diff --git a/.noir-sync-commit b/.noir-sync-commit index 82636873ad6..d995cb8c0aa 100644 --- a/.noir-sync-commit +++ b/.noir-sync-commit @@ -1 +1 @@ -38eeee39a98a62747dcca3b31b409151761d4ef1 +b7ace682af1ab8a43308457302f08b151af342db diff --git a/noir-projects/aztec-nr/aztec/src/context/private_context.nr b/noir-projects/aztec-nr/aztec/src/context/private_context.nr index d5b4de035df..48d0df36649 100644 --- a/noir-projects/aztec-nr/aztec/src/context/private_context.nr +++ b/noir-projects/aztec-nr/aztec/src/context/private_context.nr @@ -268,8 +268,8 @@ impl PrivateContext { // validate that we siloed secret key corresponds to correct siloing of the master secret key that hashes // to `pk_m_hash`. - /// Safety: Kernels verify that the key validation request is valid and below we verify that a request - /// for the correct public key has been received. + // Safety: Kernels verify that the key validation request is valid and below we verify that a request + // for the correct public key has been received. let request = unsafe { get_key_validation_request(pk_m_hash, key_index) }; assert_eq(request.pk_m.hash(), pk_m_hash, "Obtained invalid key validation request"); @@ -391,11 +391,11 @@ impl PrivateContext { let mut is_static_call = is_static_call | self.inputs.call_context.is_static_call; let start_side_effect_counter = self.side_effect_counter; - /// Safety: The oracle simulates the private call and returns the value of the side effects counter after - /// execution of the call (which means that end_side_effect_counter - start_side_effect_counter is - /// the number of side effects that took place), along with the hash of the return values. We validate these - /// by requesting a private kernel iteration in which the return values are constrained to hash - /// to `returns_hash` and the side effects counter to increment from start to end. + // Safety: The oracle simulates the private call and returns the value of the side effects counter after + // execution of the call (which means that end_side_effect_counter - start_side_effect_counter is + // the number of side effects that took place), along with the hash of the return values. We validate these + // by requesting a private kernel iteration in which the return values are constrained to hash + // to `returns_hash` and the side effects counter to increment from start to end. let (end_side_effect_counter, returns_hash) = unsafe { call_private_function_internal( contract_address, @@ -494,12 +494,12 @@ impl PrivateContext { let counter = self.next_counter(); let mut is_static_call = is_static_call | self.inputs.call_context.is_static_call; - /// Safety: TODO(https://github.com/AztecProtocol/aztec-packages/issues/8985): Fix this. - /// WARNING: This is insecure and should be temporary! - /// The oracle hashes the arguments and returns a new args_hash. - /// new_args = [selector, ...old_args], so as to make it suitable to call the public dispatch function. - /// We don't validate or compute it in the circuit because a) it's harder to do with slices, and - /// b) this is only temporary. + // Safety: TODO(https://github.com/AztecProtocol/aztec-packages/issues/8985): Fix this. + // WARNING: This is insecure and should be temporary! + // The oracle hashes the arguments and returns a new args_hash. + // new_args = [selector, ...old_args], so as to make it suitable to call the public dispatch function. + // We don't validate or compute it in the circuit because a) it's harder to do with slices, and + // b) this is only temporary. let args_hash = unsafe { enqueue_public_function_call_internal( contract_address, @@ -550,12 +550,12 @@ impl PrivateContext { let counter = self.next_counter(); let mut is_static_call = is_static_call | self.inputs.call_context.is_static_call; - /// Safety: TODO(https://github.com/AztecProtocol/aztec-packages/issues/8985): Fix this. - /// WARNING: This is insecure and should be temporary! - /// The oracle hashes the arguments and returns a new args_hash. - /// new_args = [selector, ...old_args], so as to make it suitable to call the public dispatch function. - /// We don't validate or compute it in the circuit because a) it's harder to do with slices, and - /// b) this is only temporary. + // Safety: TODO(https://github.com/AztecProtocol/aztec-packages/issues/8985): Fix this. + // WARNING: This is insecure and should be temporary! + // The oracle hashes the arguments and returns a new args_hash. + // new_args = [selector, ...old_args], so as to make it suitable to call the public dispatch function. + // We don't validate or compute it in the circuit because a) it's harder to do with slices, and + // b) this is only temporary. let args_hash = unsafe { set_public_teardown_function_call_internal( contract_address, diff --git a/noir-projects/aztec-nr/aztec/src/context/public_context.nr b/noir-projects/aztec-nr/aztec/src/context/public_context.nr index 54402ea44be..2e8431a6d48 100644 --- a/noir-projects/aztec-nr/aztec/src/context/public_context.nr +++ b/noir-projects/aztec-nr/aztec/src/context/public_context.nr @@ -21,22 +21,22 @@ impl PublicContext { where T: Serialize, { - /// Safety: AVM opcodes are constrained by the AVM itself + // Safety: AVM opcodes are constrained by the AVM itself unsafe { emit_public_log(Serialize::serialize(log).as_slice()) }; } pub fn note_hash_exists(_self: Self, note_hash: Field, leaf_index: Field) -> bool { - /// Safety: AVM opcodes are constrained by the AVM itself + // Safety: AVM opcodes are constrained by the AVM itself unsafe { note_hash_exists(note_hash, leaf_index) } == 1 } pub fn l1_to_l2_msg_exists(_self: Self, msg_hash: Field, msg_leaf_index: Field) -> bool { - /// Safety: AVM opcodes are constrained by the AVM itself + // Safety: AVM opcodes are constrained by the AVM itself unsafe { l1_to_l2_msg_exists(msg_hash, msg_leaf_index) } == 1 } pub fn nullifier_exists(_self: Self, unsiloed_nullifier: Field, address: AztecAddress) -> bool { - /// Safety: AVM opcodes are constrained by the AVM itself + // Safety: AVM opcodes are constrained by the AVM itself unsafe { nullifier_exists(unsiloed_nullifier, address.to_field()) } == 1 } @@ -73,7 +73,7 @@ impl PublicContext { } pub fn message_portal(_self: &mut Self, recipient: EthAddress, content: Field) { - /// Safety: AVM opcodes are constrained by the AVM itself + // Safety: AVM opcodes are constrained by the AVM itself unsafe { send_l2_to_l1_msg(recipient, content) }; } @@ -114,29 +114,29 @@ impl PublicContext { } pub fn push_note_hash(_self: &mut Self, note_hash: Field) { - /// Safety: AVM opcodes are constrained by the AVM itself + // Safety: AVM opcodes are constrained by the AVM itself unsafe { emit_note_hash(note_hash) }; } pub fn push_nullifier(_self: &mut Self, nullifier: Field) { - /// Safety: AVM opcodes are constrained by the AVM itself + // Safety: AVM opcodes are constrained by the AVM itself unsafe { emit_nullifier(nullifier) }; } pub fn this_address(_self: Self) -> AztecAddress { - /// Safety: AVM opcodes are constrained by the AVM itself + // Safety: AVM opcodes are constrained by the AVM itself unsafe { address() } } pub fn msg_sender(_self: Self) -> AztecAddress { - /// Safety: AVM opcodes are constrained by the AVM itself + // Safety: AVM opcodes are constrained by the AVM itself unsafe { sender() } } pub fn selector(_self: Self) -> FunctionSelector { // The selector is the first element of the calldata when calling a public function through dispatch. - /// Safety: AVM opcodes are constrained by the AVM itself + // Safety: AVM opcodes are constrained by the AVM itself let raw_selector: [Field; 1] = unsafe { calldata_copy(0, 1) }; FunctionSelector::from_field(raw_selector[0]) } @@ -148,70 +148,70 @@ impl PublicContext { self.args_hash.unwrap_unchecked() } pub fn transaction_fee(_self: Self) -> Field { - /// Safety: AVM opcodes are constrained by the AVM itself + // Safety: AVM opcodes are constrained by the AVM itself unsafe { transaction_fee() } } pub fn chain_id(_self: Self) -> Field { - /// Safety: AVM opcodes are constrained by the AVM itself + // Safety: AVM opcodes are constrained by the AVM itself unsafe { chain_id() } } pub fn version(_self: Self) -> Field { - /// Safety: AVM opcodes are constrained by the AVM itself + // Safety: AVM opcodes are constrained by the AVM itself unsafe { version() } } pub fn block_number(_self: Self) -> Field { - /// Safety: AVM opcodes are constrained by the AVM itself + // Safety: AVM opcodes are constrained by the AVM itself unsafe { block_number() } } pub fn timestamp(_self: Self) -> u64 { - /// Safety: AVM opcodes are constrained by the AVM itself + // Safety: AVM opcodes are constrained by the AVM itself unsafe { timestamp() } } pub fn fee_per_l2_gas(_self: Self) -> Field { - /// Safety: AVM opcodes are constrained by the AVM itself + // Safety: AVM opcodes are constrained by the AVM itself unsafe { fee_per_l2_gas() } } pub fn fee_per_da_gas(_self: Self) -> Field { - /// Safety: AVM opcodes are constrained by the AVM itself + // Safety: AVM opcodes are constrained by the AVM itself unsafe { fee_per_da_gas() } } pub fn l2_gas_left(_self: Self) -> Field { - /// Safety: AVM opcodes are constrained by the AVM itself + // Safety: AVM opcodes are constrained by the AVM itself unsafe { l2_gas_left() } } pub fn da_gas_left(_self: Self) -> Field { - /// Safety: AVM opcodes are constrained by the AVM itself + // Safety: AVM opcodes are constrained by the AVM itself unsafe { da_gas_left() } } pub fn is_static_call(_self: Self) -> bool { - /// Safety: AVM opcodes are constrained by the AVM itself + // Safety: AVM opcodes are constrained by the AVM itself unsafe { is_static_call() } == 1 } pub fn raw_storage_read(_self: Self, storage_slot: Field) -> [Field; N] { let mut out = [0; N]; for i in 0..N { - /// Safety: AVM opcodes are constrained by the AVM itself + // Safety: AVM opcodes are constrained by the AVM itself out[i] = unsafe { storage_read(storage_slot + i as Field) }; } out @@ -226,7 +226,7 @@ impl PublicContext { pub fn raw_storage_write(_self: Self, storage_slot: Field, values: [Field; N]) { for i in 0..N { - /// Safety: AVM opcodes are constrained by the AVM itself + // Safety: AVM opcodes are constrained by the AVM itself unsafe { storage_write(storage_slot + i as Field, values[i]) }; } } diff --git a/noir-projects/aztec-nr/aztec/src/context/returns_hash.nr b/noir-projects/aztec-nr/aztec/src/context/returns_hash.nr index 79cee30fb51..916ab6d9d3b 100644 --- a/noir-projects/aztec-nr/aztec/src/context/returns_hash.nr +++ b/noir-projects/aztec-nr/aztec/src/context/returns_hash.nr @@ -24,7 +24,7 @@ impl ReturnsHash { where T: Deserialize, { - /// Safety: We verify that the value returned by `load` is the preimage of `hash`, fully constraining it. + // Safety: We verify that the value returned by `load` is the preimage of `hash`, fully constraining it. let preimage: [Field; N] = unsafe { execution_cache::load(self.hash) }; assert_eq(self.hash, hash_args_array(preimage)); diff --git a/noir-projects/aztec-nr/aztec/src/encrypted_logs/log_assembly_strategies/default_aes128/note.nr b/noir-projects/aztec-nr/aztec/src/encrypted_logs/log_assembly_strategies/default_aes128/note.nr index 9f5579a1fbb..50842bdc798 100644 --- a/noir-projects/aztec-nr/aztec/src/encrypted_logs/log_assembly_strategies/default_aes128/note.nr +++ b/noir-projects/aztec-nr/aztec/src/encrypted_logs/log_assembly_strategies/default_aes128/note.nr @@ -344,8 +344,8 @@ where let mut log_bytes_padding_to_mult_31 = get_arr_of_size__log_bytes_padding__from_PT::<(N * 32) + 64>(); - /// Safety: this randomness won't be constrained to be random. It's in the - /// interest of the executor of this fn to encrypt with random bytes. + // Safety: this randomness won't be constrained to be random. It's in the + // interest of the