Changelog and test for the KeccakCaching bug

ethereum · Mar 22, 2021 · 9508d13 · 9508d13
1 parent e299117
commit 9508d13
Show file tree

Hide file tree

Showing 3 changed files with 31 additions and 4 deletions.
diff --git a/Changelog.md b/Changelog.md
@@ -19,6 +19,7 @@ Bugfixes:
  * SMTChecker: Fix internal error on calling public getter on a state variable of type array (possibly nested) of structs.
  * SMTChecker: Fix internal error on pushing to ``string`` casted to ``bytes``.
  * SMTChecker: Fix bug in virtual functions called by constructors.
+ * Optimizer: Fix bug on incorrect caching of keccak256 hashes.
 
 AST Changes:
  * ModifierInvocation: Add ``kind`` field which can be ``modifierInvocation`` or ``baseConstructorSpecifier``.

diff --git a/test/libevmasm/Optimiser.cpp b/test/libevmasm/Optimiser.cpp
@@ -615,12 +615,17 @@ BOOST_AUTO_TEST_CASE(cse_keccak256_twice_same_content)
 		Instruction::MSTORE,
 		u256(0x20),
 		Instruction::SWAP1,
+		Instruction::DUP2,
+		Instruction::SWAP1,
 		Instruction::KECCAK256,
 		u256(12),
-		Instruction::DUP3,
-		Instruction::SWAP1,
+		Instruction::DUP4,
+		Instruction::DUP2,
 		Instruction::MSTORE,
-		Instruction::DUP1
+		Instruction::SWAP2,
+		Instruction::SWAP1,
+		Instruction::SWAP2,
+		Instruction::KECCAK256
 	});
 }
 
@@ -682,7 +687,7 @@ BOOST_AUTO_TEST_CASE(cse_keccak256_twice_same_content_noninterfering_store_in_be
 	// if this changes too often, only count the number of SHA3 and MSTORE instructions
 	AssemblyItems output = CSE(input);
 	BOOST_CHECK_EQUAL(4, count(output.begin(), output.end(), AssemblyItem(Instruction::MSTORE)));
-	BOOST_CHECK_EQUAL(1, count(output.begin(), output.end(), AssemblyItem(Instruction::KECCAK256)));
+	BOOST_CHECK_EQUAL(2, count(output.begin(), output.end(), AssemblyItem(Instruction::KECCAK256)));
 }
 
 BOOST_AUTO_TEST_CASE(cse_with_initially_known_stack)

diff --git a/test/libsolidity/semanticTests/builtinFunctions/keccak256_optimizer_bug.sol b/test/libsolidity/semanticTests/builtinFunctions/keccak256_optimizer_bug.sol
@@ -0,0 +1,21 @@
+contract C {
+  uint[] data;
+
+  function val() public returns (bool){
+    assembly {
+        sstore(0, 2)
+        mstore(0, 0)
+        sstore(keccak256(0, 32), 234)
+        // A bug in the caching mechanism previously caused keccak256(0, 23) to be the same as
+        // keccak256(0, 32), leading `data[1] == 123` being true.
+        sstore(add(keccak256(0, 23), 1), 123)
+    }
+    assert(data[1] != 123);
+    assert(data[1] == 0);
+    return true;
+  }
+}
+// ====
+// compileViaYul: also
+// ----
+// val() -> true