Skip to content

fix(batch-prover): guard against empty commitments slice in PartitionState::new#3228

Open
amathxbt wants to merge 2 commits into
chainwayxyz:nightlyfrom
amathxbt:fix/partition-state-empty-commitments-panic
Open

fix(batch-prover): guard against empty commitments slice in PartitionState::new#3228
amathxbt wants to merge 2 commits into
chainwayxyz:nightlyfrom
amathxbt:fix/partition-state-empty-commitments-panic

Conversation

@amathxbt

@amathxbt amathxbt commented Apr 30, 2026

Copy link
Copy Markdown

Summary

PartitionState::new indexes commitments[0] unconditionally on the very first line of the function body. If an empty slice is ever passed (e.g. through a future call site or a test), the process panics with an index-out-of-bounds error rather than returning a descriptive Err.

Bug

pub fn new(
    commitments: &'a [SequencerCommitment],
    ledger_db: impl BatchProverLedgerOps,
) -> anyhow::Result<Self> {
    // panics if commitments is empty ↓
    let start_l2_height = if commitments[0].index == 1 {

There is no compile-time guarantee (e.g. NonEmpty) nor any runtime check that commitments is non-empty before this access.

Fix

Add an anyhow::ensure! at the top of the constructor so the invariant is enforced explicitly and the caller receives a clean Err instead of a panic:

pub fn new(
    commitments: &'a [SequencerCommitment],
    ledger_db: impl BatchProverLedgerOps,
) -> anyhow::Result<Self> {
    anyhow::ensure!(!commitments.is_empty(), "commitments slice must not be empty");
    let start_l2_height = if commitments[0].index == 1 {

Files changed

  • crates/batch-prover/src/partition.rs

@amathxbt
fix(batch-prover): guard against empty commitments slice in Partition…
ba1bbf1 
…State::new

PartitionState::new indexed commitments[0] unconditionally, which would
cause an out-of-bounds panic if an empty slice was passed. While callers
currently never pass an empty slice, there was no compile-time or
runtime enforcement of that invariant.

Fix: add an anyhow::ensure! at the top of the constructor so the
function returns a descriptive Err instead of panicking.
@amathxbt amathxbt requested a review from a team as a code owner April 30, 2026 09:36
@auto-assign auto-assign Bot requested a review from ercecan April 30, 2026 09:36
@amathxbt amathxbt requested a review from jfldde April 30, 2026 10:06
@amathxbt

amathxbt commented May 6, 2026

Copy link
Copy Markdown
Author

@jfldde @eyusufatik — this PR is approved and ready. No lint issues found. Pinging for merge.

@amathxbt amathxbt mentioned this pull request May 10, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ercecan ercecan Awaiting requested review from ercecan

@jfldde jfldde Awaiting requested review from jfldde

At least 2 approving reviews are required to merge this pull request.

Assignees

@amathxbt amathxbt

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@amathxbt @jfldde