sui_adapter_latest/

adapter.rs

// Copyright (c) Mysten Labs, Inc.
// SPDX-License-Identifier: Apache-2.0

pub use checked::*;
#[sui_macros::with_checked_arithmetic]
mod checked {
    use move_vm_runtime::natives::extensions::NativeExtensions;
    use move_vm_runtime::natives::functions::{NativeFunctionTable, NativeFunctions};
    use move_vm_runtime::runtime::MoveRuntime;
    use std::cell::RefCell;
    use std::rc::Rc;
    use std::{collections::BTreeMap, sync::Arc};

    use anyhow::Result;
    use move_binary_format::file_format::CompiledModule;
    use move_bytecode_verifier::verify_module_with_config_metered;
    use move_bytecode_verifier_meter::{Meter, Scope};
    use move_core_types::account_address::AccountAddress;
    use move_vm_config::{
        runtime::{VMConfig, VMRuntimeLimitsConfig},
        verifier::VerifierConfig,
    };
    use mysten_common::debug_fatal;
    use sui_move_natives::{object_runtime, transaction_context::TransactionContext};
    use sui_types::error::SuiErrorKind;
    use sui_types::metrics::BytecodeVerifierMetrics;
    use sui_verifier::check_for_verifier_timeout;
    use tracing::instrument;

    use sui_move_natives::{NativesCostTable, object_runtime::ObjectRuntime};
    use sui_protocol_config::ProtocolConfig;
    use sui_types::{
        base_types::*,
        error::{ExecutionError, SuiError},
        execution_status::ExecutionErrorKind,
        metrics::LimitsMetrics,
        storage::ChildObjectResolver,
    };
    use sui_verifier::verifier::sui_verify_module_metered_check_timeout_only;

    pub fn new_move_runtime(
        natives: NativeFunctionTable,
        protocol_config: &ProtocolConfig,
    ) -> Result<MoveRuntime, SuiError> {
        let native_functions =
            NativeFunctions::new(natives).map_err(|_| SuiErrorKind::ExecutionInvariantViolation)?;
        Ok(MoveRuntime::new(
            native_functions,
            vm_config(protocol_config),
        ))
    }

    pub fn vm_config(protocol_config: &ProtocolConfig) -> VMConfig {
        VMConfig {
            verifier: protocol_config.verifier_config(/* signing_limits */ None),
            max_binary_format_version: protocol_config.move_binary_format_version(),
            runtime_limits_config: VMRuntimeLimitsConfig {
                vector_len_max: protocol_config.max_move_vector_len(),
                max_value_nest_depth: protocol_config.max_move_value_depth_as_option(),
                hardened_otw_check: protocol_config.hardened_otw_check(),
            },
            enable_invariant_violation_check_in_swap_loc: !protocol_config
                .disable_invariant_violation_check_in_swap_loc(),
            check_no_extraneous_bytes_during_deserialization: protocol_config
                .no_extraneous_module_bytes(),
            // Don't augment errors with execution state on-chain
            error_execution_state: false,
            binary_config: protocol_config.binary_config(None),
            rethrow_serialization_type_layout_errors: protocol_config
                .rethrow_serialization_type_layout_errors(),
            max_type_to_layout_nodes: protocol_config.max_type_to_layout_nodes_as_option(),
            variant_nodes: protocol_config.variant_nodes(),
            deprecate_global_storage_ops_during_deserialization: protocol_config
                .deprecate_global_storage_ops_during_deserialization(),
            normalize_depth_formula: protocol_config.normalize_depth_formula(),
        }
    }

    pub fn new_native_extensions<'r>(
        child_resolver: &'r dyn ChildObjectResolver,
        input_objects: BTreeMap<ObjectID, object_runtime::InputObject>,
        is_metered: bool,
        protocol_config: &'r ProtocolConfig,
        metrics: Arc<LimitsMetrics>,
        tx_context: Rc<RefCell<TxContext>>,
    ) -> Result<NativeExtensions<'r>, ExecutionError> {
        let current_epoch_id: EpochId = tx_context.borrow().epoch();
        let extensions = NativeExtensions::default();
        let mut exts = extensions.try_borrow_mut().map_err(|_| {
            make_invariant_violation!(
                "Failed to mutably borrow native extensions to populate them right after creating them"
            )
        })?;
        exts.add(ObjectRuntime::new(
            child_resolver,
            input_objects,
            is_metered,
            protocol_config,
            metrics,
            current_epoch_id,
        ));
        exts.add(NativesCostTable::from_protocol_config(protocol_config));
        exts.add(TransactionContext::new(tx_context));
        drop(exts);
        Ok(extensions)
    }

