paritytech · s0me0ne-unkn0wn · Apr 26, 2023 · Apr 27, 2023 · Apr 27, 2023 · May 1, 2023
diff --git a/node/core/candidate-validation/src/lib.rs b/node/core/candidate-validation/src/lib.rs
@@ -238,7 +238,11 @@ async fn run<Context>(
 	}
 }
 
-struct RuntimeRequestFailed;
+enum RuntimeRequestFailed {
+	Dropped,
+	InternalError,
+	NotSupported,
+}
 
 async fn runtime_api_request<T, Sender>(
 	sender: &mut Sender,
@@ -258,7 +262,7 @@ where
 		.map_err(|_| {
 			gum::debug!(target: LOG_TARGET, ?relay_parent, "Runtime API request dropped");
 
-			RuntimeRequestFailed
+			RuntimeRequestFailed::Dropped
 		})
 		.and_then(|res| {
 			res.map_err(|e| {
@@ -269,7 +273,7 @@ where
 					"Runtime API request internal error"
 				);
 
-				RuntimeRequestFailed
+				RuntimeRequestFailed::InternalError
 			})
 		})
 }
@@ -292,6 +296,43 @@ where
 	.await
 }
 
+async fn request_pending_executor_params<Sender>(
+	sender: &mut Sender,
+	relay_parent: Hash,
+) -> Result<ExecutorParams, RuntimeRequestFailed>
+where
+	Sender: SubsystemSender<RuntimeApiMessage>,
+{
+	let (tx, rx) = oneshot::channel();
+	sender
+		.send_message(
+			RuntimeApiMessage::Request(relay_parent, RuntimeApiRequest::PendingExecutorParams(tx))
+				.into(),
+		)
+		.await;
+
+	rx.await
+		.map_err(|_| {
+			gum::debug!(target: LOG_TARGET, ?relay_parent, "Runtime API request dropped");
+
+			RuntimeRequestFailed::Dropped
+		})
+		.and_then(|res| {
+			res.map_err(|e| {
+				gum::debug!(
+					target: LOG_TARGET,
+					?relay_parent,
+					err = ?e,
+					"Runtime API request internal error"
+				);
+				match e {
+					RuntimeApiError::Execution { .. } => RuntimeRequestFailed::InternalError,
+					RuntimeApiError::NotSupported { .. } => RuntimeRequestFailed::NotSupported,
+				}
+			})
+		})
+}
+
 async fn precheck_pvf<Sender>(
 	sender: &mut Sender,
 	mut validation_backend: impl ValidationBackend,
@@ -318,25 +359,52 @@ where
 			},
 		};
 
-	let executor_params =
-		if let Ok(executor_params) = executor_params_at_relay_parent(relay_parent, sender).await {
+	let executor_params = match request_pending_executor_params(sender, relay_parent).await {
+		Ok(executor_params) => {
 			gum::debug!(
 				target: LOG_TARGET,
 				?relay_parent,
 				?validation_code_hash,
-				"precheck: acquired executor params for the session: {:?}",
+				"precheck: acquired pending executor params: {:?}",
 				executor_params,
 			);
 			executor_params
-		} else {
+		},
+		Err(RuntimeRequestFailed::NotSupported) => {
+			// Old runtime that doesn't support retrieving pending configuration. Use the
+			// current configuration as a backward compatibility measure.
+			// TODO: Remove this after all the networks are upgraded to runtimes supporting
+			//       pending_executor_params()
+			if let Ok(executor_params) = executor_params_at_relay_parent(relay_parent, sender).await
+			{
+				gum::debug!(
+					target: LOG_TARGET,
+					?relay_parent,
+					?validation_code_hash,
+					"precheck: acquired current executor params: {:?}",
+					executor_params,
+				);
+				executor_params
+			} else {
+				gum::warn!(
+					target: LOG_TARGET,
+					?relay_parent,
+					?validation_code_hash,
+					"precheck: failed to acquire current executor params, thus voting against.",
+				);
+				return PreCheckOutcome::Invalid
+			}
+		},
+		Err(_) => {
 			gum::warn!(
 				target: LOG_TARGET,
 				?relay_parent,
 				?validation_code_hash,
-				"precheck: failed to acquire executor params for the session, thus voting against.",
+				"precheck: failed to acquire pending executor params, thus voting against.",
 			);
 			return PreCheckOutcome::Invalid
-		};
+		},
+	};
 
 	let timeout = pvf_prep_timeout(&executor_params, PvfPrepTimeoutKind::Precheck);
 
