framework(visitor): test_scenario wrapped object traversal #19621
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
3 Skipped Deployments
|
amnn
commented
Sep 30, 2024
There was a problem hiding this comment.
All the implementations are copies of this one.
8 tasks
amnn
force-pushed
the
amnn/uid-visitor
branch
from
b46ca3e to
80df4a3
Compare
amnn
requested review from
wlmyng,
stefan-mysten,
emmazzz and
suiwombat
as code owners
amnn
force-pushed
the
amnn/ts-visitor
branch
from
6ef9bd3 to
79c0836
Compare
## Description Use `FieldVisitor` to extract necessary information from a dynamic field object, rather than fully expanding it, which can fail if the overall size is too large. Unfortunately, because `DynamicFieldInfo` includes a structured representation of the field name, this operation can still fail if the name alone is too large to deserialize using `BoundedVisitor`, but we can at least avoid deserializing the value. ## Test plan Build and run the indexer reader against a mainnet DB, and check for `0x5`: ``` sui$ cargo run --bin sui-indexer -- --database-url "$DB" --pool-size 10 \ json-rpc-service --rpc-client-url "https://fullnode.mainnet.sui.io:443" ``` Make the request: ``` $ curl -LX POST "https:/fullnode.mainnet.sui.io:443" \ --header 'Content-Type: application/json' \ --data-raw '{ "jsonrpc": "2.0", "method": "suix_getDynamicFields", "id": 1, "params": ["0x5"] }' | jq -C . | less -r ``` Expects a response like: ``` { "jsonrpc": "2.0", "result": { "data": [ { "name": { "type": "u64", "value": "2" }, "bcsName": "LQM2cdzDY3", "type": "DynamicField", "objectType": "0x3::sui_system_state_inner::SuiSystemStateInnerV2", "objectId": "0x5b890eaf2abcfa2ab90b77b8e6f3d5d8609586c3e583baf3dccd5af17edf48d1", "version": 339253281, "digest": "89nPMzp31fiSy39a7fg6TBzALdm3xA4Byd4hWr2QLahg" } ], "nextCursor": "0x5b890eaf2abcfa2ab90b77b8e6f3d5d8609586c3e583baf3dccd5af17edf48d1", "hasNextPage": false }, "id": 1 } ```
## Description Make it so that deserializing dynamic field info does not inflate the whole field -- just the outer struct -- which in turn means that this operation cannot fail. ## Test plan ``` sui$ cargo simtest sui-adapter-transactional-tests$ cargo simtest ```
## Description Make it so that deserializing dynamic field info does not inflate the whole field -- just the outer struct -- which in turn means that this operation cannot fail. ## Test plan ``` sui-core$ cargo simtest sui-adapter-transactional-tests$ cargo simtest ```
## Description Use `FieldVisitor` to extract the dynamic field kind from a serialized MoveObject without deserializing the whole thing. This makes it so that the indexing process cannot fail if presented with an overly large dynamic field. This PR also simplifies dynamic field indexing, taking advantage of the fact that we now only store the `df_kind`, and not any other part of `df_info`. ## Test plan ``` sui-indexer$ cargo nextest run sui-graphql-e2e-tests$ cargo nextest run ```
## Description Replace the legacy implementations of `get_all_uids` with the one that has been used in `latest` for some time now. This version avoids inflating the whole struct just to read its UIDs. The main motivation in making the switch is to reduce the number of call-sites that use `simple_deserialize`, so that we can eventually get rid of it entirely, and replace it with a visitor based ipmplementation that includes the appropriate caveats around inflating a whole struct in memory. ## Test plan ``` sui$ cargo simtest ```
## Description Use a custom annotated visitor to implement detecting wrapped objects in test scenario. Unlike other instances where we have switched to a custom visitor, there isn't an OOM risk or risk of failure at this call site, because it is only used in Move tests, which are only run locally, but the motivation for this change is to avoid a reliance on `simple_deserialize` in the codebase, as it is too easy to copy this pattern and introduce a vulnerability elsewhere. Eventually `simple_deserialize` will go away and be replaced by something that is based on the new annotated visitor, but looks scary enough to use that people think twice befor reaching for it. ## Test plan ``` sui$ cargo nextest run -p sui-framework-tests ```
amnn
force-pushed
the
amnn/uid-visitor
branch
from
80df4a3 to
e098354
Compare
amnn
force-pushed
the
amnn/ts-visitor
branch
from
79c0836 to
d4e1744
Compare
Base automatically changed from
amnn/uid-visitor
to
amnn/mv-visitor-refactors
September 30, 2024 23:06
amnn
added a commit
that referenced
this pull request
Sep 30, 2024
## Description Further simplification to dynamic field indexing, where we avoid deserializing dynamic fields altogether and extract the only piece of information we need (whether the DF is a dynamic field or a dynamic object field) from its type. DF deserialization was also the only reason to perform package resolution during indexing, so this change also means we can remove the package resolver, package buffer and logic to keep those up-to-date (pushing in new packages before indexing a checkpoint, and "evicting" packages after a checkpoint had been processed). ## Test plan ``` sui$ cargo nextest run -p sui-graphql-e2e-tests ``` ## Stack - #19517 - #19518 - #19519 - #19520 - #19521 - #19548 - #19554 - #19565 - #19576 - #19621 --- ## Release notes Check each box that your changes affect. If none of the boxes relate to your changes, release notes aren't required. For each box you select, include information after the relevant heading that describes the impact of your changes that a user might notice and any actions they must take to implement updates. - [ ] Protocol: - [ ] Nodes (Validators and Full nodes): - [ ] Indexer: - [ ] JSON-RPC: - [ ] GraphQL: - [ ] CLI: - [ ] Rust SDK: - [ ] REST API:
amnn
added a commit
that referenced
this pull request
Sep 30, 2024
