nStatus & BLOCK_VALID_MASK) >= BLOCK_VALID_TRANSACTIONS) == (pindex->nTx > 0)); // This is pruning-independent.
3897 // All parents having had data (at some point) is equivalent to all parents being VALID_TRANSACTIONS, which is equivalent to nChainTx being set.
3898 assert((pindexFirstNeverProcessed != NULL) == (pindex->nChainTx == 0)); // nChainTx != 0 is used to signal that all parent blocks have been processed (but may have been pruned).
3901 assert(pindex->pprev == NULL || pindex->nChainWork >= pindex->pprev->nChainWork); // For every block except the genesis block, the chainwork must be larger than the parent's.
3902 assert(nHeight < 2 || (pindex->pskip && (pindex->pskip->nHeight < nHeight))); // The pskip pointer must point back for all but the first 2 blocks.
3903 assert(pindexFirstNotTreeValid == NULL); // All mapBlockIndex entries must at least be TREE valid
3904 if ((pindex->nStatus & BLOCK_VALID_MASK) >= BLOCK_VALID_TREE) assert(pindexFirstNotTreeValid == NULL); // TREE valid implies all parents are TREE valid
3905 if ((pindex->nStatus & BLOCK_VALID_MASK) >= BLOCK_VALID_CHAIN) assert(pindexFirstNotChainValid == NULL); // CHAIN valid implies all parents are CHAIN valid
3906 if ((pindex->nStatus & BLOCK_VALID_MASK) >= BLOCK_VALID_SCRIPTS) assert(pindexFirstNotScriptsValid == NULL); // SCRIPTS valid implies all parents are SCRIPTS valid
3908 // Checks for not-invalid blocks.
3909 assert((pindex->nStatus & BLOCK_FAILED_MASK) == 0); // The failed mask cannot be set for blocks without invalid parents.
3910 }
3911 if (!CBlockIndexWorkComparator()(pindex, chainActive.Tip()) && pindexFirstNeverProcessed == NULL) {
3913 // If this block sorts at least as good as the current tip and
3914 // is valid and we have all data for its parents, it must be in
3915 // setBlockIndexCandidates. chainActive.Tip() must also be there
3916 // even if some data has been pruned.
3919 }
3920 // If some parent is missing, then it could be that this block was in
3921 // setBlockIndexCandidates but had to be removed because of the missing data.
3922 // In this case it must be in mapBlocksUnlinked -- see test below.
3923 }
3924 } else { // If this block sorts worse than the current tip or some ancestor's block has never been seen, it cannot be in setBlockIndexCandidates.
3926 }
3927 // Check whether this block is in mapBlocksUnlinked.
3928 std::pair<std::multimap<CBlockIndex*,CBlockIndex*>::iterator,std::multimap<CBlockIndex*,CBlockIndex*>::iterator> rangeUnlinked = mapBlocksUnlinked.equal_range(pindex->pprev);
3935 }
3937 }
3938 if (pindex->pprev && (pindex->nStatus & BLOCK_HAVE_DATA) && pindexFirstNeverProcessed != NULL && pindexFirstInvalid == NULL) {
3939 // If this block has block data available, some parent was never received, and has no invalid parents, it must be in mapBlocksUnlinked.
3941 }
3942 if (!(pindex->nStatus & BLOCK_HAVE_DATA)) assert(!foundInUnlinked); // Can't be in mapBlocksUnlinked if we don't HAVE_DATA
3943 if (pindexFirstMissing == NULL) assert(!foundInUnlinked); // We aren't missing data for any parent -- cannot be in mapBlocksUnlinked.
3944 if (pindex->pprev && (pindex->nStatus & BLOCK_HAVE_DATA) && pindexFirstNeverProcessed == NULL && pindexFirstMissing != NULL) {
3945 // We HAVE_DATA for this block, have received data for all parents at some point, but we're currently missing data for some parent.
3947 // This block may have entered mapBlocksUnlinked if:
3948 // - it has a descendant that at some point had more work than the
3949 // tip, and
3950 // - we tried switching to that descendant but were missing
3951 // data for some intermediate block between chainActive and the
3952 // tip.