    /// Given a list of `modules` and an `object_id`, mutate each module's self ID (which must be
    /// 0x0) to be `object_id`.
    pub fn substitute_package_id(
        modules: &mut [CompiledModule],
        object_id: ObjectID,
    ) -> Result<(), ExecutionError> {
        let new_address = AccountAddress::from(object_id);

        for module in modules.iter_mut() {
            let self_handle = module.self_handle().clone();
            let self_address_idx = self_handle.address;

            let addrs = &mut module.address_identifiers;
            let Some(address_mut) = addrs.get_mut(self_address_idx.0 as usize) else {
                let name = module.identifier_at(self_handle.name);
                return Err(ExecutionError::new_with_source(
                    ExecutionErrorKind::PublishErrorNonZeroAddress,
                    format!("Publishing module {name} with invalid address index"),
                ));
            };

            if *address_mut != AccountAddress::ZERO {
                let name = module.identifier_at(self_handle.name);
                return Err(ExecutionError::new_with_source(
                    ExecutionErrorKind::PublishErrorNonZeroAddress,
                    format!("Publishing module {name} with non-zero address is not allowed"),
                ));
            };

            *address_mut = new_address;
        }

        Ok(())
    }

    pub fn missing_unwrapped_msg(id: &ObjectID) -> String {
        format!(
            "Unable to unwrap object {}. Was unable to retrieve last known version in the parent sync",
            id
        )
    }

    /// Run the bytecode verifier with a meter limit
    ///
    /// This function only fails if the verification does not complete within the limit.  If the
    /// modules fail to verify but verification completes within the meter limit, the function
    /// succeeds.
    #[instrument(level = "trace", skip_all)]
    pub fn run_metered_move_bytecode_verifier(
        modules: &[CompiledModule],
        verifier_config: &VerifierConfig,
        meter: &mut (impl Meter + ?Sized),
        metrics: &Arc<BytecodeVerifierMetrics>,
    ) -> Result<(), SuiError> {
        // run the Move verifier
        for module in modules.iter() {
            let per_module_meter_verifier_timer = metrics
                .verifier_runtime_per_module_success_latency
                .start_timer();

            if let Err(e) = verify_module_timeout_only(module, verifier_config, meter) {
                // We only checked that the failure was due to timeout
                // Discard success timer, but record timeout/failure timer
                metrics
                    .verifier_runtime_per_module_timeout_latency
                    .observe(per_module_meter_verifier_timer.stop_and_discard());
                metrics
                    .verifier_timeout_metrics
                    .with_label_values(&[
                        BytecodeVerifierMetrics::OVERALL_TAG,
                        BytecodeVerifierMetrics::TIMEOUT_TAG,
                    ])
                    .inc();

                return Err(e);
            };

            // Save the success timer
            per_module_meter_verifier_timer.stop_and_record();
            metrics
                .verifier_timeout_metrics
                .with_label_values(&[
                    BytecodeVerifierMetrics::OVERALL_TAG,
                    BytecodeVerifierMetrics::SUCCESS_TAG,
                ])
                .inc();
        }

        Ok(())
    }

    /// Run both the Move verifier and the Sui verifier, checking just for timeouts. Returns Ok(())
    /// if the verifier completes within the module meter limit and the ticks are successfully
    /// transfered to the package limit (regardless of whether verification succeeds or not).
    fn verify_module_timeout_only(
        module: &CompiledModule,
        verifier_config: &VerifierConfig,
        meter: &mut (impl Meter + ?Sized),
    ) -> Result<(), SuiError> {
        meter.enter_scope(module.self_id().name().as_str(), Scope::Module);

        if let Err(e) = verify_module_with_config_metered(verifier_config, module, meter) {
            // Check that the status indicates metering timeout.
            if check_for_verifier_timeout(&e.major_status()) {
                if e.major_status()
                    == move_core_types::vm_status::StatusCode::REFERENCE_SAFETY_INCONSISTENT
                {
                    let mut bytes = vec![];
                    let _ = module.serialize_with_version(
                        move_binary_format::file_format_common::VERSION_MAX,
                        &mut bytes,
                    );
                    debug_fatal!(
                        "Reference safety inconsistency detected in module: {:?}",
                        bytes
                    );
                }
                return Err(SuiErrorKind::ModuleVerificationFailure {
                    error: format!("Verification timed out: {}", e),
                }
                .into());
            }
        } else if let Err(err) = sui_verify_module_metered_check_timeout_only(
            module,
            &BTreeMap::new(),
            meter,
            verifier_config,
        ) {
            return Err(err.into());
        }

        if meter.transfer(Scope::Module, Scope::Package, 1.0).is_err() {
            return Err(SuiErrorKind::ModuleVerificationFailure {
                error: "Verification timed out".to_string(),
            }
            .into());
        }

        Ok(())
    }
}