2021-04-08 15:52:10 +01:00
|
|
|
# Nimbus
|
2024-02-16 16:08:07 +07:00
|
|
|
# Copyright (c) 2018-2024 Status Research & Development GmbH
|
2021-04-08 15:52:10 +01:00
|
|
|
# Licensed under either of
|
2021-04-26 17:00:46 +01:00
|
|
|
# * Apache License, version 2.0, ([LICENSE-APACHE](LICENSE-APACHE) or
|
|
|
|
# http://www.apache.org/licenses/LICENSE-2.0)
|
|
|
|
# * MIT license ([LICENSE-MIT](LICENSE-MIT) or
|
|
|
|
# http://opensource.org/licenses/MIT)
|
|
|
|
# at your option. This file may not be copied, modified, or distributed except
|
|
|
|
# according to those terms.
|
2021-04-08 15:52:10 +01:00
|
|
|
|
2023-12-12 19:12:56 +00:00
|
|
|
{.push raises: [].}
|
|
|
|
|
2021-04-08 15:52:10 +01:00
|
|
|
import
|
2023-12-12 19:12:56 +00:00
|
|
|
".."/[db/ledger, constants],
|
2022-12-02 11:35:41 +07:00
|
|
|
"."/[code_stream, memory, message, stack, state],
|
2023-08-02 17:17:40 +07:00
|
|
|
"."/[types],
|
2021-06-01 12:27:05 +01:00
|
|
|
./interpreter/[gas_meter, gas_costs, op_codes],
|
2022-12-02 11:35:41 +07:00
|
|
|
../common/[common, evmforks],
|
|
|
|
../utils/utils,
|
2024-02-16 16:08:07 +07:00
|
|
|
stew/byteutils,
|
2022-12-02 11:35:41 +07:00
|
|
|
chronicles, chronos,
|
|
|
|
eth/[keys],
|
2021-04-26 17:00:46 +01:00
|
|
|
sets
|
2021-04-21 08:18:59 +01:00
|
|
|
|
2022-12-02 11:35:41 +07:00
|
|
|
export
|
2023-04-24 16:59:38 -04:00
|
|
|
common
|
2022-12-02 11:35:41 +07:00
|
|
|
|
2021-04-26 17:00:46 +01:00
|
|
|
logScope:
|
|
|
|
topics = "vm computation"
|
|
|
|
|
2022-09-26 11:56:54 +07:00
|
|
|
when defined(evmc_enabled):
|
|
|
|
import
|
|
|
|
evmc/evmc,
|
|
|
|
evmc_helpers,
|
|
|
|
evmc_api,
|
2023-08-04 19:43:30 +07:00
|
|
|
stew/ptrops
|
2022-09-26 11:56:54 +07:00
|
|
|
|
|
|
|
export
|
|
|
|
evmc,
|
|
|
|
evmc_helpers,
|
|
|
|
evmc_api,
|
2023-08-04 19:43:30 +07:00
|
|
|
ptrops
|
2022-09-26 11:56:54 +07:00
|
|
|
|
|
|
|
const
|
|
|
|
evmc_enabled* = defined(evmc_enabled)
|
|
|
|
|
2021-04-26 17:00:46 +01:00
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# Helpers
|
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
|
2021-06-11 12:46:26 +01:00
|
|
|
proc generateContractAddress(c: Computation, salt: ContractSalt): EthAddress =
|
2023-08-28 19:10:31 +07:00
|
|
|
if c.msg.kind == EVMC_CREATE:
|
2022-04-08 11:54:11 +07:00
|
|
|
let creationNonce = c.vmState.readOnlyStateDB().getNonce(c.msg.sender)
|
2021-04-26 17:00:46 +01:00
|
|
|
result = generateAddress(c.msg.sender, creationNonce)
|
|
|
|
else:
|
|
|
|
result = generateSafeAddress(c.msg.sender, salt, c.msg.data)
|
|
|
|
|
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# Public functions
|
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
|
|
|
|
template getCoinbase*(c: Computation): EthAddress =
|
2022-09-26 11:56:54 +07:00
|
|
|
when evmc_enabled:
|
|
|
|
c.host.getTxContext().block_coinbase
|
|
|
|
else:
|
|
|
|
c.vmState.coinbase
|
2021-04-26 17:00:46 +01:00
|
|
|
|
2023-10-18 09:16:11 +07:00
|
|
|
template getTimestamp*(c: Computation): uint64 =
|
2022-09-26 11:56:54 +07:00
|
|
|
when evmc_enabled:
|
2023-10-18 09:16:11 +07:00
|
|
|
cast[uint64](c.host.getTxContext().block_timestamp)
|
2022-09-26 11:56:54 +07:00
|
|
|
else:
|
2023-10-18 09:16:11 +07:00
|
|
|
c.vmState.blockCtx.timestamp.uint64
|
2021-04-26 17:00:46 +01:00
|
|
|
|
2022-04-08 11:54:11 +07:00
|
|
|
template getBlockNumber*(c: Computation): UInt256 =
|
2022-09-26 11:56:54 +07:00
|
|
|
when evmc_enabled:
|
2024-02-20 14:16:12 +07:00
|
|
|
c.host.getBlockNumber()
|
2022-09-26 11:56:54 +07:00
|
|
|
else:
|
|
|
|
c.vmState.blockNumber.blockNumberToVmWord
|
2021-04-26 17:00:46 +01:00
|
|
|
|
|
|
|
template getDifficulty*(c: Computation): DifficultyInt =
|
2022-09-26 11:56:54 +07:00
|
|
|
when evmc_enabled:
|
2022-09-26 19:23:54 +07:00
|
|
|
UInt256.fromEvmc c.host.getTxContext().block_prev_randao
|
2022-09-26 11:56:54 +07:00
|
|
|
else:
|
2023-09-24 22:25:41 +07:00
|
|
|
c.vmState.difficultyOrPrevRandao
|
2021-04-26 17:00:46 +01:00
|
|
|
|
|
|
|
template getGasLimit*(c: Computation): GasInt =
|
2022-09-26 11:56:54 +07:00
|
|
|
when evmc_enabled:
|
|
|
|
c.host.getTxContext().block_gas_limit.GasInt
|
|
|
|
else:
|
2023-09-24 22:25:41 +07:00
|
|
|
c.vmState.blockCtx.gasLimit
|
2021-04-26 17:00:46 +01:00
|
|
|
|
2022-04-08 11:54:11 +07:00
|
|
|
template getBaseFee*(c: Computation): UInt256 =
|
2022-09-26 11:56:54 +07:00
|
|
|
when evmc_enabled:
|
|
|
|
UInt256.fromEvmc c.host.getTxContext().block_base_fee
|
|
|
|
else:
|
2023-09-24 22:25:41 +07:00
|
|
|
c.vmState.blockCtx.fee.get(0.u256)
|
2021-06-27 20:19:22 +07:00
|
|
|
|
2024-02-20 14:16:12 +07:00
|
|
|
template getChainId*(c: Computation): uint64 =
|
2022-09-26 11:56:54 +07:00
|
|
|
when evmc_enabled:
|
2024-02-20 14:16:12 +07:00
|
|
|
c.host.getChainId()
|
2022-09-26 11:56:54 +07:00
|
|
|
else:
|
2024-02-20 14:16:12 +07:00
|
|
|
c.vmState.com.chainId.uint64
|
2021-04-26 17:00:46 +01:00
|
|
|
|
|
|
|
template getOrigin*(c: Computation): EthAddress =
|
2022-09-26 11:56:54 +07:00
|
|
|
when evmc_enabled:
|
|
|
|
c.host.getTxContext().tx_origin
|
|
|
|
else:
|
2023-10-01 14:24:15 +07:00
|
|
|
c.vmState.txCtx.origin
|
2021-04-26 17:00:46 +01:00