@@ -388,7 +456,7 @@ where
 		.await;
 
 		match d {
-			Ok(None) | Err(RuntimeRequestFailed) => return AssumptionCheckOutcome::BadRequest,
+			Ok(None) | Err(_) => return AssumptionCheckOutcome::BadRequest,
 			Ok(Some(d)) => d,
 		}
 	};
@@ -406,7 +474,7 @@ where
 		.await;
 
 		match validation_code {
-			Ok(None) | Err(RuntimeRequestFailed) => AssumptionCheckOutcome::BadRequest,
+			Ok(None) | Err(_) => AssumptionCheckOutcome::BadRequest,
 			Ok(Some(v)) => AssumptionCheckOutcome::Matches(validation_data, v),
 		}
 	} else {
@@ -516,8 +584,7 @@ where
 		{
 			Ok(true) => {},
 			Ok(false) => return Ok(ValidationResult::Invalid(InvalidCandidate::InvalidOutputs)),
-			Err(RuntimeRequestFailed) =>
-				return Err(ValidationFailed("Check Validation Outputs: Bad request".into())),
+			Err(_) => return Err(ValidationFailed("Check Validation Outputs: Bad request".into())),
 		}
 	}
 

diff --git a/node/core/runtime-api/src/cache.rs b/node/core/runtime-api/src/cache.rs
@@ -63,6 +63,7 @@ pub(crate) struct RequestResultCache {
 		LruCache<(Hash, ParaId, OccupiedCoreAssumption), Option<ValidationCodeHash>>,
 	version: LruCache<Hash, u32>,
 	disputes: LruCache<Hash, Vec<(SessionIndex, CandidateHash, DisputeState<BlockNumber>)>>,
+	pending_executor_params: LruCache<Hash, ExecutorParams>,
 }
 
 impl Default for RequestResultCache {
@@ -90,6 +91,7 @@ impl Default for RequestResultCache {
 			validation_code_hash: LruCache::new(DEFAULT_CACHE_CAP),
 			version: LruCache::new(DEFAULT_CACHE_CAP),
 			disputes: LruCache::new(DEFAULT_CACHE_CAP),
+			pending_executor_params: LruCache::new(DEFAULT_CACHE_CAP),
 		}
 	}
 }
@@ -385,6 +387,21 @@ impl RequestResultCache {
 	) {
 		self.disputes.put(relay_parent, value);
 	}
+
+	pub(crate) fn pending_executor_params(
+		&mut self,
+		relay_parent: &Hash,
+	) -> Option<&ExecutorParams> {
+		self.pending_executor_params.get(relay_parent)
+	}
+
+	pub(crate) fn cache_pending_executor_params(
+		&mut self,
+		relay_parent: Hash,
+		value: ExecutorParams,
+	) {
+		self.pending_executor_params.put(relay_parent, value);
+	}
 }
 
 pub(crate) enum RequestResult {
@@ -422,4 +439,5 @@ pub(crate) enum RequestResult {
 	ValidationCodeHash(Hash, ParaId, OccupiedCoreAssumption, Option<ValidationCodeHash>),
 	Version(Hash, u32),
 	Disputes(Hash, Vec<(SessionIndex, CandidateHash, DisputeState<BlockNumber>)>),
+	PendingExecutorParams(Hash, ExecutorParams),
 }
diff --git a/node/core/runtime-api/src/lib.rs b/node/core/runtime-api/src/lib.rs
@@ -157,6 +157,9 @@ where
 				self.requests_cache.cache_version(relay_parent, version),
 			Disputes(relay_parent, disputes) =>
 				self.requests_cache.cache_disputes(relay_parent, disputes),
+			PendingExecutorParams(relay_parent, pending_executor_params) => self
+				.requests_cache
+				.cache_pending_executor_params(relay_parent, pending_executor_params),
 		}
 	}
 
