fix: inspect and log errors in fvm consensus trait methods

[hanabi1224]

Summary of changes

Follow-up of #7082

Changes introduced in this pull request:

• inspect and log errors in fvm consensus trait methods
• deduplicte repetitive code

Reference issue to close (if applicable)

Closes

Other information and links

Change checklist

• I have performed a self-review of my own code,
• I have made corresponding changes to the documentation. All new code adheres to the team's documentation standards,
• I have added tests that prove my fix is effective or that my feature works (if possible),
• I have made sure the CHANGELOG is up-to-date. All user-facing changes should be reflected in this document.

Outside contributions

• I have read and agree to the CONTRIBUTING document.
• I have read and agree to the AI Policy document. I understand that failure to comply with the guidelines will lead to rejection of the pull request.

Summary by CodeRabbit

• New Features

  • Consensus-fault verification and tipset CID resolution exposed to runtimes
  • Network-version-aware gas accounting for blockstore read/write patterns

• Refactor

  • Consolidated shared logic for consensus checks, tipset lookups and randomness across FVM versions
  • Simplified shims and re-exports for cleaner interoperability

• Tests

  • Unit tests validating gas accounting across read/write scenarios

[coderabbitai]

Walkthrough

Consolidates FVM-specific extern logic into a shared ForestExterns: unified consensus fault types and conversions, simplified randomness trait, shared consensus-fault verification (with worker-key lookup, signature checks, gas accounting), and thin FVM adapters delegating to the shared implementation.

Changes

Consensus and Extern Consolidation

Layer / File(s)	Summary
Consensus types and unified externs shim src/shim/consensus.rs, src/shim/externs.rs, src/shim/clock.rs, src/shim/gas.rs, src/shim/mod.rs	New ConsensusFaultType and ConsensusFault with From conversions for fvm_shared2/3/4; Rand trait redesigned to use unified ChainEpoch with auto_impl; GasTracker re-export source changed; consensus module exported.
Shared ForestExterns implementation src/interpreter/externs.rs	Adds ForestExterns with constructor and bail flag, lookback miner worker-key derivation, block header signature verification, consensus-fault classification & verification returning (Option<ConsensusFault>, gas), tipset CID lookup via ChainIndex, cal_gas_used_from_stats gas computation, and unit tests for gas calculation.
FVM version adapters and integration src/interpreter/mod.rs, src/interpreter/fvm2.rs, src/interpreter/fvm3.rs, src/interpreter/fvm4.rs, src/interpreter/vm.rs	Replaces per-version ForestExterns structs with type aliases to shared ForestExterns; Externs/Rand/Consensus/Chain impls delegate to shared methods; VM wiring passes randomness directly.
State manager comments src/state_manager/chain_rand.rs	Added comments clarifying that randomness retrieval errors are inspected/logged and not propagated to callers.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Suggested reviewers

• LesnyRumcajs
• akaladarshi
• sudo-shashank

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Title check	⚠️ Warning	The PR title does not accurately describe the substantial refactoring work: extracting consensus verification and gas calculation logic into a new shared externs module, consolidating duplicate code across FVM versions, and deduplicating externs implementations. Instead, it focuses narrowly on inspecting/logging errors in randomness methods.	Revise the title to reflect the primary refactoring objective, such as 'refactor: consolidate consensus verification logic into shared externs module' or 'refactor: extract and deduplicate extern implementations across FVM versions'.
Docstring Coverage	⚠️ Warning	Docstring coverage is 16.22% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch hm/refactor-externs

✨ Simplify code

• Create PR with simplified code
• Commit simplified code in branch hm/refactor-externs

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (1)

src/shim/consensus.rs (1)

6-10: 💤 Low value

Consider adding common derives for debugging and flexibility.

The ConsensusFaultType and ConsensusFault types lack Debug, Clone, and Copy (for the enum) derives which would aid debugging and allow flexibility in usage patterns.

♻️ Suggested derives

-pub enum ConsensusFaultType {
+#[derive(Debug, Clone, Copy)]
+pub enum ConsensusFaultType {
     DoubleForkMining,
     TimeOffsetMining,
     ParentGrinding,
 }

-pub struct ConsensusFault {
+#[derive(Debug, Clone)]
+pub struct ConsensusFault {
     pub target: Address,
     pub epoch: ChainEpoch,
     pub fault_type: ConsensusFaultType,
 }

Also applies to: 42-46

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/shim/consensus.rs` around lines 6 - 10, Add common derive traits to
improve debugging and usage: annotate the enum ConsensusFaultType with
#[derive(Debug, Clone, Copy, PartialEq, Eq)] (at minimum Debug, Clone, Copy) and
annotate the ConsensusFault struct with #[derive(Debug, Clone, PartialEq, Eq)]
(at minimum Debug and Clone) so both types can be easily logged, cloned, and
compared; update the derive lists near the declarations of ConsensusFaultType
and ConsensusFault accordingly.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@src/shim/consensus.rs`:
- Around line 6-10: Add common derive traits to improve debugging and usage:
annotate the enum ConsensusFaultType with #[derive(Debug, Clone, Copy,
PartialEq, Eq)] (at minimum Debug, Clone, Copy) and annotate the ConsensusFault
struct with #[derive(Debug, Clone, PartialEq, Eq)] (at minimum Debug and Clone)
so both types can be easily logged, cloned, and compared; update the derive
lists near the declarations of ConsensusFaultType and ConsensusFault
accordingly.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 94d2d4f6-8e9e-4a02-afc1-9d48800c31a0

📥 Commits

Reviewing files that changed from the base of the PR and between 57f4c47 and 5a37c40.

