Description

When we count the new overflow for the multiplication result in field emulation, then part of the computation depends on the number of limbs of the multiplication result. Previously, we used uint(math.Log2(float64(2*nbResLimbs-1)))+1, but this lead to inconsistent results when nbResLimbs was 0. In that case we take log2 of a negative value which is NaN. However, on ARM uint(NaN) = 0 but on x86 uint(NaN) = math.Max.

We now use bits.Len which is correct for all platforms and avoids doing cast to floating point values.

Additionally, added a check that in case we compute number of limbs for two inputs both having zero inputs. Reviewing code-base, this edge case does not happen, but adding as a protective measure.

This bug appeared when we compoute inverse and division overflows. There, we reused multiplication precondition for computing overflow, but had omitted the number of limbs for the result from the hint. This PR also fixes these calls.

Type of change

• Bug fix (non-breaking change which fixes an issue)

How has this been tested?

Test suite.

How has this been benchmarked?

Not benchmarked.

Checklist:

• I have performed a self-review of my code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• I have added tests that prove my fix is effective or that my feature works
• I did not modify files generated from templates
• golangci-lint does not output errors locally
• New and existing unit tests pass locally with my changes
• Any dependent changes have been merged and published in downstream modules