fix[codegen]: fix assertions for certain precompiles#4451
Merged
charles-cooper merged 18 commits intovyperlang:masterfrom Jan 20, 2025
Merged
fix[codegen]: fix assertions for certain precompiles#4451charles-cooper merged 18 commits intovyperlang:masterfrom
charles-cooper merged 18 commits intovyperlang:masterfrom
Conversation
in 93a9579, the assert for memory copying calls to the identity precompile was optimized out; the reasoning being that if the identity precompile fails due to OOG, the caller contract would also likely fail with OOG. however, due to the 63/64ths rule, there are cases where the identity precompile could fail with OOG, but the caller contract has enough gas to successfully return out of the call context. (note that even prior to 93a9579, some calls to the identity precompile did not check the success flag. cf. commit cf03d27). this only affects pre-cancun compilation targets, since post-cancun the `mcopy` instruction is chosen. this commit fixes the identity precompile call for pre-cancun targets. a similar optimization was also applied in the past to omit the check when calling the ecrecover precompile. a check for the ecrecover call is applied in this commit. while this is a performance regression, ecrecover is generally not a hotspot; as for the identity precompile, it is only used by the compiler for memory copies pre-cancun, so the performance regression there is not too relevant (as of nov 2024).
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #4451 +/- ##
=======================================
Coverage 92.01% 92.01%
=======================================
Files 119 119
Lines 16692 16692
Branches 2805 2805
=======================================
Hits 15359 15359
Misses 915 915
Partials 418 418 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
Collaborator
|
aren't the tests using |
gas_used - 1 will always revert. we want to supply enough gas that the inner call will return 0 but the outer call will not oog.
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
cyberthirst
reviewed
Jan 19, 2025
| # check deploy IR (which contains runtime IR) | ||
| ir_node = CompilerData(source_code).ir_nodes | ||
|
|
||
| def _check(ir_node, parent=None): |
Collaborator
There was a problem hiding this comment.
i think it would be better to assert that one of the nodes is staticcall and assert that it calls a precompile address
Collaborator
There was a problem hiding this comment.
and once we establish this is true, assert that the parent is assert
Collaborator
There was a problem hiding this comment.
hmm i guess this was motivated by making this general even for cancun. but still i'd change the code and handle this on callsite
cyberthirst
reviewed
Jan 19, 2025
cyberthirst
reviewed
Jan 19, 2025
cyberthirst
approved these changes
Jan 20, 2025
lemenkov
pushed a commit
to fedora-ethereum/vyper
that referenced
this pull request
Feb 27, 2025
this commit fixes a flaw in code generation for certain precompiles. specifically, some calls to the ecrecover (0x01) and identity (0x04) precompiles were not checked for success. in 93a9579, the assert for memory copying calls to the identity precompile was optimized out; the reasoning being that if the identity precompile fails due to OOG, the contract would also likely fail with OOG. however, due to the 63/64ths rule, there are cases where just enough gas was supplied to the current call context so that the subcall to the precompile could fail with OOG, but the contract has enough gas to continue execution after it shouldn't (which is undefined behavior) and then successfully return out of the call context. (note that even prior to 93a9579, some calls to the identity precompile did not check the success flag. cf. commit cf03d27. the call to ecrecover was unchecked since inception - db44cde). note also that since cancun, memory copies are implemented using the `mcopy` instruction, so the bug as it pertains to the identity precompile only affects pre-cancun compilation targets. this commit fixes the flaw by converting the relevant unchecked calls to checked calls. it also adds tests that trigger the behavior by running the call, and then performing the exact same call again but providing `gas_used` back to the contract, which is the minimum amount of gas for the call to the contract to finish execution. the specific amount of gas left at the point of the subcall is small enough to cause the subcall to fail (and the check around the subcall success to revert, which is what is tested for in the new tests). in these tests, it also adds a static check that the IR is well-formed (that all relevant calls to precompiles are appropriately checked). references: - GHSA-vgf2-gvx8-xwc3
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What I did
fix for GHSA-vgf2-gvx8-xwc3
How I did it
How to verify it
Commit message
Description for the changelog
Cute Animal Picture