Skip to content

Fix ABI handling for dynamic cross-contract calls#36

Open
shawntabrizi wants to merge 2 commits into
charles/cdm-integrationfrom
codex/fix-cdm-integration-audit
Open

Fix ABI handling for dynamic cross-contract calls#36
shawntabrizi wants to merge 2 commits into
charles/cdm-integrationfrom
codex/fix-cdm-integration-audit

Conversation

@shawntabrizi

Copy link
Copy Markdown
Member

Summary

  • fix the generated ABI encoders and decoders so mixed returns, dynamic tuples, arrays, and named tuple outputs follow Solidity head/tail rules
  • fetch cross-contract return data by runtime size, add tuple slot-size handling for custom SolAbi types, and fix dynamic SolAbi decode paths for derived structs and Option values
  • add regression coverage for nested dynamic abi_import inputs, unnamed ABI args, dynamic array and tuple decoding, and dynamic top-level return decoding

Testing

  • cargo test -p pvm-contract-macros
  • cargo test -p pvm_contract
  • cargo test (still fails in the existing cargo-pvm-contract scaffold CLI tests because they expect the removed --init-type flag)

@smiasojed

Copy link
Copy Markdown
Collaborator

The ABI handling has changed on the main branch, so I’m not sure it makes sense to keep fixing this branch, as it will probably never be merged into main.

What I think is that we should move the functionality from this branch to main and start using it as soon as possible, so we don’t double the work.
@charlesHetterich WDYT?

charlesHetterich added a commit that referenced this pull request Jun 10, 2026
* Make OrderedIndex stack-safe and O(log n) across all paths

OrderedIndex insert/remove recursed per tree level, overflowing the 8 KiB
default PolkaVM guest stack at B-tree height transitions. On-chain this
manifested as a raw ContractTrapped (the panic handler needs stack too) at
insert #36 for OrderedIndex<String, u32, 2>. Reproduced on Paseo Asset Hub:
the same binary with a 128 KiB declared stack sails past the wall, and the
iterative rewrite passes 300+ inserts at the unmodified 8 KiB default.

- insert: single-pass preemptive-split descent; child_counts mirrors are
  incremented on the way down, removing back-propagation entirely
- remove_by_nonce: read-only existence check, then a guaranteed-success
  CLRS single-pass destructive descent (borrow/merge on the way down);
  a remove miss now provably leaves the tree untouched
- range: explicit cursor stack instead of recursion; the pagination offset
  is consumed positionally via subtree counts (O(log n + limit), measured
  33 reads at offset 5000 vs thousands before)
- const node-size envelope API (max_node_encoded_size / fits_storage_limit)
  so impossible (K, V, T) shapes fail at compile time instead of reverting
  with OrderedIndexNodeTooLarge on-chain
- host-side storage shim (cfg target_arch, zero-cost on riscv) + 14-test
  property suite: 10k asc/desc/random inserts with full structural
  invariants, 20k mixed-op fuzz vs a reference model, 5k-duplicate tie
  scenarios with read-count assertions, height-transition regression

On-chain storage layout (key derivation, node encoding) is byte-identical
to the previous implementation; deployed trees remain readable/writable.

* Declare 128 KiB min stack for all generated contracts

polkavm-linker defaults guest stacks to 8 KiB (VM_MIN_PAGE_SIZE * 2),
which deep call chains overflow as a raw VM trap with no revert message.
Emit min_stack_size!(131072) from #[pvm::contract] for entry-point crates,
matching resolc's production default. Contracts can still raise it further
with their own min_stack_size! declaration (the linker takes the max).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants