Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Stack popping issue: Index out of bounds #31

Closed
mratsim opened this issue May 16, 2018 · 2 comments
Closed

Stack popping issue: Index out of bounds #31

mratsim opened this issue May 16, 2018 · 2 comments
Labels
bug Something isn't working

Comments

@mratsim
Copy link
Contributor

mratsim commented May 16, 2018

In some 2 specific cases:

  • fixture tests/fixtures/VMTests/vmArithmeticTest/mulUnderFlow.json
  • fixture tests/fixtures/VMTests/vmArithmeticTest/sdiv_dejavu.json

popping the stack eads to an out-of-bounds exception.

Traceback

test_helpers.nim(48)     test_vm_json
computation.nim(278)     testFixture
computation.nim(272)     :anonymous
stack.nim(135)           mul
stack.nim(116)           internalPopTuple2
system.nim(2445)         pop
system.nim(2843)         sysFatal

    Unhandled exception: index out of bounds
test_helpers.nim(48)     test_vm_json
computation.nim(278)     testFixture
computation.nim(272)     :anonymous
stack.nim(135)           sdiv
stack.nim(116)           internalPopTuple2
system.nim(2445)         pop
system.nim(2843)         sysFatal

    Unhandled exception: index out of bounds
@mratsim mratsim mentioned this issue May 16, 2018
Merged
@mratsim mratsim added the bug Something isn't working label May 16, 2018
@mratsim
Copy link
Contributor Author

mratsim commented May 16, 2018

Using the opcode tool of etherscan, mulUnderflow pushes only one value on the stack (intentionally malformed input?):

0x600102600155
------
[1] PUSH1 0x01 
[2] MUL 
[4] PUSH1 0x01 
[5] SSTORE

vs

0x6003600202600055
------
[1] PUSH1 0x03 
[3] PUSH1 0x02 
[4] MUL 
[6] PUSH1 0x00 
[7] SSTORE

@mratsim
Copy link
Contributor Author

mratsim commented May 16, 2018

Checking in the yellow paper, this is a situation called Stack Underflow. EVM should consume gas but rollback to preceding state.
2018-05-16_18-35-33.

In Py-EVM this is called InsufficientStack and raised by the pop method.

In Nimbus ensurePop does the same but is not used within the internalPopTuple macro at the moment:

https://github.com/status-im/nimbus/blob/43797485e5c50d94fef5a4b9afba858632190896/src/vm/stack.nim#L93-L118

Additionally, this is an expected exception, I'm not sure how to automatically create expect(InsufficientStack): body tests for such illformed inputs (i.e. differentiate between features that throws an exception because that is what we want to test and the others):

{
    "mulUnderFlow" : {
        "_info" : {
            "comment" : "",
            "filledwith" : "cpp-1.3.0+commit.6e0ce939.Linux.g++",
            "lllcversion" : "Version: 0.4.18-develop.2017.9.25+commit.a72237f2.Linux.g++",
            "source" : "src/VMTestsFiller/vmArithmeticTest/mulUnderFlowFiller.json",
            "sourceHash" : "c4dc43a2d2480a375b5f4cde0ff0b1059f36577d7c555b2ee92db62aad36aea2"
        },
        "env" : {
            "currentCoinbase" : "0x2adc25665018aa1fe0e6bc666dac8fc2697ff9ba",
            "currentDifficulty" : "0x0100",
            "currentGasLimit" : "0x0f4240",
            "currentNumber" : "0x00",
            "currentTimestamp" : "0x01"
        },
        "exec" : {
            "address" : "0x0f572e5295c57f15886f9b263e2f6d2d6c7b5ec6",
            "caller" : "0xcd1722f2947def4cf144679da39c4c32bdc35681",
            "code" : "0x600102600155",
            "data" : "0x",
            "gas" : "0x0186a0",
            "gasPrice" : "0x5af3107a4000",
            "origin" : "0xcd1722f2947def4cf144679da39c4c32bdc35681",
            "value" : "0x0de0b6b3a7640000"
        },
        "pre" : {
            "0x0f572e5295c57f15886f9b263e2f6d2d6c7b5ec6" : {
                "balance" : "0x0de0b6b3a7640000",
                "code" : "0x600102600155",
                "nonce" : "0x00",
                "storage" : {
                }
            }
        }
    }
}

mratsim added a commit that referenced this issue May 17, 2018
@mratsim
Stack underflow: Add failing test to catch #31
ebfe69d
@mratsim mratsim mentioned this issue May 17, 2018
Merged
mratsim added a commit that referenced this issue May 17, 2018
@mratsim
Catch stack underflow (#33)
507bdda 
* Stack underflow: Add failing test to catch #31

* ensurePop, use proc instead of template + add comment for future refactoring of popInternal

* Check stack underflows before popping values

* run json tests again
@mratsim mratsim closed this as completed May 17, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mratsim