ARCHIVE/xahaud
3
0
Fork 0
mirror of https://github.com/Xahau/xahaud.git synced 2026-01-23 08:05:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: ARCHIVE:test-hook-fee
Branches Tags
ARCHIVE:dev ARCHIVE:gas-hook ARCHIVE:hook-helper-func ARCHIVE:test-hook-fee ARCHIVE:fixXahauGenesisOwnerCount ARCHIVE:HookAdministrator ARCHIVE:batch ARCHIVE:ttr-rng-2 ARCHIVE:hook-api-unittest ARCHIVE:sync-2.4.0 ARCHIVE:HookAPISerializedType240 ARCHIVE:coverage ARCHIVE:featRNG ARCHIVE:fix-workflow-conan ARCHIVE:fix-ips-fixed ARCHIVE:export ARCHIVE:fix-manifest-cache-invalidation ARCHIVE:nd-preserve-trailing-newlines-in-location-suffixes-2025-10-24 ARCHIVE:self-hosted-macos ARCHIVE:ccache-100G ARCHIVE:self-hosted ARCHIVE:partial-sync-mode ARCHIVE:release ARCHIVE:nd-suppress-openssl-deprecation-warnings-2025-10-24 ARCHIVE:self-hosted-apt-cache ARCHIVE:workflow-linker ARCHIVE:sublimator-patch-5 ARCHIVE:revert-self-hosted ARCHIVE:nd-use-github-actions-cache-with-bug-fixes-from-s3-implementation-2025-11-24 ARCHIVE:test-cron-log ARCHIVE:actions-cache-flattened ARCHIVE:nd-experiment-overlayfs-2025-10-29 ARCHIVE:validators-xahau.txt ARCHIVE:nd-add-python-version-of-build-test-hooks-with-caching-and-parallelization-2025-10-23 ARCHIVE:nd-extended-hook-state-high-water--2025-10-23 ARCHIVE:nudb-block-size ARCHIVE:contrib-update ARCHIVE:cronjob ARCHIVE:flap_fix ARCHIVE:add-clang-matrix ARCHIVE:nd-add-colored-file-2025-07-25 ARCHIVE:tequdev-patch-1 ARCHIVE:nd-upgrade-openssl-from-1-1-1u-to-3-6-0-2025-10-10 ARCHIVE:nd-migrate-to-conan-2-2025-09-22 ARCHIVE:jshooks ARCHIVE:nd-snap-2025-09-09 ARCHIVE:multi-sig-nested ARCHIVE:nd-allow-multi-threaded-writes-to-suite-log-2025-08-15 ARCHIVE:emit-atomic ARCHIVE:fix-online-delete-simple ARCHIVE:fix-bugs ARCHIVE:fix-online-delete-patch ARCHIVE:fix-online-delete ARCHIVE:udp-peer ARCHIVE:nd-gcc-13-compile-error-per-557-2025-08-14 ARCHIVE:nd-fix-warnings-2025-05-06 ARCHIVE:jshooks-merge-dev-20250814 ARCHIVE:niq-xahau-fixes ARCHIVE:sublimator-patch-4 ARCHIVE:ci-experiments ARCHIVE:nd-add-cmake-custom-command-to-compile-test-hooks-2025-07-31 ARCHIVE:nd-simplify-macro-names-for-byte-validation-2025-07-29 ARCHIVE:l10k ARCHIVE:nd-create-self-contained-impl-for-easy-rippled-porting-2025-07-14 ARCHIVE:sublimator-patch-3 ARCHIVE:clawback ARCHIVE:deepfreeze ARCHIVE:workflow-test ARCHIVE:nd-link-to-boost-2025-06-27 ARCHIVE:sublimator-patch-2 ARCHIVE:sync-2.3.1 ARCHIVE:sync-2.3.0 ARCHIVE:sync-1.12.0-conan ARCHIVE:sync-2.2.3 ARCHIVE:sync-2.2.2 ARCHIVE:sync-2.2.1 ARCHIVE:sync-2.2.0 ARCHIVE:sync-2.1.1-conan ARCHIVE:sync-2.0.1-conan ARCHIVE:sync-2.0.0-conan ARCHIVE:sync-2.1.0-conan ARCHIVE:dilithium ARCHIVE:tmp-conan ARCHIVE:sus_pat ARCHIVE:fix-warnings ARCHIVE:uritoken-royalty-broker ARCHIVE:patch-tsh ARCHIVE:patch-ctid ARCHIVE:patch-remarks ARCHIVE:remarks ARCHIVE:sublimator-patch-1 ARCHIVE:catalogue ARCHIVE:fix-release-builder ARCHIVE:fix-gh-actions ARCHIVE:touch ARCHIVE:fix-github-action ARCHIVE:func-hooks ARCHIVE:mysql ARCHIVE:acctx-tests ARCHIVE:account-tx-fix ARCHIVE:fix20250131 ARCHIVE:debug-builds ARCHIVE:service_fee ARCHIVE:datagram-list ARCHIVE:parasig ARCHIVE:udp ARCHIVE:datagram-monitor ARCHIVE:reduced-import ARCHIVE:Fix-Failing-Assert-(Test) ARCHIVE:limit-xahau-genesis ARCHIVE:sync-rippled ARCHIVE:fixup-rwdb ARCHIVE:memdb_concurrent ARCHIVE:fix-float ARCHIVE:sfcode-generation ARCHIVE:fix-vscode ARCHIVE:fix/rpc-queue-limit ARCHIVE:add-xxhash-deps ARCHIVE:faster_hash ARCHIVE:sha-optimization ARCHIVE:boost186 ARCHIVE:multiple_tagged_cache ARCHIVE:spaceship ARCHIVE:ledger_size ARCHIVE:shamap-update ARCHIVE:memory-test ARCHIVE:lmdb ARCHIVE:strict-builds ARCHIVE:mongo-db ARCHIVE:add-tests ARCHIVE:fixPageCap ARCHIVE:merge/2.2.2-jobqueue ARCHIVE:candidate ARCHIVE:fix240819 ARCHIVE:snugdb ARCHIVE:feature-email ARCHIVE:feature-sethook-definition ARCHIVE:conan-strict ARCHIVE:resource-config ARCHIVE:options-rebase ARCHIVE:fix-delivered-amt ARCHIVE:ttBATCH ARCHIVE:subscribe ARCHIVE:patch-config ARCHIVE:hook-tools ARCHIVE:fixhookmeta ARCHIVE:fixbuildinfo ARCHIVE:release-testnet ARCHIVE:fix_inject ARCHIVE:fix-weak-tsh ARCHIVE:remit_old ARCHIVE:minor_fixes ARCHIVE:fixXahauV1audit ARCHIVE:litetshfixes ARCHIVE:cadastre ARCHIVE:fxv1-tsh ARCHIVE:remit_squash ARCHIVE:attestation ARCHIVE:patch-paychan-tests ARCHIVE:tsh-tests ARCHIVE:meta-fix ARCHIVE:nb-stuff ARCHIVE:nodestore
ARCHIVE:2025.12.1-release+2609 ARCHIVE:2025.10.27-release+2405 ARCHIVE:2025.7.9-release+1951 ARCHIVE:2025.5.1-release+1762 ARCHIVE:2025.2.6-release+1299 ARCHIVE:2024.11.18-release+1141 ARCHIVE:2024.10.15-release+1020 ARCHIVE:2024.9.11-release+985 ARCHIVE:2024.9.7-release+977 ARCHIVE:2024.8.20-release+962 ARCHIVE:2024.8.14-release+946 ARCHIVE:2024.4.21-release+858 ARCHIVE:2024.3.12-release+790 ARCHIVE:2024.1.25-release+738 ARCHIVE:2023.12.29+689
..
