core/vm: 64 bit gas instructions #3514
Conversation
|
@obscuren, thanks for your PR! By analyzing the history of the files in this pull request, we identified @Gustav-Simonsson, @leijurv and @pirapira to be potential reviewers. |
obscuren
force-pushed
the
gas64
branch
4 times, most recently
from
7ff8ada
to
4e4775a
Compare
|
PR vs PR vs |
|
Regarding the intpool... It looks a bit 'dangerous', in that it seems relatively easy to make a mistake there. I feel it would be good to have some additional tests for coverage; not only to ensure that no consensus error occurs, but specifically it would be good to run the VM in 'checked' mode where it performs additional tests on the pool. Examples of what could be done in checked mode:
I'm also concerned whether journal reverts can somehow hold a reference to a pooled bigint. And how we can ensure that such case does not occur in the future (because from what I've seen now, all journal entries appear to instantiate new bigints). Third, it probably makes sense to have some rudimentary counter on the pool - it does not appear limited? If you run a node for several weeks, and there's a skewed balance (if there are more pushing than popping), couldn't that eventually become a problem.. ? The |
common/math/integer.go
Outdated
| return x + y, y > gmath.MaxUint64-x | ||
| } | ||
|
|
||
| // IsAddSafe returns whether the multiplication is safe and does not overflow. |
There was a problem hiding this comment.
// IsAddSafe returns whether the multiplication is safe and does not overflow.
Should be
// SafeMul returns multiplication result and whether overflow occurred.
common/math/integer.go
Outdated
| return x - y, x < y | ||
| } | ||
|
|
||
| // IsAddSafe returns whether the addition is safe and does not overflow. |
There was a problem hiding this comment.
// IsAddSafe returns whether the addition is safe and does not overflow.
Should be
// SafeAdd returns the result and whether overflow occurred.
common/math/integer.go
Outdated
| * NOTE: The following methods need to be optimised using either bit checking or asm | ||
| */ | ||
|
|
||
| // IsMinSafe returns whether the subtraction is safe and does not overflow. |
There was a problem hiding this comment.
Should be
// SafeSub returns subtraction result and whether overflow occurred
core/state_transition.go
Outdated
| } | ||
| } | ||
|
|
||
| // ApplyMessage computes the new state by applying the given message | ||
| // against the old state within the environment. | ||
| // against the old state within the evmironment. |
core/state_transition.go
Outdated
| @@ -209,34 +212,40 @@ func (self *StateTransition) preCheck() (err error) { | |||
| return nil | |||
| } | |||
|
|
|||
| // TransitionDb will move the state by applying the message against the given environment. | |||
| // TransitionDb will move the state by applying the message against the given evmironment. | |||
I agree, I'll work on those.
If that were the case we'd already have issues (*). I'm going to assume it's not the case and that our current network would have already had ran in to any issues.
(*) The int pool is being recreated each time a interpreter is instantiated, which happens for each transaction. I'm not sure how the pool can grow very large either. Ints must come from either a |
core/vm/contracts.go
Outdated
| n.Mul(n, params.Sha256WordGas) | ||
| return n.Add(n, params.Sha256Gas) | ||
| func (c *sha256) RequiredGas(inputSize int) uint64 { | ||
| return uint64(inputSize+31)/32*params.Sha256WordGas + params.Sha256Gas |
There was a problem hiding this comment.
Shouldn't these use the SafeXXX-functions?
There was a problem hiding this comment.
Technically yes, but you'd need a significant amount of gas to make this overfow. There simply isn't enough ether to make it significant. Even if you'd pass it zeros only, you'd still need an enormous amount amount of ether to make the initial call.
There was a problem hiding this comment.
Right, because the memory expansion happens first... If there was a precompile which actually was calleable with e.g. a "num_rounds" of hashing, it could be an issue, but you're right.
There was a problem hiding this comment.
