From 5e9dbe82c798c2e48051b5976a459cec6c700385 Mon Sep 17 00:00:00 2001
From: smtmfft <99081233+smtmfft@users.noreply.github.com>
Date: Mon, 17 Jun 2024 18:18:28 +0800
Subject: [PATCH] fix(raiko): unsafe align vec to avoid unalign mem access
 (#291)

* fix(raiko): unsafe align vec to avoid unalign mem access

Signed-off-by: qcloud <ubuntu@localhost.localdomain>

* Update lib/src/protocol_instance.rs

Co-authored-by: Brecht Devos <Brechtp.Devos@gmail.com>

* refine rpc error

Signed-off-by: smtmfft <smtm@taiko.xyz>

* fix ci

Signed-off-by: smtmfft <smtm@taiko.xyz>

---------

Signed-off-by: qcloud <ubuntu@localhost.localdomain>
Signed-off-by: smtmfft <smtm@taiko.xyz>
Co-authored-by: Brecht Devos <Brechtp.Devos@gmail.com>
---
 core/src/provider/rpc.rs     | 26 +++++++++++++-------------
 lib/src/protocol_instance.rs | 21 ++++++++++++++++++---
 2 files changed, 31 insertions(+), 16 deletions(-)

diff --git a/core/src/provider/rpc.rs b/core/src/provider/rpc.rs
index 47789fc62..623d7f5c6 100644
--- a/core/src/provider/rpc.rs
+++ b/core/src/provider/rpc.rs
@@ -71,9 +71,9 @@ impl BlockDataProvider for RpcBlockDataProvider {
             // Collect the data from the batch
             for request in requests {
                 blocks.push(
-                    request
-                        .await
-                        .map_err(|_| RaikoError::RPC("Error collecting request data".to_owned()))?,
+                    request.await.map_err(|e| {
+                        RaikoError::RPC(format!("Error collecting request data: {e}"))
+                    })?,
                 );
             }
 
@@ -142,14 +142,14 @@ impl BlockDataProvider for RpcBlockDataProvider {
                 .zip(code_requests.into_iter())
             {
                 let (nonce, balance, code) = (
-                    nonce_request.await.map_err(|_| {
-                        RaikoError::RPC("Failed to collect nonce request".to_owned())
+                    nonce_request.await.map_err(|e| {
+                        RaikoError::RPC(format!("Failed to collect nonce request: {e}"))
                     })?,
-                    balance_request.await.map_err(|_| {
-                        RaikoError::RPC("Failed to collect balance request".to_owned())
+                    balance_request.await.map_err(|e| {
+                        RaikoError::RPC(format!("Failed to collect balance request: {e}"))
                     })?,
-                    code_request.await.map_err(|_| {
-                        RaikoError::RPC("Failed to collect code request".to_owned())
+                    code_request.await.map_err(|e| {
+                        RaikoError::RPC(format!("Failed to collect code request: {e}"))
                     })?,
                 );
 
@@ -203,9 +203,9 @@ impl BlockDataProvider for RpcBlockDataProvider {
             // Collect the data from the batch
             for request in requests {
                 values.push(
-                    request
-                        .await
-                        .map_err(|_| RaikoError::RPC("Error collecting request data".to_owned()))?,
+                    request.await.map_err(|e| {
+                        RaikoError::RPC(format!("Error collecting request data: {e}"))
+                    })?,
                 );
             }
 
@@ -305,7 +305,7 @@ impl BlockDataProvider for RpcBlockDataProvider {
             for request in requests {
                 let mut proof = request
                     .await
-                    .map_err(|_| RaikoError::RPC("Error collecting request data".to_owned()))?;
+                    .map_err(|e| RaikoError::RPC(format!("Error collecting request data: {e}")))?;
                 idx += proof.storage_proof.len();
                 if let Some(map_proof) = storage_proofs.get_mut(&proof.address) {
                     map_proof.storage_proof.append(&mut proof.storage_proof);
diff --git a/lib/src/protocol_instance.rs b/lib/src/protocol_instance.rs
index e61d9bfa0..2a0595f43 100644
--- a/lib/src/protocol_instance.rs
+++ b/lib/src/protocol_instance.rs
@@ -1,11 +1,12 @@
+use super::utils::ANCHOR_GAS_LIMIT;
 use alloy_consensus::Header as AlloyConsensusHeader;
 use alloy_primitives::{Address, TxHash, B256};
 use alloy_sol_types::SolValue;
 use anyhow::{ensure, Result};
 use c_kzg::{Blob, KzgCommitment, KzgSettings};
 use sha2::{Digest as _, Sha256};
+use std::alloc::{alloc, Layout};
 
-use super::utils::ANCHOR_GAS_LIMIT;
 #[cfg(not(feature = "std"))]
 use crate::no_std::*;
 use crate::{
@@ -40,8 +41,21 @@ impl ProtocolInstance {
                 input.taiko.tx_blob_hash.unwrap()
             } else {
                 println!("kzg check enabled!");
-                let mut data = Vec::from(KZG_TRUST_SETUP_DATA);
-                let kzg_settings = KzgSettings::from_u8_slice(&mut data);
+                let data_size = KZG_TRUST_SETUP_DATA.len();
+                let aligned_data_size = (data_size + 3) / 4 * 4;
+                let layout = Layout::from_size_align(aligned_data_size, 4).unwrap();
+                // Allocate aligned memory
+                let raw_ptr = unsafe { alloc(layout) as *mut u8 };
+                if raw_ptr.is_null() {
+                    panic!("Failed to allocate memory with aligned pointer");
+                }
+                // Convert to a Vec (unsafe because we are managing raw memory)
+                let mut aligned_vec =
+                    unsafe { Vec::from_raw_parts(raw_ptr, data_size, aligned_data_size) };
+                // Copy data into aligned_vec
+                aligned_vec.copy_from_slice(KZG_TRUST_SETUP_DATA);
+
+                let kzg_settings = KzgSettings::from_u8_slice(&mut aligned_vec);
                 let kzg_commit = KzgCommitment::blob_to_kzg_commitment(
                     &Blob::from_bytes(input.taiko.tx_data.as_slice())
                         .expect("Fail to form blob from tx bytes"),
@@ -54,6 +68,7 @@ impl ProtocolInstance {
                     input.taiko.tx_blob_hash.unwrap(),
                     "Blob version hash not matching"
                 );
+                drop(aligned_vec);
                 versioned_hash
             }
         } else {