compare: ARCHIVE:hook-helper-func
Branches Tags
ARCHIVE:gas-hook ARCHIVE:hook-helper-func ARCHIVE:test-hook-fee ARCHIVE:fixXahauGenesisOwnerCount ARCHIVE:HookAdministrator ARCHIVE:batch ARCHIVE:ttr-rng-2 ARCHIVE:hook-api-unittest ARCHIVE:sync-2.4.0 ARCHIVE:HookAPISerializedType240 ARCHIVE:coverage ARCHIVE:featRNG ARCHIVE:dev ARCHIVE:fix-workflow-conan ARCHIVE:fix-ips-fixed ARCHIVE:export ARCHIVE:fix-manifest-cache-invalidation ARCHIVE:nd-preserve-trailing-newlines-in-location-suffixes-2025-10-24 ARCHIVE:self-hosted-macos ARCHIVE:ccache-100G ARCHIVE:self-hosted ARCHIVE:partial-sync-mode ARCHIVE:release ARCHIVE:nd-suppress-openssl-deprecation-warnings-2025-10-24 ARCHIVE:self-hosted-apt-cache ARCHIVE:workflow-linker ARCHIVE:sublimator-patch-5 ARCHIVE:revert-self-hosted ARCHIVE:nd-use-github-actions-cache-with-bug-fixes-from-s3-implementation-2025-11-24 ARCHIVE:test-cron-log ARCHIVE:actions-cache-flattened ARCHIVE:nd-experiment-overlayfs-2025-10-29 ARCHIVE:validators-xahau.txt ARCHIVE:nd-add-python-version-of-build-test-hooks-with-caching-and-parallelization-2025-10-23 ARCHIVE:nd-extended-hook-state-high-water--2025-10-23 ARCHIVE:nudb-block-size ARCHIVE:contrib-update ARCHIVE:cronjob ARCHIVE:flap_fix ARCHIVE:add-clang-matrix ARCHIVE:nd-add-colored-file-2025-07-25 ARCHIVE:tequdev-patch-1 ARCHIVE:nd-upgrade-openssl-from-1-1-1u-to-3-6-0-2025-10-10 ARCHIVE:nd-migrate-to-conan-2-2025-09-22 ARCHIVE:jshooks ARCHIVE:nd-snap-2025-09-09 ARCHIVE:multi-sig-nested ARCHIVE:nd-allow-multi-threaded-writes-to-suite-log-2025-08-15 ARCHIVE:emit-atomic ARCHIVE:fix-online-delete-simple ARCHIVE:fix-bugs ARCHIVE:fix-online-delete-patch ARCHIVE:fix-online-delete ARCHIVE:udp-peer ARCHIVE:nd-gcc-13-compile-error-per-557-2025-08-14 ARCHIVE:nd-fix-warnings-2025-05-06 ARCHIVE:jshooks-merge-dev-20250814 ARCHIVE:niq-xahau-fixes ARCHIVE:sublimator-patch-4 ARCHIVE:ci-experiments ARCHIVE:nd-add-cmake-custom-command-to-compile-test-hooks-2025-07-31 ARCHIVE:nd-simplify-macro-names-for-byte-validation-2025-07-29 ARCHIVE:l10k ARCHIVE:nd-create-self-contained-impl-for-easy-rippled-porting-2025-07-14 ARCHIVE:sublimator-patch-3 ARCHIVE:clawback ARCHIVE:deepfreeze ARCHIVE:workflow-test ARCHIVE:nd-link-to-boost-2025-06-27 ARCHIVE:sublimator-patch-2 ARCHIVE:sync-2.3.1 ARCHIVE:sync-2.3.0 ARCHIVE:sync-1.12.0-conan ARCHIVE:sync-2.2.3 ARCHIVE:sync-2.2.2 ARCHIVE:sync-2.2.1 ARCHIVE:sync-2.2.0 ARCHIVE:sync-2.1.1-conan ARCHIVE:sync-2.0.1-conan ARCHIVE:sync-2.0.0-conan ARCHIVE:sync-2.1.0-conan ARCHIVE:dilithium ARCHIVE:tmp-conan ARCHIVE:sus_pat ARCHIVE:fix-warnings ARCHIVE:uritoken-royalty-broker ARCHIVE:patch-tsh ARCHIVE:patch-ctid ARCHIVE:patch-remarks ARCHIVE:remarks ARCHIVE:sublimator-patch-1 ARCHIVE:catalogue ARCHIVE:fix-release-builder ARCHIVE:fix-gh-actions ARCHIVE:touch ARCHIVE:fix-github-action ARCHIVE:func-hooks ARCHIVE:mysql ARCHIVE:acctx-tests ARCHIVE:account-tx-fix ARCHIVE:fix20250131 ARCHIVE:debug-builds ARCHIVE:service_fee ARCHIVE:datagram-list ARCHIVE:parasig ARCHIVE:udp ARCHIVE:datagram-monitor ARCHIVE:reduced-import ARCHIVE:Fix-Failing-Assert-(Test) ARCHIVE:limit-xahau-genesis ARCHIVE:sync-rippled ARCHIVE:fixup-rwdb ARCHIVE:memdb_concurrent ARCHIVE:fix-float ARCHIVE:sfcode-generation ARCHIVE:fix-vscode ARCHIVE:fix/rpc-queue-limit ARCHIVE:add-xxhash-deps ARCHIVE:faster_hash ARCHIVE:sha-optimization ARCHIVE:boost186 ARCHIVE:multiple_tagged_cache ARCHIVE:spaceship ARCHIVE:ledger_size ARCHIVE:shamap-update ARCHIVE:memory-test ARCHIVE:lmdb ARCHIVE:strict-builds ARCHIVE:mongo-db ARCHIVE:add-tests ARCHIVE:fixPageCap ARCHIVE:merge/2.2.2-jobqueue ARCHIVE:candidate ARCHIVE:fix240819 ARCHIVE:snugdb ARCHIVE:feature-email ARCHIVE:feature-sethook-definition ARCHIVE:conan-strict ARCHIVE:resource-config ARCHIVE:options-rebase ARCHIVE:fix-delivered-amt ARCHIVE:ttBATCH ARCHIVE:subscribe ARCHIVE:patch-config ARCHIVE:hook-tools ARCHIVE:fixhookmeta ARCHIVE:fixbuildinfo ARCHIVE:release-testnet ARCHIVE:fix_inject ARCHIVE:fix-weak-tsh ARCHIVE:remit_old ARCHIVE:minor_fixes ARCHIVE:fixXahauV1audit ARCHIVE:litetshfixes ARCHIVE:cadastre ARCHIVE:fxv1-tsh ARCHIVE:remit_squash ARCHIVE:attestation ARCHIVE:patch-paychan-tests ARCHIVE:tsh-tests ARCHIVE:meta-fix ARCHIVE:nb-stuff ARCHIVE:nodestore
ARCHIVE:2025.12.1-release+2609 ARCHIVE:2025.10.27-release+2405 ARCHIVE:2025.7.9-release+1951 ARCHIVE:2025.5.1-release+1762 ARCHIVE:2025.2.6-release+1299 ARCHIVE:2024.11.18-release+1141 ARCHIVE:2024.10.15-release+1020 ARCHIVE:2024.9.11-release+985 ARCHIVE:2024.9.7-release+977 ARCHIVE:2024.8.20-release+962 ARCHIVE:2024.8.14-release+946 ARCHIVE:2024.4.21-release+858 ARCHIVE:2024.3.12-release+790 ARCHIVE:2024.1.25-release+738 ARCHIVE:2023.12.29+689