📒 Files selected for processing (11)

• src/interpreter/externs.rs
• src/interpreter/fvm2.rs
• src/interpreter/fvm3.rs
• src/interpreter/fvm4.rs
• src/interpreter/mod.rs
• src/interpreter/vm.rs
• src/shim/clock.rs
• src/shim/consensus.rs
• src/shim/externs.rs
• src/shim/gas.rs
• src/shim/mod.rs

[codecov]

Codecov Report

❌ Patch coverage is 33.08550% with 180 lines in your changes missing coverage. Please review.
✅ Project coverage is 64.23%. Comparing base (57f4c47) to head (71feca0).
✅ All tests successful. No failed tests found.

Files with missing lines	Patch %	Lines
src/interpreter/externs.rs	39.81%	124 Missing and 3 partials ⚠️
src/shim/consensus.rs	0.00%	39 Missing ⚠️
src/interpreter/fvm3.rs	0.00%	6 Missing ⚠️
src/interpreter/fvm2.rs	0.00%	4 Missing ⚠️
src/interpreter/fvm4.rs	33.33%	4 Missing ⚠️

Additional details and impacted files

Files with missing lines	Coverage Δ
src/interpreter/mod.rs	77.27% <ø> (ø)
src/interpreter/vm.rs	82.03% <100.00%> (ø)
src/shim/gas.rs	58.87% <ø> (-11.30%)	⬇️
src/state_manager/chain_rand.rs	65.64% <ø> (ø)
src/interpreter/fvm2.rs	0.00% <0.00%> (-44.69%)	⬇️
src/interpreter/fvm4.rs	33.33% <33.33%> (-9.05%)	⬇️
src/interpreter/fvm3.rs	0.00% <0.00%> (-42.35%)	⬇️
src/shim/consensus.rs	0.00% <0.00%> (ø)
src/interpreter/externs.rs	39.81% <39.81%> (ø)

... and 11 files with indirect coverage changes

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 57f4c47...71feca0. Read the comment docs.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[coderabbitai]

🧹 Nitpick comments (2)

src/interpreter/externs.rs (2)

123-132: 💤 Low value

Comment claims errors are not propagated, but the function returns Result.

The comment on line 123 states "errors are not propagated to the caller," but this function returns anyhow::Result, so errors are indeed propagated. The error swallowing likely happens in the FVM adapter layer (e.g., fvm2.rs, fvm3.rs, fvm4.rs), not here. Consider clarifying the comment to indicate where errors are ultimately swallowed.

📝 Suggested comment clarification

-        // Inspect and log errors as this is only called in `FVM` and errors are not propogated to the caller
+        // Inspect and log errors; FVM adapter layer swallows these errors and returns (None, gas) to FVM

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/interpreter/externs.rs` around lines 123 - 132, The comment above the
call to self.verify_consensus_fault_impl currently says "errors are not
propogated to the caller" but this function returns anyhow::Result and thus
propagates errors; update the comment to accurately state that
verify_consensus_fault_impl (and the surrounding method) return Result and that
any swallowing of errors happens upstream in the FVM adapter layers (e.g.,
fvm2.rs, fvm3.rs, fvm4.rs), so callers should look there if errors are being
suppressed.

---

36-37: 💤 Low value

The bail field is never set to true in this file.

The bail field is initialized to false and only read via bail(), but there's no visible code path that sets it to true. If this is intended to be set by FVM adapters (as suggested by the pub(super) visibility pattern on other fields), consider adding a set_bail() method or documenting how this flag is meant to be triggered.

Also applies to: 59-61

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/interpreter/externs.rs` around lines 36 - 37, The AtomicBool field `bail`
is never set to true but is read via the `bail()` accessor; add a way for
callers (e.g., FVM adapters) to trigger it by implementing a `set_bail()` (or
`trigger_bail()`) method that sets `self.bail.store(true, Ordering::SeqCst)` (or
appropriate ordering), or change visibility to allow supervised callers to set
it; update any places that should abort to call this new method so the flag can
actually be flipped.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@src/interpreter/externs.rs`:
- Around line 123-132: The comment above the call to
self.verify_consensus_fault_impl currently says "errors are not propogated to
the caller" but this function returns anyhow::Result and thus propagates errors;
update the comment to accurately state that verify_consensus_fault_impl (and the
surrounding method) return Result and that any swallowing of errors happens
upstream in the FVM adapter layers (e.g., fvm2.rs, fvm3.rs, fvm4.rs), so callers
should look there if errors are being suppressed.
- Around line 36-37: The AtomicBool field `bail` is never set to true but is
read via the `bail()` accessor; add a way for callers (e.g., FVM adapters) to
trigger it by implementing a `set_bail()` (or `trigger_bail()`) method that sets
`self.bail.store(true, Ordering::SeqCst)` (or appropriate ordering), or change
visibility to allow supervised callers to set it; update any places that should
abort to call this new method so the flag can actually be flipped.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 9bcb3b27-8841-4b15-82bd-0ea68dce3672

📥 Commits

Reviewing files that changed from the base of the PR and between feab6ee and 71feca0.

📒 Files selected for processing (1)

• src/interpreter/externs.rs