executor of this fn to encrypt with random bytes. log_bytes_padding_to_mult_31 = unsafe { get_random_bytes() }; let mut log_bytes = get_arr_of_size__log_bytes__from_PT::<(N * 32) + 64>(); @@ -406,7 +406,7 @@ where offset += log_bytes_as_fields.len(); for i in offset..PRIVATE_LOG_SIZE_IN_FIELDS { - /// Safety: randomness cannot be constrained. + // Safety: randomness cannot be constrained. final_log[i] = unsafe { random() }; } diff --git a/noir-projects/aztec-nr/aztec/src/history/note_inclusion.nr b/noir-projects/aztec-nr/aztec/src/history/note_inclusion.nr index f951264c6ef..010a97900de 100644 --- a/noir-projects/aztec-nr/aztec/src/history/note_inclusion.nr +++ b/noir-projects/aztec-nr/aztec/src/history/note_inclusion.nr @@ -19,7 +19,7 @@ impl ProveNoteInclusion for BlockHeader { { let note_hash = compute_note_hash_for_nullify(note, storage_slot); - /// Safety: The witness is only used as a "magical value" that makes the merkle proof below pass. Hence it's safe. + // Safety: The witness is only used as a "magical value" that makes the merkle proof below pass. Hence it's safe. let witness = unsafe { get_note_hash_membership_witness(self.global_variables.block_number as u32, note_hash) }; diff --git a/noir-projects/aztec-nr/aztec/src/history/nullifier_inclusion.nr b/noir-projects/aztec-nr/aztec/src/history/nullifier_inclusion.nr index a7e1a1ace76..2cee88f29d9 100644 --- a/noir-projects/aztec-nr/aztec/src/history/nullifier_inclusion.nr +++ b/noir-projects/aztec-nr/aztec/src/history/nullifier_inclusion.nr @@ -14,7 +14,7 @@ trait ProveNullifierInclusion { impl ProveNullifierInclusion for BlockHeader { fn prove_nullifier_inclusion(self, nullifier: Field) { // 1) Get the membership witness of the nullifier - /// Safety: The witness is only used as a "magical value" that makes the proof below pass. Hence it's safe. + // Safety: The witness is only used as a "magical value" that makes the proof below pass. Hence it's safe. let witness = unsafe { get_nullifier_membership_witness(self.global_variables.block_number as u32, nullifier) }; diff --git a/noir-projects/aztec-nr/aztec/src/history/nullifier_non_inclusion.nr b/noir-projects/aztec-nr/aztec/src/history/nullifier_non_inclusion.nr index 1f444aaa7de..76a9b6d4669 100644 --- a/noir-projects/aztec-nr/aztec/src/history/nullifier_non_inclusion.nr +++ b/noir-projects/aztec-nr/aztec/src/history/nullifier_non_inclusion.nr @@ -16,7 +16,7 @@ trait ProveNullifierNonInclusion { impl ProveNullifierNonInclusion for BlockHeader { fn prove_nullifier_non_inclusion(self, nullifier: Field) { // 1) Get the membership witness of a low nullifier of the nullifier - /// Safety: The witness is only used as a "magical value" that makes the proof below pass. Hence it's safe. + // Safety: The witness is only used as a "magical value" that makes the proof below pass. Hence it's safe. let witness = unsafe { get_low_nullifier_membership_witness( self.global_variables.block_number as u32, diff --git a/noir-projects/aztec-nr/aztec/src/history/public_storage.nr b/noir-projects/aztec-nr/aztec/src/history/public_storage.nr index 0f88b46a585..e6e7946e008 100644 --- a/noir-projects/aztec-nr/aztec/src/history/public_storage.nr +++ b/noir-projects/aztec-nr/aztec/src/history/public_storage.nr @@ -27,7 +27,7 @@ impl PublicStorageHistoricalRead for BlockHeader { ); // 2) Get the membership witness for the tree index. - /// Safety: The witness is only used as a "magical value" that makes the proof below pass. Hence it's safe. + // Safety: The witness is only used as a "magical value" that makes the proof below pass. Hence it's safe. let witness = unsafe { get_public_data_witness( self.global_variables.block_number as u32, diff --git a/noir-projects/aztec-nr/aztec/src/keys/getters/mod.nr b/noir-projects/aztec-nr/aztec/src/keys/getters/mod.nr index 5430aac2659..4b03ca7d3da 100644 --- a/noir-projects/aztec-nr/aztec/src/keys/getters/mod.nr +++ b/noir-projects/aztec-nr/aztec/src/keys/getters/mod.nr @@ -24,7 +24,7 @@ pub unconstrained fn get_ovsk_app(ovpk_m_hash: Field) -> Field { // keys at once since the constraints for reading them all are actually fewer than if we read them one at a time - any // read keys that are not required by the caller can simply be discarded. pub fn get_public_keys(account: AztecAddress) -> PublicKeys { - /// Safety: Public keys are constrained by showing their inclusion in the address's preimage. + // Safety: Public keys are constrained by showing their inclusion in the address's preimage. let (public_keys, partial_address) = unsafe { get_public_keys_and_partial_address(account) }; assert_eq( account, diff --git a/noir-projects/aztec-nr/aztec/src/messaging.nr b/noir-projects/aztec-nr/aztec/src/messaging.nr index bf6be44dc93..50bfee3641c 100644 --- a/noir-projects/aztec-nr/aztec/src/messaging.nr +++ b/noir-projects/aztec-nr/aztec/src/messaging.nr @@ -31,7 +31,7 @@ pub fn process_l1_to_l2_message( // We prove that `message_hash` is in the tree by showing the derivation of the tree root, using a merkle path we // get from an oracle. - /// Safety: The witness is only used as a "magical value" that makes the merkle proof below pass. Hence it's safe. + // Safety: The witness is only used as a "magical value" that makes the merkle proof below pass. Hence it's safe. let (_leaf_index, sibling_path) = unsafe { get_l1_to_l2_membership_witness(contract_address, message_hash, secret) }; diff --git a/noir-projects/aztec-nr/aztec/src/note/note_getter/mod.nr b/noir-projects/aztec-nr/aztec/src/note/note_getter/mod.nr index 973276fd2c5..d4aac0d5843 100644 --- a/noir-projects/aztec-nr/aztec/src/note/note_getter/mod.nr +++ b/noir-projects/aztec-nr/aztec/src/note/note_getter/mod.nr @@ -88,8 +88,8 @@ pub fn get_note( where Note: NoteInterface + NullifiableNote, { - /// Safety: Constraining that we got a valid note from the oracle is fairly straightforward: all we need to do - /// is check that the metadata is correct, and that the note exists. + // Safety: Constraining that we got a valid note from the oracle is fairly straightforward: all we need to do + // is check that the metadata is correct, and that the note exists. let note = unsafe { get_note_internal(storage_slot) }; check_note_header(*context, note); @@ -107,7 +107,7 @@ pub fn get_notes( where Note: NoteInterface + NullifiableNote + Eq, { - /// Safety: The notes are constrained below. + // Safety: The notes are constrained below. let opt_notes = unsafe { get_notes_internal(storage_slot, options) }; // We apply the constraints in a separate function instead of inlining them here to make it easier to test that diff --git a/noir-projects/aztec-nr/aztec/src/oracle/block_header.nr b/noir-projects/aztec-nr/aztec/src/oracle/block_header.nr index dbb7bbc5f22..75f26141293 100644 --- a/noir-projects/aztec-nr/aztec/src/oracle/block_header.nr +++ b/noir-projects/aztec-nr/aztec/src/oracle/block_header.nr @@ -35,7 +35,7 @@ pub fn get_block_header_at(block_number: u32, context: PrivateContext) -> BlockH ); // 3) Get the header hint of a given block from an oracle - /// Safety: The header is constrained to be in the archive tree below. + // Safety: The header is constrained to be in the archive tree below. let header = unsafe { get_block_header_at_internal(block_number) }; // 4) We make sure that the header hint we received from the oracle exists in the state tree and is the actual header @@ -62,7 +62,7 @@ fn constrain_get_block_header_at_internal( let block_hash = header_hint.hash(); // 2) Get the membership witness of the block in the archive tree - /// Safety: The witness is only used as a "magical value" that makes the merkle proof below pass. Hence it's safe. + // Safety: The witness is only used as a "magical value" that makes the merkle proof below pass. Hence it's safe. let witness = unsafe { get_archive_membership_witness(last_archive_block_number, block_hash) }; // 3) Check that the block is in the archive (i.e. the witness is valid) diff --git a/noir-projects/aztec-nr/aztec/src/oracle/enqueue_public_function_call.nr b/noir-projects/aztec-nr/aztec/src/oracle/enqueue_public_function_call.nr index 62a73c9f5d8..ca28ee669ad 100644 --- a/noir-projects/aztec-nr/aztec/src/oracle/enqueue_public_function_call.nr +++ b/noir-projects/aztec-nr/aztec/src/oracle/enqueue_public_function_call.nr @@ -51,8 +51,8 @@ pub unconstrained fn set_public_teardown_function_call_internal( } pub fn notify_set_min_revertible_side_effect_counter(counter: u32) { - /// Safety: This oracle call returns nothing: we only call it for its side effects. It is therefore always safe - /// to call. + // Safety: This oracle call returns nothing: we only call it for its side effects. It is therefore always safe + // to call. unsafe { notify_set_min_revertible_side_effect_counter_oracle_wrapper(counter) }; } diff --git a/noir-projects/aztec-nr/aztec/src/oracle/execution_cache.nr b/noir-projects/aztec-nr/aztec/src/oracle/execution_cache.nr index f85ca12e9ec..84a3c41d2f4 100644 --- a/noir-projects/aztec-nr/aztec/src/oracle/execution_cache.nr +++ b/noir-projects/aztec-nr/aztec/src/oracle/execution_cache.nr @@ -1,7 +1,7 @@ /// Stores values represented as slice in execution cache to be later obtained by its hash. pub fn store(values: [Field]) { - /// Safety: This oracle call returns nothing: we only call it for its side effects. It is therefore always safe - /// to call. When loading the values, however, the caller must check that the values are indeed the preimage. + // Safety: This oracle call returns nothing: we only call it for its side effects. It is therefore always safe + // to call. When loading the values, however, the caller must check that the values are indeed the preimage. unsafe { store_in_execution_cache_oracle_wrapper(values) }; } diff --git a/noir-projects/aztec-nr/aztec/src/oracle/get_contract_instance.nr b/noir-projects/aztec-nr/aztec/src/oracle/get_contract_instance.nr index 6c117ab0b89..b8fc8295d80 100644 --- a/noir-projects/aztec-nr/aztec/src/oracle/get_contract_instance.nr +++ b/noir-projects/aztec-nr/aztec/src/oracle/get_contract_instance.nr @@ -18,8 +18,8 @@ unconstrained fn get_contract_instance_internal( // NOTE: this is for use in private only pub fn get_contract_instance(address: AztecAddress) -> ContractInstance { - /// Safety: The to_address function combines all values in the instance object to produce an address, - /// so by checking that we get the expected address we validate the entire struct. + // Safety: The to_address function combines all values in the instance object to produce an address, + // so by checking that we get the expected address we validate the entire struct. let instance = unsafe { ContractInstance::deserialize(get_contract_instance_internal(address)) }; assert_eq(instance.to_address(), address); @@ -59,7 +59,7 @@ pub unconstrained fn get_contract_instance_initialization_hash_internal_avm( } pub fn get_contract_instance_deployer_avm(address: AztecAddress) -> Option { - /// Safety: AVM opcodes are constrained by the AVM itself + // Safety: AVM opcodes are constrained by the AVM itself let (member, exists) = unsafe { get_contract_instance_deployer_internal_avm(address) }; if exists { Option::some(AztecAddress::from_field(member)) @@ -68,7 +68,7 @@ pub fn get_contract_instance_deployer_avm(address: AztecAddress) -> Option Option { - /// Safety: AVM opcodes are constrained by the AVM itself + // Safety: AVM opcodes are constrained by the AVM itself let (member, exists) = unsafe { get_contract_instance_class_id_internal_avm(address) }; if exists { Option::some(ContractClassId::from_field(member)) @@ -77,7 +77,7 @@ pub fn get_contract_instance_class_id_avm(address: AztecAddress) -> Option Option { - /// Safety: AVM opcodes are constrained by the AVM itself + // Safety: AVM opcodes are constrained by the AVM itself