Incorrect SSA for indirect call to function modifying global state #434

aaronyoo · 2020-04-09T00:50:34Z

SSA doesn't track global state modification through indirect call. Consider the following two test cases, one performs the correct behavior but the other doesn't. I have attached screenshots of the resulting SSA IR in graph form

Correct:

pragma solidity >=0.4.16 <0.7.0;
contract Contract {
    int public a;
    function f() public {
        e();
        a += 1;
    }

    function e() public {
        a -= 1;
    }
}

Incorrect:

pragma solidity >=0.4.16 <0.7.0;
pragma solidity >=0.4.16 <0.7.0;
contract Contract {
    int public a;
    function f() public {
        g();
        a += 1;
    }

    function e() public {
        a -= 1;
    }

    function g() public {
        e();
    }
}

The correct version uses a phi node to track the alteration to global state through the function call. However, when we add one more layer of indirection, it no longer tracks that alteration.

The text was updated successfully, but these errors were encountered:

montyly added the bug Something isn't working label Apr 17, 2020

ESultanik mentioned this issue Mar 11, 2022

SSA IR fix phi handling #1102

Draft

hbrodin added a commit that referenced this issue Mar 17, 2022

Adding tests for issues #434 and #473

261a41a

bsamuels453 mentioned this issue Mar 6, 2023

[Draft] SSA IR Fix Phi Handling #1715

Closed

0xalpharush added the ir label Mar 16, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Incorrect SSA for indirect call to function modifying global state #434

Incorrect SSA for indirect call to function modifying global state #434

aaronyoo commented Apr 9, 2020

Incorrect SSA for indirect call to function modifying global state #434

Incorrect SSA for indirect call to function modifying global state #434

Comments

aaronyoo commented Apr 9, 2020

Correct:

Incorrect: