fix: test_nightly_fault_recovery_speed off-by-GATEWAYS node indexing#3881
Merged
fix: test_nightly_fault_recovery_speed off-by-GATEWAYS node indexing#3881
Conversation
The nightly test was iterating `(0..NODES)` and constructing `NodeLabel::node(NETWORK_NAME, i)` for every query site, but `SimNetwork::config_nodes` (testing_impl.rs:1580) actually builds regular-node labels in the range `number_of_gateways..number_of_gateways + num`. For the test's GATEWAYS=4 / NODES=50 configuration that means the live labels are `NodeLabel::node(NETWORK_NAME, 4..54)`, not `0..50`. The test's query therefore hit only the overlap `4..49` — exactly 46 labels — and the strengthened Phase 2 / Phase 3 assertions added by PR #3795 deterministically failed with `expected 50, got 46`. This was misdiagnosed on the first pass as a `SimNetwork` `shared_cm` capture race and "fixed" in PR #3871 with a yield-poll helper. That fix is still beneficial (it makes the startup slot capture robust and adds unit tests for the polling contract), but it was not the actual root cause of this particular failure — the 2026- 04-15 post-merge nightly run (24435694147) still hit `46/50` on the same seed with no "did not publish" warnings in the log, proving the harness was correctly publishing all 54 `(4 gateway + 50 node)` labels. The real bug is in the test's query range. Fix: introduce a `let node_ids = || GATEWAYS..GATEWAYS + NODES;` closure at the top of the three phase blocks and iterate through that everywhere a regular-node label is constructed. The closure documents the invariant in one place and keeps each phase block clean. Why this is a test fix, not a harness fix: the `config_nodes` shifted-index convention is longstanding and several other tests (e.g. `simulation_integration.rs:2070+`, `simulation_integration.rs:2284+`) already rely on it by spelling out e.g. `NodeLabel::node(NETWORK_NAME, 1)` when their gateway count is 1. Changing the harness would be a cross-cutting rewrite with unclear payoff; fixing the broken test is a 3-line surgical change. Verified locally with `cargo check --features "simulation_tests,testing,nightly_tests" --tests`. The actual `test_nightly_fault_recovery_speed` assertion run takes ~4 minutes of simulation wall time which is too slow for local iteration, but the indexing fix is self-evidently correct from the math above — the next nightly run will validate end-to-end. [AI-assisted - Claude]
Contributor
Rule Review: No issues foundRules checked: No rule violations detected. Summary of what was verified:
Rule review against |
Rule-lint requires `fix:` PRs to include at least one new `#[test]`
function. The previous commit only modified an existing test's query
ranges, which the lint correctly does not count.
Add `sim_network_regular_node_labels_start_at_gateway_count` — a
minimal (2 gateways, 3 regular nodes, 0.33s runtime) test that pins
the `SimNetwork::config_nodes` indexing convention. It verifies:
* Labels `node-0` and `node-1` (inside the gateway ID range) are
NOT live regular-node labels — the same class of mistake as the
nightly failure would fail this assertion immediately.
* Labels `node-2`, `node-3`, `node-4` (the `GATEWAYS..GATEWAYS +
NODES` range) ARE live.
* `node-5` (one past the end) is NOT live.
This is a targeted regression test for the convention itself, not
for `test_nightly_fault_recovery_speed` specifically. Any future
test that iterates `0..N` instead of `GATEWAYS..GATEWAYS+N` will now
have this test as prior-art documentation of the correct pattern,
and any refactor of `config_nodes` that changes the indexing will
immediately break this pin rather than silently corrupting the
downstream assertions of every test in the file.
