Re-enable G115 overflowing integer casts lint

.golangci.yml

@@ -44,7 +44,6 @@ linters-settings:
   gosec:
     excludes:
       - G404  # checks that random numbers are securely generated
-      - G115 # Potential integer overflow when converting between integer types
 
   govet:
     enable-all: true

arbcompress/compress_common.go

@@ -17,6 +17,8 @@ func compressedBufferSizeFor(length int) int {
 	return length + (length>>10)*8 + 64 // actual limit is: length + (length >> 14) * 4 + 6
 }
 
-func CompressLevel(input []byte, level int) ([]byte, error) {
+func CompressLevel(input []byte, level uint64) ([]byte, error) {
+	// level is trusted and shouldn't be anything crazy
+	// #nosec G115
 	return Compress(input, uint32(level), EmptyDictionary)
 }

arbnode/batch_poster.go

@@ -121,7 +121,7 @@ type BatchPoster struct {
 	nextRevertCheckBlock int64       // the last parent block scanned for reverting batches
 	postedFirstBatch     bool        // indicates if batch poster has posted the first batch
 
-	accessList func(SequencerInboxAccs, AfterDelayedMessagesRead int) types.AccessList
+	accessList func(SequencerInboxAccs, AfterDelayedMessagesRead uint64) types.AccessList
 }
 
 type l1BlockBound int
@@ -374,7 +374,7 @@ func NewBatchPoster(ctx context.Context, opts *BatchPosterOpts) (*BatchPoster, e
 	}
 	// Dataposter sender may be external signer address, so we should initialize
 	// access list after initializing dataposter.
-	b.accessList = func(SequencerInboxAccs, AfterDelayedMessagesRead int) types.AccessList {
+	b.accessList = func(SequencerInboxAccs, AfterDelayedMessagesRead uint64) types.AccessList {
 		if !b.config().UseAccessLists || opts.L1Reader.IsParentChainArbitrum() {
 			// Access lists cost gas instead of saving gas when posting to L2s,
 			// because data is expensive in comparison to computation.
@@ -433,8 +433,8 @@ type AccessListOpts struct {
 	BridgeAddr               common.Address
 	DataPosterAddr           common.Address
 	GasRefunderAddr          common.Address
-	SequencerInboxAccs       int
-	AfterDelayedMessagesRead int
+	SequencerInboxAccs       uint64
+	AfterDelayedMessagesRead uint64
 }
 
 // AccessList returns access list (contracts, storage slots) for batchposter.
@@ -476,12 +476,12 @@ func AccessList(opts *AccessListOpts) types.AccessList {
 		},
 	}
 
-	for _, v := range []struct{ slotIdx, val int }{
+	for _, v := range []struct{ slotIdx, val uint64 }{
 		{7, opts.SequencerInboxAccs - 1},       // - sequencerInboxAccs[sequencerInboxAccs.length - 1]; (keccak256(7, sequencerInboxAccs.length - 1))
 		{7, opts.SequencerInboxAccs},           // - sequencerInboxAccs.push(...); (keccak256(7, sequencerInboxAccs.length))
 		{6, opts.AfterDelayedMessagesRead - 1}, // - delayedInboxAccs[afterDelayedMessagesRead - 1]; (keccak256(6, afterDelayedMessagesRead - 1))
 	} {
-		sb := arbutil.SumBytes(arbutil.PaddedKeccak256([]byte{byte(v.slotIdx)}), big.NewInt(int64(v.val)).Bytes())
+		sb := arbutil.SumBytes(arbutil.PaddedKeccak256([]byte{byte(v.slotIdx)}), new(big.Int).SetUint64(v.val).Bytes())
 		l[1].StorageKeys = append(l[1].StorageKeys, common.Hash(sb))
 	}
 
