📅 Original date posted:2011-08-10
🗒️ Summary of this message: Developers discuss potential solutions to chronic CRITICAL_SECTION deadlocks in Bitcoin code, including a single-threaded/asio architecture or a careful rework of the locking system.
📝 Original message:On Wed, Aug 10, 2011 at 06:59:14PM +0200, Matt Corallo wrote:
> On Wed, 2011-08-10 at 12:29 -0400, Gavin Andresen wrote:
> > I've been wading through the pull requests and bug lists to figure out
> > a roadmap for the next few months.
> >
> > Here are the things on my priority list:
>
> > 2. We've got a chronic problem with new code causing CRITICAL_SECTION
> > deadlocks (see issue #453 for the latest). Detecting potential
> > deadlocks early should be done; longer term I think re-architecting to
> > be single-threaded/asio is probably the right thing to do.
> Sipa had begin looking at doing some redoing of the locking system (to
> support more broad stuff like read-only locks, etc) to solve that exact
> bug, but I never heard anything about if he actually started writing
> code or how far he got.
No I didn't start writing anything - I've been quite busy the past few weeks,
and will be more so the coming weeks. Anyway, some ideas:
Either we try to make everything single threaded, and aim towards a bitcoin
library which you pass events (which can be network, rpc, UI, ...) and
it always processes in finite time, without any separate threads. That
would be a serious rewrite, and maybe a limitation on potential growth
(there *will* be a time where a full node doesn't run on anything but
a 16-core machine...).
The alternative is doing a very careful checking/rework of the locking
system. I think you want some per-object locking instead of per single
data structure. Making it so fine-grained forces careful checking of
the order in which things are locked. That is hard to keep track of,
and probably doesn't gain you very much (just a guess, experiments could
prove me wrong, obviously)
I would propose a system with one lock for the node-handling code
(mapTransactions, mapBlockIndex, mapOrphanBlocks, ...), one lock for
the wallet-handling code (mapWallet, CKeyStore), and one lock for
network-handling code. No access to any inner data structures of
these components is exposed, and everything goes through accessor
functions. All exposed functions of each component take the respective
lock upon entering the component. This includes functions that only
need read-only access (which currently often don't take a lock at
all, iirc).
However, I think we can move to reader-writer locks (boost's shared_mutex).
A lot of code does not need an exclusive lock on the data, as multiple
threads reading the internal data structures simultaneously is not a
problem. This would mean that all inspector functions are wrapped in a
lock_shared/unlock_shared blocks, all mutator functions are wrapped in
a lock_upgrade/unlock_upgrade block, and code that actually modifies
data structures is wrapped in a unlock_upgrade_and_lock/
unlock_and_lock_upgrade block.
This is clearly part of a larger code-cleanup effort, as it would mean
moving all code in GUI and RPC that take locks on various things, to
the component they are taking locks on. That's immediately a nice step
towards "librarification" of the code...
> > Sipa's wallet and key export/import
> I was under the impression the plan was for this to go in 0.4 aka next
> release, but personally, I don't care too much either way.
I think it should be more or less finished by now in terms of
functionality, at least for dumpprivkey, importprivkey, removeprivkey.
I'm somewhat less sure about dumpwallet/importwallet, as some changes
to the json dump format might be useful still. It does require testing
though...
> > Move from wxWidgets to qt for the GUI
I'd really like to see that - with or without autotools, if some degree
of consistent config/build architecture can be maintained for the
different platforms.
> > Un-hardcode fee handling (anybody already working on this?)
> Sipa did some good thinking through for algorithms that could be really
> useful here, but I don't think any code was ever written, nor did he
> finish (is he off doing the studying thing?)
I was working on a draft for a reworked fee system. I didn't get to
write things out nicely, but the main idea was: assign a score to each
transaction group, in a way that scores always keep increasing over time.
Keep the memory pool sorted according to those scores, and drop the lowest
scoring ones when a configurable memory limit is reached (no limit on the
score itself). Finally, for mining, select the top N transaction groups
from the pool in such a way that an average configurable fee per byte
is maintained.
As each mining node chooses a (hopefully more or less fixed, or at least
only slowly changing) cutoff score above which transactions are included,
the network should converge to a more or less fixed probability distribution
for the score at which transactions are included.
Nodes can measure and estimate this distribution, and calculate expected time
to inclusion for a given fee.
The devil is in the details, as it is kinda hard to define a scoring system
for transactions that is independent from the current exchange value of
bitcoins, from which kind of transactions are common on the network, but still
tries to mimic the cost for the network to handle that transaction.
