fix: improve forest-tool snapshot validate error message

[hanabi1224]

Summary of changes

Changes introduced in this pull request:

• improve forest-tool snapshot validate error message
• fix an off-by-1 bug in --check-stateroots so 900 works for a snapshot that contains 900 recent state roots
• mute some info log for forest-tool

Reference issue to close (if applicable)

Closes

Other information and links

Change checklist

• I have performed a self-review of my own code,
• I have made corresponding changes to the documentation. All new code adheres to the team's documentation standards,
• I have added tests that prove my fix is effective or that my feature works (if possible),
• I have made sure the CHANGELOG is up-to-date. All user-facing changes should be reflected in this document.

Summary by CodeRabbit

• Bug Fixes

  • Corrected epoch window calculation in snapshot validation to ensure the correct tipset range is checked.

• Refactor

  • Clearer success/failure and missing-key messages during snapshot traversal for better diagnostics.
  • Error text when computing tipset state now includes underlying error details.
  • Traversal preserves richer context (epoch, block, item type) for more precise reporting.

• Chores

  • Reduced default log noise by raising several subsystems to warn level by default.

• Documentation

  • Added changelog entry noting improved snapshot-validate error messaging.

[coderabbitai]

Walkthrough

Constrain noisy crates to warn in the default logger, include source text in tipset-state error messages, adjust snapshot epoch window by +1 and remove an explicit progress-bar drop, and enrich IPLD DFS traversal with an IterateType enum plus richer task context and error messages.

Changes

Cohort / File(s)	Summary
Logging defaults src/cli_shared/logger/mod.rs	Added four EnvFilter directives to default_tool_filter: bellperson::groth16::aggregate::verify=warn, storage_proofs_core=warn, axum=warn, filecoin_proofs=warn. No API changes.
State validation error wrapping src/state_manager/mod.rs	Replaced .context("couldn't compute tipset state")? with `.map_err(
Snapshot validation src/tool/subcommands/snapshot_cmd.rs	Adjusted last_epoch from ts.epoch() - epochs as i64 to ts.epoch() - epochs as i64 + 1. Removed explicit drop(pb) after pb.finish_with_message(...). No public API changes.
IPLD DFS traversal & error reporting src/ipld/util.rs	Added IterateType enum (Message(Cid) / StateRoot(Cid)); changed task variant from Iterate(VecDeque<Cid>) to Iterate(ChainEpoch, Cid, IterateType, VecDeque<Cid>); propagate epoch, block CID, and type through DFS; improved [Emit]/[Iterate] missing-key errors with contextual details.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor User
  participant CLI as SnapshotCmd
  participant SM as StateManager
  participant Log as Logger

  User->>CLI: forest snapshot validate ...
  CLI->>Log: create progress bar
  CLI->>SM: validate_tipsets(ts, last_epoch = ts.epoch() - epochs + 1)
  alt success
    SM-->>CLI: Ok(())
    CLI->>Log: pb.finish_with_message("✅ verified!")
    CLI-->>User: Ok
  else error
    SM-->>CLI: Err(e)
    CLI->>Log: pb.abandon_with_message("❌ Transaction result differs from Lotus: {e}")
    CLI-->>User: bail(e)
  end

Loading

sequenceDiagram
  autonumber
  participant DFS as IPLD_DFS
  participant Store as Blockstore
  Note over DFS,Store #E8F0FE: IterateType + richer task context (epoch, block CID)

  DFS->>Store: fetch(root_cid)
  alt block with messages
    DFS->>DFS: enqueue Iterate(epoch, block_cid, IterateType.Message(messages_cid), msg_queue)
  else block with state root
    DFS->>DFS: enqueue Iterate(epoch, block_cid, IterateType.StateRoot(state_root_cid), state_queue)
  end

  loop process queue
    DFS->>Store: fetch(next_cid)
    alt missing key
      Store-->>DFS: Err
      DFS-->>User: "[Iterate] missing key: {cid} from {type} in block {block_cid} at epoch {epoch}"
    else found
      Store-->>DFS: Block
      DFS->>DFS: enqueue Iterate(..., propagated epoch/block/type, child_queue)
    end
  end

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Suggested reviewers

• LesnyRumcajs
• akaladarshi
• elmattic

Tip

🔌 Remote MCP (Model Context Protocol) integration is now available!