## Description Use a custom annotated visitor to implement detecting wrapped objects in test scenario. Unlike other instances where we have switched to a custom visitor, there isn't an OOM risk or risk of failure at this call site, because it is only used in Move tests, which are only run locally, but the motivation for this change is to avoid a reliance on `simple_deserialize` in the codebase, as it is too easy to copy this pattern and introduce a vulnerability elsewhere. Eventually `simple_deserialize` will go away and be replaced by something that is based on the new annotated visitor, but looks scary enough to use that people think twice before reaching for it. ## Test plan ``` sui$ cargo nextest run -p sui-framework-tests ``` ## Stack - #19517 - #19518 - #19519 - #19520 - #19521 - #19548 - #19554 - #19565 - #19576 --- ## Release notes Check each box that your changes affect. If none of the boxes relate to your changes, release notes aren't required. For each box you select, include information after the relevant heading that describes the impact of your changes that a user might notice and any actions they must take to implement updates. - [ ] Protocol: - [ ] Nodes (Validators and Full nodes): - [ ] Indexer: - [ ] JSON-RPC: - [ ] GraphQL: - [ ] CLI: - [ ] Rust SDK: - [ ] REST API: --------- Co-authored-by: Timothy Zakian <tim@mystenlabs.com>
amnn
added a commit
that referenced
this pull request
Sep 30, 2024
## Description Further simplification to dynamic field indexing, where we avoid deserializing dynamic fields altogether and extract the only piece of information we need (whether the DF is a dynamic field or a dynamic object field) from its type. DF deserialization was also the only reason to perform package resolution during indexing, so this change also means we can remove the package resolver, package buffer and logic to keep those up-to-date (pushing in new packages before indexing a checkpoint, and "evicting" packages after a checkpoint had been processed). ## Test plan ``` sui$ cargo nextest run -p sui-graphql-e2e-tests ``` ## Stack - #19517 - #19518 - #19519 - #19520 - #19521 - #19548 - #19554 - #19565 - #19576 - #19621 --- ## Release notes Check each box that your changes affect. If none of the boxes relate to your changes, release notes aren't required. For each box you select, include information after the relevant heading that describes the impact of your changes that a user might notice and any actions they must take to implement updates. - [ ] Protocol: - [ ] Nodes (Validators and Full nodes): - [ ] Indexer: - [ ] JSON-RPC: - [ ] GraphQL: - [ ] CLI: - [ ] Rust SDK: - [ ] REST API:
amnn
added a commit
that referenced
this pull request
Oct 1, 2024
## Description Use a custom annotated visitor to implement detecting wrapped objects in test scenario. Unlike other instances where we have switched to a custom visitor, there isn't an OOM risk or risk of failure at this call site, because it is only used in Move tests, which are only run locally, but the motivation for this change is to avoid a reliance on `simple_deserialize` in the codebase, as it is too easy to copy this pattern and introduce a vulnerability elsewhere. Eventually `simple_deserialize` will go away and be replaced by something that is based on the new annotated visitor, but looks scary enough to use that people think twice before reaching for it. ## Test plan ``` sui$ cargo nextest run -p sui-framework-tests ``` ## Stack - #19517 - #19518 - #19519 - #19520 - #19521 - #19548 - #19554 - #19565 - #19576 --- ## Release notes Check each box that your changes affect. If none of the boxes relate to your changes, release notes aren't required. For each box you select, include information after the relevant heading that describes the impact of your changes that a user might notice and any actions they must take to implement updates. - [ ] Protocol: - [ ] Nodes (Validators and Full nodes): - [ ] Indexer: - [ ] JSON-RPC: - [ ] GraphQL: - [ ] CLI: - [ ] Rust SDK: - [ ] REST API: --------- Co-authored-by: Timothy Zakian <tim@mystenlabs.com>
amnn
added a commit
that referenced
this pull request
Oct 1, 2024
## Description Further simplification to dynamic field indexing, where we avoid deserializing dynamic fields altogether and extract the only piece of information we need (whether the DF is a dynamic field or a dynamic object field) from its type. DF deserialization was also the only reason to perform package resolution during indexing, so this change also means we can remove the package resolver, package buffer and logic to keep those up-to-date (pushing in new packages before indexing a checkpoint, and "evicting" packages after a checkpoint had been processed). ## Test plan ``` sui$ cargo nextest run -p sui-graphql-e2e-tests ``` ## Stack - #19517 - #19518 - #19519 - #19520 - #19521 - #19548 - #19554 - #19565 - #19576 - #19621 --- ## Release notes Check each box that your changes affect. If none of the boxes relate to your changes, release notes aren't required. For each box you select, include information after the relevant heading that describes the impact of your changes that a user might notice and any actions they must take to implement updates. - [ ] Protocol: - [ ] Nodes (Validators and Full nodes): - [ ] Indexer: - [ ] JSON-RPC: - [ ] GraphQL: - [ ] CLI: - [ ] Rust SDK: - [ ] REST API:
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Use a custom annotated visitor to implement detecting wrapped objects in test scenario. Unlike other instances where we have switched to a custom visitor, there isn't an OOM risk or risk of failure at this call site,
because it is only used in Move tests, which are only run locally, but the motivation for this change is to avoid a reliance on
simple_deserializein the codebase, as it is too easy to copy this pattern and introduce a vulnerability elsewhere.Eventually
simple_deserializewill go away and be replaced by something that is based on the new annotated visitor, but looks scary enough to use that people think twice before reaching for it.Test plan
Stack
Release notes
Check each box that your changes affect. If none of the boxes relate to your changes, release notes aren't required.
For each box you select, include information after the relevant heading that describes the impact of your changes that a user might notice and any actions they must take to implement updates.