Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

liveslots+vatManager must provide secondary-storage API to vats as global #1867

Closed
warner opened this issue Oct 13, 2020 · 2 comments · Fixed by #1895
Closed

liveslots+vatManager must provide secondary-storage API to vats as global #1867

warner opened this issue Oct 13, 2020 · 2 comments · Fixed by #1895
Assignees
@warner
Labels
enhancement New feature or request SwingSet package: SwingSet

Comments

@warner
Copy link
Member

warner commented Oct 13, 2020

What is the Problem Being Solved?

As described in #1846 (comment) , we're going to need to provide some secondary-storage "container" / Representative APIs to get handed to vats. The tricky part is that we want to provide them as globals, rather than as properties of the vatPowers argument we give to buildRootObject().

This is challenging because of the way vats are built:

  • the vatManager prepares the set of globals to provide
  • the vatManager uses importBundle to evaluate the vat code, returning the exported buildRootObject function
  • the vatManager then calls makeLiveslots(buildRootObject), to get back thedispatch object which will handle deliveries

For this task, makeLiveslots is also creating the container APIs, because they must share the marshalling tables which liveslots manages (vatToSlot and friends). That's a problem, because we need these APIs to be available well before we call makeLiveslots.

So there's a cycle that needs breaking.
@warner warner added enhancement New feature or request SwingSet package: SwingSet labels Oct 13, 2020
@warner
Copy link
Member Author

warner commented Oct 14, 2020

proposal:

const { vatGlobals, dispatch, setBuildRootObject } = makeLiveslots(syscall, state, ..);
const ns = await importBundle(bundle, .. vatGlobals);
setBuildRootObject(ns.buildRootObject); // calls buildRootObject() once before returning
return dispatch;

It would be a "this should never happen" error for the kernel to invoke any dispatch methods before setBuildRootObject() has been called.

@warner
Copy link
Member Author

warner commented Oct 14, 2020

Note that maybe vats should consume these global objects via a "ponyfill" package (@agoric/weak-store? @agoric/external-store?), so that unit test code can import from that package and work without actually running inside a vat.

@warner warner self-assigned this Oct 21, 2020
warner added a commit that referenced this issue Oct 21, 2020
@warner
fix: refactor liveSlots so it could provide vat globals
52dec28 
This splits up `makeLiveslots` so that the `buildRootObject` function is
provided later, after it returns. This makes it possible to delay the import
of the vat code until after liveslots has provided globals to put into its
Compartment.

This does not yet provide any globals (the `vatGlobals` which `makeLiveslots`
returns is empty). Nor does it change the vat managers to use the
`vatGlobals` in any way. But these changes should be a lot easier now.

Closes #1867.
warner added a commit that referenced this issue Oct 21, 2020
@warner
fix: refactor liveSlots so it could provide vat globals
165205f 
This splits up `makeLiveslots` so that the `buildRootObject` function is
provided later, after it returns. This makes it possible to delay the import
of the vat code until after liveslots has provided globals to put into its
Compartment.

This does not yet provide any globals (the `vatGlobals` which `makeLiveslots`
returns is empty). Nor does it change the vat managers to use the
`vatGlobals` in any way. But these changes should be a lot easier now.

refs #1867
@warner warner mentioned this issue Oct 21, 2020
Merged
warner added a commit that referenced this issue Oct 21, 2020
@warner
fix: add liveslots-provided globals to vat Compartments
3c79d51 
Liveslots does not yet provide any `vatGlobals`, but this ensures that any
ones it does provide in the future will be added to the `endowments` on the
vat's Compartment. We'll use this to populate `makeExternalStore` -type
functions, which want to be globals (because threading them from `vatPowers`
into modules that need them would be too annoying), but must also be in
cahoots with closely-held WeakMaps and "Representative" state management code
from liveslots, as described in #455 and #1846.

closes #1867
@warner warner mentioned this issue Oct 21, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@warner warner

Labels
enhancement New feature or request SwingSet package: SwingSet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: add liveslots-provided globals to vat Compartments Agoric/agoric-sdk
1 participant
@warner