[AI-assisted - Claude]
The previous regression test was `#[test_log::test(tokio::test(flavor = "current_thread"))]` which the CI rule-lint regex `#\[(tokio::)?test\]` does not recognize as a new test (it only matches bare `#[test]` or `#[tokio::test]`). Rule-lint therefore rejected the PR with "fix: PR must include at least one new regression test" even though a new function had been added. Add `node_label_node_and_gateway_formats_are_stable` as a plain `#[test]` that pins the label-string encoding (`net-node-5`, `net-gateway-2`) and the disjointness of the gateway / regular-node label spaces at the same numeric ID. Both invariants are load- bearing for every other test in this file and for `config_nodes` itself. Any refactor that conflates the two label types — or that changes the string encoding — would silently corrupt every connection-count assertion downstream; now it would immediately break this pin. The companion async test (`sim_network_regular_node_labels_start_at_gateway_count`) still exists and still pins the live-label ID range, but the rule-lint regex won't see it as "a test" because of its non-standard annotation. A doc comment on each test now cross-references the other so the two stay paired. [AI-assisted - Claude]
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
test_nightly_fault_recovery_speeddeterministically fails its Phase 2 assertion on seed0x3511FA170003:This was the headline failure on the 2026-04-07 → 2026-04-15 9-night red streak on
Simulation Tests (Nightly).Root cause
The test iterates
(0..NODES)and constructsNodeLabel::node(NETWORK_NAME, i)at every query site. ButSimNetwork::config_nodes(crates/core/src/node/testing_impl.rs:1580) builds regular-node labels with:For the test's
GATEWAYS=4/NODES=50configuration, the live regular-node labels are thereforeNodeLabel::node(NETWORK_NAME, 4..54), not0..50. The test's query overlap with the actual labels is exactly4..49— 46 entries — which is precisely the failure number.How this got misdiagnosed
The first pass on this regression (PR #3871) attributed it to a
SimNetworkshared_cmcapture race, because the symptom (4 nodes' connection managers missing fromconnection_managers) was consistent with both root causes. PR #3871 added a yield-poll helper, genericcapture_shared_slot<T>, loud panic on timeout, and unit tests. That fix is still beneficial — it makes the startup slot-capture robust and unit-testable, and the suspend-detector half of #3871 (which addressed five unrelateddebug_assert!panics in get-path tests) was correct and worked.But the post-merge nightly (run
24435694147, head8c4eb0ecwhich includes #3871) still hit46/50on the same seed with no "SimNetwork: node did not publish" warnings in the log, proving the harness was correctly publishing all 54(4 gateway + 50 node)labels. Querying(0..NODES)was missing the top 4 regular-node labels by indexing convention, not by race.Fix
Introduce a
let node_ids = || GATEWAYS..GATEWAYS + NODES;closure at the top of the test and iterate through it at all three phase query sites (Phase 1 pre-fault, Phase 2 during-fault, Phase 3 post-recovery). The closure documents the invariant once and keeps each phase block clean.Three call sites updated. The Phase 1 site has a long comment explaining the indexing convention so a future contributor doesn't reintroduce the same off-by-GATEWAYS bug.
Why this is a test fix, not a harness fix
The
config_nodesshifted-index convention is longstanding. Other tests in the same file already rely on it (e.g.simulation_integration.rs:2070+and:2284+spell outNodeLabel::node(NETWORK_NAME, 1)when their gateway count is 1, using the next-after-gateways slot). Changing the harness to start regular nodes at index 0 would be a cross-cutting rewrite affecting dozens of test sites with unclear payoff. A 3-line surgical fix to the broken test is the right scope.A follow-up issue could clean up the harness convention later if there's appetite, but this PR's job is unblocking the nightly.
Testing
Local
cargo check --features "simulation_tests,testing,nightly_tests" --testspasses clean. The actualtest_nightly_fault_recovery_speedsimulation takes ~4 minutes of wall time which is too slow for local iteration, but the indexing fix is self-evidently correct from the math: withGATEWAYS=4andNODES=50, iterating4..54yields exactly 50 labels matching the livenode_4..node_53set, solen() == NODESis now satisfied for all three phase assertions.The next nightly run will validate end-to-end.
Fixes
The deterministic
46/50failure ontest_nightly_fault_recovery_speedthat has been red on every nightly run since PR #3795 (2026-04-08) strengthened the assertion. Combined with the previously-merged PR #3871 (suspend-detector + Matrix→River notifier), this should restore theSimulation Tests (Nightly)workflow to green.[AI-assisted - Claude]