@@ -603,16 +603,20 @@ func (b *BatchPoster) pollForL1PriceData(ctx context.Context) {
 						l1GasPrice = blobFeePerByte.Uint64() / 16
 					}
 				}
+				// #nosec G115
 				blobGasUsedGauge.Update(int64(*h.BlobGasUsed))
 			}
+			// #nosec G115
 			blockGasUsedGauge.Update(int64(h.GasUsed))
+			// #nosec G115
 			blockGasLimitGauge.Update(int64(h.GasLimit))
 			suggestedTipCap, err := b.l1Reader.Client().SuggestGasTipCap(ctx)
 			if err != nil {
 				log.Warn("unable to fetch suggestedTipCap from l1 client to update arb/batchposter/suggestedtipcap metric", "err", err)
 			} else {
 				suggestedTipCapGauge.Update(suggestedTipCap.Int64())
 			}
+			// #nosec G115
 			l1GasPriceGauge.Update(int64(l1GasPrice))
 		case <-ctx.Done():
 			return
@@ -1176,6 +1180,7 @@ func (b *BatchPoster) maybePostSequencerBatch(ctx context.Context) (bool, error)
 	if err != nil {
 		return false, err
 	}
+	// #nosec G115
 	firstMsgTime := time.Unix(int64(firstMsg.Message.Header.Timestamp), 0)
 
 	lastPotentialMsg, err := b.streamer.GetMessage(msgCount - 1)
@@ -1403,7 +1408,7 @@ func (b *BatchPoster) maybePostSequencerBatch(ctx context.Context) (bool, error)
 	if len(kzgBlobs)*params.BlobTxBlobGasPerBlob > params.MaxBlobGasPerBlock {
 		return false, fmt.Errorf("produced %v blobs for batch but a block can only hold %v (compressed batch was %v bytes long)", len(kzgBlobs), params.MaxBlobGasPerBlock/params.BlobTxBlobGasPerBlob, len(sequencerMsg))
 	}
-	accessList := b.accessList(int(batchPosition.NextSeqNum), int(b.building.segments.delayedMsg))
+	accessList := b.accessList(batchPosition.NextSeqNum, b.building.segments.delayedMsg)
 	// On restart, we may be trying to estimate gas for a batch whose successor has
 	// already made it into pending state, if not latest state.
 	// In that case, we might get a revert with `DelayedBackwards()`.
@@ -1505,6 +1510,7 @@ func (b *BatchPoster) maybePostSequencerBatch(ctx context.Context) (bool, error)
 		messagesPerBatch = 1
 	}
 	backlog := uint64(unpostedMessages) / messagesPerBatch
+	// #nosec G115
 	batchPosterEstimatedBatchBacklogGauge.Update(int64(backlog))
 	if backlog > 10 {
 		logLevel := log.Warn

arbnode/dataposter/data_poster.go

@@ -359,6 +359,7 @@ func (p *DataPoster) canPostWithNonce(ctx context.Context, nextNonce uint64, thi
 		if err != nil {
 			return fmt.Errorf("getting nonce of a dataposter sender: %w", err)
 		}
+		// #nosec G115
 		latestUnconfirmedNonceGauge.Update(int64(unconfirmedNonce))
 		if nextNonce >= cfg.MaxMempoolTransactions+unconfirmedNonce {
 			return fmt.Errorf("%w: transaction nonce: %d, unconfirmed nonce: %d, max mempool size: %d", ErrExceedsMaxMempoolSize, nextNonce, unconfirmedNonce, cfg.MaxMempoolTransactions)
@@ -371,6 +372,7 @@ func (p *DataPoster) canPostWithNonce(ctx context.Context, nextNonce uint64, thi
 		if err != nil {
 			return fmt.Errorf("getting nonce of a dataposter sender: %w", err)
 		}
+		// #nosec G115
 		latestUnconfirmedNonceGauge.Update(int64(unconfirmedNonce))
 		if unconfirmedNonce > nextNonce {
 			return fmt.Errorf("latest on-chain nonce %v is greater than to next nonce %v", unconfirmedNonce, nextNonce)
@@ -525,6 +527,7 @@ func (p *DataPoster) feeAndTipCaps(ctx context.Context, nonce uint64, gasLimit u
 	if err != nil {
 		return nil, nil, nil, fmt.Errorf("failed to get latest nonce %v blocks ago (block %v): %w", config.NonceRbfSoftConfs, softConfBlock, err)
 	}
+	// #nosec G115
 	latestSoftConfirmedNonceGauge.Update(int64(softConfNonce))
 
