Subnet `lhg73` is stalled

ZackDS · September 15, 2024, 11:02pm

Obviously at this point voted to adopt.

Lorimer · September 15, 2024, 11:06pm

Indeed, I’ve also adopted

sat · September 15, 2024, 11:16pm

Things look good. The subnet started making progress again. Next steps are:

Tomorrow (Monday):

roll out version 5d1beaca74d0bf2ad2e8a37809e1e3ffa5ee9a32 to all subnets that are running 3318f746113e7695ae0b904be5a48820884eb6d8
elect a new version c180069c95739773293599d90c23defc12c3084f and roll it out to all subnets that are currently running 290fd2ae93a02e1ab579895c806161e42b6acf2b
make the change public, to allow public verification.

Thanks everyone for participating and giving constructive and supportive feedback!

timk11 · September 16, 2024, 12:30am

I’ve voted to adopt Subnet Management proposals 132499, 132502 & 132503 (as a CodeGov followee for this topic) as components of a critical hotfix in accordance with the security policy. As seen on the dashboard, the subnet stalled at block height 116106307 at approximately 16:20 UTC, and a CUP block height of 116107000 was executed in proposal 132502. Thanks @sat and team for your fast work on this!

I agree that displaying UTC times in the dashboard is probably a bit better. I’d also like to see a way to verify the CUP state_hash. I searched around for a way to find block details by hash but couldn’t find anything.

ilbert · September 16, 2024, 7:18am

Voted to adopt, in accordance with the Security Patch Policy and Procedure.

ZackDS · September 16, 2024, 12:20pm

The next proposal is live :

Voted to adopt, in accordance with the Security Patch Policy and Procedure.

Zane · September 16, 2024, 12:41pm

I’ve adopted both 132500 and 132507 in accordance with the Security Patch Policy and Procedure.

yuvika · September 16, 2024, 4:50pm

Voting “Yes” to adopt both 132500 and 132507 in accordance with the Security Patch Policy and Procedure.

Lorimer · September 16, 2024, 5:40pm

In accordance with my Reject-if-you-can’t-verify policy, I’ve voted to reject 132507

zenithcode · September 16, 2024, 6:41pm

Voted to adopt both 132500 and 132507, in accordance with the Security Patch Policy and Procedure.

ilbert · September 16, 2024, 7:47pm

Voted to adopt, in accordance with the Security Patch Policy and Procedure.

ipsita · September 17, 2024, 7:38am

I’ve adopted both 132500 and 132507 proposals in accordance with the Security Patch Policy and Procedure.

sat · September 17, 2024, 10:56am

The changes have now been published in

and

In particular, the change is only removing a deprecated assert:

ZackDS · September 17, 2024, 12:10pm

Thank you for sharing so quickly, was there anything in particular that actually triggered the check if canister_state_changes is not None and, then asserts that the removed_cycles field of the system_state_changes is 0. I mean like exceptions that occured during the removed_cycles call or if canister_state_changes was unexpectedly None , since the handle_wasm_execution_of_cleanup_callback function now behaves the same.

sat · September 17, 2024, 1:41pm

I’ve shared the link with @dsarlis , he’s the team lead and the domain expert, so can provide an answer with much more context than me.

dsarlis · September 17, 2024, 2:23pm

canister_state_changes is going to be Some(changes) instead of None if the canister made changes to its state that need to be persisted (perfectly normal for a cleanup callback).

The assert that used to be there was trying to check that there was no case that the canister’s cycle balance was reduced as part of those changes while executing the cleanup callback (note that we are talking during execution, obviously the canister is charged for executing the message but that happens after execution). This was true when the assert was first introduced (that’s about 2 years ago).

In the mean time, things (and some assumptions) have changed. The storage reservation mechanism is one case where if the subnet is above the storage capacity where this mechanism kicks in (450GiB right now), it would result in some cycles being reserved and removed from the cycles balance when the canister would try to allocate some memory in its cleanup callback. The ic0.cycles_burn API is another case which would result in cycles being removed from the canister’s balance (and it’s allowed to be called in a cleanup). So, the assert was simply checking the wrong invariant given the state of the implementation.

Obviously, we should have caught this when these features were implemented and we have been discussing how to improve this going forward. We will post a post-mortem (as per our usual practice) once we have finalized these discussions.

LaCosta · September 17, 2024, 7:33pm

I have voted to adopt proposals 132499, 132502 and 132503 in accordance with the security policy. Thanks @sat for the work!

I also agree with @Lorimer and @timk11 that using a standard timezone across all platforms is more convenient.

cyberowl · September 17, 2024, 11:44pm

ADOPT both 132500 and 132507 in accordance with the Security Patch Policy and Procedure.

hpeebles · September 18, 2024, 10:56am

I’ve voted to adopt proposals 132500 and 132507 in accordance with the Security Patch Policy and Procedure

Topic		Replies	Views
Subnet lhg73 is stalled NNS proposal discussions Subnet-management	13	406	December 29, 2024
[Important Notice] Subnet Node Issues: Performance Degradation on Subnet lhg73 General	2	50	October 17, 2024
Post-mortem: lhg73 stalls due to outdated assert in code Developers	0	37	September 27, 2024
Post-mortem: lgh73 stalls due to cycles reservation validation bug Developers	0	99	July 9, 2024
Subnet ‘lhg73’ stalled again within 24 hours. Any insights on this? Developers Functional-Programming	1	62	December 27, 2024

Subnet `lhg73` is stalled

Related topics