5 Commits
test-hook- ... hook-helpe

Author SHA1 Message Date
tequ
63096d5fbc add test 2026-01-21 12:45:05 +09:00
tequ
2e128acdcf add execution test 2026-01-21 10:52:31 +09:00
tequ
043c60b62e Update new tests 2026-01-20 20:07:26 +09:00
tequ
5dd1198e4f Merge commit '5d9071695a616e1af378142e09649abc7d0e8afa' into hook-helper-func 2026-01-20 15:46:00 +09:00
tequ
ec6dc93834 Allow helper functions at Hooks 2026-01-19 16:44:23 +09:00
5 changed files with 1821 additions and 125 deletions
Expand all files Collapse all files

2
.gitignore vendored
View File

@@ -121,3 +121,5 @@ CMakeUserPresets.json
bld.rippled/
generated
guard_checker
guard_checker.dSYM

296
src/ripple/app/hook/Guard.h
View File

@@ -5,6 +5,7 @@
#include <memory>
#include <optional>
#include <ostream>
#include <set>
#include <stack>
#include <string>
#include <string_view>
@@ -282,7 +283,8 @@ check_guard(
* might have unforeseen consequences, without also rolling back further
* changes that are fine.
*/
uint64_t rulesVersion = 0
uint64_t rulesVersion = 0,
std::set<int>* out_callees = nullptr
)
{
@@ -492,17 +494,27 @@ check_guard(
{
REQUIRE(1);
uint64_t callee_idx = LEB();
// disallow calling of user defined functions inside a hook
// record user-defined function calls if tracking is enabled
if (callee_idx > last_import_idx)
{
GUARDLOG(hook::log::CALL_ILLEGAL)
<< "GuardCheck "
<< "Hook calls a function outside of the whitelisted "
"imports "
<< "codesec: " << codesec << " hook byte offset: " << i
<< "\n";
if (out_callees != nullptr)
{
// record the callee for call graph analysis
out_callees->insert(callee_idx);
}
else
{
// if not tracking, maintain original behavior: reject
GUARDLOG(hook::log::CALL_ILLEGAL)
<< "GuardCheck "
<< "Hook calls a function outside of the whitelisted "
"imports "
<< "codesec: " << codesec << " hook byte offset: " << i
<< "\n";
return {};
return {};
}
}
// enforce guard call limit
@@ -837,6 +849,42 @@ validateGuards(
*/
uint64_t rulesVersion = 0)
{
// Structure to track function call graph information
struct FunctionInfo
{
int func_idx;
std::set<int> callees; // functions this function calls
std::set<int> callers; // functions that call this function
bool has_loops; // whether this function contains loops
uint64_t local_wce; // local worst-case execution count
uint64_t total_wce; // total WCE including callees
bool wce_calculated; // whether total_wce has been computed
bool in_calculation; // for cycle detection in WCE calculation
FunctionInfo()
: func_idx(-1)
, has_loops(false)
, local_wce(0)
, total_wce(0)
, wce_calculated(false)
, in_calculation(false)
{
}
FunctionInfo(int idx, uint64_t local_wce_val, bool has_loops_val)
: func_idx(idx)
, has_loops(has_loops_val)
, local_wce(local_wce_val)
, total_wce(0)
, wce_calculated(false)
, in_calculation(false)
{
}
};
// Call graph: maps function index to its information
std::map<int, FunctionInfo> call_graph;
uint64_t byteCount = wasm.size();
// 63 bytes is the smallest possible valid hook wasm
@@ -1176,6 +1224,12 @@ validateGuards(
if (DEBUG_GUARD)
printf("Function map: func %d -> type %d\n", j, type_idx);
func_type_map[j] = type_idx;
// Step 4: Initialize FunctionInfo for each user-defined
// function func_idx starts from last_import_number + 1
int actual_func_idx = last_import_number + 1 + j;
call_graph[actual_func_idx] = FunctionInfo();
call_graph[actual_func_idx].func_idx = actual_func_idx;
}
}
@@ -1217,9 +1271,6 @@ validateGuards(
return {};
}
int64_t maxInstrCountHook = 0;
int64_t maxInstrCountCbak = 0;
// second pass... where we check all the guard function calls follow the
// guard rules minimal other validation in this pass because first pass
// caught most of it
@@ -1253,6 +1304,7 @@ validateGuards(
std::optional<
std::reference_wrapper<std::vector<uint8_t> const>>
first_signature;
bool helper_function = false;
if (auto const& usage = import_type_map.find(j);
usage != import_type_map.end())
{
@@ -1288,7 +1340,7 @@ validateGuards(
}
}
}
else if (j == hook_type_idx)
else if (j == hook_type_idx) // hook() or cbak() function type
{
// pass
}
@@ -1301,7 +1353,8 @@ validateGuards(
<< "Codesec: " << section_type << " "
<< "Local: " << j << " "
<< "Offset: " << i << "\n";
return {};
// return {};
helper_function = true;
}
int param_count = parseLeb128(wasm, i, &i);
@@ -1318,12 +1371,19 @@ validateGuards(
return {};
}
}
else if (helper_function)
{
// pass
}
else if (param_count != (*first_signature).get().size() - 1)
{
GUARDLOG(hook::log::FUNC_TYPE_INVALID)
<< "Malformed transaction. "
<< "Hook API: " << *first_name
