Merge pull request #1245 from urbit/ccr-replay-reform

cc-release: finish event replacement
This commit is contained in:
Joe Bryan 2019-04-25 13:58:35 -07:00 committed by GitHub
commit 70bc0cc5dd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 85 additions and 19 deletions

View File

@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:e85cccf129bc9d03280d6142be58e56e230717c2ca9b8baeab38fb541e91b4f9
size 5280561
oid sha256:8e1b2d19d2b71a3c407358ff69b14de0029bd6a7c486b819f59274d615652917
size 5210146

@ -1 +1 @@
Subproject commit 46c92473477ba8f4d14a6e2bb22319c8bf5970a4
Subproject commit 587b4d26df6396a21478a110fc0736df319298a0

View File

@ -603,6 +603,7 @@
struct _u3_pier* pir_u; // backpointer to pier
u3_noun job; // (pair date ovum)
c3_d evt_d; // event number
c3_d rep_d; // replacement count
u3_noun now; // event time
c3_l msc_l; // ms to timeout
c3_l mug_l; // hash before executing

View File

@ -674,6 +674,12 @@ _pier_work_replace(u3_writ* wit_u,
c3_assert(god_u->sen_d == wit_u->evt_d);
// something has gone very wrong, we should probably stop now
//
if ( wit_u->rep_d >= 3ULL ) {
u3_pier_bail();
}
/* move backward in work processing
*/
{
@ -683,7 +689,9 @@ _pier_work_replace(u3_writ* wit_u,
u3z(wit_u->mat);
wit_u->mat = mat;
god_u->sen_d -= 1;
wit_u->rep_d += 1ULL;
god_u->sen_d -= 1ULL;
}
if ( wit_u->evt_d > pir_u->lif_d ) {
@ -1139,6 +1147,18 @@ _pier_loop_wake(u3_pier* pir_u)
{
c3_l cod_l;
// inject fresh entropy
//
{
c3_w eny_w[16];
c3_rand(eny_w);
u3_noun wir = u3nt(u3_blip, c3__arvo, u3_nul);
u3_noun car = u3nc(c3__wack, u3i_words(16, eny_w));
_pier_writ_insert_ovum(pir_u, 0, u3nc(wir, car));
}
cod_l = u3a_lush(c3__unix);
u3_unix_io_talk(pir_u);
u3_unix_ef_bake(pir_u);
@ -1356,8 +1376,6 @@ _pier_boot_vent(u3_boot* bot_u)
// prepend entropy to the module sequence
//
// XX also copy to _pier_loop_wake?
//
{
c3_w eny_w[16];
c3_rand(eny_w);

