Comments (13)
@shargon The fix I had in mind will not break the chain in any case. It just needs some adjustments in the compilers. I totally understand that this will not be implemented before 3.0. I think in NEO 3.0 we will need to rethink the whole VM memory system. I feel like we are not utilizing all the stacks well enough.
from neo-vm.
@lightszero do you think that we should implement this in neo3?
@shargon
I dont think so,i think a CLONE opcode is more better,just use CLONE when need.
from neo-vm.
@igormcoelho DUPFROMALTSTACK will duplicate the array from the ALTSTACK on to the EVALUTATIONSTACK. After that, we SETITEM index 0 of the array on the EVALUATIONSTACK with SETITEM. SETITEM will pop the cloned array from the EVALUATIONSTACK and set the index 0 to 10. So we will overwrite the array on the alt ALTSTACK (shares the same pointer) with an operation that occurs on the EVALUATIONSTACK. SETITEM will not push something new on the stack. My issue is that operations on the ESTACK may not affect the ASTACK directly.
from neo-vm.
To be more clear here: Stack machines never ever modify memory directly. The following should be some of a more correct implementation:
1. pop the item (array) from the ALTSTACK onto the ESTACK
2. modify the array (SETITEM)
3. PUSH the modified array back on the ALTSTACK
from neo-vm.
The contracts can still exist and operate with no issues. However, all the compilers need to be changed.
from neo-vm.
I guess this breaks all contracts I've seen,because all of them update and pop parameters, what does not makes sense without collateral effect. I agree thats strange, but I dont see any way of attacking , specially if stack isolation effectively clones items to other stacks...perhaps its an enhancement for stack isolation itself.
from neo-vm.
@igormcoelho Old contracts will not break if the VM changes the way it handles this. Just imagine there are as a couple of addresses in an array on the ALT stack. One could modify the pointer directly to change the address to any address he wants. However, I must agree that I do not see a simple and effective way to attack this. I would like to exclude any possible attack vectors possible and see this as a potential one.
from neo-vm.
Perhaps I'm misunderstand something, but take a look at this simple code void main(int x) { x = 10; }
, it usually generates the following operations:
5a PUSH10 # The number 10 is pushed onto the stack.
6a DUPFROMALTSTACK # clone top element from altstack to mainstack
00 PUSH0 #An empty array of bytes is pushed onto the stack
52 PUSH2 # The number 2 is pushed onto the stack.
7a ROLL # The item n back in the stack is moved to the top.
c4 SETITEM # v[0]=10; sets element v[0] to top stack element 10, and DROP v
You can see that this sequence clones something from altstack to mainstack (in this case it's an array that stores all local variables), performs this 0, 2, roll, setitem
, which basically takes the element before dupfromaltstack and puts on position 0 of the array taken from altstack. The thing I took some time to understand (and you can see in code below), is that after this operation, the array is virtually dropped from stack, because this sequence only performs pops and no push. So the effect of the attribution only happens in the original array at altstack because its "clone" is exactly the same array (as a collateral effect). PLEASE, correct me if I'm wrong, because I may be very wrong!! :)
https://github.com/neo-project/neo-vm/blob/master/src/neo-vm/ExecutionEngine.cs#L763-L791
from neo-vm.
Ok, but we agree that this is the current behavior for all deployed contracts and verification accounts, right? If we change this right now, it's sure we will break everything, because we would need to know exactly how all contracts until now are using this shared pointer situation... it's like starting another neo-vm from scratch, in my opinion. Besides, we will also need to change all compilers. Perhaps a more feasible option would be to create new opcodes, that actually clone data instead of keeping references. Then, new codes/compilers would be aware of this safer behavior, and generate code accordingly.
from neo-vm.
If you change the logic of one OPCODE you break the chain, this could be something for NEO 3.0
from neo-vm.
@lightszero do you think that we should implement this in neo3?
from neo-vm.
I wonder about this all the time, recently...
Global variables are already depending on this behavior, because they pop a copy of last value (static vars), and update this array consuming it. The side effect is an update of the other array, on the bottom of altstack.
It could indeed return a copy, and then push again to the bottom of altstack.
The problem is see is related to general attributions, x[4] = object, that MSIL treats as a reference type instead of a value type. But I think we could change that too, the moment is now.
@anthdm do you have a reference on this, I mean break stack isolation is against the model.., is it really worth the change?
from neo-vm.
CLONE is a nice idea @lightszero , I fully agree.
@anthdm I think I understand your point that side-effects break the concept of pure stack-based computation. I also see this as a "impure" situation. However, I did some research on stack models, and since the 70's I couldn't find a single stack machine (Turing Complete) which is pure. All of them allow side-effects between stacks, or extra registers, or extra global variables, or extra linear memory... In all of these cases, it looks like these things were added to give more flexibility and improve performance. So, I think that CLONE is a nice idea, because it allows a compiler to be "pure" (and do not use side-effects), but it keeps the possibility of others doing that. I still think that compilers will end-up using side-effects to represent global and local variables concepts from higher-level languages, and it would be a big challenge not to do so. As long as stacks are isolated and protected, nothing bad can happen.
A good example is on this interactive tutorial: https://neoresearch.io/nvm-learn/#arrays
from neo-vm.
Related Issues (20)
- Shallow-copy problem for OrderedDictionary.CopyTo in case of Array & Map type HOT 6
- Add 'utf8Size' opcode HOT 4
- Script checks are incomplete
- Can I integrate this vm in to my custom projects? HOT 1
- Efficient way to pass Map type to contract method? OpCode.PACKMAP? HOT 1
- Adapt code documentation of UNPACK opcode
- ReferenceCounter can become negative HOT 18
- Is this `MEMCPY` expected to push nothing to the stack?
- ScriptBuilder should have an emitPush overload that takes a ReadOnlySpan<byte>
- How to customize an interface in interoperation service layer HOT 3
- Presssure test on v3.3.0 cause execution failed HOT 1
- v3.3.0 need more than 30 hours for syncing mainnet even it's just about 1.7million blocks HOT 2
- What is the purpose of the second assert of this test? HOT 1
- Instruction pointer reading PUSHDATA4 operand size as *signed* int32 HOT 1
- Missing push in APPEND?
- EmitPush(bool) should convert stackitem to right type
- Buffer to Integer conversion inconsistency HOT 1
- Override GetString for Buffer/ByteString ? HOT 4
- Set Operation in a Get Function HOT 2
- Add Equatable for StackItem
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from neo-vm.