[Obsoleted] [wip] Retain N epochs worth of epoch_stakes

[ryoqun]

Problem

From #6991:

the bank never culls epoch stakes

Solution

Again From #6991:

retain at most N epochs worth of epoch_stakes

Misc

• I added @rob-solana as a reviewer guessing from issue creator can review this, nice to meet you!
• Also, I tried to make added tests readable as much as possible. A bit too much, but I hope our test assets could be close to them by enriching test vocabulary like this...

Fixes #6991

[rob-solana]

nice

[sagar-solana]

A few more comments here would be awesome :)

[ryoqun]

Thanks for the feedback! Piece of cake once I fix the snapshot issue. :)

[rob-solana]

lgtm

you might peruse staking_utils and the blocktree shred insertion code for assumptions that leader_schedule_stakes for past epochs are always present...

[codecov]

Codecov Report

Merging #7098 into master will decrease coverage by 4.9%.
The diff coverage is 59.2%.

@@           Coverage Diff            @@
##           master   #7098     +/-   ##
========================================
- Coverage    79.1%   74.2%     -5%     
========================================
  Files         230     230             
  Lines       44333   47320   +2987     
========================================
+ Hits        35099   35137     +38     
- Misses       9234   12183   +2949

[ryoqun]

lgtm

hooray!

you might peruse staking_utils and the blocktree shred insertion code for assumptions that leader_schedule_stakes for past epochs are always present...

Thanks for a pointer for possible relevant subsystems! I'll check it before merging.

Pull request has been modified.

[rob-solana]

this might come out prettier if the bank gave you the epochs for which it had leader_schedule_stakes...

[rob-solana]

this is small for testing? I thought we were gonna use 16 or 32

[ryoqun]

Yes. Oh, sorry for the lack of comment. I'm intentionally reducing this to cause CI fragile. :D

@rob-solana At my current understanding with a day of code reading/testing, the assumptions that leader_schedule_stakes for past epochs are always present doesn't cause hard errors for validators (no unwrap on the data derived from bank.epoch_stakes), but might silently stop operating or skip (old) legimate tasks (unwrap_or/unwrap_defaults). So, I'm chasing the possible problem due to new retaining behavior.

[sagar-solana]

I'm not sure its best to crash here.

What if someone sends our validator a Shred that's really old, it'll cause the validator to panic.
Actually that's a bad example(but hopefully it gets the point across), I think the window_service should restructure its checks such that it doesn't risk querying a leader schedule that far back.

Since the function returns an Option, why not just return None and log an error?

[ryoqun]

I think the window_service should restructure its checks such that it doesn't risk querying a leader schedule that far back. ... Since the function returns an Option, why not just return None and log an error?

Yes, that will be what I'd write as the final form of this PR!

I'm doing panic! here just to know how much other code is affected by this PR's change. So I should comment as such. Sorry for being less explicit about the intention. And thanks for checking my PR!

[sagar-solana]

Gotcha! Thanks for adding the [wip] in the title :) Maybe a Draft PR in future experiments?
Also the panic won't catch all possibilities. Like the RPC one I described but it's perfectly fine for what you're trying to do right now. Also imo snapshot stuff > this.

[sagar-solana]

Why error?

[ryoqun]

Yes, the log level should be lower than error.

Just to stand out for testing purpose as said above. Sorry for misleading you!

[sagar-solana]

Overall looks fine but I'm a little worried about putting panics into get_slot_leader. If we add an RPC api to get leader schedule, it's quite easy to overlook and will make it trivial to crash the validator.

[rob-solana]

still in progress, @ryoqun ?

[stale]

This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.

[ryoqun]

@rob-solana Sorry for late reply. Sadly, this is not progressing here because I'm concentrating on snapshots recently.

[ryoqun]

This PR has to update recently updated GetLeaderSchedule API as well with this PR as the API started to return user-specified epoch's leader schedules. If we retain at most N epoches worth of data, the API will start to return None or worse just error out... https://github.com/solana-labs/solana/pull/7542/files#diff-3857de88b9c51a001730fa012a6951b2R721

[stale]

This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.

[stale]

This stale pull request has been automatically closed. Thank you for your contributions.

[rob-solana]

@mvines might be a source of the size of the bank on a live network

[mvines]

🎯 parent.epoch_stakes.clone() in Bank::new_from_parent() eats up 30MB RAM on my test ledger

[mvines]

Obsoleted by #7668

[rob-solana]

this PR stalled because RPC APIs might crash if an epoch stakes request was outside what's been retained

[mvines]

Oh do you recall which RPC API that was?

[ryoqun]

@mvines Thanks for taking over this! I think the affected RPC API is GetLeaderSchedule at least as long as I'm aware of. @rob-solana might be pointing to others.

[mvines]

Oh I see. I think it's fine for now if the GetLeaderSchedule RPC API fails for older epochs. The reason I added that support was for the solana show-block-production command, but I never had the expectation that one could run solana show-block-production for all epochs since 0 (and in fact this would fail for other reasons too, since with the solana-validator --limit-ledger-size argument we prune blocktree data from older epochs anyway)