feat: improve handling of u32 operations #1480
Merged
Commits on Sep 7, 2024
-
feat: raise execution error on invalid u32 op inputs
This commit modifies the way we handle invalid inputs to u32 operations. The behavior being modified here is documented as undefined, so is not a breaking change, and as you will see, should be an improvement in developer experience. Previously, virtually all of the u32 operations whose implementations rely on the operands being valid u32 values, would simply cause the VM to panic if that assumption was violated in an egregious enough fashion, namely if the operands happened to be large enough to cause the equivalent operation on u64 operands to fail. While somewhat limited in impact in practice, this is quite painful if you have a bug in your program that causes a very large value to be used as an operand to a u32 operation. Not only would this bring the entire VM down, it would also prevent you from identifying _why_ it failed, even if stepping cycle-by-cycle. This primarily impacts the arithmetic operators, but really just depends on how a given instruction is implemented. More problematic, in my opinion, is that while the behavior of the u32 operations with invalid u32 operands is documented as undefined, we were relying on the undocumented behavior of the VM in various places, notably in the implementations of some of the more complex bitwise operations, e.g. clz/clo/rotr. As a result, if we were to ever change that undocumented behavior, subtle bugs could be introduced. In this case, we're making the behavior more strict, so we're immediately made aware that these operations are broken (and thus, fix them), but we could have easily done something different that would not have been so easy to detect. This commit specifically makes most of the u32 ops raise an execution error if an invalid u32 operand is given to them. This does _not_ make these checked operations in terms of the VM constraints, but it does make them behave like checked operations, in so far as they will cause the VM to trap if an invalid operand is used. This stricter behavior makes you aware immediately when your program relies on undefined behavior, and forces you to handle it properly.
-
-
-
-
-
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.