Skip to content

config+itest: allow unsafe disconnect by default#3648

Merged
cfromknecht merged 4 commits intolightningnetwork:masterfrom
cfromknecht:safe-disconnect
Nov 23, 2019
Merged

config+itest: allow unsafe disconnect by default#3648
cfromknecht merged 4 commits intolightningnetwork:masterfrom
cfromknecht:safe-disconnect

Conversation

@cfromknecht
Copy link
Contributor

@cfromknecht cfromknecht commented Oct 29, 2019

This commit beings the process of deprecating unsafe-disconnect. Many
moons ago this was disallowed to prevent concurency bugs surrounding
reconnect. Despite the name, it has been safe to enable this feature for
well over a year, as several PRs have been merged that addressed the
possible issues that existed when the feature was added.

wpaulino
wpaulino reviewed Oct 30, 2019
View reviewed changes
joostjager
joostjager reviewed Nov 4, 2019
View reviewed changes
Copy link
Contributor

@joostjager joostjager left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I find it hard to form an opinion about this without references to the original concurrency issues and PRs that fixed those. Perhaps getting a review from someone who reviewed the original fix PRs is more efficient.

@cfromknecht
Copy link
Contributor Author

cfromknecht commented Nov 4, 2019

I find it hard to form an opinion about this without references to the original concurrency issues and PRs that fixed those. Perhaps getting a review from someone who reviewed the original fix PRs is more efficient.

good point, i hadn't thought of that 😂

@cfromknecht cfromknecht requested a review from halseth November 4, 2019 23:18
halseth
halseth reviewed Nov 7, 2019
View reviewed changes
Copy link
Contributor

@halseth halseth left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why do we want to allow this by default? IIRC it was only added to allow disconnecting nodes during testing, I don't think it had to do with any concurrency issues.

@cfromknecht
Copy link
Contributor Author

cfromknecht commented Nov 7, 2019
edited
Loading

Why do we want to allow this by default? IIRC it was only added to allow disconnecting nodes during testing, I don't think it had to do with any concurrency issues.

@halseth It was both. there were concurrency issues in the peer lifecycle and possibility of duplicate spawning duplicate mailboxes at the time we needed to test with this flag, which have since been resolved via #1658 #1166 #1551 #982 #821 and probably others i'm missing. prior to those changes the link's mailbox could have desynced and caused a channel closure, and preventing disconnects made it less likely to happen as a result of user behavior. that was the rationale behind naming it unsafe-disconnect, to dissuade people from using the feature while those issues existed.

Why do we want to allow this by default?

There are subtle issues that can be resolved by simply disconnecting and reconnecting to your peer. For most who don't know about this option, they need to restart just to be able to disconnect from a channel partner. Our own node operator guide even suggests using this option.

@halseth
Copy link
Contributor

halseth commented Nov 8, 2019

Why do we want to allow this by default?

There are subtle issues that can be resolved by simply disconnecting and reconnecting to your peer. For most who don't know about this option, they need to restart just to be able to disconnect from a channel partner. Our own node operator guide even suggests using this option.

Ok, cool. I think that should be the argument for enabling this by default now, so maybe add that to the PR description? :)

Roasbeef
Roasbeef approved these changes Nov 9, 2019
View reviewed changes
Copy link
Member

@Roasbeef Roasbeef left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM ☄️

Only some minor commit nits.

@Roasbeef Roasbeef added enhancement Improvements to existing features / behaviour gRPC p2p Code related to the peer-to-peer behaviour P3 might get fixed, nice to have labels Nov 9, 2019
@cfromknecht
lntest/itest: move chanpoint instantiation down to where it's used
8e10da0
@cfromknecht
lntest/itest: remove global alice and bob from disconnect test
c9c7216 
This will allow us to start Alice and Bob with additional arguments once
we switch to making unsafe-disconnect true by default.
@cfromknecht
lntest/harness: improve error message for AssertChannelExists
aa3e740 
predErr wasn't always being set when the predicate failed, replace with
wait.NoError.
@cfromknecht
config+itest: allow unsafe disconnect by default
216b933 
This commit beings the process of deprecating unsafe-disconnect. Many
moons ago this was disallowed to prevent concurency bugs surrounding
reconnect. Despite the name, it has been safe to enable this feature for
well over a year, as several PRs have been merged that addressed the
possible issues that existed when the feature was added.
@halseth halseth removed their request for review November 20, 2019 07:28
@cfromknecht cfromknecht merged commit a839584 into lightningnetwork:master Nov 23, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Roasbeef Roasbeef Roasbeef approved these changes

+3 more reviewers

@halseth halseth halseth left review comments

@joostjager joostjager joostjager left review comments

@wpaulino wpaulino wpaulino approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

enhancement Improvements to existing features / behaviour gRPC p2p Code related to the peer-to-peer behaviour P3 might get fixed, nice to have

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@cfromknecht @halseth @Roasbeef @joostjager @wpaulino