Implement cache deletes

[iFrostizz]

Cache deletes in the program state so that we now avoid cache misses when it comes to data deletion.
Also added a cache insertion when calling get.
The new cache now tells the caller wether the data is here Data(Vec<u8>), has been deleted Deleted or ToDelete if it's scheduled to be deleted when the cache is flushed.
There is a caveat though which is that ZST Vecs are completely disabled by borsh-rs. That's because they want to avoid a potential DOS since huge vecs can easily be crafted using ZST (they are free memory-wise!) with vec![(), !0].
See near/borsh-rs#52
We need to make sure that we are not exposed to that, or that fuel is correctly metering to avoid abuses.

Closes #867
Closes #868

[iFrostizz]

a tab was off 😄

[richardpringle]

You can take this change and land it in a separate PR if you want it in earlier/immediately.

[iFrostizz]

It's fine, it's only catching the eye when writing another aligned stuff just below

[iFrostizz]

Here, Deleted means "we know that there is no value here", it could be a bit unclear since it may mean that some value was here before, while it just means that we checked in the actual storage and there is no value.

[iFrostizz]

Also, having a value at a key K in the cache means "we know the state of the value here". If it's not here that means that it's unknown.

[richardpringle]

🤔

Since we know that the empty Vec is not something that we store, would it make more sense to simply have:

#[derive]
#[non_exhaustive] // should include this in case we decide to extend or change the behaviour here 
pub enum CacheValue {
    Data(Vec<u8>),
    ToDelete,
}

Then you can match on the value as follows:

match cache_value {
    Data(bytes) if !bytes.is_empty() => borsh::from_slice(bytes),
    ToDetele => ... 
}

[iFrostizz]

I'm not sure how to avoid the repetition here, in one branch the data is borrowed because it comes from the cache. On the other, it has been copied from host so it's owned.

[iFrostizz]

It's working quite well though because we need an owned value to insert in the cache.

[richardpringle]

Why can't you follow the same pattern as before but use a match instead?

let val_bytes = match cache.get(&key) {
    Some(CacheValue::Data(val)) => val,
    Some(CacheValue::ToDelete | CacheValue::Deleted) => {
        return Ok(None),
    },
    None => // same as the else from before
}

[richardpringle]

Okay, this actually compiles

    pub fn get<V>(self, key: K) -> Result<Option<V>, Error>
    where
        V: BorshDeserialize,
    {
        #[link(wasm_import_module = "state")]
        extern "C" {
            #[link_name = "get_bytes"]
            fn get_bytes(ptr: *const u8, len: usize) -> HostPtr;
        }

        let mut cache = self.cache.borrow_mut();

        let cached_data = match cache.get(&key) {
            Some(cached_data) => cached_data,
            None => {
                let args_bytes = borsh::to_vec(&key).map_err(|_| StateError::Serialization)?;

                let ptr = unsafe { get_bytes(args_bytes.as_ptr(), args_bytes.len()) };

                if ptr.is_null() {
                    cache.insert(key, CachedData::Deleted);
                    return Ok(None);
                }

                cache.entry(key).or_insert(CachedData::Data(ptr.into()))
            }
        };

        match cached_data {
            CachedData::Data(data) => from_slice::<V>(data)
                .map_err(|_| StateError::Deserialization)
                .map(Some),
            CachedData::ToDelete | CachedData::Deleted => Ok(None),
        }
    }

[richardpringle]

Okay, sorry for taking so long with this review.

I want to check with @dboehm-avalabs to see if he also things it would make sense before you launch into it, but what I would like you to do is centralize the API first. What I mean by that is a single

       #[link(wasm_import_module = "state")]
        extern "C" {
            #[link_name = "put_bytes"]
            fn put_bytes(ptr: *const u8, len: usize);
        }

That actually takes a something like Vec<(Vec<u8>, Vec<u8>)> as the serialized data. The first value in the tuple is the key, the second is the value. If the value is empty, that should signify a delete. I'm not 100% sure what the best way is to represent this in Go, maybe [][2][]byte or something along those lines?

You should be able to do that with only minor changes to the Rust (nothing to the actual cache).

Once we merge that code, we can come back and do the CachedData enum.

Off the top of my head, I think the cache would probably be HashMap<K, Option<Vec<u8>>>.

[richardpringle]

🤔

Since we know that the empty Vec is not something that we store, would it make more sense to simply have:

#[derive]
#[non_exhaustive] // should include this in case we decide to extend or change the behaviour here 
pub enum CacheValue {
    Data(Vec<u8>),
    ToDelete,
}

Then you can match on the value as follows:

match cache_value {
    Data(bytes) if !bytes.is_empty() => borsh::from_slice(bytes),
    ToDetele => ... 
}

[richardpringle]

Why can't you follow the same pattern as before but use a match instead?

let val_bytes = match cache.get(&key) {
    Some(CacheValue::Data(val)) => val,
    Some(CacheValue::ToDelete | CacheValue::Deleted) => {
        return Ok(None),
    },
    None => // same as the else from before
}

[richardpringle]

There should be a single API for delete and delete_many. It'll be easier to review the changes if you consolidate the API and fix the call signature on the Rust side before you start using it.

[richardpringle]

I would argue that it would probably even be better to have a single put operation such that put-ing an empty Vec/byte-slice is the same as delete.

I'm not 100% sure if that makes sense with how state should work though. I'm only assuming that storing an empty slice isn't valid.

[iFrostizz]

Opened #1057 in order to address #1029 (comment)

[richardpringle]

You can take this change and land it in a separate PR if you want it in earlier/immediately.

[richardpringle]

Okay, this actually compiles

    pub fn get<V>(self, key: K) -> Result<Option<V>, Error>
    where
        V: BorshDeserialize,
    {
        #[link(wasm_import_module = "state")]
        extern "C" {
            #[link_name = "get_bytes"]
            fn get_bytes(ptr: *const u8, len: usize) -> HostPtr;
        }

        let mut cache = self.cache.borrow_mut();

        let cached_data = match cache.get(&key) {
            Some(cached_data) => cached_data,
            None => {
                let args_bytes = borsh::to_vec(&key).map_err(|_| StateError::Serialization)?;

                let ptr = unsafe { get_bytes(args_bytes.as_ptr(), args_bytes.len()) };

                if ptr.is_null() {
                    cache.insert(key, CachedData::Deleted);
                    return Ok(None);
                }

                cache.entry(key).or_insert(CachedData::Data(ptr.into()))
            }
        };

        match cached_data {
            CachedData::Data(data) => from_slice::<V>(data)
                .map_err(|_| StateError::Deserialization)
                .map(Some),
            CachedData::ToDelete | CachedData::Deleted => Ok(None),
        }
    }

[richardpringle]

Same as the comment above, I don't think you need all the repetition. There's a lot of surface area for bugs here.

[richardpringle]

I don't think you need this static method.

[richardpringle]

Yeah, this tells me that a single API here would be better. I can't remember where I said it (could have been in this review or elsewhere), but I think that putting an empty Vec<u8> isn't valid. So you can actually eliminate all invalid state (minimizing the runtime checks) by making empty Vec puts the equivalent of delete.

@dboehm-avalabs, thoughts?

[richardpringle]

Haha, I just keep seeing good reason to centralize the API into a single call. If there's only one call, you can do a simple if cache.is_empty() { return } for Drop

[iFrostizz]

Closing in favor of #1059