let (member, exists) = unsafe { get_contract_instance_initialization_hash_internal_avm(address) }; if exists { diff --git a/noir-projects/aztec-nr/aztec/src/oracle/notes.nr b/noir-projects/aztec-nr/aztec/src/oracle/notes.nr index 9270173be83..2f6af6e1cd4 100644 --- a/noir-projects/aztec-nr/aztec/src/oracle/notes.nr +++ b/noir-projects/aztec-nr/aztec/src/oracle/notes.nr @@ -14,8 +14,8 @@ pub fn notify_created_note( note_hash: Field, counter: u32, ) { - /// Safety: This oracle call returns nothing: we only call it for its side effects. It is therefore always safe - /// to call. + // Safety: This oracle call returns nothing: we only call it for its side effects. It is therefore always safe + // to call. unsafe { notify_created_note_oracle_wrapper( storage_slot, @@ -31,8 +31,8 @@ pub fn notify_created_note( /// the same transaction. This note should only be removed to the non-volatile database if its nullifier is found in an /// actual block. pub fn notify_nullified_note(nullifier: Field, note_hash: Field, counter: u32) { - /// Safety: This oracle call returns nothing: we only call it for its side effects. It is therefore always safe - /// to call. + // Safety: This oracle call returns nothing: we only call it for its side effects. It is therefore always safe + // to call. unsafe { notify_nullified_note_oracle_wrapper(nullifier, note_hash, counter) }; } @@ -249,8 +249,8 @@ unconstrained fn get_indexed_tagging_secret_as_sender_oracle( /// otherwise e.g. a reverting transaction can cause the sender to accidentally skip indices and later produce notes /// that are not found by the recipient. pub fn increment_app_tagging_secret_index_as_sender(sender: AztecAddress, recipient: AztecAddress) { - /// Safety: This oracle call returns nothing: we only call it for its side effects. It is therefore always safe - /// to call. + // Safety: This oracle call returns nothing: we only call it for its side effects. It is therefore always safe + // to call. unsafe { increment_app_tagging_secret_index_as_sender_wrapper(sender, recipient); } @@ -272,8 +272,8 @@ unconstrained fn increment_app_tagging_secret_index_as_sender_oracle( /// Finds new notes that may have been sent to all registered accounts in PXE in the current contract and makes them available /// for later querying via the `get_notes` oracle. pub fn sync_notes() { - /// Safety: This oracle call returns nothing: we only call it for its side effects. It is therefore always safe - /// to call. + // Safety: This oracle call returns nothing: we only call it for its side effects. It is therefore always safe + // to call. unsafe { sync_notes_oracle_wrapper(); } diff --git a/noir-projects/aztec-nr/aztec/src/state_vars/private_mutable.nr b/noir-projects/aztec-nr/aztec/src/state_vars/private_mutable.nr index 32219c1fca0..70976d0c143 100644 --- a/noir-projects/aztec-nr/aztec/src/state_vars/private_mutable.nr +++ b/noir-projects/aztec-nr/aztec/src/state_vars/private_mutable.nr @@ -84,17 +84,17 @@ where // docs:end:replace pub fn initialize_or_replace(self, note: &mut Note) -> NoteEmission { - /// Safety: `check_nullifier_exists` is an unconstrained function - we can constrain a true value - /// by providing an inclusion proof of the nullifier, but cannot constrain a false value since - /// a non-inclusion proof would only be valid if done in public. - /// Ultimately, this is not an issue given that we'll either: - /// - initialize the state variable, which would fail if it was already initialized due to the duplicate - /// nullifier, or - /// - replace the current value, which would fail if it was not initialized since we wouldn't be able - /// to produce an inclusion proof for the current note - /// This means that an honest oracle will assist the prover to produce a valid proof, while a malicious - /// oracle (i.e. one that returns an incorrect value for is_initialized) will simply fail to produce - /// a proof. + // Safety: `check_nullifier_exists` is an unconstrained function - we can constrain a true value + // by providing an inclusion proof of the nullifier, but cannot constrain a false value since + // a non-inclusion proof would only be valid if done in public. + // Ultimately, this is not an issue given that we'll either: + // - initialize the state variable, which would fail if it was already initialized due to the duplicate + // nullifier, or + // - replace the current value, which would fail if it was not initialized since we wouldn't be able + // to produce an inclusion proof for the current note + // This means that an honest oracle will assist the prover to produce a valid proof, while a malicious + // oracle (i.e. one that returns an incorrect value for is_initialized) will simply fail to produce + // a proof. let is_initialized = unsafe { check_nullifier_exists(self.compute_initialization_nullifier()) }; diff --git a/noir-projects/aztec-nr/aztec/src/utils/array/collapse.nr b/noir-projects/aztec-nr/aztec/src/utils/array/collapse.nr index 0aa54da1451..0ca9de40177 100644 --- a/noir-projects/aztec-nr/aztec/src/utils/array/collapse.nr +++ b/noir-projects/aztec-nr/aztec/src/utils/array/collapse.nr @@ -15,7 +15,7 @@ where // Instead, we use an unconstrained function to produce the final collapsed array, along with some hints, and then // verify that the input and collapsed arrays are equivalent. - /// Safety: The hints are verified by the `verify_collapse_hints` function. + // Safety: The hints are verified by the `verify_collapse_hints` function. let (collapsed, collapsed_to_input_index_mapping) = unsafe { get_collapse_hints(input) }; verify_collapse_hints(input, collapsed, collapsed_to_input_index_mapping); collapsed diff --git a/noir-projects/aztec-nr/aztec/src/utils/bytes.nr b/noir-projects/aztec-nr/aztec/src/utils/bytes.nr index 02d1764c204..7e4c229b10a 100644 --- a/noir-projects/aztec-nr/aztec/src/utils/bytes.nr +++ b/noir-projects/aztec-nr/aztec/src/utils/bytes.nr @@ -242,8 +242,8 @@ unconstrained fn get_chunks_of_random_bits(input: [Field; N]) -> [Field; N] { - /// Safety: we can't constrain whether or not the returned bits are actually random; - /// we can only rely on it being in the caller's best interest. + // Safety: we can't constrain whether or not the returned bits are actually random; + // we can only rely on it being in the caller's best interest. let chunks_of_random_bits = unsafe { get_chunks_of_random_bits::<((N + 30) / 31), 6>() }; let mut fields = input; // We push the random bits to the "big end" of each field diff --git a/noir-projects/aztec-nr/aztec/src/utils/field.nr b/noir-projects/aztec-nr/aztec/src/utils/field.nr index d9d451b88fa..125c5ffec6f 100644 --- a/noir-projects/aztec-nr/aztec/src/utils/field.nr +++ b/noir-projects/aztec-nr/aztec/src/utils/field.nr @@ -84,9 +84,9 @@ pub unconstrained fn __sqrt(x: Field) -> (bool, Field) { // Returns (false, 0) if there is no square root. // Returns (true, sqrt) if there is a square root. pub fn sqrt(x: Field) -> Option { - /// Safety: if the hint returns the square root of x, then we simply square it - /// check the result equals x. If x is not square, we return a value that - /// enables us to prove that fact (see the `else` clause below). + // Safety: if the hint returns the square root of x, then we simply square it + // check the result equals x. If x is not square, we return a value that + // enables us to prove that fact (see the `else` clause below). let (is_sq, maybe_sqrt) = unsafe { __sqrt(x) }; if is_sq { diff --git a/noir-projects/aztec-nr/aztec/src/utils/with_hash.nr b/noir-projects/aztec-nr/aztec/src/utils/with_hash.nr index c9c9bf95c4f..dd63d3c0d80 100644 --- a/noir-projects/aztec-nr/aztec/src/utils/with_hash.nr +++ b/noir-projects/aztec-nr/aztec/src/utils/with_hash.nr @@ -62,7 +62,7 @@ where // get an oracle to provide us the values, and instead we prove inclusion of their hash, which is both a much // smaller proof (a single slot), and also independent of the size of T (except in that we need to pack and hash T). let hint = WithHash::new( - /// Safety: We verify that a hash of the hint/packed data matches the stored hash. + // Safety: We verify that a hash of the hint/packed data matches the stored hash. unsafe { oracle::storage::storage_read(address, storage_slot, historical_block_number) }, diff --git a/noir-projects/aztec-nr/uint-note/src/uint_note.nr b/noir-projects/aztec-nr/uint-note/src/uint_note.nr index 7abfc3dfcca..6445e79583d 100644 --- a/noir-projects/aztec-nr/uint-note/src/uint_note.nr +++ b/noir-projects/aztec-nr/uint-note/src/uint_note.nr @@ -61,10 +61,10 @@ impl Eq for UintNote { impl UintNote { pub fn new(value: U128, owner: AztecAddress) -> Self { - /// Safety: We use the randomness to preserve the privacy of the note recipient by preventing brute-forcing, - /// so a malicious sender could use non-random values to make the note less private. But they already know - /// the full note pre-image anyway, and so the recipient already trusts them to not disclose this - /// information. We can therefore assume that the sender will cooperate in the random value generation. + // Safety: We use the randomness to preserve the privacy of the note recipient by preventing brute-forcing, + // so a malicious sender could use non-random values to make the note less private. But they already know + // the full note pre-image anyway, and so the recipient already trusts them to not disclose this + // information. We can therefore assume that the sender will cooperate in the random value generation. let randomness = unsafe { random() }; Self { value, owner, randomness, header: NoteHeader::empty() } } diff --git a/noir-projects/aztec-nr/value-note/src/value_note.nr b/noir-projects/aztec-nr/value-note/src/value_note.nr index afd952cc4a7..2d24d51df34 100644 --- a/noir-projects/aztec-nr/value-note/src/value_note.nr +++ b/noir-projects/aztec-nr/value-note/src/value_note.nr @@ -57,10 +57,10 @@ impl NullifiableNote for ValueNote { impl ValueNote { pub fn new(value: Field, owner: AztecAddress) -> Self { - /// Safety: We use the randomness to preserve the privacy of the note recipient by preventing brute-forcing, - /// so a malicious sender could use non-random values to make the note less private. But they already know - /// the full note pre-image anyway, and so the recipient already trusts them to not disclose this - /// information. We can therefore assume that the sender will cooperate in the random value generation. + // Safety: We use the randomness to preserve the privacy of the note recipient by preventing brute-forcing, + // so a malicious sender could use non-random values to make the note less private. But they already know + // the full note pre-image anyway, and so the recipient already trusts them to not disclose this + // information. We can therefore assume that the sender will cooperate in the random value generation. let randomness = unsafe { random() }; let header = NoteHeader::empty(); diff --git a/noir-projects/noir-contracts/contracts/app_subscription_contract/src/subscription_note.nr b/noir-projects/noir-contracts/contracts/app_subscription_contract/src/subscription_note.nr index ecc48c504af..fb6f9e3db45 100644 --- a/noir-projects/noir-contracts/contracts/app_subscription_contract/src/subscription_note.nr +++ b/noir-projects/noir-contracts/contracts/app_subscription_contract/src/subscription_note.nr @@ -46,10 +46,10 @@ impl NullifiableNote for SubscriptionNote { impl SubscriptionNote { pub fn new(owner: AztecAddress, expiry_block_number: Field, remaining_txs: Field) -> Self { - /// Safety: We use the randomness to preserve the privacy of the note recipient by preventing brute-forcing, - /// so a malicious sender could use non-random values to make the note less private. But they already know - /// the full note pre-image anyway, and