Skip to content

Feature: Mark assembly blocks as memory-safe #545

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 37 commits into from
Jun 30, 2023
Merged

Feature: Mark assembly blocks as memory-safe #545

merged 37 commits into from
Jun 30, 2023

Conversation

mmv08
Copy link
Contributor

@mmv08 mmv08 commented Apr 6, 2023
edited
Loading

This PR:

Note:
The tests where we expect a certain return value fail with 0.8.x due to Hardhat being unable to parse the error message. The tests pass fine with 0.76.

@mmv08 mmv08 requested review from rmeissner and Uxio0 April 6, 2023 11:49
@coveralls
Copy link

coveralls commented Apr 6, 2023
edited by github-actions bot
Loading

Pull Request Test Coverage Report for Build 5346514267

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 94.2%
Totals Coverage Status
Change from base Build 5292680041: 0.0%
Covered Lines: 315
Relevant Lines: 330
💛 - Coveralls

@mmv08 mmv08 requested a review from akshay-ap April 6, 2023 11:51
@mmv08 mmv08 force-pushed the feat/memory-safe-assembly branch from 0bc76e6 to c55691a Compare April 6, 2023 12:21
@mmv08 mmv08 force-pushed the feat/memory-safe-assembly branch from d05b3f0 to 3ae2bde Compare May 2, 2023 14:57
@mmv08 mmv08 marked this pull request as ready for review May 2, 2023 15:12
rmeissner
rmeissner approved these changes May 16, 2023
View reviewed changes
contracts/base/FallbackManager.sol
// memory is used, therefore we need to guarantee memory safety (keeping the free memory point 0x40 slot intact,
// not going beyond the scratch space, etc)
// Solidity docs: https://docs.soliditylang.org/en/latest/assembly.html#memory-safety
function allocate(length) -> pos {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we know if this increases the gas usage?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tested it on this test:

        it.only("sends along msg.sender on simple call", async () => {
            const { safe, mirror } = await setupWithTemplate();
            // Setup Safe
            await safe.setup([user1.address, user2.address], 1, AddressZero, "0x", mirror.address, AddressZero, 0, AddressZero);

            const tx = {
                to: safe.address,
                data: mirror.interface.encodeFunctionData("lookAtMe"),
            };
            // Check that mock works as handler
            const response = await user1.call(tx);
            expect(response).to.be.eq(
                "0x" +
                    "0000000000000000000000000000000000000000000000000000000000000020" +
                    "0000000000000000000000000000000000000000000000000000000000000018" +
                    "7f8dc53c" +
                    user1.address.slice(2).toLowerCase() +
                    "0000000000000000",
            );
            console.log(`Gas used: ${await user1.estimateGas(tx)}`);
        });

0.7.6, no optimiser, no allocation: 31940

0.7.6, no optimiser, with allocation: 32160

0.8.19, 1m optimiser runs, no allocation: can’t compile
0.8.19, 1m optimiser runs, with allocation: 32527


Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So yes, it does increase the gas used

contracts/common/StorageAccessible.sol Outdated
mstore(0x20, returndatasize())
returndatacopy(0x40, 0, returndatasize())
revert(0, add(returndatasize(), 0x40))
let freeMemoryPtr := mload(0x40)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could we align the variable names withe the other section where we have this code?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Adjusted

@mmv08 mmv08 force-pushed the feat/memory-safe-assembly branch from 908b586 to 11e3459 Compare May 16, 2023 12:59
mmv08 and others added 13 commits May 26, 2023 19:40
@mmv08
Remove gasleft in setupModules, add erc4337 compatibility test
f8bd215
@mmv08
Fix typechecking in test files (#573)
f77dfce
@mmv08
verify that guard can only be updated through setGuard
9cbdaa6
@mmv08
Verify functions that may change the fallback handler address (#566)
1b25deb
@mmv08
Add an invariant for singleton address (#565)
f37e0ed
@mmv08
Add an optimistic assumption about DELEGATECALL, update nonce monoton…
80ced58 
…icity rule (#574)
@mmv08
Pump version to 1.4.1 (#579)
13a5d89
@mmv08
Formal verification: native token balance updates (#582)
36a07fe 
* Add an optimistic assumption about DELEGATECALL, update nonce monotonicity rule

* Add a rule for token balance

* Add more rules for native token balance transition
@rmeissner
Fix addresses for 1.4.1 in changelog (#590)
1ed486b
@mmv08
Fix certora CI action
7e46388
@mmv08
Merge pull request #591 from safe-global/fix/certora-ci
eec5ebc 
Fix: Certora CI action
@mmv08
Formal verification: No message can be signed through the core contra…
bf943f8 
…ct (#583)

* Add a rule for no signed messages

* Add a rule for no signed messages
Merge branch 'main' of github.com:safe-global/safe-contracts into fea…
930478f 
…t/memory-safe-assembly
@github-actions
Copy link

CLA Assistant Lite bot:
Thank you for your submission, we really appreciate it. Like many open-source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution. You can sign the CLA by just posting a Pull Request Comment same as the below format.

I have read the CLA Document and I hereby sign the CLA

1 out of 2 committers have signed the CLA.
@mmv08
@mikhail Mikheev
Mikhail Mikheev seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
You can retrigger this bot by commenting recheck in this Pull Request

@mmv08 mmv08 force-pushed the feat/memory-safe-assembly branch 3 times, most recently from 802eadc to 27c87d4 Compare June 22, 2023 14:02
@mmv08 mmv08 force-pushed the feat/memory-safe-assembly branch from 27c87d4 to 1a0d70c Compare June 22, 2023 14:03
@mmv08 mmv08 changed the base branch from main to release/v1.5.0 June 30, 2023 13:29
@mmv08 mmv08 added this to the Version 1.5.0 milestone Jun 30, 2023
@mmv08 mmv08 merged commit 56f49e6 into release/v1.5.0 Jun 30, 2023
@mmv08 mmv08 deleted the feat/memory-safe-assembly branch June 30, 2023 13:30
@github-actions github-actions bot locked and limited conversation to collaborators Jun 30, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@rmeissner rmeissner rmeissner approved these changes

@Uxio0 Uxio0 Awaiting requested review from Uxio0

@akshay-ap akshay-ap Awaiting requested review from akshay-ap

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
Version 1.5.0
Development

Successfully merging this pull request may close these issues.

Enabling yul optimizer and viaIR causes stack too deep error using Solidity 0.8.19
6 participants
@mmv08 @coveralls @rmeissner @teryanarmen @Uxio0 @frangio