That and the initial call (tx) you pay per byte for the transaction.
core/vm/contracts.go
Outdated
| n.Mul(n, params.Ripemd160WordGas) | ||
| return n.Add(n, params.Ripemd160Gas) | ||
| func (c *ripemd160) RequiredGas(inputSize int) uint64 { | ||
| return uint64(inputSize+31)/32*params.Ripemd160WordGas + params.Ripemd160Gas |
core/vm/contracts.go
Outdated
|
|
||
| return n.Add(n, params.IdentityGas) | ||
| func (c *dataCopy) RequiredGas(inputSize int) uint64 { | ||
| return uint64(inputSize+31)/32*params.IdentityWordGas + params.IdentityGas |
core/vm/gas.go
Outdated
| } | ||
| return nil | ||
| func toWordSize(size uint64) uint64 { | ||
| return (size + 31) / 32 |
There was a problem hiding this comment.
Is this function still used ? If so, should check for overflow... (?)
There was a problem hiding this comment.
The same as above. The size would have to be very large for it to become an issue and there isn't enough ether for this. This number is always the results of the furthest memory byte, not the extra bytes added.
There was a problem hiding this comment.
On a second thought, I think it might be worth it to call this unsafeToWordSize indicating caution.
| //fmt.Printf("%04d: %8v cost = %-8d stack = %-8d ERR = %v\n", pc, op, cost, stack.len(), err) | ||
| // TODO update the tracer | ||
| g, c := new(big.Int).SetUint64(contract.Gas), new(big.Int).SetUint64(cost) | ||
| evm.cfg.Tracer.CaptureState(evm.env, pc, op, g, c, mem, stack, contract, evm.env.depth, err) |
There was a problem hiding this comment.
You've added a comment to update the tracer, but as it is, the tracer could potentially hold on to bigints from the pool, no ? So that should go in before it is merged.
There was a problem hiding this comment.
Update the tracer to use uint64, I meant. I'm not sure how the tracer can retain pooled integers? If anything, it could already hold on to integers by accessing the stack directly.
obscuren
force-pushed
the
gas64
branch
7 times, most recently
from
b70dc5c
to
0e8c41e
Compare
|
EVM integer pool integrity verifier has been added @holiman: |
core/vm/intpool.go
Outdated
| // can be reused for all big.Int operations. | ||
| type intPool struct { | ||
| pool *Stack | ||
| debug bool |
There was a problem hiding this comment.
Maybe I'm blind.. but I don't see any usage of debug?
There was a problem hiding this comment.
Ah, that needs to be removed. Thanks
core/state_transition.go
Outdated
| // TODO convert to uint64 | ||
| intrinsicGas := IntrinsicGas(self.data, contractCreation, homestead) | ||
| if intrinsicGas.BitLen() > 64 { | ||
| return nil, nil, nil, vm.ErrOutOfGas |
There was a problem hiding this comment.
Use InvalidTxError
core/vm/contracts.go
Outdated
| n := big.NewInt(int64(inputSize+31) / 32) | ||
| n.Mul(n, params.Sha256WordGas) | ||
| return n.Add(n, params.Sha256Gas) | ||
| func (c *sha256) RequiredGas(inputSize int) uint64 { |
There was a problem hiding this comment.
Leave in code comment about why no overflow checking is performed.
core/vm/evm.go
Outdated
| evm.StateDB.RevertToSnapshot(snapshot) | ||
| contract.UseGas(contract.Gas) |
core/vm/gas.go
Outdated
| GasMidStep = big.NewInt(8) | ||
| GasSlowStep = big.NewInt(10) | ||
| GasExtStep = big.NewInt(20) | ||
| const ( |
core/vm/gas.go
Outdated
| if gasTable.CreateBySuicide > 0 { | ||
| availableGas = availableGas - base | ||
| gas := availableGas - availableGas/64 | ||
| if callCost.BitLen() > 64 || gas < callCost.Uint64() { |
There was a problem hiding this comment.
Add comment on the BitLen check
| return nil, fmt.Errorf("invalid opcode %x", DELEGATECALL) | ||
| } | ||
|
|
||
| gas, to, inOffset, inSize, outOffset, outSize := stack.pop(), stack.pop(), stack.pop(), stack.pop(), stack.pop(), stack.pop() | ||
| gas, to, inOffset, inSize, outOffset, outSize := stack.pop().Uint64(), stack.pop(), stack.pop(), stack.pop(), stack.pop(), stack.pop() |
There was a problem hiding this comment.