 	suggestedTip, err := p.client.SuggestGasTipCap(ctx)
@@ -1052,6 +1055,7 @@ func (p *DataPoster) updateNonce(ctx context.Context) error {
 		}
 		return nil
 	}
+	// #nosec G115
 	latestFinalizedNonceGauge.Update(int64(nonce))
 	log.Info("Data poster transactions confirmed", "previousNonce", p.nonce, "newNonce", nonce, "previousL1Block", p.lastBlock, "newL1Block", header.Number)
 	if len(p.errorCount) > 0 {
@@ -1132,6 +1136,7 @@ func (p *DataPoster) Start(ctxIn context.Context) {
 			log.Warn("Failed to get latest nonce", "err", err)
 			return minWait
 		}
+		// #nosec G115
 		latestUnconfirmedNonceGauge.Update(int64(unconfirmedNonce))
 		// We use unconfirmedNonce here to replace-by-fee transactions that aren't in a block,
 		// excluding those that are in an unconfirmed block. If a reorg occurs, we'll continue
@@ -1154,7 +1159,9 @@ func (p *DataPoster) Start(ctxIn context.Context) {
 			confirmedNonce := unconfirmedNonce - 1
 			confirmedMeta, err := p.queue.Get(ctx, confirmedNonce)
 			if err == nil && confirmedMeta != nil {
+				// #nosec G115
 				totalQueueWeightGauge.Update(int64(arbmath.SaturatingUSub(latestCumulativeWeight, confirmedMeta.CumulativeWeight())))
+				// #nosec G115
 				totalQueueLengthGauge.Update(int64(arbmath.SaturatingUSub(latestNonce, confirmedNonce)))
 			} else {
 				log.Error("Failed to fetch latest confirmed tx from queue", "confirmedNonce", confirmedNonce, "err", err, "confirmedMeta", confirmedMeta)

arbnode/dataposter/dbstorage/storage.go

@@ -42,7 +42,7 @@ func (s *Storage) FetchContents(_ context.Context, startingIndex uint64, maxResu
 	var res []*storage.QueuedTransaction
 	it := s.db.NewIterator([]byte(""), idxToKey(startingIndex))
 	defer it.Release()
-	for i := 0; i < int(maxResults); i++ {
+	for i := uint64(0); i < maxResults; i++ {
 		if !it.Next() {
 			break
 		}

arbnode/dataposter/slice/slicestorage.go

@@ -89,8 +89,8 @@ func (s *Storage) Put(_ context.Context, index uint64, prev, new *storage.Queued
 		}
 		s.queue = append(s.queue, newEnc)
 	} else if index >= s.firstNonce {
-		queueIdx := int(index - s.firstNonce)
-		if queueIdx > len(s.queue) {
+		queueIdx := index - s.firstNonce
+		if queueIdx > uint64(len(s.queue)) {
 			return fmt.Errorf("attempted to set out-of-bounds index %v in queue starting at %v of length %v", index, s.firstNonce, len(s.queue))
 		}
 		prevEnc, err := s.encDec().Encode(prev)

arbnode/dataposter/storage/time.go

@@ -34,11 +34,13 @@ func (b *RlpTime) DecodeRLP(s *rlp.Stream) error {
 	if err != nil {
 		return err
 	}
+	// #nosec G115
 	*b = RlpTime(time.Unix(int64(enc.Seconds), int64(enc.Nanos)))
 	return nil
 }
 