|
|
|
|
|
|
|
template getGasPrice*(c: Computation): GasInt =
|
2022-09-26 11:56:54 +07:00
|
|
|
when evmc_enabled:
|
|
|
|
UInt256.fromEvmc(c.host.getTxContext().tx_gas_price).truncate(GasInt)
|
|
|
|
else:
|
2023-10-01 14:24:15 +07:00
|
|
|
c.vmState.txCtx.gasPrice
|
2021-04-26 17:00:46 +01:00
|
|
|
|
2023-06-24 20:56:44 +07:00
|
|
|
template getVersionedHash*(c: Computation, index: int): VersionedHash =
|
|
|
|
when evmc_enabled:
|
2023-08-04 19:43:30 +07:00
|
|
|
cast[ptr UncheckedArray[VersionedHash]](c.host.getTxContext().blob_hashes)[index]
|
2023-06-24 20:56:44 +07:00
|
|
|
else:
|
2023-10-01 14:24:15 +07:00
|
|
|
c.vmState.txCtx.versionedHashes[index]
|
2023-06-24 20:56:44 +07:00
|
|
|
|
|
|
|
template getVersionedHashesLen*(c: Computation): int =
|
|
|
|
when evmc_enabled:
|
2023-08-04 19:43:30 +07:00
|
|
|
c.host.getTxContext().blob_hashes_count.int
|
2023-06-24 20:56:44 +07:00
|
|
|
else:
|
2023-10-01 14:24:15 +07:00
|
|
|
c.vmState.txCtx.versionedHashes.len
|
|
|
|
|
|
|
|
template getBlobBaseFee*(c: Computation): UInt256 =
|
|
|
|
when evmc_enabled:
|
|
|
|
UInt256.fromEvmc c.host.getTxContext().blob_base_fee
|
|
|
|
else:
|
|
|
|
c.vmState.txCtx.blobBaseFee
|
2023-06-24 20:56:44 +07:00
|
|
|
|
2023-02-14 15:37:21 +01:00
|
|
|
proc getBlockHash*(c: Computation, number: UInt256): Hash256
|
2023-06-24 20:56:44 +07:00
|
|
|
{.gcsafe, raises: [CatchableError].} =
|
2022-09-26 11:56:54 +07:00
|
|
|
when evmc_enabled:
|
2022-12-08 02:09:42 +07:00
|
|
|
let
|
|
|
|
blockNumber = c.host.getTxContext().block_number.u256
|
|
|
|
ancestorDepth = blockNumber - number - 1
|
|
|
|
if ancestorDepth >= constants.MAX_PREV_HEADER_DEPTH:
|
|
|
|
return
|
|
|
|
if number >= blockNumber:
|
|
|
|
return
|
|
|
|
c.host.getBlockHash(number)
|
2022-09-26 11:56:54 +07:00
|
|
|
else:
|
2022-12-08 02:09:42 +07:00
|
|
|
let
|
|
|
|
blockNumber = c.vmState.blockNumber
|
|
|
|
ancestorDepth = blockNumber - number - 1
|
|
|
|
if ancestorDepth >= constants.MAX_PREV_HEADER_DEPTH:
|
|
|
|
return
|
|
|
|
if number >= blockNumber:
|
|
|
|
return
|
|
|
|
c.vmState.getAncestorHash(number.vmWordToBlockNumber)
|
2021-04-26 17:00:46 +01:00
|
|
|
|
|
|
|
template accountExists*(c: Computation, address: EthAddress): bool =
|
2022-09-26 11:56:54 +07:00
|
|
|
when evmc_enabled:
|
|
|
|
c.host.accountExists(address)
|
2021-04-26 17:00:46 +01:00
|
|
|
else:
|
2022-09-26 11:56:54 +07:00
|
|
|
if c.fork >= FkSpurious:
|
|
|
|
not c.vmState.readOnlyStateDB.isDeadAccount(address)
|
|
|
|
else:
|
|
|
|
c.vmState.readOnlyStateDB.accountExists(address)
|
2021-04-26 17:00:46 +01:00
|
|
|
|
2022-04-08 11:54:11 +07:00
|
|
|
template getStorage*(c: Computation, slot: UInt256): UInt256 =
|
2022-09-26 11:56:54 +07:00
|
|
|
when evmc_enabled:
|
|
|
|
c.host.getStorage(c.msg.contractAddress, slot)
|
|
|
|
else:
|
|
|
|
c.vmState.readOnlyStateDB.getStorage(c.msg.contractAddress, slot)
|
2021-04-26 17:00:46 +01:00
|
|
|
|
2022-04-08 11:54:11 +07:00
|
|
|
template getBalance*(c: Computation, address: EthAddress): UInt256 =
|
2022-09-26 11:56:54 +07:00
|
|
|
when evmc_enabled:
|
|
|
|
c.host.getBalance(address)
|
|
|
|
else:
|
|
|
|
c.vmState.readOnlyStateDB.getBalance(address)
|
2021-04-26 17:00:46 +01:00
|
|
|
|
|
|
|
template getCodeSize*(c: Computation, address: EthAddress): uint =
|
2022-09-26 11:56:54 +07:00
|
|
|
when evmc_enabled:
|
|
|
|
c.host.getCodeSize(address)
|
|
|
|
else:
|
|
|
|
uint(c.vmState.readOnlyStateDB.getCodeSize(address))
|
2021-04-26 17:00:46 +01:00
|
|
|
|
|
|
|
template getCodeHash*(c: Computation, address: EthAddress): Hash256 =
|
2022-09-26 11:56:54 +07:00
|
|
|
when evmc_enabled:
|
|
|
|
c.host.getCodeHash(address)
|
2021-04-26 17:00:46 +01:00
|
|
|
else:
|
2022-09-26 11:56:54 +07:00
|
|
|
let
|
|
|
|
db = c.vmState.readOnlyStateDB
|
|
|
|
if not db.accountExists(address) or db.isEmptyAccount(address):
|
|
|
|
default(Hash256)
|
|
|
|
else:
|
|
|
|
db.getCodeHash(address)
|
2021-04-26 17:00:46 +01:00
|
|
|
|
|
|
|
template selfDestruct*(c: Computation, address: EthAddress) =
|
2022-09-26 11:56:54 +07:00
|
|
|
when evmc_enabled:
|
|
|
|
c.host.selfDestruct(c.msg.contractAddress, address)
|
|
|
|
else:
|
|
|
|
c.execSelfDestruct(address)
|
2021-04-26 17:00:46 +01:00
|
|
|
|
|
|
|
template getCode*(c: Computation, address: EthAddress): seq[byte] =
|
2022-09-26 11:56:54 +07:00
|
|
|
when evmc_enabled:
|
|
|
|
c.host.copyCode(address)
|
|
|
|
else:
|
|
|
|
c.vmState.readOnlyStateDB.getCode(address)
|
2021-04-26 17:00:46 +01:00
|
|
|
|
2023-03-21 20:27:12 +07:00
|
|
|
template setTransientStorage*(c: Computation, slot, val: UInt256) =
|
|
|
|
when evmc_enabled:
|
2023-08-18 09:27:44 +07:00
|
|
|
c.host.setTransientStorage(c.msg.contractAddress, slot, val)
|
2023-03-21 20:27:12 +07:00
|
|
|
else:
|
|
|
|
c.vmState.stateDB.
|
|
|
|
setTransientStorage(c.msg.contractAddress, slot, val)
|
|
|
|
|
|
|
|
template getTransientStorage*(c: Computation, slot: UInt256): UInt256 =
|
|
|
|
when evmc_enabled:
|
2023-08-18 09:27:44 +07:00
|
|
|
c.host.getTransientStorage(c.msg.contractAddress, slot)
|
2023-03-21 20:27:12 +07:00
|
|
|
else:
|
|
|
|
c.vmState.readOnlyStateDB.