3953 // So if this block is itself better than chainActive.Tip() and it wasn't in
3954 // setBlockIndexCandidates, then it must be in mapBlocksUnlinked.
3955 if (!CBlockIndexWorkComparator()(pindex, chainActive.Tip()) && setBlockIndexCandidates.count(pindex) == 0) {
3958 }
3959 }
3960 }
3961 // assert(pindex->GetBlockHash() == pindex->GetBlockHeader().GetHash()); // Perhaps too slow
3962 // End: actual consistency checks.
3964 // Try descending into the first subnode.
3965 std::pair<std::multimap<CBlockIndex*,CBlockIndex*>::iterator,std::multimap<CBlockIndex*,CBlockIndex*>::iterator> range = forward.equal_range(pindex);
3967 // A subnode was found.
3969 nHeight++;
3971 }
3972 // This is a leaf node.
3973 // Move upwards until we reach a node of which we have not yet visited the last child.
3975 // We are going to either move to a parent or a sibling of pindex.
3976 // If pindex was the first with a certain property, unset the corresponding variable.
3984 // Find our parent.
3986 // Find which child we just visited.
3987 std::pair<std::multimap<CBlockIndex*,CBlockIndex*>::iterator,std::multimap<CBlockIndex*,CBlockIndex*>::iterator> rangePar = forward.equal_range(pindexPar);
3989 assert(rangePar.first != rangePar.second); // Our parent must have at least the node we're coming from as child.
3991 }
3992 // Proceed to the next one.
3995 // Move to the sibling.
3999 // Move up further.
4001 nHeight--;
4003 }
4004 }
4005 }
4007 // Check that we actually traversed the entire map.
4009 }
4012 {
4013 string strStatusBar;
4014 string strRPC;
4015 string strGUI;
4019 strStatusBar = "This is a pre-release test build - use at your own risk - do not use for mining or merchant applications";
4020 strGUI = _("This is a pre-release test build - use at your own risk - do not use for mining or merchant applications");
4021 }
4026 // Misc warnings like out of disk space and clock is wrong
4028 {
4031 }
4034 {
4035 strStatusBar = strRPC = "Warning: The network does not appear to fully agree! Some miners appear to be experiencing issues.";
4036 strGUI += (strGUI.empty() ? "" : uiAlertSeperator) + _("Warning: The network does not appear to fully agree! Some miners appear to be experiencing issues.");
4037 }
4039 {
4040 strStatusBar = strRPC = "Warning: We do not appear to fully agree with our peers! You may need to upgrade, or other nodes may need to upgrade.";
4041 strGUI += (strGUI.empty() ? "" : uiAlertSeperator) + _("Warning: We do not appear to fully agree with our peers! You may need to upgrade, or other nodes may need to upgrade.");
4042 }
4052 }
4054 return strprintf("CBlockFileInfo(blocks=%u, size=%u, heights=%u...%u, time=%s...%s)", nBlocks, nSize, nHeightFirst, nHeightLast, DateTimeStrFormat("%Y-%m-%d", nTimeFirst), DateTimeStrFormat("%Y-%m-%d", nTimeLast));
4055 }
4057 ThresholdState VersionBitsTipState(const Consensus::Params& params, Consensus::DeploymentPos pos)
4058 {
4061 }
4063 int VersionBitsTipStateSinceHeight(const Consensus::Params& params, Consensus::DeploymentPos pos)
4064 {
4067 }
4072 {
4079 }
4091 }
4104 mempool.PrioritiseTransaction(tx.GetHash(), tx.GetHash().ToString(), prioritydummy, amountdelta);
4105 }
4106 CValidationState state;
4114 }
4117 }
4118 }
4124 }
4128 }
4130 LogPrintf("Imported mempool transactions from disk: %i successes, %i failed, %i expired\n", count, failed, skipped);
4132 }
4135 {
4141 {
4145 }
4147 }
4155 }
4168 }
4175 LogPrintf("Dumped mempool: %gs to copy, %gs to dump\n", (mid-start)*0.000001, (last-mid)*0.000001);
4178 }
4179 }
4181 class CMainCleanup
4182 {
4186 // block headers
4191 }