Merge branch 'mraszyk/canister-history-populate' into 'master'

[EXC-1180]: Populate canister history with canister changes

This MR makes the replica record canister changes in the `CanisterHistory` struct of the canister's `SystemState`. 

See merge request dfinity-lab/public/ic!11955

Author: mraszyk

rs/execution_environment/src/canister_manager.rs

@@ -14,8 +14,8 @@ use ic_config::flag_status::FlagStatus;
 use ic_cycles_account_manager::CyclesAccountManager;
 use ic_error_types::{ErrorCode, RejectCode, UserError};
 use ic_ic00_types::{
-    CanisterChangeOrigin, CanisterInstallMode, CanisterStatusResultV2, CanisterStatusType,
-    InstallCodeArgs, Method as Ic00Method,
+    CanisterChangeDetails, CanisterChangeOrigin, CanisterInstallMode, CanisterStatusResultV2,
+    CanisterStatusType, InstallCodeArgs, Method as Ic00Method,
 };
 use ic_interfaces::execution_environment::{
     CanisterOutOfCyclesError, HypervisorError, IngressHistoryWriter, SubnetAvailableMemory,
@@ -260,6 +260,12 @@ impl TryFrom<(CanisterChangeOrigin, InstallCodeArgs)> for InstallCodeContext {
     }
 }
 
+/// Indicates whether `uninstall_canister` should push a canister change (with a given change origin) to canister history.
+pub enum AddCanisterChangeToHistory {
+    Yes(CanisterChangeOrigin),
+    No,
+}
+
 /// The entity responsible for managing canisters (creation, installing, etc.)
 pub(crate) struct CanisterManager {
     hypervisor: Arc<Hypervisor>,
@@ -469,7 +475,7 @@ impl CanisterManager {
     /// `canister_id`.
     pub(crate) fn update_settings(
         &self,
-        _timestamp_nanos: Time,
+        timestamp_nanos: Time,
         origin: CanisterChangeOrigin,
         settings: CanisterSettings,
         canister: &mut CanisterState,
@@ -494,6 +500,8 @@ impl CanisterManager {
 
         let validated_settings =
             ValidatedCanisterSettings::try_from((settings, self.config.max_controllers))?;
+        let is_controllers_change =
+            validated_settings.controller.is_some() || validated_settings.controllers.is_some();
 
         let old_usage = canister.memory_usage(self.config.own_subnet_type);
         let old_mem = canister
@@ -538,6 +546,14 @@ impl CanisterManager {
         }
 
         canister.system_state.canister_version += 1;
+        if is_controllers_change {
+            let new_controllers = canister.system_state.controllers.iter().copied().collect();
+            canister.system_state.add_canister_change(
+                timestamp_nanos,
+                origin,
+                CanisterChangeDetails::controllers_change(new_controllers),
+            );
+        }
 
         Ok(())
     }
@@ -806,7 +822,12 @@ impl CanisterManager {
             validate_controller(canister, &sender)?
         }
 
-        let rejects = uninstall_canister(&self.log, canister, time, Some(origin));
+        let rejects = uninstall_canister(
+            &self.log,
+            canister,
+            time,
+            AddCanisterChangeToHistory::Yes(origin),
+        );
         crate::util::process_responses(
             rejects,
             state,
@@ -1220,6 +1241,19 @@ impl CanisterManager {
         round_limits.compute_allocation_used = round_limits
             .compute_allocation_used
             .saturating_add(new_canister.scheduler_state.compute_allocation.as_percent());
+
+        let controllers = new_canister
+            .system_state
+            .controllers
+            .iter()
+            .copied()
+            .collect();
+        new_canister.system_state.add_canister_change(
+            state.time(),
+            origin,
+            CanisterChangeDetails::canister_creation(controllers),
+        );
+
         // Add new canister to the replicated state.
         state.put_canister_state(new_canister);
 
@@ -1541,7 +1575,7 @@ pub fn uninstall_canister(
     log: &ReplicaLogger,
     canister: &mut CanisterState,
     time: Time,
-    _origin: Option<CanisterChangeOrigin>,
+    add_canister_change: AddCanisterChangeToHistory,
 ) -> Vec<Response> {
     // Drop the canister's execution state.
     canister.execution_state = None;
@@ -1553,6 +1587,16 @@ pub fn uninstall_canister(
     canister.system_state.global_timer = CanisterTimer::Inactive;
     // Increment canister version.
     canister.system_state.canister_version += 1;
+    match add_canister_change {
+        AddCanisterChangeToHistory::Yes(origin) => {
+            canister.system_state.add_canister_change(
+                time,
+                origin,
+                CanisterChangeDetails::CanisterCodeUninstall,
+            );
+        }
+        AddCanisterChangeToHistory::No => {}
+    };
 