Pro plan users can now connect to remote MCP servers from the Integrations page. Connect with popular remote MCPs such as Notion and Linear to add more context to your reviews and chats.

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between cd5214b and a37ec63.

📒 Files selected for processing (1)

• src/tool/subcommands/snapshot_cmd.rs (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• src/tool/subcommands/snapshot_cmd.rs

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (9)

• GitHub Check: cargo-publish-dry-run
• GitHub Check: Build MacOS
• GitHub Check: Build Ubuntu
• GitHub Check: All lint checks
• GitHub Check: tests-release
• GitHub Check: tests
• GitHub Check: Build forest binaries on Linux AMD64
• GitHub Check: Analyze (rust)
• GitHub Check: Analyze (go)

✨ Finishing Touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch hm/improve-snapshot-validate-error

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (4)

src/cli_shared/logger/mod.rs (1)

166-170: Good call reducing noisy crates to warn in tool mode

These directives will materially quieten forest-tool without hiding errors. One minor maintainability thought: the same four directives now live in both default_env_filter() and default_tool_filter(). Consider extracting them into a shared const COMMON_WARN_DIRECTIVES: &[&str] and building each list by chaining, to avoid future drift between the two.

src/state_manager/mod.rs (1)

1730-1731: Preserve error chains while improving the top-level message

Switching to map_err(|e| anyhow!("...: {e}")) makes the display nicer but discards the original error as the source, weakening backtraces/causes. Prefer attaching context while keeping the chain, and print the chain at the call site.

Suggested change here:

-            )
-            .map_err(|e| anyhow::anyhow!("couldn't compute tipset state: {e}"))?;
+            )
+            .context("couldn't compute tipset state")?;

And in the CLI (see comment in snapshot_cmd.rs), print {e:#} (pretty Display) to surface the source error text and context chain.

src/tool/subcommands/snapshot_cmd.rs (2)

434-450: Surface full error context to users

Now that validate_tipsets attaches context, you can print the full cause chain in the spinner message so users see the underlying error too. This keeps rich diagnostics while preserving the progress UI.

-        Err(e) => {
-            pb.abandon_with_message(format!("❌ Transaction result differs from Lotus: {e}"));
-            anyhow::bail!(e);
-        }
+        Err(e) => {
+            // `{e:#}` prints the context chain; typically single-line unless sources include newlines.
+            pb.abandon_with_message(format!("❌ Transaction result differs from Lotus: {e:#}"));
+            anyhow::bail!(e);
+        }

If multi-line messages prove noisy in practice, join the chain manually: let msg = e.chain().map(ToString::to_string).collect::<Vec<_>>().join(": "); and print msg.

---

408-429: Clarify semantics of --check-stateroots help text

The off-by-one change (ts.epoch() – epochs as i64 + 1) is correct and ensures exactly epochs tipsets are validated (yielding epochs – 1 transitions). However, the CLI doc comment for --check-stateroots still reads “Number of recent epochs to scan for bad messages/transactions,” which is misleading:

• It actually controls state‐root validation (not message/transaction scans).
• The number of transitions checked is one less than the provided value.

Please update both occurrences in src/tool/subcommands/snapshot_cmd.rs (around lines 57–59 and 74–76) to clarify:

-    /// Number of recent epochs to scan for bad messages/transactions
+    /// Number of recent state roots to validate (transitions checked = this value – 1)
     #[arg(long, default_value_t = 60)]
     check_stateroots: u32,

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between cb0b335 and 86834c6.