 func (b RlpTime) EncodeRLP(w io.Writer) error {
+	// #nosec G115
 	return rlp.Encode(w, rlpTimeEncoding{
 		Seconds: uint64(time.Time(b).Unix()),
 		Nanos:   uint64(time.Time(b).Nanosecond()),

arbnode/dataposter/storage_test.go

@@ -362,6 +362,7 @@ func TestLength(t *testing.T) {
 				if err != nil {
 					t.Fatalf("Length() unexpected error: %v", err)
 				}
+				// #nosec G115
 				if want := arbmath.MaxInt(0, 20-int(tc.pruneFrom)); got != want {
 					t.Errorf("Length() = %d want %d", got, want)
 				}

arbnode/inbox_reader.go

@@ -437,8 +437,8 @@ func (r *InboxReader) run(ctx context.Context, hadError bool) error {
 			}
 			delayedMessages, err := r.delayedBridge.LookupMessagesInRange(ctx, from, to, func(batchNum uint64) ([]byte, error) {
 				if len(sequencerBatches) > 0 && batchNum >= sequencerBatches[0].SequenceNumber {
-					idx := int(batchNum - sequencerBatches[0].SequenceNumber)
-					if idx < len(sequencerBatches) {
+					idx := batchNum - sequencerBatches[0].SequenceNumber
+					if idx < uint64(len(sequencerBatches)) {
 						return sequencerBatches[idx].Serialize(ctx, r.l1Reader.Client())
 					}
 					log.Warn("missing mentioned batch in L1 message lookup", "batch", batchNum)

arbnode/inbox_tracker.go

@@ -804,14 +804,17 @@ func (t *InboxTracker) AddSequencerBatches(ctx context.Context, client arbutil.L
 	if len(messages) > 0 {
 		latestTimestamp = messages[len(messages)-1].Message.Header.Timestamp
 	}
+	// #nosec G115
 	log.Info(
 		"InboxTracker",
 		"sequencerBatchCount", pos,
 		"messageCount", newMessageCount,
 		"l1Block", latestL1Block,
 		"l1Timestamp", time.Unix(int64(latestTimestamp), 0),
 	)
+	// #nosec G115
 	inboxLatestBatchGauge.Update(int64(pos))
+	// #nosec G115
 	inboxLatestBatchMessageGauge.Update(int64(newMessageCount))
 
 	if t.validator != nil {

arbnode/node.go

@@ -515,6 +515,7 @@ func createNodeImpl(
 	if err != nil {
 		return nil, err
 	}
+	// #nosec G115
 	sequencerInbox, err := NewSequencerInbox(l1client, deployInfo.SequencerInbox, int64(deployInfo.DeployedAt))
 	if err != nil {
 		return nil, err
@@ -639,6 +640,7 @@ func createNodeImpl(
 					tmpAddress := common.HexToAddress(config.Staker.ContractWalletAddress)
 					existingWalletAddress = &tmpAddress
 				}
+				// #nosec G115
 				wallet, err = validatorwallet.NewContract(dp, existingWalletAddress, deployInfo.ValidatorWalletCreator, deployInfo.Rollup, l1Reader, txOptsValidator, int64(deployInfo.DeployedAt), func(common.Address) {}, getExtraGas)
 				if err != nil {
 					return nil, err

arbnode/transaction_streamer.go

@@ -840,6 +840,7 @@ func (s *TransactionStreamer) addMessagesAndEndBatchImpl(messageStartPos arbutil
 		// Active broadcast reorg and L1 messages at or before start of broadcast messages
 		// Or no active broadcast reorg and broadcast messages start before or immediately after last L1 message
 		if messagesAfterPos >= broadcastStartPos {
+			// #nosec G115
 			broadcastSliceIndex := int(messagesAfterPos - broadcastStartPos)
 			messagesOldLen := len(messages)
 			if broadcastSliceIndex < len(s.broadcasterQueuedMessages) {

arbos/addressSet/addressSet_test.go

@@ -316,6 +316,7 @@ func checkIfRectifyMappingWorks(t *testing.T, aset *AddressSet, owners []common.
 			Fail(t, "RectifyMapping did not fix the mismatch")
 		}
 