<< " has the wrong number of parameters.\n";
<< " has the wrong number of parameters.\n"
<< "param_count: " << param_count << " "
<< "first_signature: "
<< (*first_signature).get().size() - 1 << "\n";
return {};
}
@@ -1370,6 +1430,10 @@ validateGuards(
return {};
}
}
else if (helper_function)
{
// pass
}
else if ((*first_signature).get()[k + 1] != param_type)
{
GUARDLOG(hook::log::FUNC_PARAM_INVALID)
@@ -1446,6 +1510,10 @@ validateGuards(
return {};
}
}
else if (helper_function)
{
// pass
}
else if ((*first_signature).get()[0] != result_type)
{
GUARDLOG(hook::log::FUNC_RETURN_INVALID)
@@ -1497,6 +1565,17 @@ validateGuards(
// execution to here means we are up to the actual expr for the
// codesec/function
// Step 5: Calculate actual function index and prepare callees
// tracking
int actual_func_idx = last_import_number + 1 + j;
std::set<int>* out_callees_ptr = nullptr;
// Only track callees if this function is in the call_graph
if (call_graph.find(actual_func_idx) != call_graph.end())
{
out_callees_ptr = &call_graph[actual_func_idx].callees;
}
auto valid = check_guard(
wasm,
j,
@@ -1506,33 +1585,188 @@ validateGuards(
last_import_number,
guardLog,
guardLogAccStr,
rulesVersion);
rulesVersion,
out_callees_ptr);
if (!valid)
return {};
if (hook_func_idx && *hook_func_idx == j)
maxInstrCountHook = *valid;
else if (cbak_func_idx && *cbak_func_idx == j)
maxInstrCountCbak = *valid;
else
// Step 5: Store local WCE and build bidirectional call
// relationships
if (call_graph.find(actual_func_idx) != call_graph.end())
{
if (DEBUG_GUARD)
printf(
"code section: %d not hook_func_idx: %d or "
"cbak_func_idx: %d\n",
j,
*hook_func_idx,
(cbak_func_idx ? *cbak_func_idx : -1));
// assert(false);
call_graph[actual_func_idx].local_wce = *valid;
// Build bidirectional relationships: for each callee, add
// this function as a caller
for (int callee_idx : call_graph[actual_func_idx].callees)
{
if (call_graph.find(callee_idx) != call_graph.end())
{
call_graph[callee_idx].callers.insert(
actual_func_idx);
}
}
}
// Note: We will calculate total WCE later after processing all
// functions
i = code_end;
}
}
i = next_section;
}
// execution to here means guards are installed correctly
// Step 6: Cycle detection using DFS
// Lambda function for DFS-based cycle detection
std::set<int> visited;
std::set<int> rec_stack;
std::function<bool(int)> detect_cycles_dfs = [&](int func_idx) -> bool {
if (rec_stack.find(func_idx) != rec_stack.end())
{
// Found a cycle: func_idx is already in the recursion stack
return true;
}
return std::pair<uint64_t, uint64_t>{maxInstrCountHook, maxInstrCountCbak};
if (visited.find(func_idx) != visited.end())
{
// Already visited and no cycle found from this node
return false;
}
visited.insert(func_idx);
rec_stack.insert(func_idx);
// Check all callees
if (call_graph.find(func_idx) != call_graph.end())
{
for (int callee_idx : call_graph[func_idx].callees)
{
if (detect_cycles_dfs(callee_idx))
{
return true;
}
}
}
rec_stack.erase(func_idx);
return false;
};
// Run cycle detection on all user-defined functions
for (const auto& [func_idx, func_info] : call_graph)
{
if (detect_cycles_dfs(func_idx))
{
GUARDLOG(hook::log::CALL_ILLEGAL)
<< "GuardCheck: Recursive function calls detected. "
<< "Hooks cannot contain recursive or mutually recursive "
"functions.\n";
return {};
}
}
// Step 7: Calculate total WCE for each function using bottom-up approach
// Lambda function for recursive WCE calculation with memoization
std::function<uint64_t(int)> calculate_function_wce =
[&](int func_idx) -> uint64_t {
// Check if function exists in call graph
if (call_graph.find(func_idx) == call_graph.end())
{
// This is an imported function, WCE = 0 (already accounted for)
return 0;
}
FunctionInfo& func_info = call_graph[func_idx];
// If already calculated, return cached result
if (func_info.wce_calculated)
{
return func_info.total_wce;
}
// Detect circular dependency in WCE calculation (should not happen
// after cycle detection)
if (func_info.in_calculation)
{
GUARDLOG(hook::log::CALL_ILLEGAL)
<< "GuardCheck: Internal error - circular dependency detected "
"during WCE calculation.\n";
return 0xFFFFFFFFU; // Return large value to trigger overflow error
}
func_info.in_calculation = true;
// Start with local WCE
uint64_t total = func_info.local_wce;
// Add WCE of all callees
for (int callee_idx : func_info.callees)
{
uint64_t callee_wce = calculate_function_wce(callee_idx);
// Check for overflow
if (total > 0xFFFFU || callee_wce > 0xFFFFU ||
(total + callee_wce) > 0xFFFFU)
{
func_info.in_calculation = false;
return 0xFFFFFFFFU; // Signal overflow
