Skip to content

fix: subtraction overflow computation bug#579

Merged
gbotrel merged 4 commits into
developfrom
fix/subtract-overflow-compute
Mar 16, 2023
Merged

fix: subtraction overflow computation bug#579
gbotrel merged 4 commits into
developfrom
fix/subtract-overflow-compute

Conversation

@ivokub
Copy link
Copy Markdown
Collaborator

@ivokub ivokub commented Mar 16, 2023

When we subtract a-b in field emulation then we instead do

d + a - b

The value d is padding and a multiple of emulated modulus. It is constructed in a way that d+a-b would never underflow the field (i.e. it is one bit longer than b and high bit always set). Previously I had set the estimated overflow for the subtraction result to be max(a.overflow, b.overflow+2), but this doesn't take into account that can overflow a. So correct would be max(a.overflow+1, b.overflow+2).

Now, as the overflow of the result is always monotonically larger than for the inputs (previously could have been overflow of a), then we ran into an infinite recursion. It happened because in modular reduction we compute difference of a-b using automatically reducing version of subtraction. To prevent this from happening, we decrease the maximal allowed overflow by one and use (newly implemented) non-reducing version of subtraction inside modular reduction.

ivokub added 3 commits March 16, 2023 16:40
@ivokub
feat: add subtraction without inline reduction
68dc12c
@ivokub
fix: count possible overflow due to subtraction padding
6e2b5e7 
Previously when estimating the maximal overflow for subtraction we only
considered the possible overflow caused by the subtraction padding and the
subtrahend. But actually as the padding may overflow the minuend we have to
also consider it.

Due to this, we also had to decrease the maximal possible overflow by one as
modular reduction uses subtraction as a subroutine.
@ivokub
test: update circuit statistics
ce1640a
@ivokub ivokub added the type: bug Something isn't working label Mar 16, 2023
@ivokub ivokub added this to the v0.9.0 milestone Mar 16, 2023
@ivokub ivokub requested a review from gbotrel March 16, 2023 15:46
@ivokub ivokub self-assigned this Mar 16, 2023
gbotrel
gbotrel approved these changes Mar 16, 2023
View reviewed changes
Copy link
Copy Markdown
Collaborator

@gbotrel gbotrel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

makes sense, however, I really want to get to this SMT solver thing, would help to identify these edge cases automatically.

@gbotrel gbotrel merged commit 0e81df4 into develop Mar 16, 2023
@gbotrel gbotrel deleted the fix/subtract-overflow-compute branch March 16, 2023 21:45
@ivokub
Copy link
Copy Markdown
Collaborator Author

ivokub commented Mar 16, 2023

makes sense, however, I really want to get to this SMT solver thing, would help to identify these edge cases automatically.

Yep, it would have been perfect here.

@yelhousni yelhousni mentioned this pull request Mar 17, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gbotrel gbotrel gbotrel approved these changes

Assignees

@ivokub ivokub

Labels

type: bug Something isn't working

Projects

None yet

Milestone

v0.9.0

Development

Successfully merging this pull request may close these issues.

2 participants

@ivokub @gbotrel