+		// #nosec G115
 		if clearList && int(size(t, aset)) != index+1 {
 			Fail(t, "RectifyMapping did not fix the mismatch")
 		}

arbos/addressTable/addressTable.go

@@ -118,6 +118,7 @@ func (atab *AddressTable) Decompress(buf []byte) (common.Address, uint64, error)
 		if !exists {
 			return common.Address{}, 0, errors.New("invalid index in compressed address")
 		}
+		// #nosec G115
 		numBytesRead := uint64(rd.Size() - int64(rd.Len()))
 		return addr, numBytesRead, nil
 	}

arbos/arbosState/initialization_test.go

@@ -109,6 +109,7 @@ func pseudorandomAccountInitInfoForTesting(prand *testhelpers.PseudoRandomDataSo
 }
 
 func pseudorandomHashHashMapForTesting(prand *testhelpers.PseudoRandomDataSource, maxItems uint64) map[common.Hash]common.Hash {
+	// #nosec G115
 	size := int(prand.GetUint64() % maxItems)
 	ret := make(map[common.Hash]common.Hash)
 	for i := 0; i < size; i++ {

arbos/l1pricing/l1pricing.go

@@ -509,7 +509,7 @@ func (ps *L1PricingState) getPosterUnitsWithoutCache(tx *types.Transaction, post
 		return 0
 	}
 
-	l1Bytes, err := byteCountAfterBrotliLevel(txBytes, int(brotliCompressionLevel))
+	l1Bytes, err := byteCountAfterBrotliLevel(txBytes, brotliCompressionLevel)
 	if err != nil {
 		panic(fmt.Sprintf("failed to compress tx: %v", err))
 	}
@@ -594,7 +594,7 @@ func (ps *L1PricingState) PosterDataCost(message *core.Message, poster common.Ad
 	return am.BigMulByUint(pricePerUnit, units), units
 }
 
-func byteCountAfterBrotliLevel(input []byte, level int) (uint64, error) {
+func byteCountAfterBrotliLevel(input []byte, level uint64) (uint64, error) {
 	compressed, err := arbcompress.CompressLevel(input, level)
 	if err != nil {
 		return 0, err

arbos/l1pricing_test.go

@@ -100,7 +100,7 @@ func expectedResultsForL1Test(input *l1PricingTest) *l1TestExpectedResults {
 			availableFunds = availableFundsCap
 		}
 	}
-	fundsWantedForRewards := big.NewInt(int64(input.unitReward * input.unitsPerSecond))
+	fundsWantedForRewards := new(big.Int).SetUint64(input.unitReward * input.unitsPerSecond)
 	unitsAllocated := arbmath.UintToBig(input.unitsPerSecond)
 	if arbmath.BigLessThan(availableFunds, fundsWantedForRewards) {
 		ret.rewardRecipientBalance = availableFunds
@@ -111,7 +111,7 @@ func expectedResultsForL1Test(input *l1PricingTest) *l1TestExpectedResults {
 	uncappedAvailableFunds = arbmath.BigSub(uncappedAvailableFunds, ret.rewardRecipientBalance)
 	ret.unitsRemaining = (3 * input.unitsPerSecond) - unitsAllocated.Uint64()
 
-	maxCollectable := big.NewInt(int64(input.fundsSpent))
+	maxCollectable := new(big.Int).SetUint64(input.fundsSpent)
 	if arbmath.BigLessThan(availableFunds, maxCollectable) {
 		maxCollectable = availableFunds
 	}
@@ -170,7 +170,7 @@ func _testL1PricingFundsDue(t *testing.T, testParams *l1PricingTest, expectedRes
 	Require(t, err)
 