}
total += callee_wce;
}
func_info.total_wce = total;
func_info.wce_calculated = true;
func_info.in_calculation = false;
return total;
};
// Calculate WCE for hook and cbak functions
int64_t hook_wce_actual = 0;
int64_t cbak_wce_actual = 0;
if (hook_func_idx)
{
int actual_hook_idx = last_import_number + 1 + *hook_func_idx;
hook_wce_actual = calculate_function_wce(actual_hook_idx);
if (hook_wce_actual >= 0xFFFFU)
{
GUARDLOG(hook::log::INSTRUCTION_EXCESS)
<< "GuardCheck: hook() function exceeds maximum instruction "
"count (65535). "
<< "Total WCE including called functions: " << hook_wce_actual
<< "\n";
return {};
}
if (DEBUG_GUARD)
printf("hook() total WCE: %ld\n", hook_wce_actual);
}
if (cbak_func_idx)
{
int actual_cbak_idx = last_import_number + 1 + *cbak_func_idx;
cbak_wce_actual = calculate_function_wce(actual_cbak_idx);
if (cbak_wce_actual >= 0xFFFFU)
{
GUARDLOG(hook::log::INSTRUCTION_EXCESS)
<< "GuardCheck: cbak() function exceeds maximum instruction "
"count (65535). "
<< "Total WCE including called functions: " << cbak_wce_actual
<< "\n";
return {};
}
if (DEBUG_GUARD)
printf("cbak() total WCE: %ld\n", cbak_wce_actual);
}
// execution to here means guards are installed correctly and WCE is within
// limits
return std::pair<uint64_t, uint64_t>{hook_wce_actual, cbak_wce_actual};
}

804
src/test/app/SetHook_test.cpp
View File

@@ -2591,6 +2591,809 @@ public:
}
}
void
testHelperFunctions(FeatureBitset features)
{
testcase("Test helper functions and recursion detection");
using namespace jtx;
Env env{*this, features};
auto const alice = Account{"alice"};
auto const bob = Account{"bob"};
env.fund(XRP(10000), alice, bob);
env.close();
// Test 1: Valid helper function without loops - should pass
{
/*
#include <stdint.h>
extern int32_t _g(uint32_t id, uint32_t maxiter);
extern int64_t accept(uint32_t read_ptr, uint32_t read_len, int64_t
error_code);
extern int64_t hook_pos(void);
int64_t helper(int64_t n) { return n + hook_pos(); }
int64_t cbak(uint32_t reserved) {
_g(1, 1);
int64_t result = helper(34);
return accept(0, 0, result);
}
int64_t hook(uint32_t reserved) {
_g(1, 1);
int64_t result = helper(5);
return accept(0, 0, result);
}
*/
TestHook hook_wasm = wasm[R"[test.hook](
(module
(type (;0;) (func (param i32) (result i64)))
(type (;1;) (func (result i64)))
(type (;2;) (func (param i32 i32) (result i32)))
(type (;3;) (func (param i32 i32 i64) (result i64)))
(type (;4;) (func (param i64) (result i64)))
(import "env" "hook_pos" (func (;0;) (type 1)))
(import "env" "_g" (func (;1;) (type 2)))
(import "env" "accept" (func (;2;) (type 3)))
(func (;3;) (type 4) (param i64) (result i64)
call 0
local.get 0
i64.add)
(func (;4;) (type 0) (param i32) (result i64)
i32.const 1
i32.const 1
call 1
drop
i32.const 0
i32.const 0
i64.const 34
call 3
call 2)
(func (;5;) (type 0) (param i32) (result i64)
i32.const 1
i32.const 1
call 1
drop
i32.const 0
i32.const 0
i64.const 5
call 3
call 2)
(memory (;0;) 2)
(export "memory" (memory 0))
(export "cbak" (func 4))
(export "hook" (func 5)))
)[test.hook]"];
HASH_WASM(hook);
env(ripple::test::jtx::hook(
alice, {{hso(hook_wasm, overrideFlag)}}, 0),
M("Valid helper function without loops"),
HSFEE,
ter(tesSUCCESS));
env.close();
EXPECT_HOOK_FEE(hook, 14);
env(pay(bob, alice, XRP(1)), M("Test helper 1"), fee(XRP(1)));
env.close();
}
// Test 2: Helper function with guarded loop - should pass
{
/*
#include <stdint.h>
extern int32_t _g(uint32_t id, uint32_t maxiter);
extern int64_t accept(uint32_t read_ptr, uint32_t read_len, int64_t
error_code); extern int64_t hook_pos(void);
int64_t helper(int64_t n) {
int64_t sum = 0;
for (int i = 0; i < 3; ++i) {
_g(2, 4);
sum += i * n;
}
return sum;
}
int64_t cbak(uint32_t reserved) {
_g(1, 1);
int64_t result = helper(2);
return accept(0, 0, result);
}
int64_t hook(uint32_t reserved) {
_g(1, 1);
int64_t result = helper(3);
return accept(0, 0, result);
}
*/
TestHook hook_wasm = wasm[R"[test.hook](
(module
(type (;0;) (func (param i32) (result i64)))
(type (;1;) (func (param i32 i32) (result i32)))
(type (;2;) (func (param i32 i32 i64) (result i64)))
(type (;3;) (func (param i64) (result i64)))
(import "env" "_g" (func (;0;) (type 1)))
(import "env" "accept" (func (;1;) (type 2)))
(func (;2;) (type 0) (param i32) (result i64)
i32.const 1
i32.const 1
call 0
drop
i32.const 0
i32.const 0
i64.const 3
call 3
call 1)
(func (;3;) (type 3) (param i64) (result i64)
i32.const 2
i32.const 4
call 0
drop
i32.const 2
i32.const 4
call 0
drop
i32.const 2
i32.const 4
call 0
drop
local.get 0
i64.const 3
i64.mul)
(func (;4;) (type 0) (param i32) (result i64)
i32.const 1