@@ -271,6 +274,8 @@ where
 					.map(|sender| Request::ValidationCodeHash(para, assumption, sender)),
 			Request::Disputes(sender) =>
 				query!(disputes(), sender).map(|sender| Request::Disputes(sender)),
+			Request::PendingExecutorParams(sender) => query!(pending_executor_params(), sender)
+				.map(|sender| Request::PendingExecutorParams(sender)),
 		}
 	}
 
@@ -490,5 +495,11 @@ where
 			query!(ValidationCodeHash, validation_code_hash(para, assumption), ver = 2, sender),
 		Request::Disputes(sender) =>
 			query!(Disputes, disputes(), ver = Request::DISPUTES_RUNTIME_REQUIREMENT, sender),
+		Request::PendingExecutorParams(sender) => query!(
+			PendingExecutorParams,
+			pending_executor_params(),
+			ver = Request::PENDING_EXECUTOR_PARAMS_RUNTIME_REQUIREMENT,
+			sender
+		),
 	}
 }
diff --git a/node/subsystem-types/src/messages.rs b/node/subsystem-types/src/messages.rs
@@ -603,6 +603,9 @@ pub enum RuntimeApiRequest {
 	),
 	/// Returns all on-chain disputes at given block number. Available in `v3`.
 	Disputes(RuntimeApiSender<Vec<(SessionIndex, CandidateHash, DisputeState<BlockNumber>)>>),
+	/// Returns the latest pending executor parameter set, or the current set if no configuration
+	/// changes are pending
+	PendingExecutorParams(RuntimeApiSender<ExecutorParams>),
 }
 
 impl RuntimeApiRequest {
@@ -613,6 +616,9 @@ impl RuntimeApiRequest {
 
 	/// `ExecutorParams`
 	pub const EXECUTOR_PARAMS_RUNTIME_REQUIREMENT: u32 = 4;
+
+	/// Pending `ExecutorParams`
+	pub const PENDING_EXECUTOR_PARAMS_RUNTIME_REQUIREMENT: u32 = 5;
 }
 
 /// A message to the Runtime API subsystem.

diff --git a/node/subsystem-types/src/runtime_client.rs b/node/subsystem-types/src/runtime_client.rs
@@ -201,6 +201,12 @@ pub trait RuntimeApiSubsystemClient {
 		&self,
 		at: Hash,
 	) -> std::result::Result<Vec<sp_authority_discovery::AuthorityId>, ApiError>;
+
+	/***** Staging *****/
+
+	/// Returns the latest pending executor parameter set, or the current set if no configuration
+	/// changes are pending
+	async fn pending_executor_params(&self, at: Hash) -> Result<ExecutorParams, ApiError>;
 }
 
 #[async_trait]
@@ -374,4 +380,8 @@ where
 	) -> Result<Vec<(SessionIndex, CandidateHash, DisputeState<BlockNumber>)>, ApiError> {
 		self.runtime_api().disputes(at)
 	}
+
+	async fn pending_executor_params(&self, at: Hash) -> Result<ExecutorParams, ApiError> {
+		self.runtime_api().pending_executor_params(at)
+	}
 }
diff --git a/primitives/src/runtime_api.rs b/primitives/src/runtime_api.rs
@@ -218,5 +218,11 @@ sp_api::decl_runtime_apis! {
 
 		/// Returns execution parameters for the session.
 		fn session_executor_params(session_index: SessionIndex) -> Option<ExecutorParams>;
+
+		/***** STAGING *****/
+		/// Returns the latest pending executor parameter set, or the current set if no configuration
+		/// changes are pending
+		#[api_version(5)]
+		fn pending_executor_params() -> ExecutorParams;
 	}
 }
diff --git a/roadmap/implementers-guide/src/pvf-prechecking.md b/roadmap/implementers-guide/src/pvf-prechecking.md
@@ -46,6 +46,8 @@ The logic described above is implemented by the [paras] module.
 
 On the node-side, there is a PVF pre-checking [subsystem][pvf-prechecker-subsystem] that scans the chain for new PVFs via using [runtime APIs][pvf-runtime-api]. Upon finding a new PVF, the subsystem will initiate a PVF pre-checking request and wait for the result. Whenever the result is obtained, the subsystem will use the [runtime API][pvf-runtime-api] to submit a vote for the PVF. The vote is an unsigned transaction. The vote will be distributed via the gossip similarly to a normal transaction. Eventually a block producer will include the vote into the block where it will be handled by the [runtime][paras].
 
