fix(tests): strict discriminators for CREATE failure refund

Tests 1 and 2 previously used `expected = sstore_state_gas` exact,
which held only because `tx_regular` happens to land below
`sstore_state_gas` with current constants. Switch to
`expected = max(tx_regular, tx_state)` computed defensively from
`factory_code.gas_cost(fork)`, matching the pattern in test 4.

Test 3 previously used a bare `state_test` + probe SSTORE with
`tx.gas = gas_limit_cap + sstore_state_gas`. That leaves enough
`gas_left` that the probe SSTORE succeeds via spillover whether
the CREATE charge is refunded or not — the test passed even if
the spec change were reverted. Rewrite to use the caller-wrapper
+ tight-gas-tuning pattern from tests 5 and 6 so the probe SSTORE
can only succeed via the refunded reservoir.

Verified: all 24 variants fail with the spec reverted and pass
with the spec applied.

Author: spencer-tb

tests/amsterdam/eip8037_state_creation_gas_cost_increase/test_state_gas_create.py

@@ -1128,7 +1128,9 @@ def test_create_silent_failure_refunds_state_gas(
     """
     gas_limit_cap = fork.transaction_gas_limit_cap()
     assert gas_limit_cap is not None
+    gas_costs = fork.gas_costs()
     sstore_state_gas = fork.sstore_state_gas()
+    intrinsic_cost = fork.transaction_intrinsic_cost_calculator()()
 
     mstore_value, size = init_code_at_high_bytes(Op.STOP)
     value = 1 if failure_mode == "insufficient_balance" else 0
@@ -1150,7 +1152,17 @@ def test_create_silent_failure_refunds_state_gas(
         sender=pre.fund_eoa(),
     )
 
-    expected = sstore_state_gas
+    # CREATE's GAS_NEW_ACCOUNT is refunded (silent failure, no child
+    # spawned). SSTORE's state portion is tracked separately in
+    # tx_state.
+    tx_regular = (
+        intrinsic_cost
+        + factory_code.gas_cost(fork)
+        - gas_costs.GAS_NEW_ACCOUNT
+        - sstore_state_gas
+    )
+    tx_state = sstore_state_gas
+    expected = max(tx_regular, tx_state)
     blockchain_test(
         pre=pre,
         blocks=[Block(txs=[tx], header_verify=Header(gas_used=expected))],
@@ -1186,7 +1198,9 @@ def test_create_child_revert_refunds_state_gas(
     """
     gas_limit_cap = fork.transaction_gas_limit_cap()
     assert gas_limit_cap is not None
+    gas_costs = fork.gas_costs()
     sstore_state_gas = fork.sstore_state_gas()
+    intrinsic_cost = fork.transaction_intrinsic_cost_calculator()()
 
     init_code = Op.REVERT(0, 0)
     mstore_value, size = init_code_at_high_bytes(init_code)
@@ -1198,13 +1212,12 @@ def test_create_child_revert_refunds_state_gas(
     )
 
     storage = Storage()
-    factory = pre.deploy_contract(
-        code=(
-            Op.MSTORE(0, mstore_value)
-            + Op.POP(create_call)
-            + Op.SSTORE(storage.store_next(1, "reservoir_ok"), 1)
-        ),
+    factory_code = (
+        Op.MSTORE(0, mstore_value)
+        + Op.POP(create_call)
+        + Op.SSTORE(storage.store_next(1, "reservoir_ok"), 1)
     )
+    factory = pre.deploy_contract(code=factory_code)
 
     gas_limit = (
         gas_limit_cap
@@ -1217,7 +1230,19 @@ def test_create_child_revert_refunds_state_gas(
         sender=pre.fund_eoa(),
     )
 
-    expected = sstore_state_gas
+    # CREATE's GAS_NEW_ACCOUNT is refunded on child REVERT. SSTORE's
+    # state portion is tracked separately. Child REVERT regular
+    # (init_code execution) is propagated via
+    # incorporate_child_on_error.
+    tx_regular = (
+        intrinsic_cost
+        + factory_code.gas_cost(fork)
+        - gas_costs.GAS_NEW_ACCOUNT
+        - sstore_state_gas
+        + init_code.gas_cost(fork)
+    )
+    tx_state = sstore_state_gas
+    expected = max(tx_regular, tx_state)
     blockchain_test(
         pre=pre,
         blocks=[Block(txs=[tx], header_verify=Header(gas_used=expected))],
@@ -1246,13 +1271,17 @@ def test_create_child_halt_refunds_state_gas(
 
     Exceptional halts (invalid opcode, EIP-3541 invalid prefix)
     consume all forwarded gas as `regular_gas_used`, so block
-    accounting cannot strictly discriminate via header gas. The
-    probe SSTORE confirms the reservoir holds the refunded
-    `GAS_NEW_ACCOUNT` for state-gas-dependent operations.
+    accounting cannot strictly discriminate via header gas. Tight
+    gas tuning via a caller wrapper leaves the factory with just
+    enough `gas_left` to pay the probe SSTORE's regular portion
+    but not enough to spill the state portion, so the probe SSTORE
+    can only succeed via the refunded reservoir.
     """
     gas_limit_cap = fork.transaction_gas_limit_cap()
     assert gas_limit_cap is not None
+    gas_costs = fork.gas_costs()
     sstore_state_gas = fork.sstore_state_gas()
+    new_account_state_gas = gas_costs.GAS_NEW_ACCOUNT
 
     init_code: Op | Bytecode
     if failure_mode == "initcode_halt":
@@ -1278,9 +1307,27 @@ def test_create_child_halt_refunds_state_gas(
         ),
     )
 
+    # Tight gas tuning: child halt consumes all forwarded gas as
+    # regular_gas_used. Factory retains
+    # ~(forwarded - pre_sstore_regular) / 64 after CREATE. Target
+    # the discrimination window `(probe_regular,
+    # probe_regular + sstore_state_gas)` so the probe SSTORE
+    # regular fits but state gas spillover from `gas_left` under
+    # the old behavior OOGs.
+    pre_sstore_code = Op.MSTORE(0, mstore_value) + Op.POP(create_call)
+    pre_sstore_regular = pre_sstore_code.gas_cost(fork) - new_account_state_gas
+    probe_code = Op.SSTORE(0, 1)
+    probe_regular = probe_code.gas_cost(fork) - sstore_state_gas
+    target_gas_left = probe_regular + sstore_state_gas // 2
+    forwarded_gas = target_gas_left * 64 + pre_sstore_regular
+    # Reservoir sized for CREATE charge only — SSTORE must pull
+    # from the refunded reservoir, not from spill.
+    caller = pre.deploy_contract(
+        code=Op.CALL(gas=forwarded_gas, address=factory)
+    )
     tx = Transaction(
-        to=factory,
-        gas_limit=gas_limit_cap + sstore_state_gas,
+        to=caller,
+        gas_limit=gas_limit_cap + new_account_state_gas,
         sender=pre.fund_eoa(),
     )