i32.const 1
call 0
drop
i32.const 0
i32.const 0
i64.const 2
call 3
call 1)
(memory (;0;) 2)
(export "memory" (memory 0))
(export "hook" (func 2))
(export "cbak" (func 4)))
)[test.hook]"];
HASH_WASM(hook);
env(ripple::test::jtx::hook(
alice, {{hso(hook_wasm, overrideFlag)}}, 0),
M("Helper function with guarded loop"),
HSFEE,
ter(tesSUCCESS));
env.close();
EXPECT_HOOK_FEE(hook, 26);
env(pay(bob, alice, XRP(1)), M("Test helper 2"), fee(XRP(1)));
env.close();
}
// Test 3: Direct recursion - should fail
{
/*
#include <stdint.h>
extern int32_t _g(uint32_t id, uint32_t maxiter);
extern int64_t accept(uint32_t read_ptr, uint32_t read_len, int64_t
error_code);
extern int64_t hook_pos(void);
int64_t recursive_func(int64_t n) {
if (n <= 0)
return 0;
return n + recursive_func(n - hook_pos());
}
int64_t cbak(uint32_t reserved) {
_g(1, 1);
int64_t result = recursive_func(5);
return accept(0, 0, result);
}
int64_t hook(uint32_t reserved) {
_g(1, 1);
int64_t result = recursive_func(10);
return accept(0, 0, result);
}
*/
TestHook hook = wasm[R"[test.hook](
(module
(type (;0;) (func (param i32) (result i64)))
(type (;1;) (func (param i32 i32) (result i32)))
(type (;2;) (func (param i32 i32 i64) (result i64)))
(type (;3;) (func (result i64)))
(type (;4;) (func (param i64) (result i64)))
(import "env" "_g" (func $g (type 1)))
(import "env" "accept" (func $accept (type 2)))
(import "env" "hook_pos" (func $hook_pos (type 3)))
(func $recursive_func (type 4) (param $n i64) (result i64)
(if (result i64)
(i64.le_s (local.get $n) (i64.const 0))
(then
(i64.const 0)
)
(else
(i64.add
(local.get $n)
(call $recursive_func
(i64.sub (local.get $n) (call $hook_pos))
)
)
)
)
)
(func (;3;) (type 0) (param i32) (result i64) ;; cbak
i32.const 1
i32.const 1
call $g
drop
i32.const 0
i32.const 0
i64.const 5
call $recursive_func
call $accept
)
(func (;5;) (type 0) (param i32) (result i64) ;; hook
i32.const 1
i32.const 1
call $g
drop
i32.const 0
i32.const 0
i64.const 10
call $recursive_func
call $accept
)
(memory (;0;) 2)
(export "memory" (memory 0))
(export "cbak" (func 3))
(export "hook" (func 5)))
)[test.hook]"];
env(ripple::test::jtx::hook(alice, {{hso(hook)}}, 0),
M("Direct recursion should fail"),
HSFEE,
ter(temMALFORMED));
env.close();
}
// Test 4: Indirect recursion (A -> B -> A) - should fail
{
/*
#include <stdint.h>
extern int32_t _g(uint32_t id, uint32_t maxiter);
extern int64_t accept(uint32_t read_ptr, uint32_t read_len, int64_t
error_code);
int64_t func_b(int64_t n);
int64_t func_a(int64_t n) {
if (n <= 0)
return 0;
return n + func_b(n - 1);
}
int64_t func_b(int64_t n) {
if (n <= 0)
return 0;
return n + func_a(n - 1);
}
int64_t cbak(uint32_t reserved) {
_g(1, 1);
int64_t result = func_a(5);
return accept(0, 0, result);
}
int64_t hook(uint32_t reserved) {
_g(1, 1);
int64_t result = func_a(10);
return accept(0, 0, result);
}
*/
TestHook hook = wasm[R"[test.hook](
(module
(import "env" "_g" (func $_g (param i32 i32) (result i32)))
(import "env" "accept" (func $accept (param i32 i32 i64) (result i64)))
(type $func_type (func (param i64) (result i64)))
(func $func_b (param $n i64) (result i64)
(if (result i64)
(i64.le_s (local.get $n) (i64.const 0))
(then
(i64.const 0)
)
(else
(i64.add
(local.get $n)
(call $func_a
(i64.sub (local.get $n) (i64.const 1))
)
)
)
)
)
(func $func_a (param $n i64) (result i64)
(if (result i64)
(i64.le_s (local.get $n) (i64.const 0))
(then
(i64.const 0)
)
(else
(i64.add
(local.get $n)
(call $func_b
(i64.sub (local.get $n) (i64.const 1))
)
)
)
)
)
(func $cbak (param $reserved i32) (result i64)
(local $result i64)
(drop (call $_g (i32.const 1) (i32.const 1)))
(local.set $result (call $func_a (i64.const 5)))
(call $accept (i32.const 0) (i32.const 0) (local.get $result))
)
(func $hook (param $reserved i32) (result i64)
(local $result i64)
(drop (call $_g (i32.const 1) (i32.const 1)))
(local.set $result (call $func_a (i64.const 10)))
(call $accept (i32.const 0) (i32.const 0) (local.get $result))
)
(export "cbak" (func $cbak))
(export "hook" (func $hook)))
)[test.hook]"];
env(ripple::test::jtx::hook(alice, {{hso(hook)}}, 0),
M("Indirect recursion should fail"),
HSFEE,
ter(temMALFORMED));
env.close();
}
// Test 5: Deep call chain (A -> B -> C -> D) - should pass if WCE is OK
{
/*
#include <stdint.h>
extern int32_t _g(uint32_t id, uint32_t maxiter);
extern int64_t accept(uint32_t read_ptr, uint32_t read_len, int64_t
error_code);
extern int64_t hook_pos(void);
int64_t helper(int64_t n) { return n + hook_pos(); }
int64_t cbak(uint32_t reserved) {
_g(1, 1);
int64_t result = helper(34);
return accept(0, 0, result);
}
