search

SealSC / SealEVM

An independent EVM implementation that can easily adapt to any blockchain system.
Apache License 2.0
16 stars 6 forks source link

The `EXP` opcode in SealEVM causes the EVM execution to hang #31

Closed Alleysira closed 3 weeks ago

Alleysira commented 3 weeks ago

Hello @AKACoder, I found another opcode bug in the SealEVM repository at https://github.com/SealSC/SealEVM/blob/1ee9b6d4149aa32d3d079a1b0e6dc9f71f60700c/evmInt256/evmInt256.go#L213-L216

Thanks for your time and patience!

Bug description

When executing the opcode 0x0a EXP, SealEVM will wait forever without outputting result.

Source

Check the implementation in SealEVM at:

https://github.com/SealSC/SealEVM/blob/1ee9b6d4149aa32d3d079a1b0e6dc9f71f60700c/instructions/arithmetic.go#L176-L194

and in the function Exp implementation at:

https://github.com/SealSC/SealEVM/blob/1ee9b6d4149aa32d3d079a1b0e6dc9f71f60700c/evmInt256/evmInt256.go#L213-L216

It seems that the execution of this line fails:

    i.Int.Exp(i.Int, e.Int, nil)

How to reproduce

Set deployed bytecode

Simply pull the latest version of the SealEVM and enter the example dir.

git clone https://github.com/SealSC/SealEVM.git
cd example

Change the var deployCode in example/code.go to bytecode 6ce1fd12a42ec6dc66e9702e565a6f6ed801f2f2984c5805d1b92423f24d720a60005260406000f3

 var deployCode, _ = hex.DecodeString("6ce1fd12a42ec6dc66e9702e565a6f6ed801f2f2984c5805d1b92423f24d720a60005260406000f3")

Where 6ce1fd12a42ec6dc66e9702e565a6f6ed801f2f2984c5805d1b92423f24d720a60005260406000f3 are the opcodes as shown below:

PUSH13 e1fd12a42ec6dc66e9702e565a
PUSH16 6ed801f2f2984c5805d1b92423f24d72
EXP
PUSH1 00
MSTORE
PUSH1 40
PUSH1 00
RETURN

Result

cd example
go build -o sealevm
./sealevm

You can see that the SealEVM stucks and return nothing .

alleysira@LAPTOP-GOVN7GRV:~/poc-sealevm/SealEVM/example$ go build -o sealevm
alleysira@LAPTOP-GOVN7GRV:~/poc-sealevm/SealEVM/example$ ./sealevm

But if I change the module in Exp() in evmInt256.go to another number, for example:

    i.Int.Exp(i.Int, e.Int, e.Int)

The opcode EXP can be executed successfully.

alleysira@LAPTOP-GOVN7GRV:~/poc-sealevm/SealEVM/example$ ./sealevm
counter:
counter:

Here is the result from geth/evm 1.14.9-unstable-6eb42a6b-20240815. Geth and other EVM returned 0.

// geth
{"pc":0,"op":108,"gas":"0xffffff","gasCost":"0x3","memSize":0,"stack":[],"depth":1,"refund":0,"opName":"PUSH13"}
{"pc":14,"op":111,"gas":"0xfffffc","gasCost":"0x3","memSize":0,"stack":["0xe1fd12a42ec6dc66e9702e565a"],"depth":1,"refund":0,"opName":"PUSH16"}
{"pc":31,"op":10,"gas":"0xfffff9","gasCost":"0x294","memSize":0,"stack":["0xe1fd12a42ec6dc66e9702e565a","0x6ed801f2f2984c5805d1b92423f24d72"],"depth":1,"refund":0,"opName":"EXP"}
{"pc":32,"op":96,"gas":"0xfffd65","gasCost":"0x3","memSize":0,"stack":["0x0"],"depth":1,"refund":0,"opName":"PUSH1"}
{"pc":34,"op":82,"gas":"0xfffd62","gasCost":"0x6","memSize":0,"stack":["0x0","0x0"],"depth":1,"refund":0,"opName":"MSTORE"}
{"pc":35,"op":96,"gas":"0xfffd5c","gasCost":"0x3","memory":"0x0000000000000000000000000000000000000000000000000000000000000000","memSize":32,"stack":[],"depth":1,"refund":0,"opName":"PUSH1"}
{"pc":37,"op":96,"gas":"0xfffd59","gasCost":"0x3","memory":"0x0000000000000000000000000000000000000000000000000000000000000000","memSize":32,"stack":["0x40"],"depth":1,"refund":0,"opName":"PUSH1"}
{"pc":39,"op":243,"gas":"0xfffd56","gasCost":"0x3","memory":"0x0000000000000000000000000000000000000000000000000000000000000000","memSize":32,"stack":["0x40","0x0"],"depth":1,"refund":0,"opName":"RETURN"}
{"output":"00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000","gasUsed":"0x2ac"}

// SealEVM 
{"pc":0,"op":108,"gas":"0xfffffc","gasCost":"0x3","memory":"0x","stack":null,"opName":"PUSH13"}
{"pc":14,"op":111,"gas":"0xfffff9","gasCost":"0x3","memory":"0x","stack":["0xe1fd12a42ec6dc66e9702e565a"],"opName":"PUSH16"}
{"pc":31,"op":10,"gas":"0xffffef","gasCost":"0xa","memory":"0x","stack":["0xe1fd12a42ec6dc66e9702e565a","0x6ed801f2f2984c5805d1b92423f24d72"],"opName":"EXP"}
AKACoder commented 3 weeks ago

@Alleysira Thank you for your meticulous review and feedback. Your submitted issues have made SealEVM more robust!

Regarding the issues you mentioned this time, after carefully reading and testing the code, I also discovered many other boundary issues in mathematical calculations. All issues related to mathematical calculations, including the one you raised, have been fixed in this commit.

Welcome to continue following the development of SealEVM! Thanks♪(・ω・)ノ