View File

@ -329,7 +329,7 @@ _worker_grab(u3_noun sac, u3_noun ovo, u3_noun vir)
static void
_worker_fail(void* vod_p, const c3_c* wut_c)
{
u3l_log("worker: fail: %s\r\n", wut_c);
u3l_log("work: fail: %s\r\n", wut_c);
exit(1);
}
@ -388,10 +388,56 @@ _worker_send_slog(u3_noun hod)
static void
_worker_lame(c3_d evt_d, u3_noun ovo, u3_noun why, u3_noun tan)
{
// %crud will be sent on the original wire.
u3_noun rep;
u3_noun wir, tag, cad;
u3x_trel(ovo, &wir, &tag, &cad);
// a deterministic error (%exit) in a network packet (%hear)
// generates a negative-acknowlegement attempt (%hole).
//
_worker_send_replace(evt_d, u3nc(u3k(u3h(ovo)), u3nt(c3__crud, why, tan)));
u3z(ovo);
// A comment from the old implementation:
// There should be a separate path for crypto failures,
// to prevent timing attacks, but isn't right now. To deal
// with a crypto failure, just drop the packet.
//
if ( (c3__hear == tag) && (c3__exit == why) ) {
rep = u3nt(u3k(wir), c3__hole, u3k(cad));
}
// failed event notifications (%crud) are replaced with
// an even more generic notifications, on a generic arvo wire.
// N.B this must not be allowed to fail!
//
// [%warn original-event-tag=@tas combined-trace=(list tank)]
//
else if ( c3__crud == tag ) {
u3_noun lef = u3nc(c3__leaf, u3i_tape("crude crashed!"));
u3_noun nat = u3kb_weld(u3k(u3t(cad)), u3nc(lef, u3k(tan)));
rep = u3nc(u3nt(u3_blip, c3__arvo, u3_nul),
u3nt(c3__warn, u3k(u3h(cad)), nat));
}
// failed failure failing fails
//
else if ( c3__warn == tag ) {
_worker_fail(0, "%warn replacement event failed");
c3_assert(0);
}
// failure notifications are sent on the same wire
//
// [%crud event-tag=@tas event-trace=(list tank)]
//
else {
// prepend failure mote to tank
//
u3_noun lef = u3nc(c3__leaf, u3kb_weld(u3i_tape("bail: "),
u3qc_rip(3, why)));
u3_noun nat = u3kb_weld(u3k(tan), u3nc(lef, u3_nul));
rep = u3nc(u3k(wir), u3nt(c3__crud, u3k(tag), nat));
}
_worker_send_replace(evt_d, rep);
u3z(ovo); u3z(why); u3z(tan);
}
/* _worker_sure(): event succeeded, report completion.
@ -481,7 +527,7 @@ _worker_work_live(c3_d evt_d, // event number
if ( c3__belt != u3h(u3t(ovo)) ) {
c3_c* txt_c = u3r_string(u3h(u3t(ovo)));
u3l_log("worker: %s (%" PRIu64 ") live\r\n", txt_c, evt_d);
u3l_log("work: %s (%" PRIu64 ") live\r\n", txt_c, evt_d);
}
}
#endif
@ -563,15 +609,15 @@ _worker_boot_fire(u3_noun eve)
*/
static void
_worker_work_boot(c3_d evt_d,
c3_l mug_l,
u3_noun job)
c3_l mug_l,
u3_noun job)
{
c3_assert(evt_d == u3V.evt_d + 1ULL);
u3V.evt_d = evt_d;
u3A->roe = u3nc(job, u3A->roe);
u3l_log("worker: (%" PRIu64 ")| boot\r\n", evt_d);
u3l_log("work: (%" PRIu64 ")| boot\r\n", evt_d);
if ( u3V.len_w == evt_d ) {
u3_noun eve, pru;
@ -579,7 +625,7 @@ _worker_work_boot(c3_d evt_d,
eve = u3kb_flop(u3A->roe);
u3A->roe = 0;
u3l_log("worker: (%" PRIu64 ")| pill: %x\r\n", evt_d, u3r_mug(eve));
u3l_log("work: (%" PRIu64 ")| pill: %x\r\n", evt_d, u3r_mug(eve));
pru = u3m_soft(0, _worker_boot_fire, eve);
@ -590,7 +636,7 @@ _worker_work_boot(c3_d evt_d,
u3A->roc = u3k(u3t(pru));
u3l_log("worker: (%" PRIu64 ")| core: %x\r\n", evt_d, u3r_mug(u3A->roc));
u3l_log("work: (%" PRIu64 ")| core: %x\r\n", evt_d, u3r_mug(u3A->roc));
// XX set u3A->evt_d ?
//
@ -607,8 +653,8 @@ _worker_work_boot(c3_d evt_d,
*/
static void
_worker_poke_work(c3_d evt_d, // event number
c3_l mug_l, // mug of state
u3_noun job) // full event
c3_l mug_l, // mug of state
u3_noun job) // full event
{
if ( u3C.wag_w & u3o_trace ) {
if ( u3_Host.tra_u.con_w == 0 && u3_Host.tra_u.fun_w == 0 ) {
@ -757,6 +803,7 @@ _worker_poke(void* vod_p, u3_noun mat)
evt_d = u3r_chub(0, evt);
u3z(evt);
u3z(jar);
c3_assert( evt_d == u3V.evt_d );
@ -796,7 +843,7 @@ u3_worker_boot(void)
u3V.len_w = 0;
}
u3l_log("worker: play %" PRIu64 "\r\n", nex_d);
u3l_log("work: play %" PRIu64 "\r\n", nex_d);
_worker_send(u3nc(c3__play, dat));
}