     let mut rejects = Vec::new();
     let canister_id = canister.canister_id();

rs/execution_environment/src/canister_manager/tests.rs

@@ -1,8 +1,8 @@
 use crate::{
     as_num_instructions,
     canister_manager::{
-        uninstall_canister, CanisterManager, CanisterManagerError, CanisterMgrConfig,
-        InstallCodeContext, StopCanisterResult,
+        uninstall_canister, AddCanisterChangeToHistory, CanisterManager, CanisterManagerError,
+        CanisterMgrConfig, InstallCodeContext, StopCanisterResult,
     },
     canister_settings::{CanisterSettings, CanisterSettingsBuilder},
     execution_environment::as_round_instructions,
@@ -20,9 +20,9 @@ use ic_constants::SMALL_APP_SUBNET_MAX_SIZE;
 use ic_cycles_account_manager::CyclesAccountManager;
 use ic_error_types::{ErrorCode, UserError};
 use ic_ic00_types::{
-    CanisterChangeOrigin, CanisterIdRecord, CanisterInstallMode, CanisterSettingsArgsBuilder,
-    CanisterStatusType, CreateCanisterArgs, EmptyBlob, InstallCodeArgs, Method, Payload,
-    UpdateSettingsArgs,
+    CanisterChange, CanisterChangeDetails, CanisterChangeOrigin, CanisterIdRecord,
+    CanisterInstallMode, CanisterSettingsArgsBuilder, CanisterStatusType, CreateCanisterArgs,
+    EmptyBlob, InstallCodeArgs, Method, Payload, UpdateSettingsArgs,
 };
 use ic_interfaces::{
     execution_environment::{
@@ -72,7 +72,7 @@ use ic_types::{
 use ic_wasm_types::{CanisterModule, WasmValidationError};
 use lazy_static::lazy_static;
 use maplit::{btreemap, btreeset};
-use std::{collections::BTreeSet, convert::TryFrom, sync::Arc};
+use std::{collections::BTreeSet, convert::TryFrom, mem::size_of, sync::Arc};
 
 use super::InstallCodeResult;
 use prometheus::IntCounter;
@@ -763,8 +763,16 @@ fn upgrading_canister_makes_subnet_oversubscribed() {
 fn install_canister_fails_if_memory_capacity_exceeded() {
     let initial_cycles = Cycles::new(1_000_000_000_000_000);
     let mb = 1 << 20;
+    // canister history memory usage for canister1 at the beginning of install_code
+    let canister_history_memory_usage = size_of::<CanisterChange>() + size_of::<PrincipalId>();
     let memory_capacity = 1000 * mb;
-    let memory_used = memory_capacity - 10 * mb;
+    // canister1 memory usage before code change: `canister_history_memory_usage`
+    // canister1 memory usage after code change: `memory_used`
+    // => SubnetAvailableMemory decreases by `memory_used - canister_history_memory_usage`
+    // after canister1 code change and then SubnetAvailableMemory is equal to
+    // `memory_capacity - (memory_used - canister_history_memory_usage)`;
+    // we want this quantity to be `10 * mb` and derive the value of `memory_used` from there.
+    let memory_used = memory_capacity - 10 * mb + (canister_history_memory_usage as u64);
 
     let wat = r#"
         (module
@@ -2599,8 +2607,12 @@ fn installing_a_canister_with_not_enough_memory_allocation_fails() {
             .0
             .unwrap();
 
-        // Give just 10 bytes of memory allocation which should result in an error.
-        let memory_allocation = MemoryAllocation::try_from(NumBytes::from(10)).unwrap();
+        // Give just 10 bytes of memory allocation on top of canister history memory usage
+        // at the beginning of install_code which should result in an error.
+        let canister_history_memory = size_of::<CanisterChange>() + size_of::<PrincipalId>();
+        let memory_allocation =
+            MemoryAllocation::try_from(NumBytes::from(canister_history_memory as u64 + 10))
+                .unwrap();
         let res = install_code(
             &canister_manager,
             InstallCodeContextBuilder::default()
@@ -2645,7 +2657,12 @@ fn installing_a_canister_with_not_enough_memory_allocation_fails() {
 
