fn run_call_pop_push_sload_stack_len<B: Backend>(compiler: &mut EvmCompiler<B>)Available on crate features
__fuzzing only.Expand description
Regression test for stale len.addr after POP, PUSH1(noop), SLOAD.
When a section contains POP (stores len = start-1), then a noop PUSH
(restores section_len_offset to 0 without storing), followed by a net-zero
builtin like SLOAD, the len.addr store was skipped because both
section_len_offset and diff were 0. This left len.addr stale at
start-1, causing the next section head to load an incorrect stack length.
The test pushes a marker value (0xBEEF) below the CALL arguments. After
resume, the sequence POP, PUSH1 5, SLOAD triggers the bug, then a
JUMP → JUMPDEST creates a new section that reloads len.addr. With the
bug, the stack length is off by 1, causing the marker to be read from the
wrong position.