avoid memory allocations and copies when loading states

[arnetheduck]

• rolls back some of the ref changes
• adds utility to calculate stack sizes

[arnetheduck]

incidentally, this also fixes most new warnings

[zah]

It's easy to create a helper that can write to a var directly. I'll look into after the PR is merged.

[arnetheduck]

the serialization library would have to be rewritten to not use exceptions and assume a blank slate (empty seqs etc) which would complicate it somewhat - on the plus side it could reuse seq memory etc instead of allocating new seqs - in general though, it's uglier and less safe - specially in the presence of exceptions - this BeaconChainDB acts as an exception barrier so it can do tricks like this somewhat safely as long as it has the rollback workaround

the bigger issue here is the lifetime of outputAddr - I wish there was a safe construct for this.

[mratsim]

Note that if BeaconState becomes a ref, the compiler might move it somewhere else on the heap and invalidate the address.

[arnetheduck]

well, I put unsafeAddr here so that we can grep for it easily - it should be safe though since the scope is local

[arnetheduck]

besides, nim isn't fancy enough to do compacting, is it?

[zah]

Why did you consider it necessary to rewrite the code here?

[arnetheduck]

to have only one code path for loading BeaconState avoiding subtle differences and bugs - the most important use case is loading states efficiently in the BlockPool that manages state rewind which is used all over the place in security critical contexts thus this use case guides the tradeoffs in the API

[zah]

I don't follow. My question was why did you decide to rewrite:

result = SSZ.decode(snapshotContents, BeaconStateRef)

into

let res = BeaconStateRef()
res[] = SSZ.decode(snapshotContents, BeaconState)
result = res

I see no practical benefits of doing this.

[arnetheduck]

this way, we don't hit any ref code paths in SSZ that implicitly allocate references - indeed, it means we only use one set of code paths to load BeaconState across the whole codebase - allocate-then-set.

[zah]

I find this argument unconvincing. The ref code paths are already used at will in the test suite. One can argue they are better tested :)

[arnetheduck]

well - not really - there are no ref inside any SSZ objects any more so the ref support in SSZ could be taken away, simplifying it - in fact, this was one of the points raised on the eth1 branch, that loading ref:s inside SSZ is better avoided since it's not a major use case and the code would be simpler without it - loading ref with value semantics as is implemented right now is questionable: they're no longer refs then, but values that behave like refs which is weird and unexpected.

[zah]

"Simplify" is an overstatement here. Since SSZ is based on generic functions, you'll compile the ref support only if you actually use it. And if you use it, it will produce just a single additional function that will have exactly the same body as the 3 lines written here.

Since writing 1 line is simpler than writing 3 lines, I'd say the having the ref support simplifies things. I'm not sure why you seem to be fighting the idea that we could employ data sharing between the SSZ objects, but this would require supporting refs.

[arnetheduck]

I'd flip the question and ask why it was changed to begin - this wasn't a necessary change and broke away from what the other code was doing already - as of now, hiding allocations inside ssz doesn't bring any benefits, while it does add costs - there was code designed specifically to avoid it, so instead of having 2 styles, it seems simpler to have one made out of simpler pieces.

we can change this one back, but ideally we should be moving towards hashedbeaconstate/statedata consistently to decrease the surface of options going around.

[zah]

Elegance? I wouldn't insist if you feel so strongly about it, but the 3 line code is definitely triggering my OCD tendencies :)

[arnetheduck]

ok - pushed a newClone update which should satisfy the 1-line OCD, keeps the ref allocation visible and separate from SSZ and exploit RVO at the same time - I view the hidden memory allocation as a risk and would prefer that it was removed from SSZ as far as is possible, until there's a motivation that gives a return for that risk - how's that for a compromise?

If yes, I'd go ahead and remove some of the ref changes that were introduced with eth1 to further de-risk SSZ - again, until there's an actual benefit that can be evaluated on its own, and not forced in as part of an unrelated feature.

[zah]

Since this usage pattern is repeated few times, maybe a helper like db.getNewState() would be useful.

[zah]

It can have the added bonus that it avoids the allocation in the "not found" case.

[arnetheduck]

this is init - it crashes if it doesn't find the state - see above, about code paths. that said, it could be rewritten to load the state directly into the result - I'm hesitant to do so though until more of the BeaconChainDB interface has been refactored - in particular, it should save the state and its stateroot index atomically and ditto for loading - that would make init a lot more clear.

[zah]

I've flagged 4 usages of this potential API. 3 of them are in non-testing code.

[arnetheduck]

the intent is that the BlockPool and BeaconStateDB don't work with BlockState directly because this causes some non-atomic behaviour: BeaconState should always be saved with a state root - I've updated the code to reflect this more clearly, but that refactoring is slightly out of scope here - it would need transaction support in the kv store which is still todo

Added getStateRef to the db tests which simplifies them a bit, but sticks with the same loading as block pool

[zah]

I think the code was better before. Why do you insist on avoiding printit(BeaconStateRef)?

[arnetheduck]

same reason as elsewhere: one way of decoding states

[zah]

Ditto.

[arnetheduck]

kills the warning, has the same practical effect

[zah]

Hmm, you can kill the warnings with printit(NilableBeaconStateRef) too.

[zah]

This can be fixed as well. It could be SSZ.loadFile(pre, stateY.data) (var version)

[zah]

On a second thought, RVO is already doing the var transformation, so the only gain is type inference.

[arnetheduck]

indeed - which is why I think it's sort of not worth it

[arnetheduck]

well - there is one more reason: RVO in nim is buggy and slow - but to write it correctly is hard, so it'll likely be buggy anyway

[zah]

I don't see the benefit of this change. We are just creating more and more types that are unsafe to use as stack variables.

[arnetheduck]

ditto - one code path for loading states to maintain the same behaviour when fuzzing and when running rewinds

[arnetheduck]

the way I view it is that we consistently give the caller the chance to control the allocation instead making that choice for them - in the 90% case, I'd agree that the caller should not be bothered, but in this case we've identified a particular bottleneck that warrants more careful allocation

[zah]

Another usage of db.getNewState

[arnetheduck]

I'd prefer not to add test-only helpers in the the prod code - it seems better to stress the code that's used in real scenarios - is it motivated to add it to testutils? a helper there could call the prod code.

[zah]

Another usage of db.getNewState()

[arnetheduck]

the idea is not to allocate here but rather reuse an existing instance like tmpState - that requires more rewriting though which was planned for a later PR

[mratsim]

Note that if BeaconState becomes a ref, the compiler might move it somewhere else on the heap and invalidate the address.