Redesign Consensus Simulation Framework (RIPD-1361)

[bachase]

This PR contains several changesets related to a redesigned consensus simulation framework (CSF) and reflects joint work between myself and @jmmcgee. Some highlights of the latest iteration of the framework:

• Adds an event/collector framework for monitoring invariants and doing calculating statistics.
• Allows distinct network and trust connections between Peers
• Adds a simple routing strategy to support broadcasting arbitrary messages
• Adds a common directed graph (Digraph) class for representing network and trust topologies
• Adds a PeerGroup class for simpler specification of the trust and network topologies
• Adds a LedgerOracle class to ensure distinct ledger histories and simplify branch checking
• Adds a Submitter to send transactions in at fixed or random intervals to fixed or random peers

The framework design is still in its early stages and will continue to be reworked in support of ongoing simulation studies.

For reviewers, there are two main requests

1. Ensure the changes to generic consensus in [FOLD] Prepare for CSF redesign: 1ca12e1 are satisfactory. The changes are non-behavior changing.
2. Provide feedback on the design of the CSF. This is probably best done by reviewing the flattened PR and focusing on the src/test/csf directory. Initially, reviewing the brief README may provide better context for the changes.

[bachase]

@wilsonianb and @scottschurr I've tagged you both and would request you focus on the prepartion commit [FOLD] Prepare for CSF redesign: 1ca12e1. Reviewing the larger redesign is up to you; I'll solicit volunteers for that larger task.

[codecov-io]

Codecov Report

Merging #2209 into develop will increase coverage by 0.01%.
The diff coverage is 90%.

@@             Coverage Diff             @@
##           develop    #2209      +/-   ##
===========================================
+ Coverage    70.22%   70.23%   +0.01%     
===========================================
  Files          692      692              
  Lines        50961    50977      +16     
===========================================
+ Hits         35787    35804      +17     
+ Misses       15174    15173       -1

Impacted Files	Coverage Δ
src/ripple/basics/tagged_integer.h	94.73% <ø> (-5.27%)	⬇️
src/ripple/app/consensus/RCLCxLedger.h	80% <ø> (ø)	⬆️
src/ripple/app/consensus/RCLConsensus.h	80% <ø> (ø)	⬆️
src/ripple/consensus/LedgerTiming.h	92.3% <100%> (-3.53%)	⬇️
src/ripple/consensus/Validations.h	98.47% <100%> (+0.09%)	⬆️
src/ripple/consensus/DisputedTx.h	97.26% <100%> (+0.03%)	⬆️
src/ripple/app/consensus/RCLConsensus.cpp	66.74% <25%> (+0.97%)	⬆️
src/ripple/consensus/Consensus.h	88.86% <90%> (-0.23%)	⬇️
src/ripple/basics/DecayingSample.h	77.77% <0%> (-8.34%)	⬇️
... and 4 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 6dc79c2...ad62c13. Read the comment docs.

[wilsonianb]

warning: unused variable 'size' [-Wunused-variable]

[wilsonianb]

warning: unused variable 'size' [-Wunused-variable]

[scottschurr]

See earlier assert(peers.size() == ranks.size()); suggestion. Also note there are steps 2 and 3, but not 1.

[wilsonianb]

ledgerCounts --> dist ?

[wilsonianb]

It looks like (it.first == current) || (it.first > netLgr) is new (previously just (it.first == current)).
Should it instead be (it.first == current) || ((it.first > netLgr) && (netLgr != current))?
As is, I think you can get a netLgr of either current or a sequence later than current (assuming they have the same count) depending of which LedgerID appears later in the hash_map.

[bachase]

Good catch. I agree with your suggested change.

[scottschurr]

Reviewing only the [FOLD] Prepare for CSF redesign commit. I left some comments and thoughts, but saw no particular problems. Looks good. 👍

[scottschurr]

The document contains a few references to the "Ripple network" and "Ripple Consensus Ledger". I'm wondering if those should be changed to "XRP Ledger"? Possibly a marketing or @mDuo13 question...

[scottschurr]

The references to "Ripple network" and "Ripple Consensus Ledger" are still in the document. @mDuo13, is it important to address this? Or should we let it slide for now?

[scottschurr]

This if condition is slightly different from the original inline code it replaces in RCLConsensus.cpp. I'm unsure whether that difference is intentional, so I thought I'd just call it out. The replacement is not quite a simple refactor...

[scottschurr]

Do you still want to say "relay" in this comment? Or should it say "share"?

Also, there are a few uses of "relay" in RCLValidations.cpp and one in RCLValidations.h. Do you want to change those to "share" as well?

I don't feel strongly on this, just asking...

[bachase]

I went with share in the generic context and left relay in the ripple specific implementation (RCL*). The thought is that the generic version can use a variety of routing strategies to send messages in support of the consensus algorithm, so relay was too specific. However, since rippled's overlay and hashrouter use relay, I stuck with that name.

I agree that having two names is not ideal, but I felt the generic vs concrete boundary was an acceptable spot to diverge.

[scottschurr]

Do you eventually intend to change LedgerMaster to use Seq instead of LedgerIndex? Not insisting, just curious.

[bachase]

Potentially. LedgerMaster and NetworkOps still have functionality that is related to consensus that should arguably be moved to the generic implementation and that might warrant the change.

[scottschurr]

👍 for explicit return types!