         // Attempt to re-install with low memory allocation should fail.
         let instructions_before_reinstall = as_num_instructions(round_limits.instructions);
-        let memory_allocation = MemoryAllocation::try_from(NumBytes::from(50)).unwrap();
+        // Give just 50 bytes of memory allocation on top of canister history memory usage
+        // at the beginning of install_code which should result in an error.
+        let canister_history_memory = 2 * size_of::<CanisterChange>() + size_of::<PrincipalId>();
+        let memory_allocation =
+            MemoryAllocation::try_from(NumBytes::from(canister_history_memory as u64 + 50))
+                .unwrap();
         let res = install_code(
             &canister_manager,
             InstallCodeContextBuilder::default()
@@ -2849,7 +2866,7 @@ fn uninstall_canister_doesnt_respond_to_responded_call_contexts() {
                 .with_call_context(CallContextBuilder::new().with_responded(true).build())
                 .build(),
             mock_time(),
-            None,
+            AddCanisterChangeToHistory::No,
         ),
         Vec::new()
     );
@@ -2873,7 +2890,7 @@ fn uninstall_canister_responds_to_unresponded_call_contexts() {
                 )
                 .build(),
             mock_time(),
-            None,
+            AddCanisterChangeToHistory::No,
         )[0],
         Response::Ingress(IngressResponse {
             message_id: message_test_id(456),
@@ -3357,6 +3374,7 @@ fn install_code_preserves_system_state_and_scheduler_state() {
         .sender(controller.into())
         .canister_id(canister_id)
         .build();
+    let module_hash = ctxt.wasm_module.module_hash();
     let (instructions_left, res, canister) =
         install_code(&canister_manager, ctxt, &mut state, &mut round_limits);
     state.put_canister_state(canister.unwrap());
@@ -3367,7 +3385,8 @@ fn install_code_preserves_system_state_and_scheduler_state() {
     // No heap delta.
     assert_eq!(res.unwrap().heap_delta, NumBytes::from(0));
 
-    // Verify the system state is preserved except for certified data, global timer, and canister version.
+    // Verify the system state is preserved except for certified data, global timer,
+    // canister version, and canister history.
     let new_state = state
         .canister_state(&canister_id)
         .unwrap()
@@ -3376,6 +3395,11 @@ fn install_code_preserves_system_state_and_scheduler_state() {
     original_canister.system_state.certified_data = Vec::new();
     original_canister.system_state.global_timer = CanisterTimer::Inactive;
     original_canister.system_state.canister_version += 1;
+    original_canister.system_state.add_canister_change(
+        state.time(),
+        canister_change_origin_from_canister(&controller),
+        CanisterChangeDetails::code_deployment(CanisterInstallMode::Install, module_hash),
+    );
     assert_eq!(new_state, original_canister.system_state);
 
     // Verify the scheduler state is preserved.
@@ -3392,6 +3416,7 @@ fn install_code_preserves_system_state_and_scheduler_state() {
         .sender(controller.into())
         .canister_id(canister_id)
         .build();
+    let module_hash = ctxt.wasm_module.module_hash();
     let (instructions_left, res, canister) =
         install_code(&canister_manager, ctxt, &mut state, &mut round_limits);
     state.put_canister_state(canister.unwrap());
@@ -3405,7 +3430,8 @@ fn install_code_preserves_system_state_and_scheduler_state() {
     // No heap delta.
     assert_eq!(res.unwrap().heap_delta, NumBytes::from(0));
 
-    // Verify the system state is preserved except for certified data, global timer, and canister version.
+    // Verify the system state is preserved except for certified data, global timer,
+    // canister version, and canister history.
     let new_state = state
         .canister_state(&canister_id)
         .unwrap()
@@ -3414,6 +3440,11 @@ fn install_code_preserves_system_state_and_scheduler_state() {
     original_canister.system_state.certified_data = Vec::new();
     original_canister.system_state.global_timer = CanisterTimer::Inactive;
     original_canister.system_state.canister_version += 1;
+    original_canister.system_state.add_canister_change(
+        state.time(),
+        canister_change_origin_from_canister(&controller),
+        CanisterChangeDetails::code_deployment(CanisterInstallMode::Reinstall, module_hash),
+    );
     assert_eq!(new_state, original_canister.system_state);
 
     // Verify the scheduler state is preserved.
@@ -3436,6 +3467,7 @@ fn install_code_preserves_system_state_and_scheduler_state() {
         .sender(controller.into())
         .canister_id(canister_id)
         .build();
+    let module_hash = ctxt.wasm_module.module_hash();
     let (instructions_left, res, canister) =
         install_code(&canister_manager, ctxt, &mut state, &mut round_limits);
     state.put_canister_state(canister.unwrap());
@@ -3449,14 +3481,20 @@ fn install_code_preserves_system_state_and_scheduler_state() {
     // No heap delta.
     assert_eq!(res.unwrap().heap_delta, NumBytes::from(0));
 