+It is worth noting that executor environment parameters, which are part of [configuration], may affect the results of PVF pre-checking. For example, changing limits exposed by execution environment parameters may render valid a PVF that was invalid before the parameters changed. To perform pre-checking deterministically, the pre-checking subsystem uses pending execution environment parameters instead of the current ones. Pending configurations changes are postponed for two sessions, as well as the PVF upgrade, so a PVF pre-checked in session N is guaranteed to be valid and usable in session N+2 no matter if any configuration changes are pending or not.
+
 ## Summary
 
 Parachains' and parathreads' validation function is described by a wasm module that we refer to as a PVF.
@@ -62,3 +64,4 @@ Besides pre-checking, preparation can also be triggered by execution, since a co
 [paras]: runtime/paras.md
 [pvf-runtime-api]: runtime-api/pvf-prechecking.md
 [pvf-prechecker-subsystem]: node/utility/pvf-prechecker.md
+[configuration]: runtime/configuration.md
diff --git a/runtime/parachains/src/configuration.rs b/runtime/parachains/src/configuration.rs
@@ -1374,4 +1374,14 @@ impl<T: Config> Pallet<T> {
 
 		Ok(())
 	}
+
+	/// Returns the latest pending executor parameter set, or the current set if no configuration
+	/// changes are pending
+	pub fn pending_executor_params() -> ExecutorParams {
+		<PendingConfigs<T>>::get()
+			.last()
+			.map(|(_, config)| config.clone())
+			.unwrap_or_else(Self::config)
+			.executor_params
+	}
 }
diff --git a/runtime/parachains/src/runtime_api_impl/vstaging.rs b/runtime/parachains/src/runtime_api_impl/vstaging.rs
@@ -15,3 +15,12 @@
 // along with Polkadot.  If not, see <http://www.gnu.org/licenses/>.
 
 //! Put implementations of functions from staging APIs here.
+
+use crate::configuration;
+use primitives::ExecutorParams;
+
+/// Returns the latest pending executor parameter set, or the current set if no configuration
+/// changes are pending
+pub fn pending_executor_params<T: configuration::Config>() -> ExecutorParams {
+	<configuration::Pallet<T>>::pending_executor_params()
+}
diff --git a/runtime/rococo/src/lib.rs b/runtime/rococo/src/lib.rs
@@ -1645,6 +1645,7 @@ sp_api::impl_runtime_apis! {
 		}
 	}
 
+	#[api_version(5)]
 	impl primitives::runtime_api::ParachainHost<Block, Hash, BlockNumber> for Runtime {
 		fn validators() -> Vec<ValidatorId> {
 			parachains_runtime_api_impl::validators::<Runtime>()
@@ -1750,6 +1751,10 @@ sp_api::impl_runtime_apis! {
 		fn disputes() -> Vec<(SessionIndex, CandidateHash, DisputeState<BlockNumber>)> {
 			parachains_runtime_api_impl::get_session_disputes::<Runtime>()
 		}
+
+		fn pending_executor_params() -> ExecutorParams {
+			runtime_parachains::runtime_api_impl::vstaging::pending_executor_params::<Runtime>()
+		}
 	}
 
 	#[api_version(2)]

diff --git a/runtime/westend/src/lib.rs b/runtime/westend/src/lib.rs
@@ -1361,6 +1361,7 @@ sp_api::impl_runtime_apis! {
 		}
 	}
 
+	#[api_version(5)]
 	impl primitives::runtime_api::ParachainHost<Block, Hash, BlockNumber> for Runtime {
 		fn validators() -> Vec<ValidatorId> {
 			parachains_runtime_api_impl::validators::<Runtime>()
@@ -1466,6 +1467,10 @@ sp_api::impl_runtime_apis! {
 		fn disputes() -> Vec<(SessionIndex, CandidateHash, DisputeState<BlockNumber>)> {
 			parachains_runtime_api_impl::get_session_disputes::<Runtime>()
 		}
+
+		fn pending_executor_params() -> ExecutorParams {
+			runtime_parachains::runtime_api_impl::vstaging::pending_executor_params::<Runtime>()
+		}
 	}
 
 	impl beefy_primitives::BeefyApi<Block> for Runtime {