📒 Files selected for processing (3)

• src/cli_shared/logger/mod.rs (1 hunks)
• src/state_manager/mod.rs (1 hunks)
• src/tool/subcommands/snapshot_cmd.rs (2 hunks)

🧰 Additional context used

🧠 Learnings (1)

📓 Common learnings

Learnt from: hanabi1224
PR: ChainSafe/forest#5930
File: build.rs:64-77
Timestamp: 2025-08-13T09:43:20.301Z
Learning: hanabi1224 prefers hard compile-time errors in build scripts rather than runtime safeguards or collision detection, believing it's better to fail fast and fix root causes of issues like malformed snapshot names.

🧬 Code graph analysis (1)

src/tool/subcommands/snapshot_cmd.rs (1)

src/state_manager/mod.rs (3)

• validate_tipsets (1506-1519)
• validate_tipsets (1698-1748)
• chain_config (244-246)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (9)

• GitHub Check: Build forest binaries on Linux AMD64
• GitHub Check: tests-release
• GitHub Check: tests
• GitHub Check: Build Ubuntu
• GitHub Check: Build MacOS
• GitHub Check: cargo-publish-dry-run
• GitHub Check: All lint checks
• GitHub Check: Analyze (go)
• GitHub Check: Analyze (rust)

🔇 Additional comments (1)

src/tool/subcommands/snapshot_cmd.rs (1)

406-407: Spinner lifecycle is now explicit — nice

Moving away from .with_finish(...) here is cleaner since you’re explicitly finishing/abandoning in the success/error paths below. No action needed.

[LesnyRumcajs]

Might be worth adding a changelog entry to the tool.

[LesnyRumcajs]

what's ty? let's use a more meaningful name.

[hanabi1224]

It's type but reserved as keyword. How about _type?

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (4)

src/ipld/util.rs (4)

104-107: Make IterateType self-describing (derive Debug) and centralize formatting via Display.

Deriving Debug helps troubleshooting. Implementing Display avoids ad-hoc string construction at call sites.

Apply:

-enum IterateType {
+#[derive(Debug)]
+enum IterateType {
     Message(Cid),
     StateRoot(Cid),
 }
+
+impl std::fmt::Display for IterateType {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        match self {
+            IterateType::Message(c) => write!(f, "message {c}"),
+            IterateType::StateRoot(c) => write!(f, "state root {c}"),
+        }
+    }
+}

---

208-239: Avoid variable shadowing and reuse IterateType’s Display for formatting.

Using a local string named ty shadows the enum binding and adds noise. Prefer a distinct binding and delegate formatting to Display.

Apply:

-                    Iterate(epoch, block_cid, ty, cid_vec) => {
+                    Iterate(epoch, block_cid, src, cid_vec) => {
...
-                                } else if fail_on_dead_links {
-                                    let ty = match ty {
-                                        IterateType::Message(c) => {
-                                            format!("message {c}")
-                                        }
-                                        IterateType::StateRoot(c) => {
-                                            format!("state root {c}")
-                                        }
-                                    };
-                                    return Poll::Ready(Some(Err(anyhow::anyhow!(
-                                        "[Iterate] missing key: {cid} from {ty} in block {block_cid} at epoch {epoch}"
-                                    ))));
+                                } else if fail_on_dead_links {
+                                    return Poll::Ready(Some(Err(anyhow::anyhow!(
+                                        "[Iterate] missing key: {cid} from {src} in block {block_cid} at epoch {epoch}"
+                                    ))));
                                 }

---

451-452: Align unordered worker error text with the new taxonomy.

Use the “[Iterate]” prefix here for consistency. Consider propagating block/epoch/source in the unordered path in a follow-up (larger refactor).

-                                        .send_async(Err(anyhow::anyhow!("missing key: {cid}")))
+                                        .send_async(Err(anyhow::anyhow!("[Iterate] missing key: {cid}")))

---

520-522: Match unordered Emit error with ordered path.

Prefix the unordered-queue miss with “[Emit]” for parity.

-                    return Poll::Ready(Some(Err(anyhow::anyhow!("missing key: {cid}"))));
+                    return Poll::Ready(Some(Err(anyhow::anyhow!("[Emit] missing key: {cid}"))));

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 30cabb3 and 200b0f2.