|
|
|
|
getTransientStorage(c.msg.contractAddress, slot)
|
|
|
|
|
2023-09-20 20:10:16 +07:00
|
|
|
proc newComputation*(vmState: BaseVMState, sysCall: bool, message: Message,
|
2021-06-11 12:46:26 +01:00
|
|
|
salt: ContractSalt = ZERO_CONTRACTSALT): Computation =
|
2021-04-26 17:00:46 +01:00
|
|
|
new result
|
|
|
|
result.vmState = vmState
|
|
|
|
result.msg = message
|
|
|
|
result.memory = Memory()
|
|
|
|
result.stack = newStack()
|
|
|
|
result.returnStack = @[]
|
|
|
|
result.gasMeter.init(message.gas)
|
2023-09-20 20:10:16 +07:00
|
|
|
result.sysCall = sysCall
|
2021-04-26 17:00:46 +01:00
|
|
|
|
|
|
|
if result.msg.isCreate():
|
|
|
|
result.msg.contractAddress = result.generateContractAddress(salt)
|
|
|
|
result.code = newCodeStream(message.data)
|
|
|
|
message.data = @[]
|
|
|
|
else:
|
|
|
|
result.code = newCodeStream(
|
2022-04-08 11:54:11 +07:00
|
|
|
vmState.readOnlyStateDB.getCode(message.codeAddress))
|
2021-04-26 17:00:46 +01:00
|
|
|
|
2023-09-20 20:10:16 +07:00
|
|
|
proc newComputation*(vmState: BaseVMState, sysCall: bool,
|
|
|
|
message: Message, code: seq[byte]): Computation =
|
2022-09-26 11:56:54 +07:00
|
|
|
new result
|
|
|
|
result.vmState = vmState
|
|
|
|
result.msg = message
|
|
|
|
result.memory = Memory()
|
|
|
|
result.stack = newStack()
|
|
|
|
result.returnStack = @[]
|
|
|
|
result.gasMeter.init(message.gas)
|
|
|
|
result.code = newCodeStream(code)
|
2023-09-20 20:10:16 +07:00
|
|
|
result.sysCall = sysCall
|
2022-09-26 11:56:54 +07:00
|
|
|
|
2021-04-26 17:00:46 +01:00
|
|
|
template gasCosts*(c: Computation): untyped =
|
|
|
|
c.vmState.gasCosts
|
|
|
|
|
|
|
|
template fork*(c: Computation): untyped =
|
|
|
|
c.vmState.fork
|
|
|
|
|
|
|
|
template isSuccess*(c: Computation): bool =
|
|
|
|
c.error.isNil
|
|
|
|
|
|
|
|
template isError*(c: Computation): bool =
|
|
|
|
not c.isSuccess
|
|
|
|
|
|
|
|
func shouldBurnGas*(c: Computation): bool =
|
|
|
|
c.isError and c.error.burnsGas
|
|
|
|
|
|
|
|
proc snapshot*(c: Computation) =
|
2022-04-08 11:54:11 +07:00
|
|
|
c.savePoint = c.vmState.stateDB.beginSavepoint()
|
2021-04-26 17:00:46 +01:00
|
|
|
|
|
|
|
proc commit*(c: Computation) =
|
2021-10-28 16:42:39 +07:00
|
|
|
c.vmState.stateDB.commit(c.savePoint)
|
2021-04-26 17:00:46 +01:00
|
|
|
|
2023-02-14 15:37:21 +01:00
|
|
|
proc dispose*(c: Computation) =
|
2021-10-28 16:42:39 +07:00
|
|
|
c.vmState.stateDB.safeDispose(c.savePoint)
|
2021-04-26 17:00:46 +01:00
|
|
|
c.savePoint = nil
|
|
|
|
|
|
|
|
proc rollback*(c: Computation) =
|
2021-10-28 16:42:39 +07:00
|
|
|
c.vmState.stateDB.rollback(c.savePoint)
|
2021-04-26 17:00:46 +01:00
|
|
|
|
2023-02-14 15:37:21 +01:00
|
|
|
proc setError*(c: Computation, msg: string, burnsGas = false) =
|
2023-08-28 19:10:31 +07:00
|
|
|
c.error = Error(statusCode: EVMC_FAILURE, info: msg, burnsGas: burnsGas)
|
|
|
|
|
|
|
|
proc setError*(c: Computation, code: evmc_status_code, burnsGas = false) =
|
|
|
|
c.error = Error(statusCode: code, info: $code, burnsGas: burnsGas)
|
|
|
|
|
|
|
|
proc setError*(c: Computation, code: evmc_status_code, msg: string, burnsGas = false) =
|
|
|
|
c.error = Error(statusCode: code, info: msg, burnsGas: burnsGas)
|
|
|
|
|
|
|
|
func statusCode*(c: Computation): evmc_status_code =
|
|
|
|
if c.isSuccess:
|
|
|
|
EVMC_SUCCESS
|
|
|
|
else:
|
|
|
|
c.error.statusCode
|
|
|
|
|
|
|
|
func errorOpt*(c: Computation): Option[string] =
|
|
|
|
if c.isSuccess:
|
|
|
|
return none(string)
|
|
|
|
if c.error.statusCode == EVMC_REVERT:
|
|
|
|
return none(string)
|
|
|
|
some(c.error.info)
|
2021-04-26 17:00:46 +01:00
|
|
|
|
2023-02-14 15:37:21 +01:00
|
|
|
proc writeContract*(c: Computation)
|
|
|
|
{.gcsafe, raises: [CatchableError].} =
|
EVM: `writeContract` fixes, never return contract code as `RETURNDATA`
This fixes #867 "EIP-170 related consensus error at Goerli block 5080941", and
equivalent on other networks.
This combines a change on the EVM-caller side with an EVM-side change from
@jangko 6548ff98 "fixes CREATE/CREATE2's `returndata` bug", making the caller
EVM ignore any data except from `REVERT`.
Either change works by itself. The reason for both is to ensure we definitely
comply with ambiguous EVMC expectations from either side of that boundary, and
it makes the internal API clearer.
As well as fixing a specific consensus issue, there are some other EVM logic
changes too: Refactored `writeContract`, how `RETURNDATA` is handled inside the
EVM, and changed behaviour with quirks before EIP-2 (Homestead).
The fix allows sync to pass block 5080941 on Goerli, and probably equivalent on
other networks. Here's a trace at batch 5080897..5081088:
```
TRC 2021-10-01 21:18:12.883+01:00 Persisting blocks file=persist_blocks.nim:43 fromBlock=5080897 toBlock=5081088
...
DBG 2021-10-01 21:18:13.270+01:00 Contract code size exceeds EIP170 topics="vm computation" file=computation.nim:236 limit=24577 actual=31411
DBG 2021-10-01 21:18:13.271+01:00 gasUsed neq cumulativeGasUsed file=process_block.nim:68 block=5080941/0A3537BC5BDFC637349E1C77D9648F2F65E2BF973ABF7956618F854B769DF626 gasUsed=3129669 cumulativeGasUsed=3132615
TRC 2021-10-01 21:18:13.271+01:00 peer disconnected file=blockchain_sync.nim:407 peer=<IP:PORT>
```
Although it says "Contract code size" and "gasUsed", this bug is more general
than either contract size or gas. It's due to incorrect behaviour of EVM
instructions `RETURNDATA` and `RETURNDATASIZE`.
Sometimes when `writeContract` decides to reject writing the contract for any
of several reasons (for example just insufficient gas), the unwritten contract
code was being used as the "return data", and given to the caller. If the
caller used `RETURNDATA` or `RETURNDATASIZE` ops, those incorrectly reported
the contract code that didn't get written.
EIP-211 (https://eips.ethereum.org/EIPS/eip-211) describes `RETURNDATA`:
> "`CREATE` and `CREATE2` are considered to return the empty buffer in the
> success case and the failure data in the failure case".
The language is ambiguous. In fact "failure case" means when the contract uses
`REVERT` to finish. It doesn't mean other failures like out of gas, EIP-170
limit, EIP-3541, etc.
To be thorough, and to ensure we always do the right thing with real EVMC when
that's finalised, this patch fixes the `RETURNDATA` issue in two places, either
of which make Goerli block 5080941 pass.
`writeContract` has been refactored to be caller, and so has where it's called.
It sets an error in the usual way if contract writing is rejected -- that's
anticipating EVMC, where we'll use different error codes later.
Overall four behaviour changes:
1. On the callee side, it doesn't set `c.outputData` except for `REVERT`.
2. On the caller side, it doesn't read `child.outputData` except for `REVERT`.
3. There was a bug in processing before Homestead fork (EIP-2). We did not
match the spec or other implementations; now we do. When there's
insufficient gas, before Homestead it's treated as success but with an empty
contract.
https://github.com/ethereum/pyethereum/blob/d117c8f3fd93359fc641fd850fa799436f7c43b5/ethereum/processblock.py#L304
https://github.com/ethereum/go-ethereum/blob/401354976bb4/core/vm/instructions.go#L586
4. The Byzantium check has been removed, as it's unnecessary.
Signed-off-by: Jamie Lokier <jamie@shareable.org>
2021-12-02 20:44:51 +01:00
|
|
|
template withExtra(tracer: untyped, args: varargs[untyped]) =
|
|
|
|
tracer args, newContract=($c.msg.contractAddress),
|
2022-01-18 16:19:32 +00:00
|
|
|
blockNumber=c.vmState.blockNumber,
|
|
|
|
parentHash=($c.vmState.parent.blockHash)
|
EVM: `writeContract` fixes, never return contract code as `RETURNDATA`
This fixes #867 "EIP-170 related consensus error at Goerli block 5080941", and
equivalent on other networks.
This combines a change on the EVM-caller side with an EVM-side change from
@jangko 6548ff98 "fixes CREATE/CREATE2's `returndata` bug", making the caller
EVM ignore any data except from `REVERT`.
Either change works by itself. The reason for both is to ensure we definitely
comply with ambiguous EVMC expectations from either side of that boundary, and
it makes the internal API clearer.
As well as fixing a specific consensus issue, there are some other EVM logic
changes too: Refactored `writeContract`, how `RETURNDATA` is handled inside the
EVM, and changed behaviour with quirks before EIP-2 (Homestead).
The fix allows sync to pass block 5080941 on Goerli, and probably equivalent on
other networks. Here's a trace at batch 5080897..5081088:
```
TRC 2021-10-01 21:18:12.883+01:00 Persisting blocks file=persist_blocks.nim:43 fromBlock=5080897 toBlock=5081088
...
