From ca1c9a084c2f08268e28d6e3cd38b04dd63d3dc9 Mon Sep 17 00:00:00 2001
From: Nikita Masych <nikitamasich152@gmail.com>
Date: Fri, 11 Oct 2024 17:15:35 +0300
Subject: [PATCH] fix(boojum): handling zero mod in modmul for UInt256

---
 crates/boojum/src/gadgets/u256/mod.rs | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/crates/boojum/src/gadgets/u256/mod.rs b/crates/boojum/src/gadgets/u256/mod.rs
index 7326ecb..7e617d8 100644
--- a/crates/boojum/src/gadgets/u256/mod.rs
+++ b/crates/boojum/src/gadgets/u256/mod.rs
@@ -383,7 +383,11 @@ impl<F: SmallField> UInt256<F> {
 
         let product = a.full_mul(b);
 
-        let (q, r) = product.div_mod(m.into());
+        let (q, r) = match m.is_zero() {
+            true => (U512::zero(), U512::zero()),
+            false => product.div_mod(m.into()),
+        };
+
         let q: U256 = q.try_into().unwrap();
         let r: U256 = r.try_into().unwrap();
 
@@ -394,7 +398,10 @@ impl<F: SmallField> UInt256<F> {
         let bool_true = Boolean::allocated_constant(cs, true);
         Boolean::enforce_equal(cs, &m_greater_than_r, &bool_true);
 
+        let mod_is_zero = Boolean::allocate(cs, m.is_zero());
         let lhs = self.widening_mul(cs, other, 8, 8);
+        let zero = UInt512::zero(cs);
+        let lhs = UInt512::conditionally_select(cs, mod_is_zero, &lhs, &zero);
 
         let rhs = q.widening_mul(cs, &modulo, 8, 8);
         let r_u512 = r.to_u512(cs);