DAOS-17106 swim: Never change self_id

[jxiong]

In the current implementation of DAOS, when it fails to select a dping target, it will set its self_id to SWIM_ID_INVALID and from now on, the node is not fully functional because only swim_updates_short() will be invoked to respond to PING and IPING request. Once the node enters into this state, it can not be restored.

This PR fixes the problem by not setting the self_id to SWIM_ID_INVALID if it won't be able to find a dping target. It's simply not necessary.

Change-Id: I4a2dad9aeb0571f938a84a97a9e29868a33b01a1

Before requesting gatekeeper:

• Two review approvals and any prior change requests have been resolved.
• Testing is complete and all tests passed or there is a reason documented in the PR why it should be force landed and forced-landing tag is set.
• Features: (or Test-tag*) commit pragma was used or there is a reason documented that there are no appropriate tags for this PR.
• Commit messages follows the guidelines outlined here.
• Any tests skipped by the ticket being addressed have been run and passed in the PR.

Gatekeeper:

• You are the appropriate gatekeeper to be landing the patch.
• The PR has 2 reviews by people familiar with the code, including appropriate owners.
• Githooks were used. If not, request that user install them and check copyright dates.
• Checkpatch issues are resolved. Pay particular attention to ones that will show up on future PRs.
• All builds have passed. Check non-required builds for any new compiler warnings.
• Sufficient testing is done. Check feature pragmas and test tags and that tests skipped for the ticket are run and now pass with the changes.
• If applicable, the PR has addressed any potential version compatibility issues.
• Check the target branch. If it is master branch, should the PR go to a feature branch? If it is a release branch, does it have merge approval in the JIRA ticket.
• Extra checks if forced landing is requested
  • Review comments are sufficiently resolved, particularly by prior reviewers that requested changes.
  • No new NLT or valgrind warnings. Check the classic view.
  • Quick-build or Quick-functional is not used.
• Fix the commit message upon landing. Check the standard here. Edit it to create a single commit. If necessary, ask submitter for a new summary.

[jxiong]

@liw I don't really understand the usage of sc_next_tick_time, can you please explain it for me?

[github-actions]

Ticket title is 'SWIM enters into a weird state and never restores'
Status is 'Open'
https://daosio.atlassian.net/browse/DAOS-17106

[liw]

[Suggestion] Shall we refrain from making not-strictly-necessary changes, please? I find my brain converts this MIN into the original if structure before it understands what it is happening---this surprises me.

[jxiong]

This is just better code, IMO.
For the original code, you have to look into what is being compared and what is being assigned to understand what it is doing. I found it sometime difficult to understand.

Therefore, I take this change as an improvement but not 'not-strictly-necessary'; because it will help the other folks understand the code easier.

[liw]

[Suggestion] Since this is the only place generating DER_SHUTDOWN in src/cart, I wonder if removing it allows us to remove some of the code that handles this DER_SHUTDOWN in src/cart?

[jxiong]

that's a good idea. Will fix it.

[liw]

Although I'm not totally clear about how sc_next_event and sc_next_tick_time work, most other places in swim carefully prevent pushing sc_next_event into a future timestamp. This makes me wonder:

• If we go to out in this case, there's a risk that next time swim_progress is called, we might be (hopefully) a bit pass sc_next_event (which might not be a big deal?).
• If we leave sc_next_event as it is and continue the loop, will there be any problem?

[jxiong]

sc_next_event is clearly defined which is the next time the swim should be scheduled. sc_next_tick_time seems to be just a copy of it but it's not well maintained or just a variable with bad name.

I don't see an issue to change sc_next_event though. And if we don't break, it will just have loop until the previous deadline comes. I tend to think the current fix is fine regarding this issue.