hey all,
@nomeata yes, we do not allow heartbeats to run when the canister is in stopping state (GitHub link)
@bob11 I guess it’s not the heartbeat but rather a call inside a callback, which is allowed by the spec:
Note that when processing responses, a stopping canister can make calls to other canisters and thus create new call contexts.
I also agree that falling below a freezing threshold might help, as:
a canister cannot perform calls if that would, due the cost of the call and transferred cycles, would push the balance into frozen territory; these calls fail with ic0.call_perform returning a non-zero error code.
There is an hidden option in dfx which allow to set a freezing threshold:
dfx canister update-settings --freezing-threshold <FREEZING_THRESHOLD>
Could you please try to set it arbitrary high and see if it breaks the death spiral?