fix(test): assert exact T1 clock in DYNCALL overflow-addr regression test

amathxbt · amathxbt · commit e57cd437fd1c · 2026-03-30T12:33:34.000Z
Address huitseeker review comment #3006679141 (PR 0xMiden#2904 review 4027183231): the previous assert_ne!(recorded_overflow_addr, ZERO) passes even on the buggy path because both T1 and T2 are nonzero when there are ≥2 overflow entries. Fix: scan all PUSH rows that precede the DYNCALL row in the execution trace, take the second-to-last (T1 = clock of push(0)) and last (T2 = clock of push(HASH_ADDR)) rows, and assert that recorded_overflow_addr == T1. A sanity check asserts T2 == T1 + ONE (they are in the same 8-op group). This exact equality clearly distinguishes clk_after_pop_in_current_ctx() (returns T1) from the buggy last_update_clk_in_current_ctx() (returns T2). Also address adr1anh nit (review 4028964881, comment 3008362338): add the missing blank lines before #### Changes and #### Bug fixes in CHANGELOG.md.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,7 @@
 #### Bug Fixes
 
 - Reverted `InvokeKind::ProcRef` back to `InvokeKind::Exec` in `visit_mut_procref` and added an explanatory comment (#2893).
+
 #### Changes
 
 - [BREAKING] Sync execution and proving APIs now require `SyncHost`; async `Host`, `execute`, and `prove` remain available ([#2865](https://github.com/0xMiden/miden-vm/pull/2865)).
@@ -13,6 +14,7 @@
 - [BREAKING] Removed the deprecated `FastProcessor::execute_for_trace_sync()` and `execute_for_trace()` wrappers; use `execute_trace_inputs_sync()` or `execute_trace_inputs()` instead ([#2865](https://github.com/0xMiden/miden-vm/pull/2865)).
 - [BREAKING] Removed the deprecated unbound `TraceBuildInputs::new()` and `TraceBuildInputs::from_program()` constructors; use `execute_trace_inputs_sync()` or `execute_trace_inputs()` instead ([#2865](https://github.com/0xMiden/miden-vm/pull/2865)).
 - Added `prove_from_trace_sync(...)` for proving from pre-executed trace inputs ([#2865](https://github.com/0xMiden/miden-vm/pull/2865)).
+
 #### Bug fixes
 
 - Fixed `ExecutionTracer` DYNCALL stack-depth off-by-one at `MIN_STACK_DEPTH` ([#2813](https://github.com/0xMiden/miden-vm/issues/2813)).
diff --git a/processor/src/trace/tests/decoder.rs b/processor/src/trace/tests/decoder.rs
@@ -1076,17 +1076,39 @@ fn decoder_dyncall_with_multiple_overflow_entries_records_correct_overflow_addr(
         "parent_stack_depth should be 17 (= pre-DYNCALL depth 18 minus 1)"
     );
 
-    // There are 2 overflow entries at DYNCALL time (clocks T1 < T2).
-    // clk_after_pop_in_current_ctx() returns T1 (the second-to-last entry's clock).
+    // Independently determine T1 (clock of push(0)) and T2 (clock of push(HASH_ADDR)) by
+    // scanning the trace for all PUSH rows that appear before the DYNCALL row.
+    //
+    // The preamble BasicBlockNode contains 8 ops in order:
+    //   [push(HASH_ADDR), mstorew, drop×4, push(0), push(HASH_ADDR)]
+    // All 8 fit in a single op-group, so they run at consecutive clocks within the span.
+    // The last two PUSH rows before DYNCALL are therefore:
+    //   push_rows[n-2] → push(0)        at clock T1
+    //   push_rows[n-1] → push(HASH_ADDR) at clock T2 = T1 + 1
+    let push_opcode = Felt::from_u8(opcodes::PUSH);
+    let push_rows_before_dyncall: Vec<_> = main
+        .row_iter()
+        .filter(|&i| i < dyncall_row && main.get_op_code(i) == push_opcode)
+        .collect();
+    let n = push_rows_before_dyncall.len();
+    assert!(n >= 2, "expected at least 2 PUSH rows before DYNCALL, found {n}");
+    let t1_row = push_rows_before_dyncall[n - 2]; // push(0) → overflow[0]
+    let t2_row = push_rows_before_dyncall[n - 1]; // push(HASH_ADDR) → overflow[1]
+    let t1 = main.clk(t1_row);
+    let t2 = main.clk(t2_row);
+    // Sanity: push(0) and push(HASH_ADDR) execute at consecutive clocks in the same op-group.
+    assert_eq!(t2, t1 + ONE, "push(0) and push(HASH_ADDR) must be at consecutive clocks");
+
+    // clk_after_pop_in_current_ctx() returns T1 (the second-to-last overflow entry's clock).
     // The buggy last_update_clk_in_current_ctx() would return T2 (the top entry's clock).
-    // Both T1 and T2 are nonzero (pushed during program execution, not at clock 0).
-    // Asserting ≠ ZERO verifies we got the correct second-to-last clock, not ZERO (which
-    // would indicate no overflow entry remained after the pop).
-    assert_ne!(
-        recorded_overflow_addr, ZERO,
-        "parent_next_overflow_addr must be the second-to-last overflow entry's clock \
-         (nonzero); ZERO would indicate either a missing overflow entry or the buggy \
-         last_update_clk_in_current_ctx() path when there is only 1 entry"
+    // Asserting exact equality with T1 (not just != ZERO) distinguishes the two code paths
+    // even when both T1 and T2 are nonzero.
+    assert_eq!(
+        recorded_overflow_addr,
+        t1,
+        "parent_next_overflow_addr must equal T1 (second-to-last overflow clock = {t1}); \
+         T2 (top overflow clock = {t2}) would indicate the buggy \
+         last_update_clk_in_current_ctx() path"
     );
 }
 
