fix(vm): use checked_mul and checked_add to avoid pre-check overflow#545
Open
MozirDmitriy wants to merge 1 commit intonexus-xyz:mainfrom
Open
fix(vm): use checked_mul and checked_add to avoid pre-check overflow#545MozirDmitriy wants to merge 1 commit intonexus-xyz:mainfrom
MozirDmitriy wants to merge 1 commit intonexus-xyz:mainfrom
Conversation
sjudson
suggested changes
Nov 26, 2025
Contributor
sjudson
left a comment
sjudson
left a comment
There was a problem hiding this comment.
The use of more checking is nice, but some minor stylistic quibbles.
| } | ||
|
|
||
| let end_address = address + values.len() as u32 * WORD_SIZE as u32; | ||
| let words_len_u32 = |
Contributor
There was a problem hiding this comment.
We freely swap between u32 and usize throughout the codebase, due to the fact that it is a RISC-V32 processor this is essentially always safe. So that's much cleaner and I'd recommend just doing the cast here.
| let end_address = address + values.len() as u32 * WORD_SIZE as u32; | ||
| let words_len_u32 = | ||
| u32::try_from(values.len()).map_err(|_| MemoryError::AddressCalculationOverflow)?; | ||
| let bytes_len = words_len_u32 |
Contributor
There was a problem hiding this comment.
You should be able to chain these cleanly using map_or_else.
SashaMalysehko
pushed a commit
to SashaMalysehko/nexus-zkvm
that referenced
this pull request
Dec 9, 2025
* Replace Reg1Accessed * Replace Reg2Accessed
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The previous overflow guard in vm/src/memory/paged_memory.rs::set_words() computed values.len() as u32 * WORD_SIZE as u32 prior to calling checked_add, allowing multiplication to overflow before the check and later recomputing end_address with unchecked addition. This change converts the word count to u32 with u32::try_from, then uses checked_mul to obtain the byte length and checked_add to compute end_address. The checked end_address is reused throughout the function, eliminating the unchecked recomputation. This ensures that any overflow during size or address calculations is caught and reported as MemoryError::AddressCalculationOverflow without relying on debug panics or release-mode wrapping.