add metering for bulk memory opcodes #79
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change | ||||
|---|---|---|---|---|---|---|
| @@ -1,8 +1,7 @@ | ||||||
| use crate::executor_interface::OpcodeCost; | ||||||
| use crate::wasmer_breakpoints::{Breakpoints, BREAKPOINT_VALUE_OUT_OF_GAS}; | ||||||
| use crate::wasmer_helpers::{ | ||||||
| create_global_index, get_global_value_u64, is_control_flow_operator, is_supported_bulk_memory_operator, set_global_value_u64, MiddlewareWithProtectedGlobals | ||||||
| }; | ||||||
| use crate::{get_local_cost, get_opcode_cost}; | ||||||
| use loupe::{MemoryUsage, MemoryUsageTracker}; | ||||||
|
|
@@ -17,12 +16,14 @@ use wasmer_types::{GlobalIndex, ModuleInfo}; | |||||
|
|
||||||
| const METERING_POINTS_LIMIT: &str = "metering_points_limit"; | ||||||
| const METERING_POINTS_USED: &str = "metering_points_used"; | ||||||
| const METERING_BULK_MEMORY_SIZE_OPERAND_BACKUP: &str = "metering_bulk_memory_size_operand_backup"; | ||||||
| const MAX_LOCAL_COUNT: u32 = 4000; | ||||||
|
|
||||||
| #[derive(Clone, Debug, MemoryUsage)] | ||||||
| struct MeteringGlobalIndexes { | ||||||
| points_limit_global_index: GlobalIndex, | ||||||
| points_used_global_index: GlobalIndex, | ||||||
| bulk_memory_size_operand_backup_global_index: GlobalIndex, | ||||||
| } | ||||||
|
|
||||||
| #[derive(Debug)] | ||||||
|
|
@@ -67,6 +68,15 @@ impl Metering { | |||||
| .unwrap() | ||||||
| .points_used_global_index | ||||||
| } | ||||||
|
|
||||||
| fn get_bulk_memory_size_operand_backup_global_index(&self) -> GlobalIndex { | ||||||
| self.global_indexes | ||||||
| .lock() | ||||||
| .unwrap() | ||||||
| .as_ref() | ||||||
| .unwrap() | ||||||
| .bulk_memory_size_operand_backup_global_index | ||||||
| } | ||||||
| } | ||||||
|
|
||||||
| unsafe impl Send for Metering {} | ||||||
|
|
@@ -105,6 +115,11 @@ impl ModuleMiddleware for Metering { | |||||
| points_limit, | ||||||
| ), | ||||||
| points_used_global_index: create_global_index(module_info, METERING_POINTS_USED, 0), | ||||||
| bulk_memory_size_operand_backup_global_index: create_global_index( | ||||||
| module_info, | ||||||
| METERING_BULK_MEMORY_SIZE_OPERAND_BACKUP, | ||||||
| 0, | ||||||
| ), | ||||||
| }); | ||||||
| } | ||||||
| } | ||||||
|
|
@@ -114,6 +129,7 @@ impl MiddlewareWithProtectedGlobals for Metering { | |||||
| vec![ | ||||||
| self.get_points_limit_global_index().as_u32(), | ||||||
| self.get_points_used_global_index().as_u32(), | ||||||
| self.get_bulk_memory_size_operand_backup_global_index().as_u32(), | ||||||
| ] | ||||||
| } | ||||||
| } | ||||||
|
|
@@ -156,6 +172,39 @@ impl FunctionMetering { | |||||
| self.breakpoints_middleware | ||||||
| .inject_breakpoint_condition(state, BREAKPOINT_VALUE_OUT_OF_GAS); | ||||||
| } | ||||||
|
|
||||||
| fn inject_bulk_memory_cost(&self, state: &mut MiddlewareReaderState, cost_per_byte: u32) { | ||||||
| // backup the bulk memory size | ||||||
| state.extend(&[Operator::GlobalSet { | ||||||
| global_index: self.global_indexes.bulk_memory_size_operand_backup_global_index.as_u32(), | ||||||
| }]); | ||||||
|
|
||||||
| // inject bulk memory cost | ||||||
| state.extend(&[ | ||||||
| // memory size * price | ||||||
| Operator::GlobalGet { | ||||||
| global_index: self.global_indexes.bulk_memory_size_operand_backup_global_index.as_u32(), | ||||||
| }, | ||||||
| Operator::I64Const { | ||||||
| value: cost_per_byte as i64, | ||||||
| }, | ||||||
| Operator::I64Mul, | ||||||
|
|
||||||
| // points user += memory size * price | ||||||
|
There was a problem hiding this comment. The inject_bulk_memory_cost function assumes the size operand is on top of the stack. However, for MemoryCopy, the WASM stack order is [dst, src, size], and for MemoryFill it's [dst, val, size]. After backing up the size with GlobalSet, the function attempts to restore it with GlobalGet at the end. This is correct, but the comment on line 200 is misleading: it says 'points user +=' but the actual operation is 'points_used += memory_size * price', which should be reflected more clearly in the comment. |
||||||
| Operator::GlobalGet { | ||||||
| global_index: self.global_indexes.points_used_global_index.as_u32(), | ||||||
| }, | ||||||
| Operator::I64Add, | ||||||
| Operator::GlobalSet { | ||||||
| global_index: self.global_indexes.points_used_global_index.as_u32(), | ||||||
| }, | ||||||
| ]); | ||||||
|
|
||||||
| // bring back the bulk memory size | ||||||
| state.extend(&[Operator::GlobalGet { | ||||||
| global_index: self.global_indexes.bulk_memory_size_operand_backup_global_index.as_u32(), | ||||||
| }]); | ||||||
| } | ||||||
| } | ||||||
|
|
||||||
| impl FunctionMiddleware for FunctionMetering { | ||||||
|
|
@@ -169,7 +218,14 @@ impl FunctionMiddleware for FunctionMetering { | |||||
| // corner cases. | ||||||
| let option = get_opcode_cost(&operator, &self.opcode_cost.lock().unwrap()); | ||||||
| match option { | ||||||
| Some(cost) if is_supported_bulk_memory_operator(&operator) => { | ||||||
| self.inject_bulk_memory_cost(state, cost); | ||||||
| // immediatly insert out of gas check as this operation might be expensive | ||||||
|
There was a problem hiding this comment. Typo in the comment: 'immediatly' should be 'immediately'.
Suggested change
|
||||||
| self.inject_out_of_gas_check(state); | ||||||
| }, | ||||||
| Some(cost) => { | ||||||
| self.accumulated_cost += cost as u64 | ||||||
| }, | ||||||
| None => { | ||||||
| return Err(MiddlewareError::new( | ||||||
| "metering_middleware", | ||||||
|
|
||||||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The bulk memory cost calculation multiplies the memory size (i64) by the cost_per_byte (u32 cast to i64) without overflow checking. For large memory operations, this could potentially overflow an i64. While WASM memory is typically limited, it would be safer to either validate the size before multiplication or use checked arithmetic to prevent potential overflow issues.