so the recipient already trusts them to not disclose this - /// information. We can therefore assume that the sender will cooperate in the random value generation. + // Safety: We use the randomness to preserve the privacy of the note recipient by preventing brute-forcing, + // so a malicious sender could use non-random values to make the note less private. But they already know + // the full note pre-image anyway, and so the recipient already trusts them to not disclose this + // information. We can therefore assume that the sender will cooperate in the random value generation. let randomness = unsafe { random() }; Self { owner, expiry_block_number, remaining_txs, randomness, header: NoteHeader::empty() } } diff --git a/noir-projects/noir-contracts/contracts/ecdsa_k_account_contract/src/main.nr b/noir-projects/noir-contracts/contracts/ecdsa_k_account_contract/src/main.nr index 4eaf01eddbf..7da4351bbab 100644 --- a/noir-projects/noir-contracts/contracts/ecdsa_k_account_contract/src/main.nr +++ b/noir-projects/noir-contracts/contracts/ecdsa_k_account_contract/src/main.nr @@ -59,8 +59,8 @@ pub contract EcdsaKAccount { let public_key = storage.public_key.get_note(); // Load auth witness - /// Safety: The witness is only used as a "magical value" that makes the signature verification below pass. - /// Hence it's safe. + // Safety: The witness is only used as a "magical value" that makes the signature verification below pass. + // Hence it's safe. let witness: [Field; 64] = unsafe { get_auth_witness(outer_hash) }; let mut signature: [u8; 64] = [0; 64]; for i in 0..64 { diff --git a/noir-projects/noir-contracts/contracts/ecdsa_r_account_contract/src/main.nr b/noir-projects/noir-contracts/contracts/ecdsa_r_account_contract/src/main.nr index 11da86d48c2..0c0f8d17fc2 100644 --- a/noir-projects/noir-contracts/contracts/ecdsa_r_account_contract/src/main.nr +++ b/noir-projects/noir-contracts/contracts/ecdsa_r_account_contract/src/main.nr @@ -57,8 +57,8 @@ pub contract EcdsaRAccount { let public_key = storage.public_key.get_note(); // Load auth witness - /// Safety: The witness is only used as a "magical value" that makes the signature verification below pass. - /// Hence it's safe. + // Safety: The witness is only used as a "magical value" that makes the signature verification below pass. + // Hence it's safe. let witness: [Field; 64] = unsafe { get_auth_witness(outer_hash) }; let mut signature: [u8; 64] = [0; 64]; for i in 0..64 { diff --git a/noir-projects/noir-contracts/contracts/nft_contract/src/main.nr b/noir-projects/noir-contracts/contracts/nft_contract/src/main.nr index bdc1341fcae..065d6896375 100644 --- a/noir-projects/noir-contracts/contracts/nft_contract/src/main.nr +++ b/noir-projects/noir-contracts/contracts/nft_contract/src/main.nr @@ -205,10 +205,10 @@ pub contract NFT { // TODO(#7775): Manually fetching the randomness here is not great. If we decide to include randomness in all // notes we could just inject it in macros. - /// Safety: We use the randomness to preserve the privacy of the note recipient by preventing brute-forcing, - /// so a malicious sender could use non-random values to make the note less private. But they already know - /// the full note pre-image anyway, and so the recipient already trusts them to not disclose this - /// information. We can therefore assume that the sender will cooperate in the random value generation. + // Safety: We use the randomness to preserve the privacy of the note recipient by preventing brute-forcing, + // so a malicious sender could use non-random values to make the note less private. But they already know + // the full note pre-image anyway, and so the recipient already trusts them to not disclose this + // information. We can therefore assume that the sender will cooperate in the random value generation. let note_randomness = unsafe { random() }; let note_setup_payload = NFTNote::setup_payload().new(to, note_randomness, to_note_slot); diff --git a/noir-projects/noir-contracts/contracts/nft_contract/src/types/nft_note.nr b/noir-projects/noir-contracts/contracts/nft_contract/src/types/nft_note.nr index 054372b3ab1..5fe5850e56d 100644 --- a/noir-projects/noir-contracts/contracts/nft_contract/src/types/nft_note.nr +++ b/noir-projects/noir-contracts/contracts/nft_contract/src/types/nft_note.nr @@ -51,10 +51,10 @@ impl NullifiableNote for NFTNote { impl NFTNote { pub fn new(token_id: Field, owner: AztecAddress) -> Self { - /// Safety: We use the randomness to preserve the privacy of the note recipient by preventing brute-forcing, - /// so a malicious sender could use non-random values to make the note less private. But they already know - /// the full note pre-image anyway, and so the recipient already trusts them to not disclose this - /// information. We can therefore assume that the sender will cooperate in the random value generation. + // Safety: We use the randomness to preserve the privacy of the note recipient by preventing brute-forcing, + // so a malicious sender could use non-random values to make the note less private. But they already know + // the full note pre-image anyway, and so the recipient already trusts them to not disclose this + // information. We can therefore assume that the sender will cooperate in the random value generation. let randomness = unsafe { random() }; NFTNote { token_id, owner, randomness, header: NoteHeader::empty() } } diff --git a/noir-projects/noir-contracts/contracts/schnorr_account_contract/src/main.nr b/noir-projects/noir-contracts/contracts/schnorr_account_contract/src/main.nr index 37a3856da52..5e2644c96d9 100644 --- a/noir-projects/noir-contracts/contracts/schnorr_account_contract/src/main.nr +++ b/noir-projects/noir-contracts/contracts/schnorr_account_contract/src/main.nr @@ -67,8 +67,8 @@ pub contract SchnorrAccount { let public_key = storage.signing_public_key.get_note(); // Load auth witness - /// Safety: The witness is only used as a "magical value" that makes the signature verification below pass. - /// Hence it's safe. + // Safety: The witness is only used as a "magical value" that makes the signature verification below pass. + // Hence it's safe. let witness: [Field; 64] = unsafe { get_auth_witness(outer_hash) }; let mut signature: [u8; 64] = [0; 64]; for i in 0..64 { diff --git a/noir-projects/noir-contracts/contracts/schnorr_hardcoded_account_contract/src/main.nr b/noir-projects/noir-contracts/contracts/schnorr_hardcoded_account_contract/src/main.nr index deeae79848d..2e84f74b524 100644 --- a/noir-projects/noir-contracts/contracts/schnorr_hardcoded_account_contract/src/main.nr +++ b/noir-projects/noir-contracts/contracts/schnorr_hardcoded_account_contract/src/main.nr @@ -39,8 +39,8 @@ pub contract SchnorrHardcodedAccount { fn is_valid_impl(_context: &mut PrivateContext, outer_hash: Field) -> bool { // Load auth witness and format as an u8 array - /// Safety: The witness is only used as a "magical value" that makes the signature verification below pass. - /// Hence it's safe. + // Safety: The witness is only used as a "magical value" that makes the signature verification below pass. + // Hence it's safe. let witness: [Field; 64] = unsafe { get_auth_witness(outer_hash) }; let mut signature: [u8; 64] = [0; 64]; for i in 0..64 { diff --git a/noir-projects/noir-contracts/contracts/schnorr_single_key_account_contract/src/main.nr b/noir-projects/noir-contracts/contracts/schnorr_single_key_account_contract/src/main.nr index 7e6c1677215..ed799540b21 100644 --- a/noir-projects/noir-contracts/contracts/schnorr_single_key_account_contract/src/main.nr +++ b/noir-projects/noir-contracts/contracts/schnorr_single_key_account_contract/src/main.nr @@ -29,8 +29,8 @@ pub contract SchnorrSingleKeyAccount { #[contract_library_method] fn is_valid_impl(context: &mut PrivateContext, outer_hash: Field) -> bool { - /// Safety: The witness is only used as a "magical value" that makes the signature verification - /// in `recover_address` and the address check below pass. Hence it's safe. + // Safety: The witness is only used as a "magical value" that makes the signature verification + // in `recover_address` and the address check below pass. Hence it's safe. let witness = unsafe { get_auth_witness(outer_hash) }; recover_address(outer_hash, witness).eq(context.this_address()) } diff --git a/noir-projects/noir-contracts/contracts/spam_contract/src/types/token_note.nr b/noir-projects/noir-contracts/contracts/spam_contract/src/types/token_note.nr index 5e9ec5bdfe7..4f9e94f6d4d 100644 --- a/noir-projects/noir-contracts/contracts/spam_contract/src/types/token_note.nr +++ b/noir-projects/noir-contracts/contracts/spam_contract/src/types/token_note.nr @@ -63,10 +63,10 @@ impl Eq for TokenNote { impl OwnedNote for TokenNote { fn new(amount: U128, owner: AztecAddress) -> Self { - /// Safety: We use the randomness to preserve the privacy of the note recipient by preventing brute-forcing, - /// so a malicious sender could use non-random values to make the note less private. But they already know - /// the full note pre-image anyway, and so the recipient already trusts them to not disclose this - /// information. We can therefore assume that the sender will cooperate in the random value generation. + // Safety: We use the randomness to preserve the privacy of the note recipient by preventing brute-forcing, + // so a malicious sender could use non-random values to make the note less private. But they already know + // the full note pre-image anyway, and so the recipient already trusts them to not disclose this + // information. We can therefore assume that the sender will cooperate in the random value generation. let randomness = unsafe { random() }; Self { amount, owner, randomness, header: NoteHeader::empty() } } diff --git a/noir-projects/noir-contracts/contracts/token_blacklist_contract/src/types/token_note.nr b/noir-projects/noir-contracts/contracts/token_blacklist_contract/src/types/token_note.nr index bcf0b78d526..f88b26615be 100644 --- a/noir-projects/noir-contracts/contracts/token_blacklist_contract/src/types/token_note.nr +++ b/noir-projects/noir-contracts/contracts/token_blacklist_contract/src/types/token_note.nr @@ -61,10 +61,10 @@ impl Eq for TokenNote { impl OwnedNote for TokenNote { fn new(amount: U128, owner: AztecAddress) -> Self { - /// Safety: We use the randomness to preserve the privacy of the note recipient by preventing brute-forcing, - /// so a malicious sender could use non-random values to make the note less private. But they already know - /// the full note pre-image anyway, and so the recipient already trusts them to not disclose this - /// information. We can therefore assume that the sender will cooperate in the random value generation. + // Safety: We use the randomness to preserve the privacy of the note recipient by preventing brute-forcing, + // so a malicious sender could use non-random values to make the note less private. But they already know + // the full note pre-image anyway, and so the recipient already trusts them to not disclose this + // information. We can therefore assume that the sender will cooperate in the random value generation. let randomness = unsafe { random() }; Self { amount, owner, randomness, header: NoteHeader::empty() } } diff --git a/noir-projects/noir-contracts/contracts/token_contract/src/main.nr b/noir-projects/noir-contracts/contracts/token_contract/src/main.nr index 2280e439c67..74a98993157 100644 --- a/noir-projects/noir-contracts/contracts/token_contract/src/main.nr +++ b/noir-projects/noir-contracts/contracts/token_contract/src/main.nr @@ -448,10 +448,10 @@ pub contract Token { // TODO(#7775): Manually fetching the randomness here is not great. If we decide to include randomness in all // notes we could just inject it in macros. - /// Safety: