routing+migration: fix mission control migration with nil failure msg

[bitromortac]

Tries to fix #9769.

Demonstrates the migration error and attempts a fix by making the failure message an optional tlv record. I'm not sure if we want to do this because it's strange that the failure message is nil in the first place. Perhaps we want to instead migrate nil failure messages to CodeNone instead or drop these entries.

[coderabbitai]

Important

Review skipped

Auto reviews are limited to specific labels.

🏷️ Labels to auto review (1)

• llm-review

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[ziggie1984]

First pass looks good, need to take a second look tho.

[ziggie1984]

Add a comment why this might happen, decoding error of the error msg.

What about the case where we have a nil source index:

lnd/routing/missioncontrol.go

Lines 843 to 845 in b34afa3

	if sourceIdx == nil {
	return &paymentFailure{}
	}

we should instead return nil here, so we do not create the failure information.

[bitromortac]

we should instead return nil here, so we do not create the failure information.

Ah, I think we should do something about the pointer, I converted to use a fn.Option[paymentFailure] in other places and removed the pointer, because newPaymentFailure always constructs a paymentFailure, it still represents a payment failure if the info fields are absent.

[bitromortac]

Add a comment why this might happen, decoding error of the error msg.

I added comments to the paymentFailure fields.

What about the case where we have a nil source index

The sourceIdx is a prerequisite to be able to decrypt the error via the hop's shared secret, so I think it makes sense to return an empty paymentFailure here, because if we don't know the index, we won't be able to get a message.

[guggero]

I more or less had the same question when looking at the code. Perhaps this explanation is worth a comment in both versions of newPaymentFailure where we return an empty paymentFailure.

[bitromortac]

It looks like one level of nesting can be removed, trying that out.

[bitromortac]

It seems to work, I removed paymentFailure, whose role is now taken over by the old paymentFailureInfo. Instead of checking the optional record in paymentFailure, I think we can use the source index instead. I put all mission control migration changes together in the last commit, which was easier for me. Let me know if I should make changes in lockstep.

[guggero]

LGTM 🎉

[ziggie1984]

Looks very good, in my opinion we can also remove the sourceIdx pointer and check the nil case outside and return early or return an option. Because I don't think we want to persist an empty payment failure tlv in the case sourceIdx == nil espcially since the tlv is optional anyways ?

[ziggie1984]

should we error out if the sourceIdx is none but the failure.msg is not ?

[bitromortac]

mentioned in other response

[ziggie1984]

I would prefer removing this pointer for sourceIdx, and catch the nil case outside of this function. or we return an option here for the paymentFailure, and set it to None in the sourceIdx=nil case wdyt ?

[ziggie1984]

I wonder if we should check the case sourceIdx == nil but failureMsg not and report an error ?

[bitromortac]

I would prefer removing this pointer for sourceIdx, and catch the nil case outside of this function. or we return an option here for the paymentFailure, and set it to None in the sourceIdx=nil case wdyt ?

Because I don't think we want to persist an empty payment failure tlv in the case sourceIdx == nil espcially since the tlv is optional anyways ?

I think we always want to construct a paymentFailure here even if it's empty, because its presence in paymentResult indicates a payment failure (just one we don't know how to interpret precisely). So I think we can't save more in terms of serialization?

[ziggie1984]

as mentioned before I think we can also get rid of the sourceIdx pointer ?

[bitromortac]

I'm currently not seeing a lot of advantages in removing the source index pointer and would like to keep further changes in this bug fix PR minimal (also with regards to changing the signature to return an error), since this is not touching the serialization. I can change it though if you feel strongly about it.

[ziggie1984]

ok cool let's keep it as is.

[ziggie1984]

Release notes in a separate commit please.

[ziggie1984]

LGTM

[bitromortac]

Will also check for errors if somebody ran with the previous serialization.

[bitromortac]

If anybody ran with the migration included in v0.19.0-rc3 and has migrated or experienced routing failures, we'd expect something like

2025-05-02 11:30:17.213 [INF] CRTR missioncontrol_store.go:107: Loaded 6 mission control entries
2025-05-02 11:30:17.213 [DBG] CRTR missioncontrol.go:455: [default]: Mission control state reconstruction started
2025-05-02 11:30:17.213 [ERR] LTND lnd.go:169: Shutting down due to error in main method rev="" err="can't create mission control manager: ErrTypeForDecoding want (type: *uint8, length: 1), got (type: *uint8, length: 147)"
2025-05-02 11:30:17.213 [INF] NTFN bitcoind.go:228: Cancelling epoch notification, epoch_id=1
2025-05-02 11:30:17.214 [INF] LTND lnd.go:252: Stopping pprof server... rev=""
2025-05-02 11:30:17.214 [INF] LTND lnd.go:152: Shutdown complete
unable to create server: can't create mission control manager: ErrTypeForDecoding want (type: *uint8, length: 1), got (type: *uint8, length: 147)

because of the change in serialization, just to be aware of that. This can be resolved by lncli resetmc running v0.19.0-rc3.

[ziggie1984]

because of the change in serialization, just to be aware of that. This can be resolved by lncli resetmc running v0.19.0-rc3.

But the user has to revert back to a prior version to startup LND or ?

[guggero]

They need to run lncli resetmc before updating to the next RC (which will be RC4). I'll note that in the release notes.