Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Scribble crashes in the presence of assingments from storage pointers to storage pointers #85

Closed
cd1m0 opened this issue Sep 30, 2021 · 1 comment · Fixed by #87
Closed
Assignees
Labels
bug Something isn't working

Comments

@cd1m0
Copy link
Collaborator

cd1m0 commented Sep 30, 2021

Consider the following sample:

contract Foo {
    struct S {
        uint[] arr;
    }

    function main(S storage v) private {
        S storage v1 = v;
    }
}

Running scribble (up to version 0.5.5) on this produces the following crash:

/home/dimo/work/consensys/scribble-clean/dist/instrumenter/state_vars.js:321
        throw new Error(`Unexpected RHS element ${__1.print(rhs)} in assignment to state var pointer`);
        ^

Error: Unexpected RHS element v in assignment to state var pointer
    at gatherRHSVars (/home/dimo/work/consensys/scribble-clean/dist/instrumenter/state_vars.js:321:15)
    at Object.findAliasedStateVars (/home/dimo/work/consensys/scribble-clean/dist/instrumenter/state_vars.js:350:26)
    at new InstrumentationContext (/home/dimo/work/consensys/scribble-clean/dist/instrumenter/instrumentation_context.js:231:38)
    at Object.<anonymous> (/home/dimo/work/consensys/scribble-clean/dist/bin/scribble.js:487:26)
    at Module._compile (internal/modules/cjs/loader.js:1015:30)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:1035:10)
    at Module.load (internal/modules/cjs/loader.js:879:32)
    at Function.Module._load (internal/modules/cjs/loader.js:724:14)
    at Function.executeUserEntryPoint [as runMain] (internal/modules/run_main.js:60:12)
    at internal/main/run_main_module.js:17:47

The issue is that the logic of this does not account for the case where the RHS of an assignment to a storage pointer is an Identifier, but its not a direct reference to a state var. This happens when the RHS is another storage pointer. (see code below):

    /**
     * Given a potentially complex RHS expression, return the list of
     * state variable declarations that it may alias
     */
    const gatherRHSVars = (rhs: Expression): VariableDeclaration[] => {
        if (isStateVarRef(rhs)) { // <-- This check needs to handle all Identifiers
            return [rhs.vReferencedDeclaration as VariableDeclaration];
        }

...
        throw new Error(`Unexpected RHS element ${print(rhs)} in assignment to state var pointer`);
    };
@cd1m0 cd1m0 self-assigned this Sep 30, 2021
cd1m0 added a commit that referenced this issue Sep 30, 2021
@cd1m0 cd1m0 added the bug Something isn't working label Sep 30, 2021
cd1m0 added a commit that referenced this issue Sep 30, 2021
@cd1m0
Copy link
Collaborator Author

cd1m0 commented Sep 30, 2021

Fixed with #87

@cd1m0 cd1m0 closed this as completed Sep 30, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

Successfully merging a pull request may close this issue.

1 participant