DBG 2021-10-01 21:18:13.270+01:00 Contract code size exceeds EIP170 topics="vm computation" file=computation.nim:236 limit=24577 actual=31411
DBG 2021-10-01 21:18:13.271+01:00 gasUsed neq cumulativeGasUsed file=process_block.nim:68 block=5080941/0A3537BC5BDFC637349E1C77D9648F2F65E2BF973ABF7956618F854B769DF626 gasUsed=3129669 cumulativeGasUsed=3132615
TRC 2021-10-01 21:18:13.271+01:00 peer disconnected file=blockchain_sync.nim:407 peer=<IP:PORT>
```
Although it says "Contract code size" and "gasUsed", this bug is more general
than either contract size or gas. It's due to incorrect behaviour of EVM
instructions `RETURNDATA` and `RETURNDATASIZE`.
Sometimes when `writeContract` decides to reject writing the contract for any
of several reasons (for example just insufficient gas), the unwritten contract
code was being used as the "return data", and given to the caller. If the
caller used `RETURNDATA` or `RETURNDATASIZE` ops, those incorrectly reported
the contract code that didn't get written.
EIP-211 (https://eips.ethereum.org/EIPS/eip-211) describes `RETURNDATA`:
> "`CREATE` and `CREATE2` are considered to return the empty buffer in the
> success case and the failure data in the failure case".
The language is ambiguous. In fact "failure case" means when the contract uses
`REVERT` to finish. It doesn't mean other failures like out of gas, EIP-170
limit, EIP-3541, etc.
To be thorough, and to ensure we always do the right thing with real EVMC when
that's finalised, this patch fixes the `RETURNDATA` issue in two places, either
of which make Goerli block 5080941 pass.
`writeContract` has been refactored to be caller, and so has where it's called.
It sets an error in the usual way if contract writing is rejected -- that's
anticipating EVMC, where we'll use different error codes later.
Overall four behaviour changes:
1. On the callee side, it doesn't set `c.outputData` except for `REVERT`.
2. On the caller side, it doesn't read `child.outputData` except for `REVERT`.
3. There was a bug in processing before Homestead fork (EIP-2). We did not
match the spec or other implementations; now we do. When there's
insufficient gas, before Homestead it's treated as success but with an empty
contract.
https://github.com/ethereum/pyethereum/blob/d117c8f3fd93359fc641fd850fa799436f7c43b5/ethereum/processblock.py#L304
https://github.com/ethereum/go-ethereum/blob/401354976bb4/core/vm/instructions.go#L586
4. The Byzantium check has been removed, as it's unnecessary.
Signed-off-by: Jamie Lokier <jamie@shareable.org>
2021-12-02 20:44:51 +01:00
|
|
|
|
|
|
|
# In each check below, they are guarded by `len > 0`. This includes writing
|
|
|
|
# out the code, because the account already has zero-length code to handle
|
|
|
|
# nested calls (this is specified). May as well simplify other branches.
|
|
|
|
let (len, fork) = (c.output.len, c.fork)
|
|
|
|
if len == 0:
|
|
|
|
return
|
|
|
|
|
|
|
|
# EIP-3541 constraint (https://eips.ethereum.org/EIPS/eip-3541).
|
|
|
|
if fork >= FkLondon and c.output[0] == 0xEF.byte:
|
|
|
|
withExtra trace, "New contract code starts with 0xEF byte, not allowed by EIP-3541"
|
2023-08-28 19:10:31 +07:00
|
|
|
c.setError(EVMC_CONTRACT_VALIDATION_FAILURE, true)
|
EVM: `writeContract` fixes, never return contract code as `RETURNDATA`
This fixes #867 "EIP-170 related consensus error at Goerli block 5080941", and
equivalent on other networks.
This combines a change on the EVM-caller side with an EVM-side change from
@jangko 6548ff98 "fixes CREATE/CREATE2's `returndata` bug", making the caller
EVM ignore any data except from `REVERT`.
Either change works by itself. The reason for both is to ensure we definitely
comply with ambiguous EVMC expectations from either side of that boundary, and
it makes the internal API clearer.
As well as fixing a specific consensus issue, there are some other EVM logic
changes too: Refactored `writeContract`, how `RETURNDATA` is handled inside the
EVM, and changed behaviour with quirks before EIP-2 (Homestead).
The fix allows sync to pass block 5080941 on Goerli, and probably equivalent on
other networks. Here's a trace at batch 5080897..5081088:
```
TRC 2021-10-01 21:18:12.883+01:00 Persisting blocks file=persist_blocks.nim:43 fromBlock=5080897 toBlock=5081088
...
DBG 2021-10-01 21:18:13.270+01:00 Contract code size exceeds EIP170 topics="vm computation" file=computation.nim:236 limit=24577 actual=31411
DBG 2021-10-01 21:18:13.271+01:00 gasUsed neq cumulativeGasUsed file=process_block.nim:68 block=5080941/0A3537BC5BDFC637349E1C77D9648F2F65E2BF973ABF7956618F854B769DF626 gasUsed=3129669 cumulativeGasUsed=3132615
TRC 2021-10-01 21:18:13.271+01:00 peer disconnected file=blockchain_sync.nim:407 peer=<IP:PORT>
```
Although it says "Contract code size" and "gasUsed", this bug is more general
than either contract size or gas. It's due to incorrect behaviour of EVM
instructions `RETURNDATA` and `RETURNDATASIZE`.
Sometimes when `writeContract` decides to reject writing the contract for any
of several reasons (for example just insufficient gas), the unwritten contract
code was being used as the "return data", and given to the caller. If the
caller used `RETURNDATA` or `RETURNDATASIZE` ops, those incorrectly reported
the contract code that didn't get written.
EIP-211 (https://eips.ethereum.org/EIPS/eip-211) describes `RETURNDATA`:
> "`CREATE` and `CREATE2` are considered to return the empty buffer in the
> success case and the failure data in the failure case".
The language is ambiguous. In fact "failure case" means when the contract uses
`REVERT` to finish. It doesn't mean other failures like out of gas, EIP-170
limit, EIP-3541, etc.
To be thorough, and to ensure we always do the right thing with real EVMC when
that's finalised, this patch fixes the `RETURNDATA` issue in two places, either
of which make Goerli block 5080941 pass.
`writeContract` has been refactored to be caller, and so has where it's called.
It sets an error in the usual way if contract writing is rejected -- that's
anticipating EVMC, where we'll use different error codes later.
Overall four behaviour changes:
1. On the callee side, it doesn't set `c.outputData` except for `REVERT`.
2. On the caller side, it doesn't read `child.outputData` except for `REVERT`.
3. There was a bug in processing before Homestead fork (EIP-2). We did not
match the spec or other implementations; now we do. When there's
insufficient gas, before Homestead it's treated as success but with an empty
contract.
https://github.com/ethereum/pyethereum/blob/d117c8f3fd93359fc641fd850fa799436f7c43b5/ethereum/processblock.py#L304
https://github.com/ethereum/go-ethereum/blob/401354976bb4/core/vm/instructions.go#L586
4. The Byzantium check has been removed, as it's unnecessary.
Signed-off-by: Jamie Lokier <jamie@shareable.org>
2021-12-02 20:44:51 +01:00
|
|
|
return
|
|
|
|
|
|
|
|
# EIP-170 constraint (https://eips.ethereum.org/EIPS/eip-3541).
|
|
|
|
if fork >= FkSpurious and len > EIP170_MAX_CODE_SIZE:
|
|
|
|
withExtra trace, "New contract code exceeds EIP-170 limit",
|
|
|
|
codeSize=len, maxSize=EIP170_MAX_CODE_SIZE
|
2023-08-28 19:10:31 +07:00
|
|
|
c.setError(EVMC_OUT_OF_GAS, true)
|
EVM: `writeContract` fixes, never return contract code as `RETURNDATA`
This fixes #867 "EIP-170 related consensus error at Goerli block 5080941", and
equivalent on other networks.
This combines a change on the EVM-caller side with an EVM-side change from
@jangko 6548ff98 "fixes CREATE/CREATE2's `returndata` bug", making the caller
EVM ignore any data except from `REVERT`.
Either change works by itself. The reason for both is to ensure we definitely
comply with ambiguous EVMC expectations from either side of that boundary, and
it makes the internal API clearer.
As well as fixing a specific consensus issue, there are some other EVM logic
changes too: Refactored `writeContract`, how `RETURNDATA` is handled inside the
EVM, and changed behaviour with quirks before EIP-2 (Homestead).
The fix allows sync to pass block 5080941 on Goerli, and probably equivalent on
other networks. Here's a trace at batch 5080897..5081088:
```
TRC 2021-10-01 21:18:12.883+01:00 Persisting blocks file=persist_blocks.nim:43 fromBlock=5080897 toBlock=5081088
...
DBG 2021-10-01 21:18:13.270+01:00 Contract code size exceeds EIP170 topics="vm computation" file=computation.nim:236 limit=24577 actual=31411
DBG 2021-10-01 21:18:13.271+01:00 gasUsed neq cumulativeGasUsed file=process_block.nim:68 block=5080941/0A3537BC5BDFC637349E1C77D9648F2F65E2BF973ABF7956618F854B769DF626 gasUsed=3129669 cumulativeGasUsed=3132615
TRC 2021-10-01 21:18:13.271+01:00 peer disconnected file=blockchain_sync.nim:407 peer=<IP:PORT>
```
Although it says "Contract code size" and "gasUsed", this bug is more general
than either contract size or gas. It's due to incorrect behaviour of EVM
instructions `RETURNDATA` and `RETURNDATASIZE`.
Sometimes when `writeContract` decides to reject writing the contract for any
of several reasons (for example just insufficient gas), the unwritten contract
code was being used as the "return data", and given to the caller. If the
caller used `RETURNDATA` or `RETURNDATASIZE` ops, those incorrectly reported
the contract code that didn't get written.
EIP-211 (https://eips.ethereum.org/EIPS/eip-211) describes `RETURNDATA`:
> "`CREATE` and `CREATE2` are considered to return the empty buffer in the
> success case and the failure data in the failure case".
The language is ambiguous. In fact "failure case" means when the contract uses
`REVERT` to finish. It doesn't mean other failures like out of gas, EIP-170
limit, EIP-3541, etc.
To be thorough, and to ensure we always do the right thing with real EVMC when
that's finalised, this patch fixes the `RETURNDATA` issue in two places, either
of which make Goerli block 5080941 pass.
`writeContract` has been refactored to be caller, and so has where it's called.
It sets an error in the usual way if contract writing is rejected -- that's
anticipating EVMC, where we'll use different error codes later.
Overall four behaviour changes:
1. On the callee side, it doesn't set `c.outputData` except for `REVERT`.
2. On the caller side, it doesn't read `child.outputData` except for `REVERT`.
3. There was a bug in processing before Homestead fork (EIP-2). We did not
match the spec or other implementations; now we do. When there's
insufficient gas, before Homestead it's treated as success but with an empty
contract.
https://github.com/ethereum/pyethereum/blob/d117c8f3fd93359fc641fd850fa799436f7c43b5/ethereum/processblock.py#L304
https://github.com/ethereum/go-ethereum/blob/401354976bb4/core/vm/instructions.go#L586
4. The Byzantium check has been removed, as it's unnecessary.
Signed-off-by: Jamie Lokier <jamie@shareable.org>
2021-12-02 20:44:51 +01:00
|
|
|
return
|
2021-06-28 17:14:08 +07:00
|
|
|
|
2021-10-19 12:52:01 +01:00
|
|
|
# Charge gas and write the code even if the code address is self-destructed.
|
|
|
|
# Non-empty code in a newly created, self-destructed account is possible if
|
|
|
|
# the init code calls `DELEGATECALL` or `CALLCODE` to other code which uses
|
|
|
|
# `SELFDESTRUCT`. This shows on Mainnet blocks 6001128..6001204, where the
|
|
|
|
# gas difference matters. The new code can be called later in the
|
|
|
|
# transaction too, before self-destruction wipes the account at the end.
|
2021-04-26 17:00:46 +01:00
|
|
|
|
EVM: `writeContract` fixes, never return contract code as `RETURNDATA`
This fixes #867 "EIP-170 related consensus error at Goerli block 5080941", and
equivalent on other networks.
This combines a change on the EVM-caller side with an EVM-side change from
@jangko 6548ff98 "fixes CREATE/CREATE2's `returndata` bug", making the caller
EVM ignore any data except from `REVERT`.
Either change works by itself. The reason for both is to ensure we definitely
comply with ambiguous EVMC expectations from either side of that boundary, and
it makes the internal API clearer.
As well as fixing a specific consensus issue, there are some other EVM logic
changes too: Refactored `writeContract`, how `RETURNDATA` is handled inside the
EVM, and changed behaviour with quirks before EIP-2 (Homestead).
The fix allows sync to pass block 5080941 on Goerli, and probably equivalent on
other networks. Here's a trace at batch 5080897..5081088:
```
TRC 2021-10-01 21:18:12.883+01:00 Persisting blocks file=persist_blocks.nim:43 fromBlock=5080897 toBlock=5081088
...
DBG 2021-10-01 21:18:13.270+01:00 Contract code size exceeds EIP170 topics="vm computation" file=computation.nim:236 limit=24577 actual=31411
DBG 2021-10-01 21:18:13.271+01:00 gasUsed neq cumulativeGasUsed file=process_block.nim:68 block=5080941/0A3537BC5BDFC637349E1C77D9648F2F65E2BF973ABF7956618F854B769DF626 gasUsed=3129669 cumulativeGasUsed=3132615
TRC 2021-10-01 21:18:13.271+01:00 peer disconnected file=blockchain_sync.nim:407 peer=<IP:PORT>
```
Although it says "Contract code size" and "gasUsed", this bug is more general
than either contract size or gas. It's due to incorrect behaviour of EVM
instructions `RETURNDATA` and `RETURNDATASIZE`.
Sometimes when `writeContract` decides to reject writing the contract for any
of several reasons (for example just insufficient gas), the unwritten contract
code was being used as the "return data", and given to the caller. If the
caller used `RETURNDATA` or `RETURNDATASIZE` ops, those incorrectly reported
the contract code that didn't get written.
EIP-211 (https://eips.ethereum.org/EIPS/eip-211) describes `RETURNDATA`:
> "`CREATE` and `CREATE2` are considered to return the empty buffer in the
> success case and the failure data in the failure case".
The language is ambiguous. In fact "failure case" means when the contract uses
`REVERT` to finish. It doesn't mean other failures like out of gas, EIP-170
limit, EIP-3541, etc.
To be thorough, and to ensure we always do the right thing with real EVMC when
that's finalised, this patch fixes the `RETURNDATA` issue in two places, either
of which make Goerli block 5080941 pass.
`writeContract` has been refactored to be caller, and so has where it's called.
It sets an error in the usual way if contract writing is rejected -- that's
anticipating EVMC, where we'll use different error codes later.
Overall four behaviour changes:
1. On the callee side, it doesn't set `c.outputData` except for `REVERT`.
2. On the caller side, it doesn't read `child.outputData` except for `REVERT`.
3. There was a bug in processing before Homestead fork (EIP-2). We did not
match the spec or other implementations; now we do. When there's
insufficient gas, before Homestead it's treated as success but with an empty
contract.
https://github.com/ethereum/pyethereum/blob/d117c8f3fd93359fc641fd850fa799436f7c43b5/ethereum/processblock.py#L304
https://github.com/ethereum/go-ethereum/blob/401354976bb4/core/vm/instructions.go#L586
4. The Byzantium check has been removed, as it's unnecessary.
Signed-off-by: Jamie Lokier <jamie@shareable.org>
2021-12-02 20:44:51 +01:00
|
|
|
let gasParams = GasParams(kind: Create, cr_memLength: len)
|
2021-04-26 17:00:46 +01:00
|
|
|
let codeCost = c.gasCosts[Create].c_handler(0.u256, gasParams).gasCost
|
EVM: `writeContract` fixes, never return contract code as `RETURNDATA`
This fixes #867 "EIP-170 related consensus error at Goerli block 5080941", and
equivalent on other networks.
This combines a change on the EVM-caller side with an EVM-side change from
@jangko 6548ff98 "fixes CREATE/CREATE2's `returndata` bug", making the caller
EVM ignore any data except from `REVERT`.
Either change works by itself. The reason for both is to ensure we definitely
comply with ambiguous EVMC expectations from either side of that boundary, and
it makes the internal API clearer.
As well as fixing a specific consensus issue, there are some other EVM logic
changes too: Refactored `writeContract`, how `RETURNDATA` is handled inside the
EVM, and changed behaviour with quirks before EIP-2 (Homestead).
The fix allows sync to pass block 5080941 on Goerli, and probably equivalent on
other networks. Here's a trace at batch 5080897..5081088:
```
TRC 2021-10-01 21:18:12.883+01:00 Persisting blocks file=persist_blocks.nim:43 fromBlock=5080897 toBlock=5081088
...
DBG 2021-10-01 21:18:13.270+01:00 Contract code size exceeds EIP170 topics="vm computation" file=computation.nim:236 limit=24577 actual=31411
DBG 2021-10-01 21:18:13.271+01:00 gasUsed neq cumulativeGasUsed file=process_block.nim:68 block=5080941/0A3537BC5BDFC637349E1C77D9648F2F65E2BF973ABF7956618F854B769DF626 gasUsed=3129669 cumulativeGasUsed=3132615
TRC 2021-10-01 21:18:13.271+01:00 peer disconnected file=blockchain_sync.nim:407 peer=<IP:PORT>
```
Although it says "Contract code size" and "gasUsed", this bug is more general
than either contract size or gas. It's due to incorrect behaviour of EVM
instructions `RETURNDATA` and `RETURNDATASIZE`.
