diff --git a/packages/SwingSet/src/kernel/kernel.js b/packages/SwingSet/src/kernel/kernel.js index f91463d2f0e7..248f2bfc617b 100644 --- a/packages/SwingSet/src/kernel/kernel.js +++ b/packages/SwingSet/src/kernel/kernel.js @@ -821,39 +821,37 @@ export default function buildKernel( upgradeMessage, incarnationNumber: vatKeeper.getIncarnationNumber(), }; - const disconnectObjectCD = kser(disconnectObject); + const disconnectionCapData = kser(disconnectObject); /** @type { import('../types-external.js').KernelDeliveryStopVat } */ - const kd1 = harden(['stopVat', disconnectObjectCD]); - const vd1 = vatWarehouse.kernelDeliveryToVatDelivery(vatID, kd1); - const status1 = await deliverAndLogToVat(vatID, kd1, vd1); + const stopVatKD = harden(['stopVat', disconnectionCapData]); + const stopVatVD = vatWarehouse.kernelDeliveryToVatDelivery( + vatID, + stopVatKD, + ); + const stopVatStatus = await deliverAndLogToVat(vatID, stopVatKD, stopVatVD); + const stopVatResults = deliveryCrankResults(vatID, stopVatStatus, false); - // TODO: send BOYD to the vat, to give it one last chance to clean - // up, drop imports, and delete durable data. If we ever have a - // vat that is so broken it can't do BOYD, we can make that - // optional. #7001 + // We don't meter stopVat, since no user code is running, but we + // still report computrons to the runPolicy + let { computrons } = stopVatResults; // BigInt or undefined + if (computrons !== undefined) { + assert.typeof(computrons, 'bigint'); + } - // make arguments for vat-vat-admin.js vatUpgradeCallback() /** - * @param {SwingSetCapData} _errorCD + * Make a method-arguments structure representing failure + * for vat-vat-admin.js vatUpgradeCallback(). + * + * @param {SwingSetCapData} _errorCapData * @returns {RawMethargs} */ - function makeFailure(_errorCD) { - insistCapData(_errorCD); // kser(Error) + const makeFailureMethargs = _errorCapData => { + insistCapData(_errorCapData); // kser(Error) // const error = kunser(_errorCD) // actually we shouldn't reveal the details, so instead we do: const error = Error('vat-upgrade failure'); return ['vatUpgradeCallback', [upgradeID, false, error]]; - } - - // We use deliveryCrankResults to parse the stopVat status. - const results1 = deliveryCrankResults(vatID, status1, false); - - // We don't meter stopVat, since no user code is running, but we - // still report computrons to the runPolicy - let { computrons } = results1; // BigInt or undefined - if (computrons !== undefined) { - assert.typeof(computrons, 'bigint'); - } + }; // TODO: if/when we implement vat pause/suspend, and if // deliveryCrankResults changes to not use .terminate to indicate @@ -861,18 +859,20 @@ export default function buildKernel( // pause/suspend a vat for a delivery error, here we want to // unwind the upgrade. - if (results1.terminate) { + if (stopVatResults.terminate) { // get rid of the worker, so the next delivery to this vat will // re-create one from the previous state // eslint-disable-next-line @jessie.js/no-nested-await await vatWarehouse.stopWorker(vatID); // notify vat-admin of the failed upgrade - const vatAdminMethargs = makeFailure(results1.terminate.info); + const vatAdminMethargs = makeFailureMethargs( + stopVatResults.terminate.info, + ); // we still report computrons to the runPolicy const results = harden({ - ...results1, + ...stopVatResults, computrons, abort: true, // always unwind consumeMessage: true, // don't repeat the upgrade @@ -884,9 +884,14 @@ export default function buildKernel( // stopVat succeeded. finish cleanup on behalf of the worker. + // TODO: send BOYD to the vat, to give it one last chance to clean + // up, drop imports, and delete durable data. If we ever have a + // vat that is so broken it can't do BOYD, we can make that + // optional. #7001 + // walk c-list for all decided promises, reject them all for (const kpid of kernelKeeper.enumeratePromisesByDecider(vatID)) { - doResolve(vatID, [[kpid, true, disconnectObjectCD]]); + resolveToError(kpid, disconnectionCapData, vatID); } // TODO: getNonDurableObjectExports, synthesize abandonVSO, @@ -909,23 +914,32 @@ export default function buildKernel( // deliver a startVat with the new vatParameters /** @type { import('../types-external.js').KernelDeliveryStartVat } */ - const kd2 = harden(['startVat', vatParameters]); - const vd2 = vatWarehouse.kernelDeliveryToVatDelivery(vatID, kd2); + const startVatKD = harden(['startVat', vatParameters]); + const startVatVD = vatWarehouse.kernelDeliveryToVatDelivery( + vatID, + startVatKD, + ); // decref vatParameters now that translation did incref for (const kref of vatParameters.slots) { kernelKeeper.decrementRefCount(kref, 'upgrade-vat-event'); } - const status2 = await deliverAndLogToVat(vatID, kd2, vd2); - const results2 = deliveryCrankResults(vatID, status2, false); - computrons = addComputrons(computrons, results2.computrons); + const startVatStatus = await deliverAndLogToVat( + vatID, + startVatKD, + startVatVD, + ); + const startVatResults = deliveryCrankResults(vatID, startVatStatus, false); + computrons = addComputrons(computrons, startVatResults.computrons); - if (results2.terminate) { + if (startVatResults.terminate) { // unwind just like above // eslint-disable-next-line @jessie.js/no-nested-await await vatWarehouse.stopWorker(vatID); - const vatAdminMethargs = makeFailure(results2.terminate.info); + const vatAdminMethargs = makeFailureMethargs( + startVatResults.terminate.info, + ); const results = harden({ - ...results2, + ...startVatResults, computrons, abort: true, // always unwind consumeMessage: true, // don't repeat the upgrade