We use the randomness to preserve the privacy of the note recipient by preventing brute-forcing, - /// so a malicious sender could use non-random values to make the note less private. But they already know - /// the full note pre-image anyway, and so the recipient already trusts them to not disclose this - /// information. We can therefore assume that the sender will cooperate in the random value generation. + // Safety: We use the randomness to preserve the privacy of the note recipient by preventing brute-forcing, + // so a malicious sender could use non-random values to make the note less private. But they already know + // the full note pre-image anyway, and so the recipient already trusts them to not disclose this + // information. We can therefore assume that the sender will cooperate in the random value generation. let note_randomness = unsafe { random() }; let note_setup_payload = UintNote::setup_payload().new(to, note_randomness, to_note_slot); diff --git a/noir-projects/noir-protocol-circuits/crates/blob/src/blob.nr b/noir-projects/noir-protocol-circuits/crates/blob/src/blob.nr index c2cd0a3a68b..a96399df1db 100644 --- a/noir-projects/noir-protocol-circuits/crates/blob/src/blob.nr +++ b/noir-projects/noir-protocol-circuits/crates/blob/src/blob.nr @@ -68,7 +68,7 @@ unconstrained fn __field_to_bignum_limbs(x: Field) -> [Field; 3] { // Only works for bignums with modulus larger than the BN Fr size (which is true // for the bls12-381 Fr field). fn field_to_bignum(x: Field) -> F { - /// Safety: we constrain the limbs below + // Safety: we constrain the limbs below let __x_limbs = unsafe { __field_to_bignum_limbs(x) }; let mut check = __x_limbs[3 - 1]; @@ -219,7 +219,7 @@ fn barycentric_evaluate_blob_at_z(z: F, ys: [F; FIELDS_PER_BLOB]) -> F { // i=0 let NUM_PARTIAL_SUMS = FIELDS_PER_BLOB / 8; - /// Safety: This sum is checked by the following `BigNum::evaluate_quadratic_expression` calls. + // Safety: This sum is checked by the following `BigNum::evaluate_quadratic_expression` calls. let partial_sums: [F; FIELDS_PER_BLOB / 8] = unsafe { __compute_partial_sums(fracs, ROOTS) }; @@ -303,7 +303,7 @@ fn barycentric_evaluate_blob_at_z(z: F, ys: [F; FIELDS_PER_BLOB]) -> F { // There's no need to jump through hoops to check partial sums if we don't need to constrain the result. // We can just calculate the final sum. - /// Safety: We're running under the condition that `std::runtime::is_unconstrained()` is true. + // Safety: We're running under the condition that `std::runtime::is_unconstrained()` is true. unsafe { __compute_sum(fracs, ROOTS) } @@ -328,8 +328,8 @@ fn compute_factor(z: F) -> F { let z_pow_d = t; - /// Safety: We immediately check that this result is correct in the following - /// `BigNum::evaluate_quadratic_expression` call. + // Safety: We immediately check that this result is correct in the following + // `BigNum::evaluate_quadratic_expression` call. let factor = unsafe { __compute_factor_helper(z_pow_d) }; // (z_pow_d - one) * (D_INV) - factor = 0 @@ -381,8 +381,8 @@ unconstrained fn __compute_fracs( } fn compute_fracs(z: F, ys: [F; FIELDS_PER_BLOB]) -> [F; FIELDS_PER_BLOB] { - /// Safety: We immediately constrain these `fracs` to be correct in the following call - /// to `BigNum::evaluate_quadratic_expression`. + // Safety: We immediately constrain these `fracs` to be correct in the following call + // to `BigNum::evaluate_quadratic_expression`. let mut fracs: [F; FIELDS_PER_BLOB] = unsafe { __compute_fracs(z, ys, ROOTS) }; if !std::runtime::is_unconstrained() { @@ -726,7 +726,7 @@ mod tests { for i in 0..FIELDS_PER_BLOB { fields[i] = field_to_bignum(i as Field); } - /// Safety: this is a test + // Safety: this is a test unsafe { let partial_sums = __compute_partial_sums(fields, ROOTS); let sum = __compute_sum(fields, ROOTS); diff --git a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/components/previous_kernel_validator.nr b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/components/previous_kernel_validator.nr index 811f772df8f..d6a094f0662 100644 --- a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/components/previous_kernel_validator.nr +++ b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/components/previous_kernel_validator.nr @@ -17,7 +17,7 @@ pub struct PreviousKernelValidator { impl PreviousKernelValidator { pub fn new(previous_kernel: PrivateKernelData) -> Self { - /// Safety: the below hints are constrained by the following methods. See private_kernel_inner for use. + // Safety: the below hints are constrained by the following methods. See private_kernel_inner for use. let hints = unsafe { generate_previous_kernel_validator_hints(previous_kernel.public_inputs) }; PreviousKernelValidator { previous_kernel, hints } diff --git a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/components/private_call_data_validator.nr b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/components/private_call_data_validator.nr index 57ca3a787fa..9ebcaf91a0f 100644 --- a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/components/private_call_data_validator.nr +++ b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/components/private_call_data_validator.nr @@ -258,7 +258,7 @@ impl PrivateCallDataValidator { // function. This check for that function guarantees that the counter won't fall into one of its nested calls. // In this case, we can simply use 0 and make the following check pass. let min_revertible_side_effect_counter = public_inputs.min_revertible_side_effect_counter; - /// Safety: the index is constrained in validate_split_ranges below. + // Safety: the index is constrained in validate_split_ranges below. let first_revertible_index = unsafe { find_first_revertible_item_index( public_inputs.min_revertible_side_effect_counter, @@ -377,7 +377,7 @@ impl PrivateCallDataValidator { for i in 0..logs.len() { let log = logs[i]; if log.note_hash_counter != 0 { - /// Safety: the index is constrained by the checks below. + // Safety: the index is constrained by the checks below. let note_index = unsafe { find_index_hint( accumulated_note_hashes, diff --git a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/components/private_call_data_validator/find_first_revertible_item_index.nr b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/components/private_call_data_validator/find_first_revertible_item_index.nr index 0bc0a08376b..53b77a7c5f5 100644 --- a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/components/private_call_data_validator/find_first_revertible_item_index.nr +++ b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/components/private_call_data_validator/find_first_revertible_item_index.nr @@ -36,7 +36,7 @@ mod tests { pub fn execute_to_equal(self, expected: u32) { let private_call = self.private_call.to_private_circuit_public_inputs(); - /// Safety: this is a test + // Safety: this is a test let index = unsafe { find_first_revertible_item_index( private_call.min_revertible_side_effect_counter, diff --git a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/components/tail_output_validator.nr b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/components/tail_output_validator.nr index d5f42334af8..b2727c45696 100644 --- a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/components/tail_output_validator.nr +++ b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/components/tail_output_validator.nr @@ -26,7 +26,7 @@ impl TailOutputValidator { output: PrivateToRollupKernelCircuitPublicInputs, previous_kernel: PrivateKernelCircuitPublicInputs, ) -> Self { - /// Safety: the below hints are constrained by calling validate(). See private_kernel_tail for use. + // Safety: the below hints are constrained by calling validate(). See private_kernel_tail for use. let hints = unsafe { generate_tail_output_hints(previous_kernel) }; TailOutputValidator::new_with_hints(output, previous_kernel, hints) } diff --git a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/components/tail_to_public_output_validator.nr b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/components/tail_to_public_output_validator.nr index 5905cbe4f8d..c3b3ae14823 100644 --- a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/components/tail_to_public_output_validator.nr +++ b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/components/tail_to_public_output_validator.nr @@ -31,7 +31,7 @@ impl TailToPublicOutputValidator { output: PrivateToPublicKernelCircuitPublicInputs, previous_kernel: PrivateKernelCircuitPublicInputs, ) -> Self { - /// Safety: the below hints are constrained by calling .validate(). See private_kernel_tail_to_public for use. + // Safety: the below hints are constrained by calling .validate(). See private_kernel_tail_to_public for use. let hints = unsafe { generate_tail_to_public_output_hints(previous_kernel) }; TailToPublicOutputValidator { output, previous_kernel, hints } } diff --git a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/private_kernel_init.nr b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/private_kernel_init.nr index 11a006111a6..52fcb74ea17 100644 --- a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/private_kernel_init.nr +++ b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/private_kernel_init.nr @@ -61,7 +61,7 @@ impl PrivateKernelInitCircuitPrivateInputs { } // Generate output. - /// Safety: The output is validated below by PrivateKernelCircuitOutputValidator. + // Safety: The output is validated below by PrivateKernelCircuitOutputValidator. let output = unsafe { self.generate_output() }; // Validate inputs. diff --git a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/private_kernel_inner.nr b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/private_kernel_inner.nr index f973399df79..43a9317724e 100644 --- a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/private_kernel_inner.nr +++ b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/private_kernel_inner.nr @@ -54,7 +54,7 @@ impl PrivateKernelInnerCircuitPrivateInputs { } // Generate output. - /// Safety: The output is validated below by PrivateKernelCircuitOutputValidator. + // Safety: The output is validated below by PrivateKernelCircuitOutputValidator. let output = unsafe { self.generate_output() }; // Validate inputs. diff --git a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/private_kernel_reset.nr b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/private_kernel_reset.nr index 9f3227993e2..47a34fe5054 100644 --- a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/private_kernel_reset.nr +++ b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/private_kernel_reset.nr @@ -96,7 +96,7 @@ impl PrivateKernelCircuitPublicInputsComposer { let previous_kernel = self.previous_kernel.to_private_kernel_circuit_public_inputs(); - /// Safety: This is only used in tests. + // Safety: This is only used in tests. unsafe { PrivateKernelCircuitPublicInputsComposer::new_from_previous_kernel(previous_kernel) } @@ -81,7 +81,7 @@ impl PrivateKernelCircuitPublicInputsComposerBuilder { previous_kernel.end.private_call_stack[num_private_call_requests].args_hash = 98765432; let private_call = self.private_call.to_private_call_data(); - /// Safety: This is only used in tests. + // Safety: This is only used in tests. unsafe { PrivateKernelCircuitPublicInputsComposer::new_from_previous_kernel(previous_kernel) .pop_top_call_request() diff --git a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/tests/reset_output_validator_builder/mod.nr b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/tests/reset_output_validator_builder/mod.nr index 5fd4e507259..b2e3b299e29 100644 --- a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/tests/reset_output_validator_builder/mod.nr +++ b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/tests/reset_output_validator_builder/mod.nr @@ -88,7 +88,7 @@ impl ResetOutputValidatorBuilder { pub fn get_hints(self) -> ResetOutputHints { let previous_kernel = self.previous_kernel.to_private_kernel_circuit_public_inputs(); - /// Safety: This is only used in tests. + // Safety: This is only used in tests. unsafe { generate_reset_output_hints(previous_kernel, self.transient_data_index_hints) } diff --git a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/tests/tail_output_composer_builder/mod.nr b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/tests/tail_output_composer_builder/mod.nr index 637315e2fc5..0edefeb01e9 100644 --- a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/tests/tail_output_composer_builder/mod.nr +++ b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/tests/tail_output_composer_builder/mod.nr @@ -19,7 +19,7 @@ impl TailOutputComposerBuilder { pub fn finish(self) -> PrivateToRollupKernelCircuitPublicInputs { let previous_kernel = self.previous_kernel.to_private_kernel_circuit_public_inputs(); - /// Safety: This is only used in tests. + // Safety: This is only used in tests. unsafe { let composer = TailOutputComposer::new(previous_kernel); composer.finish() diff --git a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/tests/tail_output_validator_builder/mod.nr b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/tests/tail_output_validator_builder/mod.nr index 879680f49d7..f831e524dfc 100644 --- a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/tests/tail_output_validator_builder/mod.nr +++ b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/tests/tail_output_validator_builder/mod.nr @@ -43,7 +43,7 @@ impl TailOutputValidatorBuilder { pub fn get_hints(self) -> TailOutputHints { let previous_kernel = self.previous_kernel.to_private_kernel_circuit_public_inputs(); - /// Safety: This is only used in tests. + // Safety: This is only used in tests. unsafe { generate_tail_output_hints(previous_kernel) } diff --git a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/tests/tail_to_public_output_composer_builder/mod.nr b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/tests/tail_to_public_output_composer_builder/mod.nr index d28331b0aeb..1b68723a511 100644 --- a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/tests/tail_to_public_output_composer_builder/mod.nr +++ b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/tests/tail_to_public_output_composer_builder/mod.nr @@ -21,7 +21,7 @@ impl TailToPublicOutputComposerBuilder { pub fn finish(self) -> PrivateToPublicKernelCircuitPublicInputs { let previous_kernel = self.previous_kernel.to_private_kernel_circuit_public_inputs(); - /// Safety: This is only used in tests. + // Safety: This is only used in tests. unsafe { let composer = TailToPublicOutputComposer::new(previous_kernel); composer.finish() diff --git a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/tests/tail_to_public_output_composer_builder/split_to_public.nr b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/tests/tail_to_public_output_composer_builder/split_to_public.nr index afff429566c..20e685f15dd 100644 --- a/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/tests/tail_to_public_output_composer_builder/split_to_public.nr +++ b/noir-projects/noir-protocol-circuits/crates/private-kernel-lib/src/tests/tail_to_public_output_composer_builder/split_to_public.nr @@ -21,7 +21,7 @@ fn split_to_public_succeeds() { builder.append_public_call_requests(2); let combined_data = builder.to_private_to_public_accumulated_data(); - /// Safety: This is a test. + // Safety: This is a test. let (non_revertible, revertible) = unsafe { split_to_public( builder.to_private_accumulated_data_builder(), diff --git a/noir-projects/noir-protocol-circuits/crates/reset-kernel-lib/src/note_hash_read_request_reset.nr b/noir-projects/noir-protocol-circuits/crates/reset-kernel-lib/src/note_hash_read_request_reset.nr index b5784b9880b..fee5a5802d3 100644 --- a/noir-projects/noir-protocol-circuits/crates/reset-kernel-lib/src/note_hash_read_request_reset.nr +++ b/noir-projects/noir-protocol-circuits/crates/reset-kernel-lib/src/note_hash_read_request_reset.nr @@ -175,7 +175,7 @@ mod tests { pub fn verify(self) { let (settled_hints, tree_root) = self.get_settled_read_hints(); - /// Safety: this is only used in tests. + // Safety: this is only used in tests. let unverified_read_requests = unsafe { self.get_unverified_read_requests() }; verify_reset_read_requests( self.read_requests, @@ -192,7 +192,7 @@ mod tests { #[test] fn verify_reset_note_hash_read_requests_clears_all_succeeds() { let builder = TestBuilder::new(); - /// Safety: this is a test. + // Safety: this is a test. let unverified_read_requests = unsafe { builder.get_unverified_read_requests() }; assert(is_empty_array(unverified_read_requests)); @@ -207,7 +207,7 @@ mod tests { builder.read_request_statuses[4] = ReadRequestStatus::empty(); let read_requests = builder.read_requests; - /// Safety: this is a test. + // Safety: this is a test. let unverified_read_requests = unsafe { builder.get_unverified_read_requests() }; assert_array_eq( unverified_read_requests, diff --git a/noir-projects/noir-protocol-circuits/crates/reset-kernel-lib/src/nullifier_read_request_reset.nr b/noir-projects/noir-protocol-circuits/crates/reset-kernel-lib/src/nullifier_read_request_reset.nr index c5ad62829b1..e0f129f583e 100644 --- a/noir-projects/noir-protocol-circuits/crates/reset-kernel-lib/src/nullifier_read_request_reset.nr +++ b/noir-projects/noir-protocol-circuits/crates/reset-kernel-lib/src/nullifier_read_request_reset.nr @@ -183,7 +183,7 @@ mod tests { pub fn verify(self) { let (settled_hints, tree_root) = self.get_settled_read_hints(); - /// Safety: this is only used in tests. + // Safety: this is only used in tests. let unverified_read_requests = unsafe { self.get_unverified_read_requests() }; verify_reset_read_requests( self.read_requests, @@ -200,7 +200,7 @@ mod tests { #[test] fn verify_reset_nullifier_read_requests_clears_all_succeeds() { let builder = TestBuilder::new(); - /// Safety: this is a test. + // Safety: this is a test. let unverified_read_requests = unsafe { builder.get_unverified_read_requests() }; assert(is_empty_array(unverified_read_requests)); @@ -215,7 +215,7 @@ mod tests { builder.read_request_statuses[4] = ReadRequestStatus::empty(); let read_requests = builder.read_requests; - /// Safety: this is a test. + // Safety: this is a test. let unverified_read_requests = unsafe { builder.get_unverified_read_requests() }; assert_array_eq( unverified_read_requests, diff --git a/noir-projects/noir-protocol-circuits/crates/reset-kernel-lib/src/reset/key_validation_hint.nr b/noir-projects/noir-protocol-circuits/crates/reset-kernel-lib/src/reset/key_validation_hint.nr index d647ef3849b..9be3f1ab936 100644 --- a/noir-projects/noir-protocol-circuits/crates/reset-kernel-lib/src/reset/key_validation_hint.nr +++ b/noir-projects/noir-protocol-circuits/crates/reset-kernel-lib/src/reset/key_validation_hint.nr @@ -85,7 +85,7 @@ pub fn verify_reset_key_validation_requests ([bool; NUM_NOTE_HASHES], [bool; NUM_NULLIFIERS]) { - /// Safety: This is only used in tests. + // Safety: This is only used in tests. let squashed_note_hash_hints = unsafe { get_squashed_note_hash_hints(self.transient_data_index_hints) }; - /// Safety: This is only used in tests. + // Safety: This is only used in tests. let squashed_nullifier_hints = unsafe { get_squashed_nullifier_hints(self.transient_data_index_hints) }; (squashed_note_hash_hints, squashed_nullifier_hints) diff --git a/noir-projects/noir-protocol-circuits/crates/rollup-lib/src/abis/previous_rollup_block_data.nr b/noir-projects/noir-protocol-circuits/crates/rollup-lib/src/abis/previous_rollup_block_data.nr index 7212e5d189d..1f56dae2488 100644 --- a/noir-projects/noir-protocol-circuits/crates/rollup-lib/src/abis/previous_rollup_block_data.nr +++ b/noir-projects/noir-protocol-circuits/crates/rollup-lib/src/abis/previous_rollup_block_data.nr @@ -48,7 +48,7 @@ impl PreviousRollupBlockData { self.vk.check_hash(); let leaf_index = self.vk_witness.leaf_index as u32; - /// Safety: This is a hint which is constrained by the asserts below. + // Safety: This is a hint which is constrained by the asserts below. let index_hint = unsafe { find_index_hint(allowed_indices, |index: u32| index == leaf_index) }; assert(index_hint < N, "Invalid vk index"); diff --git a/noir-projects/noir-protocol-circuits/crates/rollup-lib/src/abis/previous_rollup_data.nr b/noir-projects/noir-protocol-circuits/crates/rollup-lib/src/abis/previous_rollup_data.nr index aa423d33513..a4938805448 100644 --- a/noir-projects/noir-protocol-circuits/crates/rollup-lib/src/abis/previous_rollup_data.nr +++ b/noir-projects/noir-protocol-circuits/crates/rollup-lib/src/abis/previous_rollup_data.nr @@ -48,7 +48,7 @@ impl PreviousRollupData { self.vk.check_hash(); let leaf_index = self.vk_witness.leaf_index as u32; - /// Safety: This is a hint which is constrained by the asserts below. + // Safety: This is a hint which is constrained by the asserts below. let index_hint = unsafe { find_index_hint(allowed_indices, |index: u32| index == leaf_index) }; assert(index_hint < N, "Invalid vk index"); diff --git a/noir-projects/noir-protocol-circuits/crates/rollup-lib/src/base/private_base_rollup.nr b/noir-projects/noir-protocol-circuits/crates/rollup-lib/src/base/private_base_rollup.nr index d5a2ae2582a..603fa842bd4 100644 --- a/noir-projects/noir-protocol-circuits/crates/rollup-lib/src/base/private_base_rollup.nr +++ b/noir-projects/noir-protocol-circuits/crates/rollup-lib/src/base/private_base_rollup.nr @@ -445,7 +445,7 @@ mod tests { let mut low_nullifier_membership_witness = [MembershipWitness::empty(); MAX_NULLIFIERS_PER_TX]; - /// Safety: This is a mock for testing only + // Safety: This is a mock for testing only let sorted_new_nullifier_tuples = unsafe { get_sorted_tuple( self.nullifiers.storage().map(|insertion: NullifierInsertion| insertion.value), @@ -634,7 +634,7 @@ mod tests { } fn execute(self) -> BaseOrMergeRollupPublicInputs { - /// Safety: This is a mock for testing only + // Safety: This is a mock for testing only let inputs = unsafe { self.build_inputs() }; inputs.execute() } diff --git a/noir-projects/noir-protocol-circuits/crates/rollup-lib/src/base/public_base_rollup.nr b/noir-projects/noir-protocol-circuits/crates/rollup-lib/src/base/public_base_rollup.nr index e3d8c499bca..69968ee58a7 100644 --- a/noir-projects/noir-protocol-circuits/crates/rollup-lib/src/base/public_base_rollup.nr +++ b/noir-projects/noir-protocol-circuits/crates/rollup-lib/src/base/public_base_rollup.nr @@ -325,7 +325,7 @@ mod tests { } fn execute(self) -> BaseOrMergeRollupPublicInputs { - /// Safety: This is a mock for testing only + // Safety: This is a mock for testing only let inputs = unsafe { self.build_inputs() }; inputs.execute() } diff --git a/noir-projects/noir-protocol-circuits/crates/rollup-lib/src/block_root/components/block_root_rollup_output_composer.nr b/noir-projects/noir-protocol-circuits/crates/rollup-lib/src/block_root/components/block_root_rollup_output_composer.nr index b98f07bf1e5..0f24b843afa 100644 --- a/noir-projects/noir-protocol-circuits/crates/rollup-lib/src/block_root/components/block_root_rollup_output_composer.nr +++ b/noir-projects/noir-protocol-circuits/crates/rollup-lib/src/block_root/components/block_root_rollup_output_composer.nr @@ -207,7 +207,7 @@ impl BlockRootRollupOutputComposer { self.merged_rollup.end_sponge_blob, ) } else { - /// Safety: TODO(#10323): this was added to save simulation time, if/when simulation times of unconstrained are improved, remove this. + // Safety: TODO(#10323): this was added to save simulation time, if/when