Sometimes when `writeContract` decides to reject writing the contract for any
of several reasons (for example just insufficient gas), the unwritten contract
code was being used as the "return data", and given to the caller. If the
caller used `RETURNDATA` or `RETURNDATASIZE` ops, those incorrectly reported
the contract code that didn't get written.
EIP-211 (https://eips.ethereum.org/EIPS/eip-211) describes `RETURNDATA`:
> "`CREATE` and `CREATE2` are considered to return the empty buffer in the
> success case and the failure data in the failure case".
The language is ambiguous. In fact "failure case" means when the contract uses
`REVERT` to finish. It doesn't mean other failures like out of gas, EIP-170
limit, EIP-3541, etc.
To be thorough, and to ensure we always do the right thing with real EVMC when
that's finalised, this patch fixes the `RETURNDATA` issue in two places, either
of which make Goerli block 5080941 pass.
`writeContract` has been refactored to be caller, and so has where it's called.
It sets an error in the usual way if contract writing is rejected -- that's
anticipating EVMC, where we'll use different error codes later.
Overall four behaviour changes:
1. On the callee side, it doesn't set `c.outputData` except for `REVERT`.
2. On the caller side, it doesn't read `child.outputData` except for `REVERT`.
3. There was a bug in processing before Homestead fork (EIP-2). We did not
match the spec or other implementations; now we do. When there's
insufficient gas, before Homestead it's treated as success but with an empty
contract.
https://github.com/ethereum/pyethereum/blob/d117c8f3fd93359fc641fd850fa799436f7c43b5/ethereum/processblock.py#L304
https://github.com/ethereum/go-ethereum/blob/401354976bb4/core/vm/instructions.go#L586
4. The Byzantium check has been removed, as it's unnecessary.
Signed-off-by: Jamie Lokier <jamie@shareable.org>
2021-12-02 20:44:51 +01:00
|
|
|
if codeCost <= c.gasMeter.gasRemaining:
|
|
|
|
c.gasMeter.consumeGas(codeCost, reason = "Write new contract code")
|
2022-04-08 11:54:11 +07:00
|
|
|
c.vmState.mutateStateDB:
|
EVM: `writeContract` fixes, never return contract code as `RETURNDATA`
This fixes #867 "EIP-170 related consensus error at Goerli block 5080941", and
equivalent on other networks.
This combines a change on the EVM-caller side with an EVM-side change from
@jangko 6548ff98 "fixes CREATE/CREATE2's `returndata` bug", making the caller
EVM ignore any data except from `REVERT`.
Either change works by itself. The reason for both is to ensure we definitely
comply with ambiguous EVMC expectations from either side of that boundary, and
it makes the internal API clearer.
As well as fixing a specific consensus issue, there are some other EVM logic
changes too: Refactored `writeContract`, how `RETURNDATA` is handled inside the
EVM, and changed behaviour with quirks before EIP-2 (Homestead).
The fix allows sync to pass block 5080941 on Goerli, and probably equivalent on
other networks. Here's a trace at batch 5080897..5081088:
```
TRC 2021-10-01 21:18:12.883+01:00 Persisting blocks file=persist_blocks.nim:43 fromBlock=5080897 toBlock=5081088
...
DBG 2021-10-01 21:18:13.270+01:00 Contract code size exceeds EIP170 topics="vm computation" file=computation.nim:236 limit=24577 actual=31411
DBG 2021-10-01 21:18:13.271+01:00 gasUsed neq cumulativeGasUsed file=process_block.nim:68 block=5080941/0A3537BC5BDFC637349E1C77D9648F2F65E2BF973ABF7956618F854B769DF626 gasUsed=3129669 cumulativeGasUsed=3132615
TRC 2021-10-01 21:18:13.271+01:00 peer disconnected file=blockchain_sync.nim:407 peer=<IP:PORT>
```
Although it says "Contract code size" and "gasUsed", this bug is more general
than either contract size or gas. It's due to incorrect behaviour of EVM
instructions `RETURNDATA` and `RETURNDATASIZE`.
Sometimes when `writeContract` decides to reject writing the contract for any
of several reasons (for example just insufficient gas), the unwritten contract
code was being used as the "return data", and given to the caller. If the
caller used `RETURNDATA` or `RETURNDATASIZE` ops, those incorrectly reported
the contract code that didn't get written.
EIP-211 (https://eips.ethereum.org/EIPS/eip-211) describes `RETURNDATA`:
> "`CREATE` and `CREATE2` are considered to return the empty buffer in the
> success case and the failure data in the failure case".
The language is ambiguous. In fact "failure case" means when the contract uses
`REVERT` to finish. It doesn't mean other failures like out of gas, EIP-170
limit, EIP-3541, etc.
To be thorough, and to ensure we always do the right thing with real EVMC when
that's finalised, this patch fixes the `RETURNDATA` issue in two places, either
of which make Goerli block 5080941 pass.
`writeContract` has been refactored to be caller, and so has where it's called.
It sets an error in the usual way if contract writing is rejected -- that's
anticipating EVMC, where we'll use different error codes later.
Overall four behaviour changes:
1. On the callee side, it doesn't set `c.outputData` except for `REVERT`.
2. On the caller side, it doesn't read `child.outputData` except for `REVERT`.
3. There was a bug in processing before Homestead fork (EIP-2). We did not
match the spec or other implementations; now we do. When there's
insufficient gas, before Homestead it's treated as success but with an empty
contract.
https://github.com/ethereum/pyethereum/blob/d117c8f3fd93359fc641fd850fa799436f7c43b5/ethereum/processblock.py#L304
https://github.com/ethereum/go-ethereum/blob/401354976bb4/core/vm/instructions.go#L586
4. The Byzantium check has been removed, as it's unnecessary.
Signed-off-by: Jamie Lokier <jamie@shareable.org>
2021-12-02 20:44:51 +01:00
|
|
|
db.setCode(c.msg.contractAddress, c.output)
|
|
|
|
withExtra trace, "Writing new contract code"
|
|
|
|
return
|
|
|
|
|
|
|
|
if fork >= FkHomestead:
|
|
|
|
# EIP-2 (https://eips.ethereum.org/EIPS/eip-2).
|
2023-08-28 19:10:31 +07:00
|
|
|
c.setError(EVMC_OUT_OF_GAS, true)
|
2021-04-26 17:00:46 +01:00
|
|
|
else:
|
EVM: `writeContract` fixes, never return contract code as `RETURNDATA`
This fixes #867 "EIP-170 related consensus error at Goerli block 5080941", and
equivalent on other networks.
This combines a change on the EVM-caller side with an EVM-side change from
@jangko 6548ff98 "fixes CREATE/CREATE2's `returndata` bug", making the caller
EVM ignore any data except from `REVERT`.
Either change works by itself. The reason for both is to ensure we definitely
comply with ambiguous EVMC expectations from either side of that boundary, and
it makes the internal API clearer.
As well as fixing a specific consensus issue, there are some other EVM logic
changes too: Refactored `writeContract`, how `RETURNDATA` is handled inside the
EVM, and changed behaviour with quirks before EIP-2 (Homestead).
The fix allows sync to pass block 5080941 on Goerli, and probably equivalent on
other networks. Here's a trace at batch 5080897..5081088:
```
TRC 2021-10-01 21:18:12.883+01:00 Persisting blocks file=persist_blocks.nim:43 fromBlock=5080897 toBlock=5081088
...
DBG 2021-10-01 21:18:13.270+01:00 Contract code size exceeds EIP170 topics="vm computation" file=computation.nim:236 limit=24577 actual=31411
DBG 2021-10-01 21:18:13.271+01:00 gasUsed neq cumulativeGasUsed file=process_block.nim:68 block=5080941/0A3537BC5BDFC637349E1C77D9648F2F65E2BF973ABF7956618F854B769DF626 gasUsed=3129669 cumulativeGasUsed=3132615
TRC 2021-10-01 21:18:13.271+01:00 peer disconnected file=blockchain_sync.nim:407 peer=<IP:PORT>
```
Although it says "Contract code size" and "gasUsed", this bug is more general
than either contract size or gas. It's due to incorrect behaviour of EVM
instructions `RETURNDATA` and `RETURNDATASIZE`.
Sometimes when `writeContract` decides to reject writing the contract for any
of several reasons (for example just insufficient gas), the unwritten contract
code was being used as the "return data", and given to the caller. If the
caller used `RETURNDATA` or `RETURNDATASIZE` ops, those incorrectly reported
the contract code that didn't get written.
EIP-211 (https://eips.ethereum.org/EIPS/eip-211) describes `RETURNDATA`:
> "`CREATE` and `CREATE2` are considered to return the empty buffer in the
> success case and the failure data in the failure case".
The language is ambiguous. In fact "failure case" means when the contract uses
`REVERT` to finish. It doesn't mean other failures like out of gas, EIP-170
limit, EIP-3541, etc.
To be thorough, and to ensure we always do the right thing with real EVMC when
that's finalised, this patch fixes the `RETURNDATA` issue in two places, either
of which make Goerli block 5080941 pass.