Check 64bit unmetered
core/vm/jump_table.go
Outdated
| "math/big" | ||
|
|
||
| "github.com/ethereum/go-ethereum/params" | ||
| ) | ||
|
|
||
| type ( | ||
| executionFunc func(pc *uint64, env *EVM, contract *Contract, memory *Memory, stack *Stack) ([]byte, error) | ||
| gasFunc func(params.GasTable, *EVM, *Contract, *Stack, *Memory, *big.Int) *big.Int | ||
| gasFunc func(params.GasTable, *EVM, *Contract, *Stack, *Memory, uint64) (uint64, error) |
There was a problem hiding this comment.
add paramater name or comment
core/vm/stack_table.go
Outdated
| @@ -12,8 +12,8 @@ func makeStackFunc(pop, push int) stackValidationFunc { | |||
| return err | |||
| } | |||
|
|
|||
| if push > 0 && int64(stack.len()-pop+push) > params.StackLimit.Int64() { | |||
| return fmt.Errorf("stack limit reached %d (%d)", stack.len(), params.StackLimit.Int64()) | |||
| if push > 0 && int64(stack.len()-pop+push) > int64(params.StackLimit) { | |||
There was a problem hiding this comment.
What was this again @fjl ... 
params/protocol_params.go
Outdated
|
|
||
| MaxCodeSize = 24576 | ||
| ) | ||
|
|
||
| var ( | ||
| GasLimitBoundDivisor *big.Int = big.NewInt(1024) // The bound divisor of the gas limit, used in update calculations. |
There was a problem hiding this comment.
remove *big.Int type
core/vm/int_pool_verifier.go
Outdated
|
|
||
| const verifyPool = true | ||
|
|
||
| var checkVal = big.NewInt(-42) |
There was a problem hiding this comment.
Move to int_pool.go and use this variable for i.Set(checkVal)
obscuren
force-pushed
the
gas64
branch
2 times, most recently
from
e4e93da
to
f83884e
Compare
|
Before anyone merges, ping me. I want to clean up the commit message. |
internal/ethapi/api.go
Outdated
| }() | ||
|
|
||
| // Setup the gas pool (also for unmetered requests) | ||
| // and apple the message. |
Reworked the EVM gas instructions to use 64bit integers rather than arbitrary size big ints. All gas operations, be it additions, multiplications or divisions, are checked and guarded against 64 bit integer overflows. In additon, most of the protocol paramaters in the params package have been converted to uint64 and are now constants rather than variables. * common/math: added overflow check ops * core: vmenv, env renamed to evm * eth, internal/ethapi, les: unmetered eth_call and cancel methods * core/vm: implemented big.Int pool for evm instructions * core/vm: unexported intPool methods & verification methods * core/vm: added memoryGasCost overflow check and test
Revert "params: core, core/vm, miner: 64bit gas instructions (#3514)"
Reworked the EVM gas instructions to use 64bit integers rather than arbitrary size big ints. All gas operations, be it additions, multiplications or divisions, are checked and guarded against 64 bit integer overflows. In additon, most of the protocol paramaters in the params package have been converted to uint64 and are now constants rather than variables. * common/math: added overflow check ops * core: vmenv, env renamed to evm * eth, internal/ethapi, les: unmetered eth_call and cancel methods * core/vm: implemented big.Int pool for evm instructions * core/vm: unexported intPool methods & verification methods * core/vm: added memoryGasCost overflow check and test
This PR changes all gas instructions from
*big.Inttouint64, a new theoretical limit.It also implements a new
*big.Intinstruction pool, which contains reusable*big.Ints. Instructions found incore/vm/instructions.godo no longer initialise newbig.Ints but instead callintPool.Get()returning either a reusable integer -- beware this may contain an old value -- ornew(big.Int)if the pool is empty. I've decided to implement my own pool instead of using thesync.Poolbecause I do not require a thread safe pool and I do not want the typecasting overhead required with the `sync.Pool.