agreement: handle pseudonode enqueueing failures

[tsachiherman]

Summary

This PR addresses two separate issues in the pseudonodeNode implementation:

1. pseudonodeVotesTask.execute and pseudonodeProposalsTask.execute do not handle vote verification enqueueing failures ( to the execution pool ). This could lead the the pseudonode processing go-routine being stuck.
2. The pseudonodeVotesTask.execute could block forever in case the output channel is not being read from.

Trigger

This issue was detected by the telemetry:

 ({num-occurances}): {telemetry error string}
 (67): pseudonode.MakeVotes call failed(attest) pseudonode input channel is full

Test Plan

Few unit tests added. More to come.

[codecov-commenter]

Codecov Report

Merging #2741 (e81e4ad) into master (eea0a75) will increase coverage by 0.04%.
The diff coverage is 63.76%.

@@            Coverage Diff             @@
##           master    #2741      +/-   ##
==========================================
+ Coverage   47.43%   47.47%   +0.04%     
==========================================
  Files         369      369              
  Lines       59494    59532      +38     
==========================================
+ Hits        28221    28265      +44     
- Misses      27984    27986       +2     
+ Partials     3289     3281       -8     

Impacted Files	Coverage Δ
agreement/pseudonode.go	71.80% <61.81%> (-0.35%)	⬇️
agreement/cryptoVerifier.go	75.17% <66.66%> (-0.56%)	⬇️
agreement/asyncVoteVerifier.go	89.83% <75.00%> (+8.01%)	⬆️
ledger/blockqueue.go	81.03% <0.00%> (-2.88%)	⬇️
network/requestTracker.go	71.12% <0.00%> (-0.44%)	⬇️
network/wsNetwork.go	63.04% <0.00%> (-0.30%)	⬇️
network/wsPeer.go	68.33% <0.00%> (+0.27%)	⬆️
ledger/acctupdates.go	65.96% <0.00%> (+0.95%)	⬆️
catchup/peerSelector.go	100.00% <0.00%> (+1.04%)	⬆️
catchup/service.go	70.57% <0.00%> (+1.24%)	⬆️
... and 4 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update eea0a75...e81e4ad. Read the comment docs.

[cce]

Interestingly, inside of EnqueueBacklog it is also doing a select on case <-avv.ctx.Done() (passed in as enqueueCtx, alongside a select for backlog.ctx.Done()) which will cause EnqueueBacklog to return ctx.Err(). If you have two pending selects like that on the stack, is it deterministic which one will fire first?

[cce]

There is this comment warning "instead, enqueue so the worker will set the error value and return the cancelled vote properly." However if the waiting inside EnqueueBacklog() is interrupted by one of the Done()s it's waiting on, it will never reach the worker.

[tsachiherman]

The fact that we have two pending selects isn't an issue. The one in verifyVote would be evaluated when we get to that point, and if it's not canceled yet, it would go to the default statement, executing EnqueueBacklog, where it would also block on the same channel.

As for the comment, I think it's a bug - I think that the intent was to have a fallthrough here. But I would leave that to a separate PR, as it's not really related to this change. ( i.e. in out case, we're passing a TODO context, which would never expire and therefore this statement would never be executed )

[cce]

there are other callers (unauthenticatedBundle.verify and cryptoVerifier.voteFillWorker) passing a valid context into verifyVote — just not pseudonode

[tsachiherman]

yes, I'm aware of that - that's why I did not attempted to change this code ;-)

[cce]

LGTM. Ideally we should only see these new log messages and errors around shutdown time or if something is broken.

[tsachiherman]

LGTM. Ideally we should only see these new log messages and errors around shutdown time or if something is broken.

yes, that's what I'm hoping for.