📒 Files selected for processing (1)

• src/ipld/util.rs (5 hunks)

🧰 Additional context used

🧠 Learnings (1)

📓 Common learnings

Learnt from: hanabi1224
PR: ChainSafe/forest#5930
File: build.rs:64-77
Timestamp: 2025-08-13T09:43:20.301Z
Learning: hanabi1224 prefers hard compile-time errors in build scripts rather than runtime safeguards or collision detection, believing it's better to fail fast and fix root causes of issues like malformed snapshot names.

🧬 Code graph analysis (1)

src/ipld/util.rs (1)

src/blocks/tipset.rs (2)

• epoch (306-308)
• epoch (543-545)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (9)

• GitHub Check: cargo-publish-dry-run
• GitHub Check: Build MacOS
• GitHub Check: Build Ubuntu
• GitHub Check: tests-release
• GitHub Check: tests
• GitHub Check: Build forest binaries on Linux AMD64
• GitHub Check: All lint checks
• GitHub Check: Analyze (go)
• GitHub Check: Analyze (rust)

🔇 Additional comments (5)

src/ipld/util.rs (5)

113-114: Good call: enriching Iterate with epoch, block CID, and source improves diagnostics.

The additional context should materially reduce triage time when a dead link is hit.

---

203-204: Clearer error taxonomy for Emit path.

Prefixing with “[Emit]” makes it obvious which stage failed.

---

266-273: Capturing message-traversal context is spot on.

Carrying epoch, block CID, and the specific message root will make downstream errors actionable.

---

282-288: State-root traversal context looks good.

Consistent with the message path and respects the stateroot_limit logic and the epoch==0 special case.

---

200-239: No lingering error message references found

Search across the codebase for the old “[Emit] missing key:” and “[Iterate] missing key:” patterns returned only the two occurrences in src/ipld/util.rs (lines 203 and 237), which you’ve already updated. There are no matches in tests, documentation, or other modules—everything is safe to merge.

[hanabi1224]

Might be worth adding a changelog entry to the tool.

Done.

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

src/ipld/util.rs (1)

188-201: Ensure consistent “missing key” prefixes across all error messages

I ran the grep check and found two remaining unprefixed missing key: {cid} diagnostics in src/ipld/util.rs:

• Line 451: within the block_sender.send_async(Err(anyhow::anyhow!("missing key: {cid}"))) call
• Line 521: inside the Poll::Ready(Some(Err(anyhow::anyhow!("missing key: {cid}")))) branch

To align with the existing taxonomy ("[Emit]", "[Iterate]", etc.), please update these to include an appropriate context prefix. For example:

- .send_async(Err(anyhow::anyhow!("missing key: {cid}")))
+ .send_async(Err(anyhow::anyhow!("[Send] missing key: {cid}")))

and

- Err(anyhow::anyhow!("missing key: {cid}"))
+ Err(anyhow::anyhow!("[Emit] missing key: {cid}"))

(or another label that best reflects the operation.)

—

🧹 Nitpick comments (5)

src/ipld/util.rs (5)

104-108: Derive common traits on IterateType for easier debugging and ergonomics.

Add Copy, Clone, and Debug—Cid is Copy in this codebase, so deriving these is cheap and improves logs/tests.

+#[derive(Copy, Clone, Debug)]
 enum IterateType {
     Message(Cid),
     StateRoot(Cid),
 }

---

208-239: Great contextualization of dead-link errors in Iterate path.

Including epoch, block CID, and whether the origin was messages vs state root will materially speed up operator troubleshooting.

Two very minor nits you may consider:

• Since the variable is used, naming it origin (or kind) instead of _type avoids the underscore convention for “intentionally unused” bindings.
• Consider normalizing the wording to “state-root” (hyphenated) for consistency with other docs, e.g., “from state-root {c}”.

---

448-453: Unify error taxonomy in the unordered stream with the ordered stream.