`writeContract` has been refactored to be caller, and so has where it's called.
It sets an error in the usual way if contract writing is rejected -- that's
anticipating EVMC, where we'll use different error codes later.
Overall four behaviour changes:
1. On the callee side, it doesn't set `c.outputData` except for `REVERT`.
2. On the caller side, it doesn't read `child.outputData` except for `REVERT`.
3. There was a bug in processing before Homestead fork (EIP-2). We did not
match the spec or other implementations; now we do. When there's
insufficient gas, before Homestead it's treated as success but with an empty
contract.
https://github.com/ethereum/pyethereum/blob/d117c8f3fd93359fc641fd850fa799436f7c43b5/ethereum/processblock.py#L304
https://github.com/ethereum/go-ethereum/blob/401354976bb4/core/vm/instructions.go#L586
4. The Byzantium check has been removed, as it's unnecessary.
Signed-off-by: Jamie Lokier <jamie@shareable.org>
2021-12-02 20:44:51 +01:00
|
|
|
# Before EIP-2, when out of gas for code storage, the account ends up with
|
|
|
|
# zero-length code and no error. No gas is charged. Code cited in EIP-2:
|
|
|
|
# https://github.com/ethereum/pyethereum/blob/d117c8f3fd93/ethereum/processblock.py#L304
|
|
|
|
# https://github.com/ethereum/go-ethereum/blob/401354976bb4/core/vm/instructions.go#L586
|
|
|
|
# The account already has zero-length code to handle nested calls.
|
|
|
|
withExtra trace, "New contract given empty code by pre-Homestead rules"
|
2021-04-26 17:00:46 +01:00
|
|
|
|
2024-02-20 14:16:12 +07:00
|
|
|
template chainTo*(c: Computation,
|
|
|
|
toChild: typeof(c.child),
|
|
|
|
shouldRaise: static[bool],
|
|
|
|
after: untyped) =
|
|
|
|
|
|
|
|
when shouldRaise:
|
|
|
|
{.pragma: chainToPragma, gcsafe, raises: [CatchableError].}
|
|
|
|
else:
|
|
|
|
{.pragma: chainToPragma, gcsafe, raises: [].}
|
|
|
|
|
2021-04-26 17:00:46 +01:00
|
|
|
c.child = toChild
|
2024-02-20 14:16:12 +07:00
|
|
|
c.continuation = proc() {.chainToPragma.} =
|
2022-09-26 11:56:54 +07:00
|
|
|
c.continuation = nil
|
2021-04-26 17:00:46 +01:00
|
|
|
after
|
Added basic async capabilities for vm2. (#1260)
* Added basic async capabilities for vm2.
This is a whole new Git branch, not the same one as last time
(https://github.com/status-im/nimbus-eth1/pull/1250) - there wasn't
much worth salvaging. Main differences:
I didn't do the "each opcode has to specify an async handler" junk
that I put in last time. Instead, in oph_memory.nim you can see
sloadOp calling asyncChainTo and passing in an async operation.
That async operation is then run by the execCallOrCreate (or
asyncExecCallOrCreate) code in interpreter_dispatch.nim.
In the test code, the (previously existing) macro called "assembler"
now allows you to add a section called "initialStorage", specifying
fake data to be used by the EVM computation run by that test. (In
the long run we'll obviously want to write tests that for-real use
the JSON-RPC API to asynchronously fetch data; for now, this was
just an expedient way to write a basic unit test that exercises the
async-EVM code pathway.)
There's also a new macro called "concurrentAssemblers" that allows
you to write a test that runs multiple assemblers concurrently (and
then waits for them all to finish). There's one example test using
this, in test_op_memory_lazy.nim, though you can't actually see it
doing so unless you uncomment some echo statements in
async_operations.nim (in which case you can see the two concurrently
running EVM computations each printing out what they're doing, and
you'll see that they interleave).
A question: is it possible to make EVMC work asynchronously? (For
now, this code compiles and "make test" passes even if ENABLE_EVMC
is turned on, but it doesn't actually work asynchronously, it just
falls back on doing the usual synchronous EVMC thing. See
FIXME-asyncAndEvmc.)
* Moved the AsyncOperationFactory to the BaseVMState object.
* Made the AsyncOperationFactory into a table of fn pointers.
Also ditched the plain-data Vm2AsyncOperation type; it wasn't
really serving much purpose. Instead, the pendingAsyncOperation
field directly contains the Future.
* Removed the hasStorage idea.
It's not the right solution to the "how do we know whether we
still need to fetch the storage value or not?" problem. I
haven't implemented the right solution yet, but at least
we're better off not putting in a wrong one.
* Added/modified/removed some comments.
(Based on feedback on the PR.)
* Removed the waitFor from execCallOrCreate.
There was some back-and-forth in the PR regarding whether nested
waitFor calls are acceptable:
https://github.com/status-im/nimbus-eth1/pull/1260#discussion_r998587449
The eventual decision was to just change the waitFor to a doAssert
(since we probably won't want this extra functionality when running
synchronously anyway) to make sure that the Future is already
finished.
2022-11-01 11:35:46 -04:00
|
|
|
|
|
|
|
# Register an async operation to be performed before the continuation is called.
|
2024-02-20 14:16:12 +07:00
|
|
|
template asyncChainTo*(c: Computation,
|
|
|
|
asyncOperation: Future[void],
|
|
|
|
after: untyped) =
|
Added basic async capabilities for vm2. (#1260)
* Added basic async capabilities for vm2.
This is a whole new Git branch, not the same one as last time
(https://github.com/status-im/nimbus-eth1/pull/1250) - there wasn't
much worth salvaging. Main differences:
I didn't do the "each opcode has to specify an async handler" junk
that I put in last time. Instead, in oph_memory.nim you can see
sloadOp calling asyncChainTo and passing in an async operation.
That async operation is then run by the execCallOrCreate (or
asyncExecCallOrCreate) code in interpreter_dispatch.nim.
In the test code, the (previously existing) macro called "assembler"
now allows you to add a section called "initialStorage", specifying
fake data to be used by the EVM computation run by that test. (In
the long run we'll obviously want to write tests that for-real use
the JSON-RPC API to asynchronously fetch data; for now, this was
just an expedient way to write a basic unit test that exercises the
async-EVM code pathway.)
There's also a new macro called "concurrentAssemblers" that allows
you to write a test that runs multiple assemblers concurrently (and
then waits for them all to finish). There's one example test using
this, in test_op_memory_lazy.nim, though you can't actually see it
doing so unless you uncomment some echo statements in
async_operations.nim (in which case you can see the two concurrently
running EVM computations each printing out what they're doing, and
you'll see that they interleave).
A question: is it possible to make EVMC work asynchronously? (For
now, this code compiles and "make test" passes even if ENABLE_EVMC
is turned on, but it doesn't actually work asynchronously, it just
falls back on doing the usual synchronous EVMC thing. See
FIXME-asyncAndEvmc.)
* Moved the AsyncOperationFactory to the BaseVMState object.
* Made the AsyncOperationFactory into a table of fn pointers.
Also ditched the plain-data Vm2AsyncOperation type; it wasn't
really serving much purpose. Instead, the pendingAsyncOperation
field directly contains the Future.
* Removed the hasStorage idea.
It's not the right solution to the "how do we know whether we
still need to fetch the storage value or not?" problem. I
haven't implemented the right solution yet, but at least
we're better off not putting in a wrong one.
* Added/modified/removed some comments.
(Based on feedback on the PR.)
* Removed the waitFor from execCallOrCreate.
There was some back-and-forth in the PR regarding whether nested
waitFor calls are acceptable:
https://github.com/status-im/nimbus-eth1/pull/1260#discussion_r998587449
The eventual decision was to just change the waitFor to a doAssert
(since we probably won't want this extra functionality when running
synchronously anyway) to make sure that the Future is already
finished.
2022-11-01 11:35:46 -04:00
|
|
|
c.pendingAsyncOperation = asyncOperation
|
2024-02-20 14:16:12 +07:00
|
|
|
c.continuation = proc() {.gcsafe, raises: [].} =
|
|
|
|
c.continuation = nil
|
|
|
|
after
|
|
|
|
|
|
|
|
template asyncChainToRaise*(c: Computation,
|
|
|
|
asyncOperation: Future[void],
|
|
|
|
RaisesTypes: untyped,
|
|
|
|
after: untyped) =
|
|
|
|
c.pendingAsyncOperation = asyncOperation
|
|
|
|
c.continuation = proc() {.gcsafe, raises: RaisesTypes.} =
|
Added basic async capabilities for vm2. (#1260)
* Added basic async capabilities for vm2.