simulation times of unconstrained are improved, remove this. unsafe { blob::mock_blob_oracle::evaluate_blobs( data.blobs_fields, diff --git a/noir-projects/noir-protocol-circuits/crates/rollup-lib/src/components.nr b/noir-projects/noir-protocol-circuits/crates/rollup-lib/src/components.nr index 68422209e2a..2bd31612fa1 100644 --- a/noir-projects/noir-protocol-circuits/crates/rollup-lib/src/components.nr +++ b/noir-projects/noir-protocol-circuits/crates/rollup-lib/src/components.nr @@ -204,7 +204,7 @@ fn get_tx_effects_hash_input( silo_contract_class_log_hash(log) }); - /// Safety: This constructs the array of effects and is constrained below. + // Safety: This constructs the array of effects and is constrained below. let mut tx_effects_hash_input = unsafe { get_tx_effects_hash_input_helper( tx_effect.tx_hash, diff --git a/noir-projects/noir-protocol-circuits/crates/rollup-lib/src/tests/rollup_fixture_builder.nr b/noir-projects/noir-protocol-circuits/crates/rollup-lib/src/tests/rollup_fixture_builder.nr index 61c83cebc2e..53e2b12880c 100644 --- a/noir-projects/noir-protocol-circuits/crates/rollup-lib/src/tests/rollup_fixture_builder.nr +++ b/noir-projects/noir-protocol-circuits/crates/rollup-lib/src/tests/rollup_fixture_builder.nr @@ -276,7 +276,7 @@ impl RollupFixtureBuilder { } pub fn mock_evaluate_blobs(_self: Self) { - /// Safety: Mock the oracle call when the blob data is not relevant to the test. + // Safety: Mock the oracle call when the blob data is not relevant to the test. unsafe { let _ = OracleMock::mock("evaluateBlobs").returns(BlockBlobPublicInputs::empty()); } diff --git a/noir-projects/noir-protocol-circuits/crates/types/src/abis/private_kernel_data.nr b/noir-projects/noir-protocol-circuits/crates/types/src/abis/private_kernel_data.nr index b5022d3ec7f..8f5ee547c51 100644 --- a/noir-projects/noir-protocol-circuits/crates/types/src/abis/private_kernel_data.nr +++ b/noir-projects/noir-protocol-circuits/crates/types/src/abis/private_kernel_data.nr @@ -23,8 +23,8 @@ impl PrivateKernelData { } else { self.vk_index }; - /// Safety: find_index_hint should return an index into allowed_indices where `index == index_in_allowed_list`. - /// The assertion below then verifies that the condition is met. + // Safety: find_index_hint should return an index into allowed_indices where `index == index_in_allowed_list`. + // The assertion below then verifies that the condition is met. let index_hint = unsafe { find_index_hint(allowed_indices, |index: u32| index == index_in_allowed_list) }; diff --git a/noir-projects/noir-protocol-circuits/crates/types/src/debug.nr b/noir-projects/noir-protocol-circuits/crates/types/src/debug.nr index 31ccafc068f..ee5db13a690 100644 --- a/noir-projects/noir-protocol-circuits/crates/types/src/debug.nr +++ b/noir-projects/noir-protocol-circuits/crates/types/src/debug.nr @@ -9,7 +9,7 @@ unconstrained fn no_op_oracle_wrapper(value: T) { } pub fn no_op(value: T) { - /// Safety: This is a no op + // Safety: This is a no op unsafe { no_op_oracle_wrapper(value); } diff --git a/noir-projects/noir-protocol-circuits/crates/types/src/debug_log.nr b/noir-projects/noir-protocol-circuits/crates/types/src/debug_log.nr index e2949cc6ec0..7d3651a620b 100644 --- a/noir-projects/noir-protocol-circuits/crates/types/src/debug_log.nr +++ b/noir-projects/noir-protocol-circuits/crates/types/src/debug_log.nr @@ -11,8 +11,8 @@ pub fn debug_log(msg: str) { /// debug_log_format("get_2(slot:{0}) =>\n\t0:{1}\n\t1:{2}", [storage_slot, note0_hash, note1_hash]); /// debug_log_format("whole array: {}", [e1, e2, e3, e4]); pub fn debug_log_format(msg: str, args: [Field; N]) { - /// Safety: This oracle call returns nothing: we only call it for its side effects. It is therefore always safe - /// to call. + // Safety: This oracle call returns nothing: we only call it for its side effects. It is therefore always safe + // to call. unsafe { debug_log_oracle_wrapper(msg, args) }; } diff --git a/noir-projects/noir-protocol-circuits/crates/types/src/merkle_tree/variable_merkle_tree.nr b/noir-projects/noir-protocol-circuits/crates/types/src/merkle_tree/variable_merkle_tree.nr index afb3013553e..f589293c4c6 100644 --- a/noir-projects/noir-protocol-circuits/crates/types/src/merkle_tree/variable_merkle_tree.nr +++ b/noir-projects/noir-protocol-circuits/crates/types/src/merkle_tree/variable_merkle_tree.nr @@ -43,9 +43,9 @@ unconstrained fn get_next_power_exponent(input: u32, start: u8) -> u8 { /// # Returns /// The previous power of 2 fn get_prev_power_2(value: u32) -> u32 { - /// Safety: This is a hint that we'll use to compute the next and previous powers of two, which we check to be - /// larger and smaller than respectively. The get_next_power_exponent function happens to return exactly what - /// we need. + // Safety: This is a hint that we'll use to compute the next and previous powers of two, which we check to be + // larger and smaller than respectively. The get_next_power_exponent function happens to return exactly what + // we need. let next_power_exponent = unsafe { get_next_power_exponent(value, 0) }; let next_power_2 = 1 << next_power_exponent; diff --git a/noir-projects/noir-protocol-circuits/crates/types/src/proof/vk_data.nr b/noir-projects/noir-protocol-circuits/crates/types/src/proof/vk_data.nr index efd4f9d1d8f..612f69f77eb 100644 --- a/noir-projects/noir-protocol-circuits/crates/types/src/proof/vk_data.nr +++ b/noir-projects/noir-protocol-circuits/crates/types/src/proof/vk_data.nr @@ -14,8 +14,8 @@ impl VkData { pub fn validate_in_vk_tree(self, vk_tree_root: Field, allowed_indices: [u32; N]) { self.vk.check_hash(); - /// Safety: find_index_hint should return an index into allowed_indices where - /// `index == index_in_allowed_list`. The assertion below then verifies that the condition is met. + // Safety: find_index_hint should return an index into allowed_indices where + // `index == index_in_allowed_list`. The assertion below then verifies that the condition is met. let index_hint = unsafe { find_index_hint(allowed_indices, |index: u32| index == self.vk_index) }; assert(index_hint < N, "Invalid vk index"); diff --git a/noir-projects/noir-protocol-circuits/crates/types/src/utils/arrays.nr b/noir-projects/noir-protocol-circuits/crates/types/src/utils/arrays.nr index 67b27f858c0..a75f18bc299 100644 --- a/noir-projects/noir-protocol-circuits/crates/types/src/utils/arrays.nr +++ b/noir-projects/noir-protocol-circuits/crates/types/src/utils/arrays.nr @@ -113,8 +113,8 @@ where { // We get the length by checking the index of the first empty element. - /// Safety: This is safe because we have validated the array (see function doc above) and the emptiness - /// of the element and non-emptiness of the previous element is checked below. + // Safety: This is safe because we have validated the array (see function doc above) and the emptiness + // of the element and non-emptiness of the previous element is checked below. let length = unsafe { find_index_hint(array, |elem: T| is_empty(elem)) }; if length != 0 { assert(!is_empty(array[length - 1])); @@ -141,7 +141,7 @@ pub fn array_merge(array1: [T; N], array2: [T; N]) -> [T; N] where T: Empty + Eq, { - /// Safety: we constrain this array below + // Safety: we constrain this array below let result = unsafe { array_merge_helper(array1, array2) }; // We assume arrays have been validated. The only use cases so far are with previously validated arrays. let array1_len = array_length(array1); diff --git a/noir-projects/noir-protocol-circuits/crates/types/src/utils/arrays/assert_split_transformed_value_arrays.nr b/noir-projects/noir-protocol-circuits/crates/types/src/utils/arrays/assert_split_transformed_value_arrays.nr index 83d1ae96c4a..e933e68f5f1 100644 --- a/noir-projects/noir-protocol-circuits/crates/types/src/utils/arrays/assert_split_transformed_value_arrays.nr +++ b/noir-projects/noir-protocol-circuits/crates/types/src/utils/arrays/assert_split_transformed_value_arrays.nr @@ -59,7 +59,7 @@ where T: Ordered + Empty + Eq, S: Empty + Eq, { - /// Safety: The value is constrained by `assert_split_transformed_value_arrays_with_hint`. + // Safety: The value is constrained by `assert_split_transformed_value_arrays_with_hint`. let num_non_revertibles = unsafe { find_index_hint(sorted_array, |n: T| n.counter() >= split_counter) }; diff --git a/noir/noir-repo/.github/workflows/reports.yml b/noir/noir-repo/.github/workflows/reports.yml index 10169f4249c..74967b901c8 100644 --- a/noir/noir-repo/.github/workflows/reports.yml +++ b/noir/noir-repo/.github/workflows/reports.yml @@ -552,6 +552,7 @@ jobs: auto-push: ${{ github.ref == 'refs/heads/master' }} alert-threshold: "120%" comment-on-alert: true + comment-always: ${{ contains( github.event.pull_request.labels.*.name, 'bench-show') }} fail-on-alert: false alert-comment-cc-users: "@TomAFrench" max-items-in-chart: 50 @@ -601,6 +602,7 @@ jobs: auto-push: ${{ github.ref == 'refs/heads/master' }} alert-threshold: "120%" comment-on-alert: true + comment-always: ${{ contains( github.event.pull_request.labels.*.name, 'bench-show') }} fail-on-alert: false alert-comment-cc-users: "@TomAFrench" max-items-in-chart: 50 @@ -650,6 +652,7 @@ jobs: auto-push: ${{ github.ref == 'refs/heads/master' }} alert-threshold: "120%" comment-on-alert: true + comment-always: ${{ contains( github.event.pull_request.labels.*.name, 'bench-show') }} fail-on-alert: false alert-comment-cc-users: "@TomAFrench" max-items-in-chart: 50 @@ -700,6 +703,7 @@ jobs: auto-push: ${{ github.ref == 'refs/heads/master' }} alert-threshold: "120%" comment-on-alert: true + comment-always: ${{ contains( github.event.pull_request.labels.*.name, 'bench-show') }} fail-on-alert: false alert-comment-cc-users: "@TomAFrench" max-items-in-chart: 50 diff --git a/noir/noir-repo/.github/workflows/test-js-packages.yml b/noir/noir-repo/.github/workflows/test-js-packages.yml index 3b0c1a79d92..2e0f226b0a2 100644 --- a/noir/noir-repo/.github/workflows/test-js-packages.yml +++ b/noir/noir-repo/.github/workflows/test-js-packages.yml @@ -637,6 +637,7 @@ jobs: auto-push: ${{ github.ref == 'refs/heads/master' }} alert-threshold: "120%" comment-on-alert: true + comment-always: ${{ contains( github.event.pull_request.labels.*.name, 'bench-show') }} fail-on-alert: false alert-comment-cc-users: "@TomAFrench" max-items-in-chart: 50 diff --git a/noir/noir-repo/Cargo.lock b/noir/noir-repo/Cargo.lock index f5a360067ce..f1162d2bcf6 100644 --- a/noir/noir-repo/Cargo.lock +++ b/noir/noir-repo/Cargo.lock @@ -3454,6 +3454,7 @@ name = "noirc_printable_type" version = "1.0.0-beta.2" dependencies = [ "acvm", + "proptest", "serde", ] diff --git a/noir/noir-repo/compiler/noirc_evaluator/proptest-regressions/acir/acir_variable.txt b/noir/noir-repo/compiler/noirc_evaluator/proptest-regressions/acir/acir_variable.txt new file mode 100644 index 00000000000..5b56172668b --- /dev/null +++ b/noir/noir-repo/compiler/noirc_evaluator/proptest-regressions/acir/acir_variable.txt @@ -0,0 +1,7 @@ +# Seeds for failure cases proptest has generated in the past. It is +# automatically read and these particular cases re-run before any +# novel cases are generated. +# +# It is recommended to check this file in to source control so that +# everyone who runs the test benefits from these saved cases. +cc 5c73714aa60966f1e26e79441f4a3102fe768cc6c87c9421d44cbc4b9ffa8d66 # shrinks to bit_size = 0 diff --git a/noir/noir-repo/compiler/noirc_evaluator/proptest-regressions/ssa/ir/instruction/binary.txt b/noir/noir-repo/compiler/noirc_evaluator/proptest-regressions/ssa/ir/instruction/binary.txt new file mode 100644 index 00000000000..9da471b5f2c --- /dev/null +++ b/noir/noir-repo/compiler/noirc_evaluator/proptest-regressions/ssa/ir/instruction/binary.txt @@ -0,0 +1,7 @@ +# Seeds for failure cases proptest has generated in the past. It is +# automatically read and these particular cases re-run before any +# novel cases are generated. +# +# It is recommended to check this file in to source control so that +# everyone who runs the test benefits from these saved cases. +cc 696c50cf99099048e0e1ea8d77561cc6cf49a71b480a05e0ef437d57f97c454a # shrinks to input = 0, bit_size = 0 diff --git a/noir/noir-repo/compiler/noirc_evaluator/src/acir/acir_variable.rs b/noir/noir-repo/compiler/noirc_evaluator/src/acir/acir_variable.rs index 6e1c2c450de..a4e81de3d5c 100644 --- a/noir/noir-repo/compiler/noirc_evaluator/src/acir/acir_variable.rs +++ b/noir/noir-repo/compiler/noirc_evaluator/src/acir/acir_variable.rs @@ -1026,8 +1026,7 @@ impl> AcirContext { leading: AcirVar, max_bit_size: u32, ) -> Result { - let max_power_of_two = - self.add_constant(F::from(2_u128).pow(&F::from(max_bit_size as u128 - 1))); + let max_power_of_two = self.add_constant(power_of_two::(max_bit_size - 1)); let intermediate = self.sub_var(max_power_of_two, lhs)?; let intermediate = self.mul_var(intermediate, leading)?; @@ -1057,8 +1056,7 @@ impl> AcirContext { assert_ne!