HDiff in the hot DB

[dapplion]

Partial implementation of https://hackmd.io/6WI3idBfR2q2AQyMUfYMyg

[michaelsproul]

We need to change this to not delete the diff ancestors of the finalized state (use closest_layer_slots somewhere here).

We need to know the ancestor diffs of the new finalized state, so one approach would be:

• Reorder migrate_database (hot to freezer migration) prior to pruning heads
• Keep hot states which are either after the split, or before the split and descended from it according to the diff hierarchy.

[michaelsproul]

We may want to rewrite the prune_abandoned_forks code, but if we don't want to do that now, we can take the approach above

[michaelsproul]

Regarding state summaries stored during state advance (infamous beacon_node/beacon_chain/src/block_verification.rs:1487):

Option 1 (current strategy) is to commit eagerly:

• Means storing more on disk in the hot-path of state advance (potentially annoying due to latency from disk I/O and diff computation). However this is mitigated by the state advance routine usually doing this work prior to block import.
• Saves memory because we don't need to hold potentially thousands of states in memory until the block is verified and we decide to commit it.

Option 2 (old strategy from ages ago) is to commit on import:

• Uses a lot more memory because we need to keep the states around in memory. Naively for 1000 epoch boundary states this could be like 1000 x 0.1 GB = 100 GB = death by OOM.
• The advantage of this approach is that we could avoid computing the diffs for the intermediate states until after the block has been imported & added to fork choice. However this is probably not worth it.

Option 3 (don't store intermediate states at all):

• Would need to recompute them (and re-do the epoch transition).

[michaelsproul]

Could use to implement the DB downgrade (recreate the headtracker after it has been deleted)

[michaelsproul]

The reason for this lock is a race with the write in BeaconChain::import_block:

If we were to write a non-temporary state in import_block in between setting state_already_exists (false) and the write of the temporary state in this function, we can corrupt the DB:

• There is a state that is not temporary (required by some fully-imported block),
• But it is marked temporary due to the race condition here
• Temporary states risk being deleted by pruning -> invalid DB due to deletion of canonical state.

The lock prevents this case by preventing the interleaving of the read in this function with the write in the import function. However this is a bad abstraction forced upon us by LevelDB which lacks proper ACID transactions. If we move away from LevelDB eventually we can maybe have proper transactions, see:

• Modularize beacon node backend sigp/lighthouse#4718

[michaelsproul]

Lets delete the pruning_checkpoint while we're here.

https://github.com/sigp/lighthouse/blob/b5f27610ca675d649bbff755b970cea74ba144ad/beacon_node/store/src/hot_cold_store.rs#L2389-L2400

[dapplion]

Done in c8d82f0

[michaelsproul]

Suggested change

	// From the DAG compute the list of roots that ascend from finalized root up to the split
	// From the DAG compute the list of roots that descend from finalized root up to the split

[dapplion]

Fixed with 4fa32ccc8

[michaelsproul]

Suggested change

	// slot. And run `migrate_database` with it
	// slot.

[dapplion]

Fixed with 4fa32cc

[michaelsproul]

Suggested change

	// keep those on the finalized canonical chain. Note that there may be lingering
	// forks.
	// keep those on the finalized canonical chain. Checking the state root ensures we avoid lingering forks.

[dapplion]

Fixed with 4fa32ccc8

[michaelsproul]

Noting this now includes:

• Abandoned forks (not descended from finalized)
• Old stuff that wasn't pruned previously but is getting pruned now (older than previous finalization)
• Finalized states from the canonical chain which are not required by the HDiff mechanism.

[dapplion]

Updated the comments

[michaelsproul]

We could remove this write, and probably delete the PersistedBeaconChain altogether.

[dapplion]

Fixed with 9ce4b33, but to fully remove PersistedBeaconChain we need to have a way to compute the genesis state root and genesis block root when booting from an existing DB. The issue is that while the state is in the DB it is keyed by root which we don't know.

[michaelsproul]

I was thinking maybe we could recycle the anchor_slot for use here, as it is fairly useless and not used for much. The only load-bearing use of the anchor_slot that I can find is in try_prune_execution_payloads where it is used to halt the pruning process. However, this is not necessary as we could either:

1. Keep iterating back to Bellatrix, or
2. Stop iterating back once we find a payload that is missing, or
3. Use the oldest_block_slot to determine when to stop iterating back. This is my preferred option, as it is also compatible with storing execution payloads older than the anchor_slot, i.e. Store execution payloads during backfill if --prune-payloads false sigp/lighthouse#6510

[michaelsproul]

Conclusion: we can recycle the anchor_slot field and set it to the epoch-aligned slot of the snapshot state (not the slot of the checkpoint block, which might be older due to skipped slots).

[dapplion]

Fixed on 5ecf9db

[dapplion]

Branch with commit history https://github.com/dapplion/lighthouse/pull/new/tree-states-hot-backup

squashed and rebase on top of sigp/unstable

[dapplion]

I have done manual testing and this branch works on mainnet:

1. starting the node from genesis
2. starting the node with fresh DB and checkpoint sync (not aligned epoch to hdiff snapshot)
3. starting the node from an existing DB with at least 100 slots of history

All of them were broken originally, there's a lot of commits https://github.com/dapplion/lighthouse/pull/new/tree-states-hot-backup to make them work. I have also rebased to unstable, it was quite easy.

For 3. I had to add a new column to store the new hot state summaries. Otherwise when diffing it will try to read a V22 summary and break.

[dapplion]

@michaelsproul If we stop updating the head_tracker in the persisted head, how can we downgrade safely? If you run an old version of Lighthouse it will read the persisted head which contains an empty head tracker.