This repository was archived by the owner on Apr 18, 2025. It is now read-only.
Bug: fix to truncate memory offset of Word to Uint64 when memory length is zero#393
Merged
Merged
Conversation
silathdiir
force-pushed
the
bug/truncate-word-to-u64-for-zero-len
branch
from
d841582 to
efe782d
Compare
silathdiir
changed the title
silathdiir
force-pushed
the
bug/truncate-word-to-u64-for-zero-len
branch
from
efe782d to
bd5e6d9
Compare
|
need to apply this when PR to upstream 598342b @silathdiir |
1 task
github-merge-queue Bot
pushed a commit
to privacy-ethereum/zkevm-circuits
that referenced
this pull request
Apr 28, 2023
#1317) ### Description Fix successful run cases with Uint64 overflow for multiple opcodes. 1. Add `WordByteRangeGadget` to constrain if Word is within the specified byte range. 2. Add `WordByteCapGadget` to constrain if Word is within the specified byte range (implemented by WordByteRangeGadget) and less than a maximum cap (used to replace a WordByteRangeGadget and LtGadget). 3. Fix bus-mapping and zkevm-circuits to handle overflow cases. And add unit-tests for these cases. TODO: will try to handle memory offset overflow with zero length in another PR (try to rebase for this local PR scroll-tech#393) and related issue #1301. ### Rationale Reference detailed code in `go-etherum` as: . [BLOCKHASH](https://github.com/ethereum/go-ethereum/blob/master/core/vm/instructions.go#L438) . [CALLDATALOAD](https://github.com/ethereum/go-ethereum/blob/master/core/vm/instructions.go#L285) . [CALLDATACOPY](https://github.com/ethereum/go-ethereum/blob/master/core/vm/instructions.go#L306) . [CODECOPY](https://github.com/ethereum/go-ethereum/blob/master/core/vm/instructions.go#L364) . [EXTCODECOPY](https://github.com/ethereum/go-ethereum/blob/master/core/vm/instructions.go#L382) . [JUMPI](https://github.com/ethereum/go-ethereum/blob/master/core/vm/instructions.go#L550) ### Issue Link Close #1276 ### Type of change - [X] Bug fix (non-breaking change which fixes an issue) ### How Has This Been Tested? Add unit-test cases for Uint64 overflow values. --------- Co-authored-by: Zhang Zhuo <mycinbrin@gmail.com>
1 task
github-merge-queue Bot
pushed a commit
to privacy-ethereum/zkevm-circuits
that referenced
this pull request
May 20, 2023
…or some opcodes (#1415) ### Description Reference go-ethereum function [calcMemSize64WithUint](https://github.com/ethereum/go-ethereum/blob/84c3799e21d61d677965715fe09f8209660b4009/core/vm/common.go#L38), ignore to check Uint64 overflow for memory offset if length is zero. it is also called by [calcMemSize64](https://github.com/ethereum/go-ethereum/blob/84c3799e21d61d677965715fe09f8209660b4009/core/vm/common.go#LL31C9-L31C30). And both are used for opcodes in [memory_table.go](https://github.com/ethereum/go-ethereum/blob/84c3799e21d61d677965715fe09f8209660b4009/core/vm/memory_table.go#L20) as `memorySize` in [jump_table.go](https://github.com/ethereum/go-ethereum/blob/84c3799e21d61d677965715fe09f8209660b4009/core/vm/jump_table.go#L387). For Call opcodes, in offset and size are truncated to Uint64 as [opCall](https://github.com/ethereum/go-ethereum/blob/84c3799e21d61d677965715fe09f8209660b4009/core/vm/instructions.go#LL672C60-L672C60). ### Issue Link Related issue #1301 Original local PR scroll-tech#393 ### Type of change - [X] Bug fix (non-breaking change which fixes an issue) ### How Has This Been Tested? 1. Fix `testool` case `randomStatetest85_d0_g0_v0`. 2. Add test cases of overflow offset and zero length for related opcodes.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Reference go-ethereum calcMemSize64WithUint function, memory offset is ignored to check Uint64 overflow if length is zero.
it is also called by calcMemSize64. And both are widely used in memory_table.go (as
memorySizein jump_table.go).For
CALLCODE, memory offset is truncate to Uint64 directly in opCallCode.Review and fix the all related opcodes in memory_table.go.
Issue Link
Related upstream issue privacy-ethereum#1301
TODO
Should we also need to constrain memory length is zero when memory offset is overflow in circuit?
Type of change
How Has This Been Tested?
testoolcaserandomStatetest85_d0_g0_v0.