Anyway, as said, I currently don't have the time to implement these ideas
right now. I do read the mailing list, though :)
--
Pieter
Pieter Wuille [ARCHIVE] /
npub1tj…jtl6r
2023-06-07 02:15:13
in reply to nevent1q…h92e
Author Public Key
npub1tjephawh7fdf6358jufuh5eyxwauzrjqa7qn50pglee4tayc2ntqcjtl6rPublished at
2023-06-07 02:15:13Event JSON
{
"id": "27dbcc9164b7a2d1daa483cedc5c077c08b341848626d963c6d3b349bcb16a20",
"pubkey": "5cb21bf5d7f25a9d46879713cbd32433bbc10e40ef813a3c28fe7355f49854d6",
"created_at": 1686104113,
"kind": 1,
"tags": [
[
"e",
"da86a222bb9948e30689d3ae99b8fbf27c245a1ccde301097e2d4ad972e99e61",
"",
"root"
],
[
"e",
"5e0365b15dc0d1a82ca238e9583d689e3a556232a8aae30c751e8550bef01259",
"",
"reply"
],
[
"p",
"cd753aa8fbc112e14ffe9fe09d3630f0eff76ca68e376e004b8e77b687adddba"
]
],
"content": "📅 Original date posted:2011-08-10\n🗒️ Summary of this message: Developers discuss potential solutions to chronic CRITICAL_SECTION deadlocks in Bitcoin code, including a single-threaded/asio architecture or a careful rework of the locking system.\n📝 Original message:On Wed, Aug 10, 2011 at 06:59:14PM +0200, Matt Corallo wrote:\n\u003e On Wed, 2011-08-10 at 12:29 -0400, Gavin Andresen wrote:\n\u003e \u003e I've been wading through the pull requests and bug lists to figure out\n\u003e \u003e a roadmap for the next few months.\n\u003e \u003e \n\u003e \u003e Here are the things on my priority list:\n\u003e\n\u003e \u003e 2. We've got a chronic problem with new code causing CRITICAL_SECTION\n\u003e \u003e deadlocks (see issue #453 for the latest). Detecting potential\n\u003e \u003e deadlocks early should be done; longer term I think re-architecting to\n\u003e \u003e be single-threaded/asio is probably the right thing to do.\n\u003e Sipa had begin looking at doing some redoing of the locking system (to\n\u003e support more broad stuff like read-only locks, etc) to solve that exact\n\u003e bug, but I never heard anything about if he actually started writing\n\u003e code or how far he got.\n\nNo I didn't start writing anything - I've been quite busy the past few weeks,\nand will be more so the coming weeks. Anyway, some ideas:\n\nEither we try to make everything single threaded, and aim towards a bitcoin\nlibrary which you pass events (which can be network, rpc, UI, ...) and\nit always processes in finite time, without any separate threads. That\nwould be a serious rewrite, and maybe a limitation on potential growth\n(there *will* be a time where a full node doesn't run on anything but\na 16-core machine...).\n\nThe alternative is doing a very careful checking/rework of the locking\nsystem. I think you want some per-object locking instead of per single\ndata structure. Making it so fine-grained forces careful checking of\nthe order in which things are locked. That is hard to keep track of,\nand probably doesn't gain you very much (just a guess, experiments could\nprove me wrong, obviously)\n\nI would propose a system with one lock for the node-handling code\n(mapTransactions, mapBlockIndex, mapOrphanBlocks, ...), one lock for\nthe wallet-handling code (mapWallet, CKeyStore), and one lock for\nnetwork-handling code. No access to any inner data structures of\nthese components is exposed, and everything goes through accessor\nfunctions. All exposed functions of each component take the respective\nlock upon entering the component. This includes functions that only\nneed read-only access (which currently often don't take a lock at\nall, iirc).\n\nHowever, I think we can move to reader-writer locks (boost's shared_mutex).\nA lot of code does not need an exclusive lock on the data, as multiple\nthreads reading the internal data structures simultaneously is not a\nproblem. This would mean that all inspector functions are wrapped in a\nlock_shared/unlock_shared blocks, all mutator functions are wrapped in\na lock_upgrade/unlock_upgrade block, and code that actually modifies\ndata structures is wrapped in a unlock_upgrade_and_lock/\nunlock_and_lock_upgrade block. \n\nThis is clearly part of a larger code-cleanup effort, as it would mean\nmoving all code in GUI and RPC that take locks on various things, to\nthe component they are taking locks on. That's immediately a nice step\ntowards \"librarification\" of the code...\n\n\u003e \u003e Sipa's wallet and key export/import\n\u003e I was under the impression the plan was for this to go in 0.4 aka next\n\u003e release, but personally, I don't care too much either way.\n\nI think it should be more or less finished by now in terms of\nfunctionality, at least for dumpprivkey, importprivkey, removeprivkey.\nI'm somewhat less sure about dumpwallet/importwallet, as some changes\nto the json dump format might be useful still. It does require testing\nthough...\n\n\u003e \u003e Move from wxWidgets to qt for the GUI\n\nI'd really like to see that - with or without autotools, if some degree\nof consistent config/build architecture can be maintained for the\ndifferent platforms.\n\n\u003e \u003e Un-hardcode fee handling (anybody already working on this?)\n\u003e Sipa did some good thinking through for algorithms that could be really\n\u003e useful here, but I don't think any code was ever written, nor did he\n\u003e finish (is he off doing the studying thing?)\n\nI was working on a draft for a reworked fee system. I didn't get to\nwrite things out nicely, but the main idea was: assign a score to each\ntransaction group, in a way that scores always keep increasing over time.\nKeep the memory pool sorted according to those scores, and drop the lowest\nscoring ones when a configurable memory limit is reached (no limit on the\nscore itself). Finally, for mining, select the top N transaction groups\nfrom the pool in such a way that an average configurable fee per byte\nis maintained. \n\nAs each mining node chooses a (hopefully more or less fixed, or at least\nonly slowly changing) cutoff score above which transactions are included,\nthe network should converge to a more or less fixed probability distribution\nfor the score at which transactions are included.\n\nNodes can measure and estimate this distribution, and calculate expected time\nto inclusion for a given fee.\n\nThe devil is in the details, as it is kinda hard to define a scoring system\nfor transactions that is independent from the current exchange value of\nbitcoins, from which kind of transactions are common on the network, but still\ntries to mimic the cost for the network to handle that transaction.\n\n\n\nAnyway, as said, I currently don't have the time to implement these ideas\nright now. I do read the mailing list, though :)\n\n-- \nPieter",
"sig": "3740757c1d8b50084a9f3876e998806e4e9fa06fcdd81eaeefbd3587dd401e0ed2d7735bf1bfd12f30d8360af8bc318a71753f4766e53b5876a10696d6d3ad31"
}