Ordered stream uses “[Emit] …” and “[Iterate] …” prefixes; unordered still reports a bare “missing key: …”. Prefixing unordered emit-path errors with “[Emit]” aligns tooling and tests that parse logs.

Apply both diffs:

--- a/src/ipld/util.rs
+++ b/src/ipld/util.rs
@@
-                                    let _ = block_sender
-                                        .send_async(Err(anyhow::anyhow!("missing key: {cid}")))
+                                    let _ = block_sender
+                                        .send_async(Err(anyhow::anyhow!("[Emit] missing key: {cid}")))
                                         .await;

--- a/src/ipld/util.rs
+++ b/src/ipld/util.rs
@@
-                } else if fail_on_dead_links {
-                    return Poll::Ready(Some(Err(anyhow::anyhow!("missing key: {cid}"))));
+                } else if fail_on_dead_links {
+                    return Poll::Ready(Some(Err(anyhow::anyhow!("[Emit] missing key: {cid}"))));
                 }

Also applies to: 520-522

---

481-509: Minor: surface send() errors with more context.

The error includes the inner value; if you decide to keep enriching diagnostics, consider adding a short prefix like “extract queue:” to disambiguate from ordered-stream errors in downstream logs.

---

180-201: Note for future: consider adding a Display impl for IterateType.

Would let you avoid building a temporary String for type_display and keep formatting terse: “[Iterate] missing key: {cid} from {origin} in block …”.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 200b0f2 and 8010cc9.

📒 Files selected for processing (2)

• CHANGELOG.md (1 hunks)
• src/ipld/util.rs (5 hunks)

🧰 Additional context used

🧠 Learnings (1)

📓 Common learnings

Learnt from: hanabi1224
PR: ChainSafe/forest#5930
File: build.rs:64-77
Timestamp: 2025-08-13T09:43:20.301Z
Learning: hanabi1224 prefers hard compile-time errors in build scripts rather than runtime safeguards or collision detection, believing it's better to fail fast and fix root causes of issues like malformed snapshot names.

🧬 Code graph analysis (1)

src/ipld/util.rs (1)

src/blocks/tipset.rs (2)

• epoch (306-308)
• epoch (543-545)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (10)

• GitHub Check: cargo-publish-dry-run
• GitHub Check: Build MacOS
• GitHub Check: Build Ubuntu
• GitHub Check: tests-release
• GitHub Check: tests
• GitHub Check: Build forest binaries on Linux AMD64
• GitHub Check: All lint checks
• GitHub Check: Link Check
• GitHub Check: Analyze (rust)
• GitHub Check: Analyze (go)

🔇 Additional comments (7)

src/ipld/util.rs (7)

203-205: LGTM: clearer “[Emit] missing key” diagnostic.

The prefix makes it obvious the failure occurred in the emit path, not while expanding links.

---

266-274: LGTM: carrying origin context into queued Iterate tasks.

Passing epoch, block CID, and IterateType when enqueueing messages and state-root walks is a clean way to preserve provenance without adding global state.

Also applies to: 281-289

---

335-368: Concurrency worker pool bounds look sane.

Clamping to 1..=8 workers keeps CPU and memory pressure reasonable while extracting CIDs—good trade-off for I/O-bound workloads.

---

511-585: Graceful shutdown path is robust.

• The PinnedDrop aborts the worker task.
• Extract sender is dropped when the queue drains, allowing workers to exit naturally.
• Remaining queue is flushed before polling the channel again.

No action needed.

---

144-168: Public API remains backwards compatible at construction sites.

stream_chain/stream_graph builders keep signatures; internal Task variant change is encapsulated within ChainStream.

---

583-594: LGTM: ipld_to_cid helper.

Simple and correct; avoids noise where Links are the only values of interest.

---

257-263: Genesis parent emission preserved.

Keeps prior behavior to surface the dummy parent—important for validating genesis snapshots consistently with Lotus.

[akaladarshi]

One small comment, otherwise LGTM