Merge pull request #6381 from ethereum/develop

Merge develop into release for 0.5.7
ethereum · Mar 26, 2019 · 6da8b01 · 6da8b01
2 parents b259423 + 6eb0349
commit 6da8b01
Show file tree

Hide file tree

Showing 210 changed files with 3,743 additions and 716 deletions.
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -10,7 +10,7 @@ include(EthPolicy)
 eth_policy()
 
 # project name and version should be set after cmake_policy CMP0048
-set(PROJECT_VERSION "0.5.6")
+set(PROJECT_VERSION "0.5.7")
 project(solidity VERSION ${PROJECT_VERSION} LANGUAGES CXX)
 
 option(LLL "Build LLL" OFF)

diff --git a/Changelog.md b/Changelog.md
@@ -1,3 +1,35 @@
+### 0.5.7 (2019-03-26)
+
+Important Bugfixes:
+ * ABIEncoderV2: Fix bugs related to loading short value types from storage when encoding an array or struct from storage.
+ * ABIEncoderV2: Fix buffer overflow problem when encoding packed array from storage.
+ * Optimizer: Fix wrong ordering of arguments in byte optimization rule for constants.
+
+
+Language Features:
+ * Function calls with named arguments now work with overloaded functions.
+
+
+Compiler Features:
+ * Inline Assembly: Issue error when using ``callvalue()`` inside nonpayable function (in the same way that ``msg.value`` already does).
+ * Standard JSON Interface: Support "Yul" as input language.
+ * SMTChecker: Show callstack together with model if applicable.
+ * SMTChecker: Support modifiers.
+ * Yul Optimizer: Enable stack allocation optimization by default if Yul optimizer is active (disable in ``yulDetails``).
+
+
+Bugfixes:
+ * Code Generator: Defensively pad memory for ``type(Contract).name`` to multiples of 32.
+ * Type System: Detect and disallow internal function pointers as parameters for public/external library functions, even when they are nested/wrapped in structs, arrays or other types.
+ * Yul Optimizer: Properly determine whether a variable can be eliminated during stack compression pass.
+ * Yul / Inline Assembly Parser: Disallow more than one case statement with the same label inside a switch based on the label's integer value.
+
+
+Build System:
+ * Install scripts: Fix boost repository URL for CentOS 6.
+ * Soltest: Fix hex string update in soltest.
+
+
 ### 0.5.6 (2019-03-13)
 
 Important Bugfixes:
@@ -29,6 +61,7 @@ Bugfixes:
 Build System:
  * Soltest: Add support for arrays in function signatures.
  * Soltest: Add support for struct arrays in function signatures.
+ * Soltest: Add support for left-aligned, unpadded hex string literals.
 
 ### 0.5.5 (2019-03-05)
 
@@ -70,7 +103,6 @@ Bugfixes:
 
 Build System:
  * Soltest: Add support for left-aligned, padded hex literals.
- * Soltest: Add support for left-aligned, unpadded hex string literals.
  * Soltest: Add support for right-aligned, padded boolean literals.
 
 ### 0.5.4 (2019-02-12)

diff --git a/ReleaseChecklist.md b/ReleaseChecklist.md
@@ -22,11 +22,10 @@
  - [ ] Thank voluntary contributors in the Github release page (use ``git shortlog -s -n -e origin/release..origin/develop``).
  - [ ] Create a pull request from ``develop`` to ``release``, wait for the tests, then merge it.
  - [ ] Make a final check that there are no platform-dependency issues in the ``solidity-test-bytecode`` repository.
- - [ ] Wait for the tests for the commit on ``release``, create a release in Github, creating the tag.
+ - [ ] Wait for the tests for the commit on ``release``, create a release in Github, creating the tag (click the `PUBLISH RELEASE` button on the release page.)
  - [ ] Wait for the CI runs on the tag itself (travis and appveyor should push artifacts onto the Github release page).
  - [ ] Run ``scripts/create_source_tarball.sh`` while being on the tag to create the source tarball. Make sure to create ``prerelease.txt`` before: (``echo -n > prerelease.txt``). This will create the tarball in a directory called ``upload``.
  - [ ] Take the tarball from the upload directory (its name should be ``solidity_x.x.x.tar.gz``, otherwise ``prerelease.txt`` was missing in the step before) and upload the source tarball to the release page.
- - [ ] Click the `PUBLISH RELEASE` button on the release page.
 
