Why jumping into an instruction even if containing a JUMPDEST does not work?

313 views Asked by At

Here’s my whole program. The reasoning behind it is the larger is the program on Ethereum, the more it costs money to load it (as the gas cost is per byte and quite high).

CALLER
CALLDATASIZE
ISZERO
PUSH1 0x07
JUMPI
PUSH3 0x5b6000
SSTORE

So I’m jumping into PUSH3 0x5b6000 but if we disassemble 0x5b6000 then it means

JUMPDEST
PUSH1 0x00

So since the evm opcode encoding is fully variable length (and all instructions being one byte long beside PUSHxx) and I’m jumping into a JUMPDEST, why does this transaction fails?

Where is it specified in the yellow paper that going to a JUMPDEST isn’t the only requirement for a valid jump destination?

1

There are 1 answers

0
raugfer On

I am not sure about which version of the yellow paper was available when this question was originally asked, but here is an excerpt from page 13 of the Istanbul version:

9.4.3. Jump Destination Validity. We previously used D as the function to determine the set of valid jump destinations given the code that is being run. We define this as any position in the code occupied by a JUMPDEST instruction.

All such positions must be on valid instruction boundaries, rather than sitting in the data portion of PUSH operations and must appear within the explicitly defined portion of the code (rather than in the implicitly defined STOP operations that trail it).

And here is the geth source location for the code that implements an anasysis for this.