Properly force-clean for shortening bytesXX conversions. #3868
Conversation
|
This is weird, because we actually have a test for this: https://github.com/ethereum/solidity/blob/develop/test/libsolidity/SolidityEndToEndTest.cpp#L1580 |
|
Ok, I think I can see why this is still fine in most cases: Whenever we store in storage, we chop additional bits, so storage is safe. Whenever we store in memory, we do an additional cleanup, and for that additional cleanup, we either widen (implicit conversion) or we do not change the size at all. In both cases, the typeOnStack is the shorter one, so we do proper cleanup. The only case where this can be problematic that I can think of is: |
|
Doesn't the ABI encoder does cleaning on its own? A better test would be: |
| m_context << ((u256(1) << (256 - typeOnStack.numBytes() * 8)) - 1); | ||
| m_context << Instruction::NOT << Instruction::AND; | ||
| } | ||
| int bytes = min(typeOnStack.numBytes(), targetType.numBytes()); |
There was a problem hiding this comment.
numBytes() returns int.
There was a problem hiding this comment.
Hm, what case can numBytes be negative? Is that another oversight?
There was a problem hiding this comment.
It seems to be an oversight since there's an assert forcing it to be unsigned: https://github.com/ethereum/solidity/blob/develop/libsolidity/ast/Types.cpp#L1146
There was a problem hiding this comment.
Yes, this is a very old line in the code. I guess the idea was that it is easier to subtract bytes or something.
axic
left a comment
axic
left a comment
There was a problem hiding this comment.
Need to be rebased and remove the extra masking in abi.encode.
axic
force-pushed
the
bytescleanup
branch
2 times, most recently
from
f3fe04f to
161ff5e
Compare
|
Finished. |
|
Will add documentation to inline assembly that states when accessing local variables, short types are not guaranteed to have clean higher order bits. |
|
Updated. |
| To be safe, always clear the data properly before you use it | ||
| in a context where this is important: | ||
| ``uint32 x = f(); assembly { x := and(x, 0xffffffff) /* now use x */ }`` | ||
| To clean signed types, you can use the ``signextend`` opcode. |
There was a problem hiding this comment.
Should have given an example.
| bytes4 x = 0xffffffff; | ||
| bytes2 y = bytes2(x); | ||
| assembly { r := y } | ||
| // At this point, r and y both store four bytes, but |
There was a problem hiding this comment.
I actually wonder why shouldn't we properly apply the cleanup before the assembly block?
There was a problem hiding this comment.
We can actually check how the optimizer copes with cleanup done all the time.
Fixes #3867
It seems like the proper thing is done for integers, but not for bytesXX types.