-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
B**OOM** in jsonSerialize
#2527
Comments
OOM on my advanced powerful PC. |
NeoGo at 0.95.3:
|
It seems the same issue as https://github.com/neo-project/neo/issues/2521 , isn't it? at System.Collections.Generic.Queue`1.SetCapacity(Int32 capacity)
at System.Collections.Generic.Queue`1.Enqueue(T item)
at Neo.VM.ReferenceCounter.CheckZeroReferred()
at Neo.VM.ExecutionEngine.PostExecuteInstruction()
at Neo.VM.ExecutionEngine.ExecuteNext() |
No, after #2521 is fixed, this issue will be exposed to the sun 🌚 |
Yes, you are right |
@vang1ong7ang could you review #2529 ? |
IMO it is a very genius patch which exactly fix such problem efficiently. 👏 Also, I think the following test case is worth to be tested to check if there is performance issues.
|
55 seconds and 11 gas.
|
@roman-khimov As always seen, neo-go is slightly faster.
|
No, that's not the neo-go we're all used to, so nspcc-dev/neo-go#2053 improves it to work more like this:
It's not finished/merged yet, but it'll be next week. |
Threre is a
jsonSerialize
method provided byStdLib
native contract whose impl is below:neo/src/neo/SmartContract/Native/StdLib.cs
Lines 33 to 37 in f9b0b3b
neo/src/neo/SmartContract/JsonSerializer.cs
Lines 80 to 145 in f9b0b3b
Although strict restrictions are applied, like below:
neo/src/neo/SmartContract/JsonSerializer.cs
Line 140 in f9b0b3b
neo/src/neo/SmartContract/JsonSerializer.cs
Line 143 in f9b0b3b
However a carefully constructed
StackItem
can make thejsonSerialize
function drunk in the deep loop showed below.Actually
writer.WriteStartArray();
didn't write any character in theMemoryStream
. Thems.Position
will always be0
until a deep loop is finished.neo/src/neo/SmartContract/JsonSerializer.cs
Lines 90 to 99 in f9b0b3b
Under the limitation of
MaxStackSize = 2048
, the memory cost and time cost are bothO(2^510)
, which lead to a BOOM.PoC
Source Code: https://github.com/lazynode/Tanya/pull/2/files
NOTE THAT CURRENTLY THE POC ABOVE HIT ISSUE 2521 FIRST. YOU CANNOT REALLY DEBUG THIS POC UNTIL https://github.com/neo-project/neo/issues/2521 IS RESOLVED.
The text was updated successfully, but these errors were encountered: