This repository has been archived by the owner on May 4, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 685
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[bytecode-verifier] Add metering logic and apply to absint based anal…
…ysis (#58) This adds a simple meter to the bytecode verifier which counts the number of abstract operations performed and can enforce a limit. The meter is for now only connected to locals and reference analysis, but plumped to all phases of the verifier so they can easily make use of it. A set of test cases have been added which exercise the new meter for a number of known pathological cases. PR history: - Add metering in type safety, to capture cost of very large types. This reduces timing of large_type_test to 1/4 - Adjusting max metering units upwards and adding a new sample which needs it - Addressing reviewer comments - Add links to security advisories, and verify that all are covered. - Switching metering granularity from function to module. - Adding non-linear growing penalty to using input refs x output refs relations (bicycles), for dealing better with `test_bicliques`. Adding printing size in benchmarks.
- Loading branch information
Showing
37 changed files
with
1,784 additions
and
198 deletions.
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
67 changes: 67 additions & 0 deletions
67
language/move-bytecode-verifier/bytecode-verifier-tests/src/unit_tests/binary_samples.rs
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
155 changes: 155 additions & 0 deletions
155
language/move-bytecode-verifier/bytecode-verifier-tests/src/unit_tests/large_type_test.rs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,155 @@ | ||
// Copyright (c) The Move Contributors | ||
// SPDX-License-Identifier: Apache-2.0 | ||
|
||
use crate::unit_tests::production_config; | ||
use move_binary_format::file_format::{ | ||
empty_module, Bytecode, CodeUnit, FunctionDefinition, FunctionHandle, FunctionHandleIndex, | ||
IdentifierIndex, ModuleHandleIndex, Signature, SignatureIndex, SignatureToken, | ||
Visibility::Public, | ||
}; | ||
use move_core_types::{identifier::Identifier, vm_status::StatusCode}; | ||
|
||
const NUM_LOCALS: u8 = 64; | ||
const NUM_CALLS: u16 = 77; | ||
const NUM_FUNCTIONS: u16 = 177; | ||
|
||
fn get_nested_vec_type(len: usize) -> SignatureToken { | ||
let mut ret = SignatureToken::Bool; | ||
for _ in 0..len { | ||
ret = SignatureToken::Vector(Box::new(ret)); | ||
} | ||
ret | ||
} | ||
|
||
#[test] | ||
fn test_large_types() { | ||
// See also: github.com/aptos-labs/aptos-core/security/advisories/GHSA-37qw-jfpw-8899 | ||
let mut m = empty_module(); | ||
|
||
m.signatures.push(Signature( | ||
std::iter::repeat(SignatureToken::Reference(Box::new(get_nested_vec_type(64)))) | ||
.take(NUM_LOCALS as usize) | ||
.collect(), | ||
)); | ||
|
||
m.function_handles.push(FunctionHandle { | ||
module: ModuleHandleIndex(0), | ||
name: IdentifierIndex(0), | ||
parameters: SignatureIndex(0), | ||
return_: SignatureIndex(0), | ||
type_parameters: vec![], | ||
}); | ||
m.function_defs.push(FunctionDefinition { | ||
function: FunctionHandleIndex(0), | ||
visibility: Public, | ||
is_entry: false, | ||
acquires_global_resources: vec![], | ||
code: Some(CodeUnit { | ||
locals: SignatureIndex(0), | ||
code: vec![Bytecode::Call(FunctionHandleIndex(0)), Bytecode::Ret], | ||
}), | ||
}); | ||
|
||
// returns_vecs | ||
m.identifiers.push(Identifier::new("returns_vecs").unwrap()); | ||
m.function_handles.push(FunctionHandle { | ||
module: ModuleHandleIndex(0), | ||
name: IdentifierIndex(1), | ||
parameters: SignatureIndex(0), | ||
return_: SignatureIndex(1), | ||
type_parameters: vec![], | ||
}); | ||
m.function_defs.push(FunctionDefinition { | ||
function: FunctionHandleIndex(1), | ||
visibility: Public, | ||
is_entry: false, | ||
acquires_global_resources: vec![], | ||
code: Some(CodeUnit { | ||
locals: SignatureIndex(0), | ||
code: vec![Bytecode::Call(FunctionHandleIndex(1)), Bytecode::Ret], | ||
}), | ||
}); | ||
|
||
// takes_and_returns_vecs | ||
m.identifiers | ||
.push(Identifier::new("takes_and_returns_vecs").unwrap()); | ||
m.function_handles.push(FunctionHandle { | ||
module: ModuleHandleIndex(0), | ||
name: IdentifierIndex(2), | ||
parameters: SignatureIndex(1), | ||
return_: SignatureIndex(1), | ||
type_parameters: vec![], | ||
}); | ||
m.function_defs.push(FunctionDefinition { | ||
function: FunctionHandleIndex(2), | ||
visibility: Public, | ||
is_entry: false, | ||
acquires_global_resources: vec![], | ||
code: Some(CodeUnit { | ||
locals: SignatureIndex(0), | ||
code: vec![Bytecode::Call(FunctionHandleIndex(1)), Bytecode::Ret], | ||
}), | ||
}); | ||
|
||
// takes_vecs | ||
m.identifiers.push(Identifier::new("takes_vecs").unwrap()); | ||
m.function_handles.push(FunctionHandle { | ||
module: ModuleHandleIndex(0), | ||
name: IdentifierIndex(3), | ||
parameters: SignatureIndex(1), | ||
return_: SignatureIndex(0), | ||
type_parameters: vec![], | ||
}); | ||
m.function_defs.push(FunctionDefinition { | ||
function: FunctionHandleIndex(3), | ||
visibility: Public, | ||
is_entry: false, | ||
acquires_global_resources: vec![], | ||
code: Some(CodeUnit { | ||
locals: SignatureIndex(0), | ||
code: vec![Bytecode::Ret], | ||
}), | ||
}); | ||
|
||
// other fcts | ||
for i in 0..NUM_FUNCTIONS { | ||
m.identifiers | ||
.push(Identifier::new(format!("f{}", i)).unwrap()); | ||
m.function_handles.push(FunctionHandle { | ||
module: ModuleHandleIndex(0), | ||
name: IdentifierIndex(i + 4), | ||
parameters: SignatureIndex(0), | ||
return_: SignatureIndex(0), | ||
type_parameters: vec![], | ||
}); | ||
m.function_defs.push(FunctionDefinition { | ||
function: FunctionHandleIndex(i + 4), | ||
visibility: Public, | ||
is_entry: false, | ||
acquires_global_resources: vec![], | ||
code: Some(CodeUnit { | ||
locals: SignatureIndex(0), | ||
code: vec![], | ||
}), | ||
}); | ||
|
||
let code = &mut m.function_defs[i as usize + 4].code.as_mut().unwrap().code; | ||
code.clear(); | ||
code.push(Bytecode::Call(FunctionHandleIndex(1))); | ||
for _ in 0..NUM_CALLS { | ||
code.push(Bytecode::Call(FunctionHandleIndex(2))); | ||
} | ||
code.push(Bytecode::Call(FunctionHandleIndex(3))); | ||
code.push(Bytecode::Ret); | ||
} | ||
|
||
let result = move_bytecode_verifier::verify_module_with_config_for_test( | ||
"test_large_types", | ||
&production_config(), | ||
&m, | ||
); | ||
assert_eq!( | ||
result.unwrap_err().major_status(), | ||
StatusCode::CONSTRAINT_NOT_SATISFIED, | ||
); | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.