Was this helpful?
Submitted on Jan 7th 2025 at 09:19:54 UTC by @anatomist for
Report ID: #38581
Report Type: Smart Contract
Report severity: Insight
Target: https://github.com/vyperlang/vyper
Impacts:
(Compiler) Unexpected behavior
Codegen errors
During codegen stage, Vyper compiler does a incorrect unwrap to constant Bytes and String variables, later causing the compiler to panic.
While parsing Name and Attribute expressions in codegen stage, if the referenced variable is mark as a constant, then Expr.parse_value_expr will be called to directly setup IRnode from the expression assigned to the constant variable.
After the IRnode is initialized, it calls unwrap_location to unwrap the variable to its value (as opposed to a pointer).
The constant Bytes / String is initialized by Expr._make_bytelike, and their IR node location will be set to MEMORY. Therefore, if a constant Bytes / String is provided to Expr.parse_Name, an incorrect IRnode will be generated, as there is no valid reason to directly unwrap a Bytes / String into single value.
Fortunately, the incorrect unwraps will never make it's way into compiled bytecodes. unwrap_location will clean up the .location field of IRnode, and any access to the Bytes / String variable will either call bytes_data_ptr or get_bytearray_length. Both will panic if the variable passed to them does not have .location field.
Compiler panics when it shouldn't.
https://github.com/vyperlang/vyper/blob/a29b49d422f6979be2b9c6c80aa583a60b1ccb7f/vyper/codegen/expr.py#L197 https://github.com/vyperlang/vyper/blob/a29b49d422f6979be2b9c6c80aa583a60b1ccb7f/vyper/codegen/expr.py#L820
