fix(boojum): handling zero mod in modmul for UInt256

matter-labs · Oct 11, 2024 · ca1c9a0 · ca1c9a0
1 parent 8b62c63
commit ca1c9a0
Showing 1 changed file with 8 additions and 1 deletion.
diff --git a/crates/boojum/src/gadgets/u256/mod.rs b/crates/boojum/src/gadgets/u256/mod.rs
@@ -383,7 +383,11 @@ impl<F: SmallField> UInt256<F> {
 
         let product = a.full_mul(b);
 
-        let (q, r) = product.div_mod(m.into());
+        let (q, r) = match m.is_zero() {
+            true => (U512::zero(), U512::zero()),
+            false => product.div_mod(m.into()),
+        };
+
         let q: U256 = q.try_into().unwrap();
         let r: U256 = r.try_into().unwrap();
 
@@ -394,7 +398,10 @@ impl<F: SmallField> UInt256<F> {
         let bool_true = Boolean::allocated_constant(cs, true);
         Boolean::enforce_equal(cs, &m_greater_than_r, &bool_true);
 
+        let mod_is_zero = Boolean::allocate(cs, m.is_zero());
         let lhs = self.widening_mul(cs, other, 8, 8);
+        let zero = UInt512::zero(cs);
+        let lhs = UInt512::conditionally_select(cs, mod_is_zero, &lhs, &zero);
 
         let rhs = q.widening_mul(cs, &modulo, 8, 8);
         let r_u512 = r.to_u512(cs);