int64_t hook(uint32_t reserved) {
_g(1, 1);
int64_t result = helper(5);
return accept(0, 0, result);
}
*/
TestHook hook_wasm = wasm[R"[test.hook](
(module
(type (;0;) (func (param i32) (result i64)))
(type (;1;) (func (result i64)))
(type (;2;) (func (param i32 i32) (result i32)))
(type (;3;) (func (param i32 i32 i64) (result i64)))
(type (;4;) (func (param i64) (result i64)))
(import "env" "hook_pos" (func (;0;) (type 1)))
(import "env" "_g" (func (;1;) (type 2)))
(import "env" "accept" (func (;2;) (type 3)))
(func (;3;) (type 4) (param i64) (result i64)
call 0
local.get 0
i64.add)
(func (;4;) (type 0) (param i32) (result i64)
i32.const 1
i32.const 1
call 1
drop
i32.const 0
i32.const 0
i64.const 34
call 3
call 2)
(func (;5;) (type 0) (param i32) (result i64)
i32.const 1
i32.const 1
call 1
drop
i32.const 0
i32.const 0
i64.const 5
call 3
call 2)
(memory (;0;) 2)
(export "memory" (memory 0))
(export "cbak" (func 4))
(export "hook" (func 5)))
)[test.hook]"];
HASH_WASM(hook);
env(ripple::test::jtx::hook(
alice, {{hso(hook_wasm, overrideFlag)}}, 0),
M("Deep call chain without recursion"),
HSFEE,
ter(tesSUCCESS));
env.close();
EXPECT_HOOK_FEE(hook, 14);
env(pay(bob, alice, XRP(1)), M("Test helper 5"), fee(XRP(1)));
env.close();
}
// Test 6: Helper called multiple times - WCE should accumulate
{
/*
#include <stdint.h>
extern int32_t _g(uint32_t id, uint32_t maxiter);
extern int64_t accept(uint32_t read_ptr, uint32_t read_len, int64_t
error_code);
int64_t expensive_helper() {
int64_t sum = 0;
for (int i = 0; i < 100; ++i) {
_g(2, 301);
sum += i;
}
return sum;
}
int64_t hook(uint32_t reserved) {
_g(1, 1);
int64_t result = 0;
result += expensive_helper();
result += expensive_helper();
result += expensive_helper();
return accept(0, 0, result);
}
*/
TestHook hook_wasm = wasm[R"[test.hook](
(module
(type (;0;) (func (param i32 i32) (result i32)))
(type (;1;) (func (param i32 i32 i64) (result i64)))
(type (;2;) (func (result i64)))
(type (;3;) (func (param i32) (result i64)))
(import "env" "_g" (func (;0;) (type 0)))
(import "env" "accept" (func (;1;) (type 1)))
(func (;2;) (type 2) (result i64)
(local i64)
i64.const 100
local.set 0
loop ;; label = @1
i32.const 2
i32.const 301
call 0
drop
local.get 0
i64.const 1
i64.sub
local.tee 0
i64.eqz
i32.eqz
br_if 0 (;@1;)
end
i64.const 4950)
(func (;3;) (type 3) (param i32) (result i64)
i32.const 1
i32.const 1
call 0
drop
i32.const 0
i32.const 0
call 2
call 2
i64.add
call 2
i64.add
call 1)
(memory (;0;) 2)
(export "memory" (memory 0))
(export "hook" (func 3)))
)[test.hook]"];
HASH_WASM(hook);
env(ripple::test::jtx::hook(
alice, {{hso(hook_wasm, overrideFlag)}}, 0),
M("Helper called multiple times"),
HSFEE,
ter(tesSUCCESS));
env.close();
EXPECT_HOOK_FEE(hook, 2727);
env(pay(bob, alice, XRP(1)), M("Test helper 6"), fee(XRP(1)));
env.close();
}
// Test 7: WCE overflow through many helpers - should fail
{
/*
#include <stdint.h>
extern int32_t _g(uint32_t id, uint32_t maxiter);
extern int64_t accept(uint32_t read_ptr, uint32_t read_len, int64_t
error_code);
int64_t large_helper(int64_t n) {
int64_t sum = n;
for (int i = 0; i < 10000; ++i) {
_g(2, 10001);
sum += i;
}
return sum;
}
int64_t cbak(uint32_t reserved) {
_g(1, 1);
int64_t result = 10;
for (int i = 0; i < 10; ++i) {
_g(3, 11);
result += large_helper(10);
}
return accept(0, 0, result);
}
int64_t hook(uint32_t reserved) {
_g(1, 1);
int64_t result = 0;
for (int i = 0; i < 10; ++i) {
_g(3, 11);
result += large_helper(0);
}
return accept(0, 0, result);
}
*/
TestHook hook = wasm[R"[test.hook](
(module
(type (;0;) (func (param i32) (result i64)))
(type (;1;) (func (param i32 i32) (result i32)))
(type (;2;) (func (param i32 i32 i64) (result i64)))
(type (;3;) (func (param i64) (result i64)))
(import "env" "_g" (func (;0;) (type 1)))
(import "env" "accept" (func (;1;) (type 2)))
(func (;2;) (type 0) (param i32) (result i64)
(local i64)
i32.const 1
i32.const 1
call 0
drop
i32.const 10
local.set 0
i64.const 10
local.set 1
loop ;; label = @1
i32.const 3
i32.const 11
call 0
drop
i64.const 10
call 3
local.get 1
i64.add
local.set 1
local.get 0
i32.const 1
i32.sub
local.tee 0
br_if 0 (;@1;)
end
i32.const 0
i32.const 0
local.get 1
call 1)
(func (;3;) (type 3) (param i64) (result i64)
(local i64)
i64.const 10000
local.set 1
loop ;; label = @1
i32.const 2
i32.const 10001
call 0
drop
local.get 1
i64.const 1
i64.sub
local.tee 1
i64.eqz
i32.eqz
br_if 0 (;@1;)
end
local.get 0
i64.const 49995000
i64.add)
(func (;4;) (type 0) (param i32) (result i64)
(local i64)
i32.const 1
i32.const 1
call 0
drop
i32.const 10
local.set 0
loop ;; label = @1
i32.const 3