 ### PPA
  - [ ] Change ``scripts/release_ppa.sh`` to match your key's email and key id.

diff --git a/docs/bugs.json b/docs/bugs.json
@@ -1,4 +1,26 @@
 [
+    {
+        "name": "ABIEncoderV2PackedStorage",
+        "summary": "Storage structs and arrays with types shorter than 32 bytes can cause data corruption if encoded directly from storage using the experimental ABIEncoderV2.",
+        "description": "Elements of structs and arrays that are shorter than 32 bytes are not properly decoded from storage when encoded directly (i.e. not via a memory type) using ABIEncoderV2. This can cause corruption in the values themselves but can also overwrite other parts of the encoded data.",
+        "introduced": "0.4.19",
+        "fixed": "0.5.7",
+        "severity": "low",
+        "conditions": {
+            "ABIEncoderV2": true
+        }
+    },
+    {
+        "name": "IncorrectByteInstructionOptimization",
+	"summary": "The optimizer incorrectly handles byte opcodes whose second argument is 31 or a constant expression that evaluates to 31. This can result in unexpected values.",
+        "description": "The optimizer incorrectly handles byte opcodes that use the constant 31 as second argument. This can happen when performing index access on bytesNN types with a compile-time constant value (not index) of 31 or when using the byte opcode in inline assembly.",
+        "introduced": "0.5.5",
+        "fixed": "0.5.7",
+        "severity": "very low",
+        "conditions": {
+            "optimizer": true
+        }
+    },
     {
         "name": "DoubleShiftSizeOverflow",
         "summary": "Double bitwise shifts by large constants whose sum overflows 256 bits can result in unexpected values.",

diff --git a/docs/bugs_by_version.json b/docs/bugs_by_version.json
@@ -456,6 +456,7 @@
     },
     "0.4.19": {
         "bugs": [
+            "ABIEncoderV2PackedStorage",
             "ExpExponentCleanup",
             "EventStructWrongData",
             "NestedArrayFunctionCallDecoder"
@@ -479,6 +480,7 @@
     },
     "0.4.20": {
         "bugs": [
+            "ABIEncoderV2PackedStorage",
             "ExpExponentCleanup",
             "EventStructWrongData",
             "NestedArrayFunctionCallDecoder"
@@ -487,6 +489,7 @@
     },
     "0.4.21": {
         "bugs": [
+            "ABIEncoderV2PackedStorage",
             "ExpExponentCleanup",
             "EventStructWrongData",
             "NestedArrayFunctionCallDecoder"
@@ -495,6 +498,7 @@
     },
     "0.4.22": {
         "bugs": [
+            "ABIEncoderV2PackedStorage",
             "ExpExponentCleanup",
             "EventStructWrongData",
             "OneOfTwoConstructorsSkipped"
@@ -503,20 +507,24 @@
     },
     "0.4.23": {
         "bugs": [
+            "ABIEncoderV2PackedStorage",
             "ExpExponentCleanup",
             "EventStructWrongData"
         ],
         "released": "2018-04-19"
     },
     "0.4.24": {
         "bugs": [
+            "ABIEncoderV2PackedStorage",
             "ExpExponentCleanup",
             "EventStructWrongData"
         ],
         "released": "2018-05-16"
     },
     "0.4.25": {
-        "bugs": [],
+        "bugs": [
+            "ABIEncoderV2PackedStorage"
+        ],
         "released": "2018-09-12"
     },
     "0.4.3": {
@@ -610,33 +618,52 @@
         "released": "2017-01-31"
     },
     "0.5.0": {
-        "bugs": [],
+        "bugs": [
+            "ABIEncoderV2PackedStorage"
+        ],
         "released": "2018-11-13"
     },
     "0.5.1": {
-        "bugs": [],
+        "bugs": [
+            "ABIEncoderV2PackedStorage"
+        ],
         "released": "2018-12-03"
     },
     "0.5.2": {
-        "bugs": [],
+        "bugs": [
+            "ABIEncoderV2PackedStorage"
+        ],
         "released": "2018-12-19"
     },
     "0.5.3": {
-        "bugs": [],
+        "bugs": [
+            "ABIEncoderV2PackedStorage"
+        ],
         "released": "2019-01-22"
     },
     "0.5.4": {
-        "bugs": [],
+        "bugs": [
+            "ABIEncoderV2PackedStorage"
+        ],
         "released": "2019-02-12"
     },
     "0.5.5": {
         "bugs": [
+            "ABIEncoderV2PackedStorage",
+            "IncorrectByteInstructionOptimization",
             "DoubleShiftSizeOverflow"
         ],
         "released": "2019-03-05"
     },
     "0.5.6": {
-        "bugs": [],
+        "bugs": [
+            "ABIEncoderV2PackedStorage",
+            "IncorrectByteInstructionOptimization"
+        ],
         "released": "2019-03-13"
+    },
+    "0.5.7": {
+        "bugs": [],
+        "released": "2019-03-26"
     }
 }
diff --git a/docs/examples/micropayment.rst b/docs/examples/micropayment.rst
@@ -38,6 +38,7 @@ In this tutorial, we will sign messages in the browser using `web3.js <https://g
 as it provides a number of other security benefits.
 