This is a whole new Git branch, not the same one as last time
(https://github.com/status-im/nimbus-eth1/pull/1250) - there wasn't
much worth salvaging. Main differences:
I didn't do the "each opcode has to specify an async handler" junk
that I put in last time. Instead, in oph_memory.nim you can see
sloadOp calling asyncChainTo and passing in an async operation.
That async operation is then run by the execCallOrCreate (or
asyncExecCallOrCreate) code in interpreter_dispatch.nim.
In the test code, the (previously existing) macro called "assembler"
now allows you to add a section called "initialStorage", specifying
fake data to be used by the EVM computation run by that test. (In
the long run we'll obviously want to write tests that for-real use
the JSON-RPC API to asynchronously fetch data; for now, this was
just an expedient way to write a basic unit test that exercises the
async-EVM code pathway.)
There's also a new macro called "concurrentAssemblers" that allows
you to write a test that runs multiple assemblers concurrently (and
then waits for them all to finish). There's one example test using
this, in test_op_memory_lazy.nim, though you can't actually see it
doing so unless you uncomment some echo statements in
async_operations.nim (in which case you can see the two concurrently
running EVM computations each printing out what they're doing, and
you'll see that they interleave).
A question: is it possible to make EVMC work asynchronously? (For
now, this code compiles and "make test" passes even if ENABLE_EVMC
is turned on, but it doesn't actually work asynchronously, it just
falls back on doing the usual synchronous EVMC thing. See
FIXME-asyncAndEvmc.)
* Moved the AsyncOperationFactory to the BaseVMState object.
* Made the AsyncOperationFactory into a table of fn pointers.
Also ditched the plain-data Vm2AsyncOperation type; it wasn't
really serving much purpose. Instead, the pendingAsyncOperation
field directly contains the Future.
* Removed the hasStorage idea.
It's not the right solution to the "how do we know whether we
still need to fetch the storage value or not?" problem. I
haven't implemented the right solution yet, but at least
we're better off not putting in a wrong one.
* Added/modified/removed some comments.
(Based on feedback on the PR.)
* Removed the waitFor from execCallOrCreate.
There was some back-and-forth in the PR regarding whether nested
waitFor calls are acceptable:
https://github.com/status-im/nimbus-eth1/pull/1260#discussion_r998587449
The eventual decision was to just change the waitFor to a doAssert
(since we probably won't want this extra functionality when running
synchronously anyway) to make sure that the Future is already
finished.
2022-11-01 11:35:46 -04:00
|
|
|
c.continuation = nil
|
|
|
|
after
|
2021-04-26 17:00:46 +01:00
|
|
|
|
|
|
|
proc merge*(c, child: Computation) =
|
|
|
|
c.gasMeter.refundGas(child.gasMeter.gasRefunded)
|
|
|
|
|
2024-02-20 14:16:12 +07:00
|
|
|
when evmc_enabled:
|
|
|
|
{.pragma: selfDesructPragma, gcsafe, raises: [CatchableError].}
|
|
|
|
else:
|
|
|
|
{.pragma: selfDesructPragma, gcsafe, raises: [].}
|
|
|
|
|
2023-02-14 15:37:21 +01:00
|
|
|
proc execSelfDestruct*(c: Computation, beneficiary: EthAddress)
|
2024-02-20 14:16:12 +07:00
|
|
|
{.selfDesructPragma.} =
|
2023-08-18 10:12:18 +07:00
|
|
|
|
2021-04-26 17:00:46 +01:00
|
|
|
c.vmState.mutateStateDB:
|
2023-03-17 20:20:52 +07:00
|
|
|
let localBalance = c.getBalance(c.msg.contractAddress)
|
2021-04-26 17:00:46 +01:00
|
|
|
|
2023-03-20 18:51:09 +07:00
|
|
|
# Register the account to be deleted
|
2023-08-18 10:12:18 +07:00
|
|
|
if c.fork >= FkCancun:
|
2023-09-26 09:03:21 +07:00
|
|
|
# Zeroing contract balance except beneficiary
|
|
|
|
# is the same address
|
|
|
|
db.subBalance(c.msg.contractAddress, localBalance)
|
|
|
|
|
|
|
|
# Transfer to beneficiary
|
|
|
|
db.addBalance(beneficiary, localBalance)
|
|
|
|
|
2023-08-18 10:12:18 +07:00
|
|
|
db.selfDestruct6780(c.msg.contractAddress)
|
|
|
|
else:
|
2023-09-26 09:03:21 +07:00
|
|
|
# Transfer to beneficiary
|
|
|
|
db.addBalance(beneficiary, localBalance)
|
2023-08-18 10:12:18 +07:00
|
|
|
db.selfDestruct(c.msg.contractAddress)
|
2023-03-20 18:51:09 +07:00
|
|
|
|
2021-04-26 17:00:46 +01:00
|
|
|
trace "SELFDESTRUCT",
|
|
|
|
contractAddress = c.msg.contractAddress.toHex,
|
|
|
|
localBalance = localBalance.toString,
|
|
|
|
beneficiary = beneficiary.toHex
|
|
|
|
|
2023-02-14 15:37:21 +01:00
|
|
|
proc addLogEntry*(c: Computation, log: Log) =
|
2023-03-20 18:51:09 +07:00
|
|
|
c.vmState.stateDB.addLogEntry(log)
|
2021-04-26 17:00:46 +01:00
|
|
|
|
|
|
|
proc getGasRefund*(c: Computation): GasInt =
|
|
|
|
if c.isSuccess:
|
|
|
|
result = c.gasMeter.gasRefunded
|
|
|
|
|
|
|
|
proc refundSelfDestruct*(c: Computation) =
|
|
|
|
let cost = gasFees[c.fork][RefundSelfDestruct]
|
2023-03-20 18:51:09 +07:00
|
|
|
let num = c.vmState.stateDB.selfDestructLen
|
|
|
|
c.gasMeter.refundGas(cost * num)
|
2021-04-26 17:00:46 +01:00
|
|
|
|
2023-02-14 15:37:21 +01:00
|
|
|
proc tracingEnabled*(c: Computation): bool =
|
2023-08-02 17:17:40 +07:00
|
|
|
c.vmState.tracingEnabled
|
|
|
|
|
|
|
|
proc traceOpCodeStarted*(c: Computation, op: Op): int {.gcsafe, raises: [].} =
|
|
|
|
c.vmState.captureOpStart(
|
2023-08-25 16:07:20 +07:00
|
|
|
c,
|
2023-08-02 17:17:40 +07:00
|
|
|
c.code.pc - 1,
|
|
|
|
op,
|
|
|
|
c.gasMeter.gasRemaining,
|
|
|
|
c.msg.depth + 1)
|
|
|
|
|
|
|
|
proc traceOpCodeEnded*(c: Computation, op: Op, opIndex: int) {.gcsafe, raises: [].} =
|
|
|
|
c.vmState.captureOpEnd(
|
2023-08-25 16:07:20 +07:00
|
|
|
c,
|
2023-08-02 17:17:40 +07:00
|
|
|
c.code.pc - 1,
|
|
|
|
op,
|
|
|
|
c.gasMeter.gasRemaining,
|
|
|
|
c.gasMeter.gasRefunded,
|
|
|
|
c.returnData,
|
|
|
|
c.msg.depth + 1,
|
|
|
|
opIndex)
|
|
|
|
|
|
|
|
proc traceError*(c: Computation) {.gcsafe, raises: [].} =
|
|
|
|
c.vmState.captureFault(
|
2023-08-25 16:07:20 +07:00
|
|
|
c,
|
2023-08-02 17:17:40 +07:00
|
|
|
c.code.pc - 1,
|
|
|
|
c.instr,
|
|
|
|
c.gasMeter.gasRemaining,
|
|
|
|
c.gasMeter.gasRefunded,
|
|
|
|
c.returnData,
|
|
|
|
c.msg.depth + 1,
|
2023-08-28 19:10:31 +07:00
|
|
|
c.errorOpt)
|
2021-04-26 17:00:46 +01:00
|
|
|
|
2023-02-14 15:37:21 +01:00
|
|
|
proc prepareTracer*(c: Computation) =
|
2023-08-25 16:07:20 +07:00
|
|
|
c.vmState.capturePrepare(c, c.msg.depth)
|
2021-04-26 17:00:46 +01:00
|
|
|
|
2023-08-27 13:13:37 +07:00
|
|
|
proc opcodeGastCost*(c: Computation, op: Op, gasCost: GasInt, reason: string) {.gcsafe, raises: [OutOfGas, ValueError].} =
|
|
|
|
c.vmState.captureGasCost(
|
|
|
|
c,
|
|
|
|
op,
|
|
|
|
gasCost,
|
|
|
|
c.gasMeter.gasRemaining,
|
|
|
|
c.msg.depth + 1)
|
|
|
|
c.gasMeter.consumeGas(gasCost, reason)
|
|
|
|
|
2021-04-26 17:00:46 +01:00
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# End
|
|
|
|
# ------------------------------------------------------------------------------
|