[scottschurr]

I'm seeing a couple of these static_cast<>s. That's fine, but you might consider adding a method named, say, seqAsUInt() to your Ledger_t implementations. That would keep the static_cast<> inside the class responsible for supplying the data. Just a thought.

[bachase]

I'm going to leave as is for now since it is just for JSON/debug support. I intend (eventually) to revisit how that is done in the generic code.

[scottschurr]

RCLConsensus.h is using NodeID_t instead of NodeID. Is it worth making that consistent? So, for example SeqType would be Seq_t? Just for your consideration. Personally, I really like it when a given type retains the same name for most or all of the code base. That makes it way easier to grep for instances. It's nice when it works that way, but it's hard to enforce.

[bachase]

Yes, I should revisit this. Two follow-ups

1. Is the decay_result_t style acceptable? Or do you prefer the explicit using style?
2. If its the latter, I added the _t suffix because NodeID is an existing ripple type, so wasn't sure how to define an alias using NodeID = NodeID?

[scottschurr]

I'm completely fine with the decay_result_t style. If you want to use the explicit using style, consider

using NodeID = ripple::NodeID;

I believe you can also use

using NodeID = NodeID;

but you'll leave your readers a bit puzzled about what you're up to...

[wilsonianb]

error: declaration of 'using NodeID = using NodeID = class ripple::base_uint<160ul, ripple::detail::NodeIDTag>' [-fpermissive]
         using NodeID = ripple::NodeID;

[bachase]

Sigh. Windows was happy at least.

[scottschurr]

Bummer. Clang on macOS was okay with it too. Sorry for the misdirection.

[bachase]

No worries. I'll just drop that change for now and revisit separately.

[bachase]

Force pushed and dropped 51098cf

[bachase]

The last commit fixes a bug in the simulation framework uncovered in other simulations that are not part of this review.

[bachase]

Rebased on 0.80.0-rc2

[scottschurr]

Sorry this review took so long. There is a lot of code here! I'm not convinced my particular review really brought much of value, but I noted a few things you might choose to look at. Interesting stuff.

[scottschurr]

micro nit: is -> are?

[scottschurr]

sub-nit: in "one" or "an" additional...?

[scottschurr]

I usually expect types to have initial caps in our code base. So I'd expect to see class Duration, class Seq. I think that change might make the code inside the body a bit easier to read. Just a thought, not a requirement.

[scottschurr]

The requirements on type seq are not very clear. It looks like it should be integral, and ledgerSeq certainly suggests it should be integral. But if, right here, I insert...

static_assert (std::is_integral<seq>::value, "");

The static_assert fails from an instantiation based here: src/test/csf/Peer.h:818

consensus.timerEntry(now());

Maybe this is expected? Would like to know what you think...

[bachase]

It is basically integral, but it also supports tagged_integer types which aren't exactly integral. I could try adding a concept check if you find that useful, but will at least add some comments.

[scottschurr]

Comments will be good.

[scottschurr]

Isn't the "Inc" supposed to end with a period? I think a global replace went awry.

[bachase]

Yikes. Sorry and thanks for catching the aftermath!

[scottschurr]

consenssus -> consensus?

[scottschurr]

I think that C++ is drifting toward the spelling "invocable" instead of "invokable".

[scottschurr]

class -> classes?

[scottschurr]

usesd -> used?

[scottschurr]

a -> an?

[HowardHinnant]

I reviewed the last commit in detail, and tested out the entire P/R. All looks good!

[scottschurr]

Tagged a few more nits, but nothing that needs to be addressed. 👍

[scottschurr]

The references to "Ripple network" and "Ripple Consensus Ledger" are still in the document. @mDuo13, is it important to address this? Or should we let it slide for now?

[scottschurr]

ratioe -> ratio?

[scottschurr]

That last sentence really helps. Thanks.

[scottschurr]

I'm guessing this should be const?

[scottschurr]

I'm not looking too closely, but I suspect the need for the round is because:

parts.ledgerGranularity == 1 sec
(double) 0.2 * 1 sec produces (double) 0.2 sec
round<milliseconds>(0.2 sec) produces 200 milliseconds

If that's correct you could probably get away from the round call by

1. declaring parts.ledgerGRANULARITY as 1000 milliseconds (represented internally as 1000), and
2. instead of multiply by 0.2, divide by 5, so you stay in the integer world.

Then I think you should automatically get 200 milliseconds without the round call.

[scottschurr]

You were considering changing pdf (Probability Distribution Function or Portable Document Format) to rnd (Random Number Distribution). I like rnd and RND much better than pdf and PDF. Is that change still in the cards?

[scottschurr]

I think these three locals can still be const.

[scottschurr]

lists -> list?

[scottschurr]

Could still be changed to an event...

[mellery451]

minor comments - LGTM

[mellery451]

not to over-engineer it, but couldn't this instead be defined as an ostream operator?

[bachase]

I wasn't sure how to do that conveniently and allow determining how to represent the vertex name at the call-site> I could try wrapping instead, but this seemed good enough for now.

[mellery451]

It looks like this test doesn't actually have any assertions, so the test runner aborts at the end. Maybe add a pass() or some other trivial assertion ?

[bachase]

Rebased on 0.80.0-rc3

[bachase]

Rebased on 0.80.0, squashed and marking as passed.

[bachase]

Rebased on 0.80.1

[seelabs]

In 0.90.0-b1