Explicit async-flow wake #10208
Explicit async-flow wake #10208
Conversation
Deploying agoric-sdk with
|
| Latest commit: |
332eb05
|
| Status: | ✅ Deploy successful! |
| Preview URL: | https://4bd08da4.agoric-sdk.pages.dev |
| Branch Preview URL: | https://mhofman-9377-wake-all.agoric-sdk.pages.dev |
Implicitly prepare the vowTools
Rewrite wake test to use helper
mhofman
force-pushed
the
mhofman/9377-wake-all
branch
from
8beaf10
to
ee710ca
Compare
| // Cannot call this until everything is prepared, so postpone to a later | ||
| // turn. (Ideally, we'd postpone to a later crank because prepares are | ||
| // allowed anytime in the first crank. But there's currently no pleasant | ||
| // way to postpone to a later crank.) | ||
| // See https://github.com/Agoric/agoric-sdk/issues/9377 | ||
| const allWokenP = E.when(null, () => adminAsyncFlow.wakeAll()); | ||
|
|
There was a problem hiding this comment.
Good to see this code go away. wakeUpgradeGate has the right semantics and is much more understandable.
| * @import {Zone} from '@agoric/base-zone'; | ||
| * @import {PreparationOptions} from '../src/types.js'; | ||
| */ | ||
|
|
||
| /** @typedef {(e: any, t: ExecutionContext) => void} TestAsyncFlowPanicHandler */ |
| // new incarnation, but otherwise should wait until a wake watcher is triggered. | ||
|
|
||
| import { Fail } from '@endo/errors'; | ||
| import { testAsyncLife } from './prepare-test-env-ava.js'; |
There was a problem hiding this comment.
I suggest there could be an initial testAsyncLife, which returns a new testAsyncLife with its reincarnation state curried in:
| import { testAsyncLife } from './prepare-test-env-ava.js'; | |
| import { testAsyncLifeFromScratch } from './prepare-test-env-ava.js'; |
| return { resolver, waiter }; | ||
| }; | ||
|
|
||
| testAsyncLife( |
There was a problem hiding this comment.
| testAsyncLife( | |
| const testAsyncLifeAfterSetup = testAsyncLifeFromScratch( |
| }, | ||
| ); | ||
|
|
||
| testAsyncLife( |
There was a problem hiding this comment.
| testAsyncLife( | |
| const testAsyncLifeAfterSleeping = testAsyncLifeAfterSetup( |
There was a problem hiding this comment.
Nice mechanical simplification.
mhofman
force-pushed
the
mhofman/9377-wake-all
branch
from
8e80417
to
ee710ca
Compare
| * upgrade. In the first incarnation, the state is assumed to be born already | ||
| * finalized, and there is no failure if the "finalize" is not explicitly | ||
| * performed. In future incarnation the upgrade will fail if the "finalize" step | ||
| * is not explicitly performed. |
There was a problem hiding this comment.
please name the entity that is responsible for performing the finalization
There was a problem hiding this comment.
I'm not sure how to shoe horn that in this comment. While defined within async-flow.js, this is written as a generic utility.
How about something along the lines:
Helper to enforce that a post-redefinition "finalize" step has been performed on upgrade. In some cases, it may be necessary to execute some operations on upgraded durable objects, which can only happen after the objects' kinds and their dependencies have all been redefined. A "finalize upgrade gate" helps enforce that this finalize step is performed by the contract on upgrade. It returns a function which should be called by the finalize step to indicate the operations were performed. In the first incarnation, it assumes that no finalizer step is necessary, and there is no failure if the function is not called. However, in a future incarnation, the upgrade will fail if the function is not called.
mhofman
force-pushed
the
mhofman/9377-wake-all
branch
from
e21b11e
to
198ad9e
Compare
|
I'm gonna need to force push to split one of the commits in 2, sorry for the inconvenience. Done: 198ad9e..332eb05 |
Co-authored-by: Michael FIG <mfig@agoric.com>
mhofman
force-pushed
the
mhofman/9377-wake-all
branch
from
198ad9e
to
87b619d
Compare
Refs: Agoric/agoric-sdk#10208 ## Description the `ava` test functions can be nested more than one level deep. This change recurses test functions with known names until none is found. ### Security Considerations None ### Scaling Considerations None ### Documentation Considerations Relaxes the type of acceptable test functions as it only really cares about it being a test function, regardless of whatever chain expandos it may have. ### Testing Considerations Manually verified that a `test.serial.only` does show errors details as expected. Not sure if we have any automated coverage for this. ### Compatibility Considerations None ### Upgrade Considerations This is used by tests only, and can be consumed as a non breaking change simply by using the new NPM package including this fix.
closes: #9377
closes: #9383
refs: #9753
best reviewed commit-by-commit
Description
This PR adds a lot of helpers to more ergonomically write async flow / liveslots upgrade tests, uses these to add a bunch of test cases around async-flow wake, then changes the behavior of async-flow to require an explicit
wakeAllcall once all flows are redefined. It updates thewithOrchestrationhelper to callwakeAll.Security Considerations
To avoid the risk of stuck flows if
wakeAllis not called, a "finalize gate" is introduced that would cause the upgrade to fail if the function is not called.Scaling Considerations
None
Documentation Considerations
The change in behavior is a breaking change, and marked as such, however no deployed code directly uses async-flow.
Testing Considerations
Lots of testing infra updates.
Full unit testing of the wake logic, including the new explicit wakeAll and its gate.
TODO: I am looking at further streamlining the test helpers to make it more obvious the tests are all serial and carry state between each test definition.
Upgrade Considerations
Deployable as new NPM packages. I have to check whether the breaking change commit would also cause the
orchestrationpackage to get a semver major change, as that may be unnecessary.TODO: potentially split that commit