-    // Verify the system state is preserved except for global timer and canister version.
+    // Verify the system state is preserved except for global timer,
+    // canister version, and canister history.
     let new_state = state
         .canister_state(&canister_id)
         .unwrap()
         .system_state
         .clone();
     original_canister.system_state.global_timer = CanisterTimer::Inactive;
     original_canister.system_state.canister_version += 1;
+    original_canister.system_state.add_canister_change(
+        state.time(),
+        canister_change_origin_from_canister(&controller),
+        CanisterChangeDetails::code_deployment(CanisterInstallMode::Upgrade, module_hash),
+    );
     assert_eq!(new_state, original_canister.system_state);
 
     // Verify the scheduler state is preserved.
@@ -3634,9 +3672,14 @@ fn test_upgrade_when_updating_memory_allocation_via_canister_settings() {
             compute_allocation_used: state.total_compute_allocation(),
         };
         let sender = canister_test_id(100).get();
+        // canister history memory usage at the beginning of attempted upgrade
+        let canister_history_memory = 2 * size_of::<CanisterChange>() + size_of::<PrincipalId>();
         let settings = CanisterSettingsBuilder::new()
             .with_memory_allocation(
-                MemoryAllocation::try_from(NumBytes::from(WASM_PAGE_SIZE_IN_BYTES + 100)).unwrap(),
+                MemoryAllocation::try_from(NumBytes::from(
+                    WASM_PAGE_SIZE_IN_BYTES + 100 + canister_history_memory as u64,
+                ))
+                .unwrap(),
             )
             .build();
         let wat = r#"
@@ -3705,12 +3748,16 @@ fn test_upgrade_when_updating_memory_allocation_via_canister_settings() {
         );
         state.put_canister_state(res.2.unwrap());
 
+        // canister history memory usage at the beginning of update_settings
+        let canister_history_memory = 2 * size_of::<CanisterChange>() + size_of::<PrincipalId>();
         // Update memory allocation to a big enough value via canister settings. The
         // upgrade should succeed.
         let settings = CanisterSettingsBuilder::new()
             .with_memory_allocation(
-                MemoryAllocation::try_from(NumBytes::from(WASM_PAGE_SIZE_IN_BYTES * 2 + 100))
-                    .unwrap(),
+                MemoryAllocation::try_from(NumBytes::from(
+                    WASM_PAGE_SIZE_IN_BYTES * 2 + 100 + canister_history_memory as u64,
+                ))
+                .unwrap(),
             )
             .build();
 

rs/execution_environment/src/execution/install.rs

@@ -86,6 +86,7 @@ pub(crate) fn execute_install(
     let canister_id = helper.canister().canister_id();
     let layout = canister_layout(&original.canister_layout_path, &canister_id);
     let context_sender = context.sender();
+    let module_hash = context.wasm_module.module_hash();
     let (instructions_from_compilation, result) = round.hypervisor.create_execution_state(
         context.wasm_module,
         layout.raw_path(),
@@ -105,6 +106,7 @@ pub(crate) fn execute_install(
     helper.clear_certified_data();
     helper.deactivate_global_timer();
     helper.bump_canister_version();
+    helper.add_canister_change(round.time, context.origin, context.mode, module_hash.into());
 
     // Stage 2: invoke the `start()` method of the Wasm module (if present).
     let method = WasmMethod::System(SystemMethod::CanisterStart);

rs/execution_environment/src/execution/install_code.rs

@@ -6,7 +6,7 @@ use std::path::{Path, PathBuf};
 use ic_base_types::{CanisterId, NumBytes, PrincipalId};
 use ic_config::flag_status::FlagStatus;
 use ic_embedders::wasm_executor::CanisterStateChanges;
-use ic_ic00_types::CanisterInstallMode;
+use ic_ic00_types::{CanisterChangeDetails, CanisterChangeOrigin, CanisterInstallMode};
 use ic_interfaces::{
     execution_environment::{
         HypervisorError, HypervisorResult, SubnetAvailableMemory, SubnetAvailableMemoryError,
@@ -23,6 +23,7 @@ use ic_types::{
     funds::Cycles, CanisterTimer, ComputeAllocation, Height, MemoryAllocation, NumInstructions,
     Time,
 };
+use ic_wasm_types::WasmHash;
 
 use crate::{
     canister_manager::{
@@ -121,6 +122,20 @@ impl InstallCodeHelper {
         self.canister.system_state.canister_version += 1;
     }
 
+    pub fn add_canister_change(
+        &mut self,
+        timestamp_nanos: Time,
+        origin: CanisterChangeOrigin,
+        mode: CanisterInstallMode,
+        module_hash: WasmHash,
+    ) {
+        self.canister.system_state.add_canister_change(
+            timestamp_nanos,
+            origin,
+            CanisterChangeDetails::code_deployment(mode, module_hash.to_slice()),
+        );
+    }
+
     pub fn execution_parameters(&self) -> &ExecutionParameters {
         &self.execution_parameters
     }