Support state migration on upgrade #103
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…te can be imported into a test contract without importing all the public exports in lib.rs that are hidden by the contract compile-time feature
birchmd
commented
May 20, 2021
src/sdk.rs
Outdated
| @@ -4,6 +4,7 @@ use borsh::{BorshDeserialize, BorshSerialize}; | |||
|
|
|||
| const READ_STORAGE_REGISTER_ID: u64 = 0; | |||
| const INPUT_REGISTER_ID: u64 = 0; | |||
| const GAS_FOR_STATE_MIGRATION: u64 = 100_000_000_000_000; | |||
There was a problem hiding this comment.
I'm not 100% sure on the value for this constant. 100 Tgas seems like it should be enough any sort of state migration we want to do, but we could push it higher if we think this might not be enough.
We could also leave it as is and update the constant only if we actually write a migration that requires more gas (I assume we'll test all upgrades before we do them, so we'll know if we need more gas).
There was a problem hiding this comment.
I think it makes sense to set it as a max value (300 Tgas). As this is not user's function I don't think there's any problem that we will be required to pay some more gas for the state migration (which hopefully won't happen too frequently). So I don't think we need to put any max value constrain here.
There was a problem hiding this comment.
Well, we can't set it to 300 Tgas because that the way promises work is they take gas from the original transaction. So if the original deploy_upgrade transaction was given 300 Tgas then we could only give the promise it creates an amount of gas equal to 300 minus whatever amount is used in creating the promise.
We could set it higher, e.g. I think 250 Tgas would work, but I don't know if there is much value in figuring out exactly how high it can be when we don't know that 100 isn't enough.
There was a problem hiding this comment.
Oh, yeah sorry I forgot that we are talking about the inner promise. Then sure 250 Tgas could be an option.
joshuajbouw
approved these changes
May 24, 2021
sept-en
added a commit
that referenced
this pull request
May 28, 2021
* Document `aurora encode-address` usage. * Cache cargo artifacts between CI runs. (#92) * Address comments from audit. (#86) * Validate register length in `read_input_arr20()` * Only read register length in `Engine::get_code_size` * Add `read_input_borsh()` * Ensure `method.args.len() == args_decoded.len()` * Ensure register size is 8 in `read_u64` * Use constant to specify the register ID used in `read_input()` * Reduce size of `cargo cache` in CI. (#95) * Define a `Wei` newtype for balances. (#96) * Fix evm-bully builds after recent refactoring. (#100) * Refactor `Engine::get_state` to return a `Result`. (#99) * Ensure that `Cargo.lock` in the repo is valid. (#101) * Remove unneeded nightly feature. (#102) * Dispatch precompiles on the full address. (#107) * Support state migration on upgrade. (#103) * Remove resolved TODOs * Fix state migration test * Conditional compilation minor improvements. Co-authored-by: Arto Bendiken <arto@aurora.dev> Co-authored-by: Michael Birch <michael@near.org> Co-authored-by: Aleksey Kladov <aleksey.kladov@gmail.com>
mfornet
added a commit
that referenced
this pull request
Jun 4, 2021
* Base precompile code between connectors (#73) * Base precompile code between connectors * Handle errors and validate input * Use proper result * Document `aurora encode-address` usage. * Cache cargo artifacts between CI runs. (#92) * Address comments from audit. (#86) * Validate register length in `read_input_arr20()` * Only read register length in `Engine::get_code_size` * Add `read_input_borsh()` * Ensure `method.args.len() == args_decoded.len()` * Ensure register size is 8 in `read_u64` * Use constant to specify the register ID used in `read_input()` * Reduce size of `cargo cache` in CI. (#95) * Define a `Wei` newtype for balances. (#96) * Fix evm-bully builds after recent refactoring. (#100) * Refactor `Engine::get_state` to return a `Result`. (#99) * Ensure that `Cargo.lock` in the repo is valid. (#101) * Remove unneeded nightly feature. (#102) * Implement BC generational storage. * fix address input * remove note * put key on the end of the storage key * remove pub from methods * Dispatch precompiles on the full address. (#107) * Support state migration on upgrade. (#103) * Implement the ETH connector. (#59) * Move when to call `set_generation` * Fix arg Co-authored-by: Marcelo Fornet <mfornet94@gmail.com> Co-authored-by: Arto Bendiken <arto@aurora.dev> Co-authored-by: Michael Birch <michael@near.org> Co-authored-by: Aleksey Kladov <aleksey.kladov@gmail.com> Co-authored-by: Evgeny Ukhanov <mrlsd@ya.ru>
mfornet
added a commit
that referenced
this pull request
Jun 10, 2021
* Add tests for state check after selfdestruct * Aurora runner tracks storage usage to avoid underflow when storage is released in future transactions (#85) * Implement generational storage (#87) * Base precompile code between connectors (#73) * Base precompile code between connectors * Handle errors and validate input * Use proper result * Document `aurora encode-address` usage. * Cache cargo artifacts between CI runs. (#92) * Address comments from audit. (#86) * Validate register length in `read_input_arr20()` * Only read register length in `Engine::get_code_size` * Add `read_input_borsh()` * Ensure `method.args.len() == args_decoded.len()` * Ensure register size is 8 in `read_u64` * Use constant to specify the register ID used in `read_input()` * Reduce size of `cargo cache` in CI. (#95) * Define a `Wei` newtype for balances. (#96) * Fix evm-bully builds after recent refactoring. (#100) * Refactor `Engine::get_state` to return a `Result`. (#99) * Ensure that `Cargo.lock` in the repo is valid. (#101) * Remove unneeded nightly feature. (#102) * Implement BC generational storage. * fix address input * remove note * put key on the end of the storage key * remove pub from methods * Dispatch precompiles on the full address. (#107) * Support state migration on upgrade. (#103) * Implement the ETH connector. (#59) * Move when to call `set_generation` * Fix arg Co-authored-by: Marcelo Fornet <mfornet94@gmail.com> Co-authored-by: Arto Bendiken <arto@aurora.dev> Co-authored-by: Michael Birch <michael@near.org> Co-authored-by: Aleksey Kladov <aleksey.kladov@gmail.com> Co-authored-by: Evgeny Ukhanov <mrlsd@ya.ru> * Fix layout of the key * Fix all tests (don't wipe the storage all the time) * Use correct generation in writing storage * Remove unnecessary references Co-authored-by: Michael Birch <michael@near.org> Co-authored-by: Joshua J. Bouw <dev@joshuajbouw.com> Co-authored-by: Arto Bendiken <arto@aurora.dev> Co-authored-by: Aleksey Kladov <aleksey.kladov@gmail.com> Co-authored-by: Evgeny Ukhanov <mrlsd@ya.ru> Co-authored-by: Michael Birch <michael.birch@aurora.dev>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR is much smaller than it looks based on the diff line count. The majority of the changes come from adding a proper test for this functionality (the original
test_upgradewas not sufficient).The key differences in the main code are:
state_migrationas a new public method of the contractsdk::self_deployto callstate_migrationafter it has deployed the new code.To test this functionality I define a test contract and upgrade to it, checking that the upgrade succeed by calling a new function it exposes. To prevent duplicating logic, the test contract imports the production contract as a library, which required some small code reorganization in
lib.rsand changing the crate features a little to expose thesdkandenginelogic, but not the public entry points (if these are imported also then there is a linker error aboutstate_migrationbegin defined twice because it is also defined in the test contract).