fix: missing lock in DeleteVersionsFrom (#642)

Co-authored-by: Marko <marbar3778@yahoo.com>

Author: yihuang

nodedb.go

@@ -112,7 +112,11 @@ func newNodeDB(db dbm.DB, cacheSize int, opts *Options) *nodeDB {
 func (ndb *nodeDB) GetNode(hash []byte) (*Node, error) {
 	ndb.mtx.Lock()
 	defer ndb.mtx.Unlock()
+	return ndb.unsafeGetNode(hash)
+}
 
+// Contract: the caller should hold the ndb.mtx lock.
+func (ndb *nodeDB) unsafeGetNode(hash []byte) (*Node, error) {
 	if len(hash) == 0 {
 		return nil, ErrNodeMissingHash
 	}
@@ -437,6 +441,9 @@ func (ndb *nodeDB) DeleteVersionsFrom(version int64) error {
 		return fmt.Errorf("root for version %v not found", latest)
 	}
 
+	ndb.mtx.Lock()
+	defer ndb.mtx.Unlock()
+
 	for v, r := range ndb.versionReaders {
 		if v >= version && r != 0 {
 			return fmt.Errorf("unable to delete version %v with %v active readers", v, r)
@@ -582,7 +589,7 @@ func (ndb *nodeDB) deleteNodesFrom(version int64, hash []byte) error {
 		return nil
 	}
 
-	node, err := ndb.GetNode(hash)
+	node, err := ndb.unsafeGetNode(hash)
 	if err != nil {
 		return err
 	}