Browse Source

Fix incorrect locking of mempool during RBF replacement

Previously RemoveStaged() was called without pool.cs held.
0.13
Peter Todd 9 years ago
parent
commit
16a2f93629
No known key found for this signature in database
GPG Key ID: C085F21CE7F4B9DC
  1. 7
      src/main.cpp

7
src/main.cpp

@ -1006,10 +1006,13 @@ bool AcceptToMemoryPool(CTxMemPool& pool, CValidationState &state, const CTransa
size_t nConflictingSize = 0; size_t nConflictingSize = 0;
uint64_t nConflictingCount = 0; uint64_t nConflictingCount = 0;
CTxMemPool::setEntries allConflicting; CTxMemPool::setEntries allConflicting;
// If we don't hold the lock allConflicting might be incomplete; the
// subsequent RemoveStaged() and addUnchecked() calls don't guarantee
// mempool consistency for us.
LOCK(pool.cs);
if (setConflicts.size()) if (setConflicts.size())
{ {
LOCK(pool.cs);
CFeeRate newFeeRate(nFees, nSize); CFeeRate newFeeRate(nFees, nSize);
set<uint256> setConflictsParents; set<uint256> setConflictsParents;
const int maxDescendantsToVisit = 100; const int maxDescendantsToVisit = 100;

Loading…
Cancel
Save