 ::
+
     /// Hashing first makes things easier
     var hash = web3.utils.sha3("message to sign");
     web3.eth.personal.sign(hash, web3.eth.defaultAccount, function () { console.log("Signed"); });

diff --git a/docs/installing-solidity.rst b/docs/installing-solidity.rst
@@ -126,6 +126,8 @@ currently not supported.
     brew tap ethereum/ethereum
     brew install solidity
 
+To install the most recent 0.4.x version of Solidity you can also use ``brew install solidity@4``.
+
 If you need a specific version of Solidity you can install a
 Homebrew formula directly from Github.
 
@@ -140,7 +142,7 @@ Install it using ``brew``:
 .. code-block:: bash
 
     brew unlink solidity
-    # Install 0.4.8
+    # eg. Install 0.4.8
     brew install https://raw.githubusercontent.com/ethereum/homebrew-ethereum/77cce03da9f289e5a3ffe579840d3c5dc0a62717/solidity.rb
 
 Gentoo Linux also provides a solidity package that can be installed using ``emerge``:

diff --git a/docs/introduction-to-smart-contracts.rst b/docs/introduction-to-smart-contracts.rst
@@ -12,8 +12,8 @@ Let us begin with a basic example that sets the value of a variable and exposes
 it for other contracts to access. It is fine if you do not understand
 everything right now, we will go into more detail later.
 
-Storage
-=======
+Storage Example
+===============
 
 ::
 
@@ -33,7 +33,7 @@ Storage
 
 The first line simply tells that the source code is written for
 Solidity version 0.4.0 or anything newer that does not break functionality
-(up to, but not including, version 0.6.0). This is to ensure that the
+(up to, but not including, version 0.7.0). This is to ensure that the
 contract is not compilable with a new (breaking) compiler version, where it could behave differently.
 :ref:`Pragmas<pragma>` are common instructions for compilers about how to treat the
 source code (e.g. `pragma once <https://en.wikipedia.org/wiki/Pragma_once>`_).
@@ -387,8 +387,10 @@ paragraphs.
 Each account has a data area called **storage**, which is persistent between function calls
 and transactions.
 Storage is a key-value store that maps 256-bit words to 256-bit words.
-It is not possible to enumerate storage from within a contract and it is
-comparatively costly to read, and even more to modify storage.
+It is not possible to enumerate storage from within a contract, it is
+comparatively costly to read, and even more to initialise and modify storage. Because of this cost,
+you should minimize what you store in persistent storage to what the contract needs to run.
+Store data like derived calculations, caching, and aggregates outside of the contract.
 A contract can neither read nor write to any storage apart from its own.
 
 The second data area is called **memory**, of which a contract obtains

diff --git a/docs/miscellaneous.rst b/docs/miscellaneous.rst
@@ -336,12 +336,12 @@ The following is the order of precedence for operators, listed in order of evalu
 | *13*       | Logical OR                          | ``||``                                     |
 +------------+-------------------------------------+--------------------------------------------+
 | *14*       | Ternary operator                    | ``<conditional> ? <if-true> : <if-false>`` |
-+------------+-------------------------------------+--------------------------------------------+
-| *15*       | Assignment operators                | ``=``, ``|=``, ``^=``, ``&=``, ``<<=``,    |
++            +-------------------------------------+--------------------------------------------+
+|            | Assignment operators                | ``=``, ``|=``, ``^=``, ``&=``, ``<<=``,    |
 |            |                                     | ``>>=``, ``+=``, ``-=``, ``*=``, ``/=``,   |
 |            |                                     | ``%=``                                     |
 +------------+-------------------------------------+--------------------------------------------+
-| *16*       | Comma operator                      | ``,``                                      |
+| *15*       | Comma operator                      | ``,``                                      |
 +------------+-------------------------------------+--------------------------------------------+
 
 .. index:: assert, block, coinbase, difficulty, number, block;number, timestamp, block;timestamp, msg, data, gas, sender, value, now, gas price, origin, revert, require, keccak256, ripemd160, sha256, ecrecover, addmod, mulmod, cryptography, this, super, selfdestruct, balance, send

diff --git a/docs/resources.rst b/docs/resources.rst
@@ -27,12 +27,15 @@ Solidity Integrations
     * `Remix <https://remix.ethereum.org/>`_
         Browser-based IDE with integrated compiler and Solidity runtime environment without server-side components.
 