i32.const 11
call 0
drop
i64.const 0
call 3
local.get 1
i64.add
local.set 1
local.get 0
i32.const 1
i32.sub
local.tee 0
br_if 0 (;@1;)
end
i32.const 0
i32.const 0
local.get 1
call 1)
(memory (;0;) 2)
(export "memory" (memory 0))
(export "cbak" (func 2))
(export "hook" (func 4)))
)[test.hook]"];
env(ripple::test::jtx::hook(alice, {{hso(hook)}}, 0),
M("WCE overflow through helpers"),
HSFEE,
ter(temMALFORMED));
env.close();
}
// Test 8: guard inside guard
{
/*
#include <stdint.h>
extern int32_t _g(uint32_t id, uint32_t maxiter);
extern int64_t accept(uint32_t read_ptr, uint32_t read_len, int64_t
error_code);
int64_t helper(int64_t n) {
int64_t sum = n;
for (int i = 0; i < 100; ++i) {
_g(2, 1000);
sum += i;
}
return sum;
}
int64_t cbak(uint32_t reserved) {
_g(1, 1);
int64_t result = 10;
for (int i = 0; i < 10; ++i) {
_g(3, 11);
result += helper(10);
}
return accept(0, 0, result);
}
int64_t hook(uint32_t reserved) {
_g(1, 1);
int64_t result = 0;
for (int i = 0; i < 10; ++i) {
_g(3, 11);
result += helper(0);
}
return accept(0, 0, result);
}
*/
TestHook hook_wasm = wasm[R"[test.hook](
(module
(type (;0;) (func (param i32) (result i64)))
(type (;1;) (func (param i32 i32) (result i32)))
(type (;2;) (func (param i32 i32 i64) (result i64)))
(type (;3;) (func (param i64) (result i64)))
(import "env" "_g" (func (;0;) (type 1)))
(import "env" "accept" (func (;1;) (type 2)))
(func (;2;) (type 3) (param i64) (result i64)
(local i64)
i64.const 100
local.set 1
loop ;; label = @1
i32.const 2
i32.const 1000
call 0
drop
local.get 1
i64.const 1
i64.sub
local.tee 1
i64.eqz
i32.eqz
br_if 0 (;@1;)
end
local.get 0
i64.const 4950
i64.add)
(func (;3;) (type 0) (param i32) (result i64)
(local i64)
i32.const 1
i32.const 1
call 0
drop
i32.const 10
local.set 0
i64.const 10
local.set 1
loop ;; label = @1
i32.const 3
i32.const 11
call 0
drop
i64.const 10
call 2
local.get 1
i64.add
local.set 1
local.get 0
i32.const 1
i32.sub
local.tee 0
br_if 0 (;@1;)
end
i32.const 0
i32.const 0
local.get 1
call 1)
(func (;4;) (type 0) (param i32) (result i64)
(local i64)
i32.const 1
i32.const 1
call 0
drop
i32.const 10
local.set 0
loop ;; label = @1
i32.const 3
i32.const 11
call 0
drop
i64.const 0
call 2
local.get 1
i64.add
local.set 1
local.get 0
i32.const 1
i32.sub
local.tee 0
br_if 0 (;@1;)
end
i32.const 0
i32.const 0
local.get 1
call 1)
(memory (;0;) 2)
(export "memory" (memory 0))
(export "cbak" (func 3))
(export "hook" (func 4)))
)[test.hook]"];
HASH_WASM(hook);
env(ripple::test::jtx::hook(
alice, {{hso(hook_wasm, overrideFlag)}}, 0),
M("guard inside guard"),
HSFEE,
ter(tesSUCCESS));
EXPECT_HOOK_FEE(hook, 9151);
env(pay(bob, alice, XRP(1)), M("Test helper 8"), fee(XRP(1)));
env.close();
}
}
void
test_emit(FeatureBitset features)
{
@@ -13628,6 +14431,7 @@ public:
test_rollback(features);
testGuards(features);
testHelperFunctions(features);
test_emit(features); //
// test_etxn_burden(features); // tested above

825
src/test/app/SetHook_wasm.h
View File

File diff suppressed because it is too large Load Diff

19
src/test/app/build_test_hooks.sh
View File

@@ -58,8 +58,21 @@ cat $INPUT_FILE | tr '\n' '\f' |
then
echo '#include "api.h"' > "$WASM_DIR/test-$COUNTER-gen.c"
tr '\f' '\n' <<< $line >> "$WASM_DIR/test-$COUNTER-gen.c"
DECLARED="`tr '\f' '\n' <<< $line | grep -E '(extern|define) ' | grep -Eo '[a-z\-\_]+ *\(' | grep -v 'sizeof' | sed -E 's/[^a-z\-\_]//g' | sort | uniq`"
USED="`tr '\f' '\n' <<< $line | grep -vE '(extern|define) ' | grep -Eo '[a-z\-\_]+\(' | grep -v 'sizeof' | sed -E 's/[^a-z\-\_]//g' | grep -vE '^(hook|cbak)' | sort | uniq`"
DECLARED="`tr '\f' '\n' <<< $line \
| grep -E '(extern|static|define) ' \
| grep -Eo '[a-z\-\_]+ *\(' \
| grep -v 'sizeof' \
| sed -E 's/[^a-z\-\_]//g' \
| grep -vE '^__attribute__$' \
| sort | uniq`"
USED="`tr '\f' '\n' <<< $line \
| grep -vE '(extern|static|define) ' \
| grep -Eo '[a-z\-\_]+\(' \
| grep -v 'sizeof' \
| sed -E 's/[^a-z\-\_]//g' \
| grep -vE '^(__attribute__|hook|cbak)$' \
| sort | uniq`"
ONCE="`echo $DECLARED $USED | tr ' ' '\n' | sort | uniq -c | grep '1 ' | sed -E 's/^ *1 //g'`"
FILTER="`echo $DECLARED | tr ' ' '|' | sed -E 's/\|$//g'`"
UNDECL="`echo $ONCE | grep -v -E $FILTER 2>/dev/null || echo ''`"
@@ -69,7 +82,7 @@ cat $INPUT_FILE | tr '\n' '\f' |
echo "$line"
exit 1
fi
wasmcc -x c /dev/stdin -o /dev/stdout -O2 -Wl,--allow-undefined <<< "`tr '\f' '\n' <<< $line`" |
wasmcc -x c /dev/stdin -o /dev/stdout -O2 -Wl,--allow-undefined,--export=hook,--export=cbak <<< "`tr '\f' '\n' <<< $line`" |
hook-cleaner - - 2>/dev/null |
xxd -p -u -c 10 |
sed -E 's/../0x&U,/g' | sed -E 's/^/ /g' >> $OUTPUT_FILE