 	// create some fake collection
-	balanceAdded := big.NewInt(int64(testParams.fundsCollectedPerSecond * 3))
+	balanceAdded := new(big.Int).SetUint64(testParams.fundsCollectedPerSecond * 3)
 	unitsAdded := testParams.unitsPerSecond * 3
 	evm.StateDB.AddBalance(l1pricing.L1PricerFundsPoolAddress, uint256.MustFromBig(balanceAdded))
 	err = l1p.SetL1FeesAvailable(balanceAdded)

arbos/l2pricing/l2pricing_test.go

@@ -40,6 +40,7 @@ func TestPricingModelExp(t *testing.T) {
 	// show that running at the speed limit with a full pool is a steady-state
 	colors.PrintBlue("full pool & speed limit")
 	for seconds := 0; seconds < 4; seconds++ {
+		// #nosec G115
 		fakeBlockUpdate(t, pricing, int64(seconds)*int64(limit), uint64(seconds))
 		if getPrice(t, pricing) != minPrice {
 			Fail(t, "price changed when it shouldn't have")
@@ -50,6 +51,7 @@ func TestPricingModelExp(t *testing.T) {
 	// note that for large enough spans of time the price will rise a miniscule amount due to the pool's avg
 	colors.PrintBlue("pool target & speed limit")
 	for seconds := 0; seconds < 4; seconds++ {
+		// #nosec G115
 		fakeBlockUpdate(t, pricing, int64(seconds)*int64(limit), uint64(seconds))
 		if getPrice(t, pricing) != minPrice {
 			Fail(t, "price changed when it shouldn't have")
@@ -59,6 +61,7 @@ func TestPricingModelExp(t *testing.T) {
 	// show that running over the speed limit escalates the price before the pool drains
 	colors.PrintBlue("exceeding the speed limit")
 	for {
+		// #nosec G115
 		fakeBlockUpdate(t, pricing, 8*int64(limit), 1)
 		newPrice := getPrice(t, pricing)
 		if newPrice < price {

arbos/l2pricing/model.go

@@ -30,22 +30,26 @@ func (ps *L2PricingState) AddToGasPool(gas int64) error {
 		return err
 	}
 	// pay off some of the backlog with the added gas, stopping at 0
-	backlog = arbmath.SaturatingUCast[uint64](arbmath.SaturatingSub(int64(backlog), gas))
+	if gas > 0 {
+		backlog = arbmath.SaturatingUSub(backlog, uint64(gas))
+	} else {
+		backlog = arbmath.SaturatingUAdd(backlog, uint64(-gas))
+	}
 	return ps.SetGasBacklog(backlog)
 }
 
 // UpdatePricingModel updates the pricing model with info from the last block
 func (ps *L2PricingState) UpdatePricingModel(l2BaseFee *big.Int, timePassed uint64, debug bool) {
 	speedLimit, _ := ps.SpeedLimitPerSecond()
-	_ = ps.AddToGasPool(int64(timePassed * speedLimit))
+	_ = ps.AddToGasPool(arbmath.SaturatingCast[int64](arbmath.SaturatingUMul(timePassed, speedLimit)))
 	inertia, _ := ps.PricingInertia()
 	tolerance, _ := ps.BacklogTolerance()
 	backlog, _ := ps.GasBacklog()
 	minBaseFee, _ := ps.MinBaseFeeWei()
 	baseFee := minBaseFee
 	if backlog > tolerance*speedLimit {
-		excess := int64(backlog - tolerance*speedLimit)
-		exponentBips := arbmath.NaturalToBips(excess) / arbmath.Bips(inertia*speedLimit)
+		excess := arbmath.SaturatingCast[int64](backlog - tolerance*speedLimit)
+		exponentBips := arbmath.NaturalToBips(excess) / arbmath.SaturatingCast[arbmath.Bips](inertia*speedLimit)
 		baseFee = arbmath.BigMulByBips(minBaseFee, arbmath.ApproxExpBasisPoints(exponentBips, 4))
 	}
 	_ = ps.SetBaseFeeWei(baseFee)