-    * `Solium <https://github.com/duaraghav8/Solium/>`_
-        Linter to identify and fix style and security issues in Solidity.
-
     * `Solhint <https://github.com/protofire/solhint>`_
         Solidity linter that provides security, style guide and best practice rules for smart contract validation.
 
+    * `Solidity IDE <https://github.com/System-Glitch/Solidity-IDE>`_
+        Browser-based IDE with integrated compiler, Ganache and local file system support.
+
+    * `Solium <https://github.com/duaraghav8/Solium/>`_
+        Linter to identify and fix style and security issues in Solidity.
+
     * `Superblocks Lab <https://lab.superblocks.com/>`_
         Browser-based IDE. Built-in browser-based VM and Metamask integration (one click deployment to Testnet/Mainnet).
 
@@ -121,6 +124,9 @@ Solidity Tools
 * `EVM Lab <https://github.com/ethereum/evmlab/>`_
     Rich tool package to interact with the EVM. Includes a VM, Etherchain API, and a trace-viewer with gas cost display.
 
+* `Universal Mutator <https://github.com/agroce/universalmutator>`_
+    A tool for mutation generation, with configurable rules and support for Solidity and Vyper.
+
 .. note::
   Information like variable names, comments, and source code formatting is lost in the compilation process and it is not possible to completely recover the original source code. Decompiling smart contracts to view the original source code might not be possible, or the end result that useful.
 

diff --git a/docs/using-the-compiler.rst b/docs/using-the-compiler.rst
@@ -147,7 +147,7 @@ Input Description
 .. code-block:: none
 
     {
-      // Required: Source code language, such as "Solidity", "Vyper", "lll", "assembly", etc.
+      // Required: Source code language. Currently supported are "Solidity" and "Yul".
       "language": "Solidity",
       // Required
       "sources":
@@ -216,8 +216,12 @@ Input Description
             // It can only be activated through the details here.
             // This feature is still considered experimental.
             "yul": false,
-            // Future tuning options, currently unused.
-            "yulDetails": {}
+            // Tuning options for the Yul optimizer.
+            "yulDetails": {
+              // Improve allocation of stack slots for variables, can free up stack slots early.
+              // Activated by default if the Yul optimizer is activated.
+              "stackAllocation": true
+            }
           }
         },
         "evmVersion": "byzantium", // Version of the EVM to compile for. Affects type checking and code generation. Can be homestead, tangerineWhistle, spuriousDragon, byzantium, constantinople or petersburg
@@ -259,8 +263,9 @@ Input Description
         //   devdoc - Developer documentation (natspec)
         //   userdoc - User documentation (natspec)
         //   metadata - Metadata
-        //   ir - New assembly format before desugaring
-        //   evm.assembly - New assembly format after desugaring
+        //   ir - Yul intermediate representation of the code before optimization
+        //   irOptimized - Intermediate representation after optimization
+        //   evm.assembly - New assembly format
         //   evm.legacyAssembly - Old-style assembly format in JSON
         //   evm.bytecode.object - Bytecode object
         //   evm.bytecode.opcodes - Opcodes list
@@ -269,8 +274,8 @@ Input Description
         //   evm.deployedBytecode* - Deployed bytecode (has the same options as evm.bytecode)
         //   evm.methodIdentifiers - The list of function hashes
         //   evm.gasEstimates - Function gas estimates
-        //   ewasm.wast - eWASM S-expressions format (not supported atm)
-        //   ewasm.wasm - eWASM binary format (not supported atm)
+        //   ewasm.wast - eWASM S-expressions format (not supported at the moment)
+        //   ewasm.wasm - eWASM binary format (not supported at the moment)
         //
         // Note that using a using `evm`, `evm.bytecode`, `ewasm`, etc. will select every
         // target part of that output. Additionally, `*` can be used as a wildcard to request everything.