(bit_size, 0, "signed integer should have at least one bit"); // 2^{max_bit size-1} - let max_power_of_two = - self.add_constant(F::from(2_u128).pow(&F::from(bit_size as u128 - 1))); + let max_power_of_two = self.add_constant(power_of_two::(bit_size - 1)); let zero = self.add_constant(F::zero()); let one = self.add_constant(F::one()); @@ -1164,7 +1162,7 @@ impl> AcirContext { max_bit_size: u32, ) -> Result { // 2^{rhs} - let divisor = self.add_constant(F::from(2_u128).pow(&F::from(rhs as u128))); + let divisor = self.add_constant(power_of_two::(rhs)); let one = self.add_constant(F::one()); // Computes lhs = 2^{rhs} * q + r @@ -1257,7 +1255,7 @@ impl> AcirContext { // TODO: perhaps this should be a user error, instead of an assert assert!(max_bits + 1 < F::max_num_bits()); - let two_max_bits = self.add_constant(F::from(2_u128).pow(&F::from(max_bits as u128))); + let two_max_bits = self.add_constant(power_of_two::(max_bits)); let diff = self.sub_var(lhs, rhs)?; let comparison_evaluation = self.add_var(diff, two_max_bits)?; @@ -1568,6 +1566,36 @@ impl> AcirContext { } } +/// Returns an `F` representing the value `2**power` +/// +/// # Panics +/// +/// Panics if `2**power` exceeds `F::modulus()`. +pub(super) fn power_of_two(power: u32) -> F { + if power >= F::max_num_bits() { + panic!("Field cannot represent this power of two"); + } + let full_bytes = power / 8; + let extra_bits = power % 8; + let most_significant_byte: u8 = match extra_bits % 8 { + 0 => 0x01, + 1 => 0x02, + 2 => 0x04, + 3 => 0x08, + 4 => 0x10, + 5 => 0x20, + 6 => 0x40, + 7 => 0x80, + _ => unreachable!("We cover the full range of x % 8"), + }; + + let bytes_be: Vec = std::iter::once(most_significant_byte) + .chain(std::iter::repeat(0).take(full_bytes as usize)) + .collect(); + + F::from_be_bytes_reduce(&bytes_be) +} + /// Enum representing the possible values that a /// Variable can be given. #[derive(Debug, Eq, Clone)] @@ -1656,3 +1684,29 @@ fn fits_in_one_identity(expr: &Expression, width: ExpressionWid /// A Reference to an `AcirVarData` #[derive(Debug, Copy, Clone, PartialEq, Eq, Hash)] pub(crate) struct AcirVar(usize); + +#[cfg(test)] +mod test { + use acvm::{AcirField, FieldElement}; + use proptest::prelude::*; + + use super::power_of_two; + + #[test] + #[should_panic = "Field cannot represent this power of two"] + fn power_of_two_panics_on_overflow() { + power_of_two::(FieldElement::max_num_bits()); + } + + proptest! { + #[test] + fn power_of_two_agrees_with_generic_impl(bit_size in (0..=128u32)) { + let power_of_two_general = + FieldElement::from(2_u128).pow(&FieldElement::from(bit_size)); + let power_of_two_opt: FieldElement = power_of_two(bit_size); + + prop_assert_eq!(power_of_two_opt, power_of_two_general); + } + + } +} diff --git a/noir/noir-repo/compiler/noirc_evaluator/src/acir/generated_acir.rs b/noir/noir-repo/compiler/noirc_evaluator/src/acir/generated_acir.rs index 7b997eb6d1f..141c9f367c2 100644 --- a/noir/noir-repo/compiler/noirc_evaluator/src/acir/generated_acir.rs +++ b/noir/noir-repo/compiler/noirc_evaluator/src/acir/generated_acir.rs @@ -356,13 +356,13 @@ impl GeneratedAcir { limb_count: u32, bit_size: u32, ) -> Result, RuntimeError> { - let radix_big = BigUint::from(radix); - let radix_range = BigUint::from(2u128)..=BigUint::from(256u128); + let radix_range = 2..=256; assert!( - radix_range.contains(&radix_big), + radix_range.contains(&radix), "ICE: Radix must be in the range 2..=256, but found: {:?}", radix ); + let radix_big = BigUint::from(radix); assert_eq!( BigUint::from(2u128).pow(bit_size), radix_big, diff --git a/noir/noir-repo/compiler/noirc_evaluator/src/acir/mod.rs b/noir/noir-repo/compiler/noirc_evaluator/src/acir/mod.rs index 46c08242ce6..dc6b3826b60 100644 --- a/noir/noir-repo/compiler/noirc_evaluator/src/acir/mod.rs +++ b/noir/noir-repo/compiler/noirc_evaluator/src/acir/mod.rs @@ -51,7 +51,7 @@ use crate::ssa::{ }, ssa_gen::Ssa, }; -use acir_variable::{AcirContext, AcirType, AcirVar}; +use acir_variable::{power_of_two, AcirContext, AcirType, AcirVar}; use generated_acir::BrilligStdlibFunc; pub(crate) use generated_acir::GeneratedAcir; use noirc_frontend::hir_def::types::Type as HirType; @@ -2122,7 +2122,8 @@ impl<'a> Context<'a> { ) { // Subtractions must first have the integer modulus added before truncation can be // applied. This is done in order to prevent underflow. - let integer_modulus = self.acir_context.add_constant(2_u128.pow(bit_size)); + let integer_modulus = power_of_two::(bit_size); + let integer_modulus = self.acir_context.add_constant(integer_modulus); var = self.acir_context.add_var(var, integer_modulus)?; } } diff --git a/noir/noir-repo/compiler/noirc_evaluator/src/ssa/ir/instruction.rs b/noir/noir-repo/compiler/noirc_evaluator/src/ssa/ir/instruction.rs index 27c060cb1b5..178e15e4e32 100644 --- a/noir/noir-repo/compiler/noirc_evaluator/src/ssa/ir/instruction.rs +++ b/noir/noir-repo/compiler/noirc_evaluator/src/ssa/ir/instruction.rs @@ -1,3 +1,4 @@ +use binary::truncate_field; use serde::{Deserialize, Serialize}; use std::hash::{Hash, Hasher}; @@ -968,9 +969,8 @@ impl Instruction { return SimplifiedTo(*value); } if let Some((numeric_constant, typ)) = dfg.get_numeric_constant_with_type(*value) { - let integer_modulus = 2_u128.pow(*bit_size); - let truncated = numeric_constant.to_u128() % integer_modulus; - SimplifiedTo(dfg.make_constant(truncated.into(), typ)) + let truncated_field = truncate_field(numeric_constant, *bit_size); + SimplifiedTo(dfg.make_constant(truncated_field, typ)) } else if let Value::Instruction { instruction, .. } = &dfg[dfg.resolve(*value)] { match &dfg[*instruction] { Instruction::Truncate { bit_size: src_bit_size, .. } => { diff --git a/noir/noir-repo/compiler/noirc_evaluator/src/ssa/ir/instruction/binary.rs b/noir/noir-repo/compiler/noirc_evaluator/src/ssa/ir/instruction/binary.rs index 217ffd35e02..1550c9ea050 100644 --- a/noir/noir-repo/compiler/noirc_evaluator/src/ssa/ir/instruction/binary.rs +++ b/noir/noir-repo/compiler/noirc_evaluator/src/ssa/ir/instruction/binary.rs @@ -441,7 +441,7 @@ pub(crate) fn eval_constant_binary_op( } let result = function(lhs, rhs)?; // Check for overflow - if result >= 1 << bit_size { + if result != 0 && result.ilog2() >= bit_size { return None; } result.into() @@ -489,6 +489,7 @@ fn try_convert_field_element_to_signed_integer(field: FieldElement, bit_size: u3 let signed_int = if is_positive { unsigned_int as i128 } else { + assert!(bit_size < 128); let x = (1u128 << bit_size) - unsigned_int; -(x as i128) }; @@ -501,14 +502,45 @@ fn convert_signed_integer_to_field_element(int: i128, bit_size: u32) -> FieldEle FieldElement::from(int) } else { // We add an offset of `bit_size` bits to shift the negative values into the range [2^(bitsize-1), 2^bitsize) + assert!(bit_size < 128); let offset_int = (1i128 << bit_size) + int; FieldElement::from(offset_int) } } +/// Truncates `int` to fit within `bit_size` bits. fn truncate(int: u128, bit_size: u32) -> u128 { - let max = 1 << bit_size; - int % max + if bit_size == 128 { + int + } else { + let max = 1 << bit_size; + int % max + } +} + +pub(crate) fn truncate_field(int: F, bit_size: u32) -> F { + if bit_size == 0 { + return F::zero(); + } + let num_bytes = bit_size.div_ceil(8); + let mut be_bytes: Vec = + int.to_be_bytes().into_iter().rev().take(num_bytes as usize).rev().collect(); + + // We need to apply a mask to the largest byte to handle non-divisible bit sizes. + let mask = match bit_size % 8 { + 0 => 0xff, + 1 => 0x01, + 2 => 0x03, + 3 => 0x07, + 4 => 0x0f, + 5 => 0x1f, + 6 => 0x3f, + 7 => 0x7f, + _ => unreachable!("We cover the full range of x % 8"), + }; + be_bytes[0] &= mask; + + F::from_be_bytes_reduce(&be_bytes) } impl BinaryOp { @@ -588,8 +620,12 @@ mod test { use proptest::prelude::*; use super::{ - convert_signed_integer_to_field_element, try_convert_field_element_to_signed_integer, + convert_signed_integer_to_field_element, truncate_field, + try_convert_field_element_to_signed_integer, }; + use acvm::{AcirField, FieldElement}; + use num_bigint::BigUint; + use num_traits::One; proptest! { #[test] @@ -601,5 +637,18 @@ mod test { prop_assert_eq!(int, recovered_int); } + + #[test] + fn truncate_field_agrees_with_bigint_modulo(input: u128, bit_size in (0..=253u32)) { + let field = FieldElement::from(input); + let truncated_as_field = truncate_field(field, bit_size); + + let integer_modulus = BigUint::from(2_u128).pow(bit_size); + let truncated_as_bigint = BigUint::from(input) + .modpow(&BigUint::one(), &integer_modulus); + let truncated_as_bigint = FieldElement::from_be_bytes_reduce(&truncated_as_bigint.to_bytes_be()); + prop_assert_eq!(truncated_as_field, truncated_as_bigint); + } + } } diff --git a/noir/noir-repo/compiler/noirc_frontend/src/debug/mod.rs b/noir/noir-repo/compiler/noirc_frontend/src/debug/mod.rs index 808bbda677c..d80302401e7 100644 --- a/noir/noir-repo/compiler/noirc_frontend/src/debug/mod.rs +++ b/noir/noir-repo/compiler/noirc_frontend/src/debug/mod.rs @@ -523,7 +523,7 @@ pub fn build_debug_crate_file() -> String { __debug_var_assign_oracle(var_id, value); } pub fn __debug_var_assign(var_id: u32, value: T) { - /// Safety: debug context + // Safety: debug context unsafe { { __debug_var_assign_inner(var_id, value); @@ -536,7 +536,7 @@ pub fn build_debug_crate_file() -> String { __debug_var_drop_oracle(var_id); } pub fn __debug_var_drop(var_id: u32) { - /// Safety: debug context + // Safety: debug context unsafe { { __debug_var_drop_inner(var_id); @@ -549,7 +549,7 @@ pub fn build_debug_crate_file() -> String { __debug_fn_enter_oracle(fn_id); } pub fn __debug_fn_enter(fn_id: u32) { - /// Safety: debug context + // Safety: debug context unsafe { { __debug_fn_enter_inner(fn_id); @@ -562,7 +562,7 @@ pub fn build_debug_crate_file() -> String { __debug_fn_exit_oracle(fn_id); } pub fn __debug_fn_exit(fn_id: u32) { - /// Safety: debug context + // Safety: debug context unsafe { { __debug_fn_exit_inner(fn_id); @@ -575,7 +575,7 @@ pub fn build_debug_crate_file() -> String { __debug_dereference_assign_oracle(var_id, value); } pub fn __debug_dereference_assign(var_id: u32, value: T) { - /// Safety: debug context + // Safety: debug context unsafe { { __debug_dereference_assign_inner(var_id, value); diff --git a/noir/noir-repo/compiler/noirc_frontend/src/hir/comptime/display.rs b/noir/noir-repo/compiler/noirc_frontend/src/hir/comptime/display.rs index a6927ab3fe8..0ccfaf59494 100644 --- a/noir/noir-repo/compiler/noirc_frontend/src/hir/comptime/display.rs +++ b/noir/noir-repo/compiler/noirc_frontend/src/hir/comptime/display.rs @@ -445,19 +445,25 @@ impl<'value, 'interner> Display for ValuePrinter<'value, 'interner> { } Value::Zeroed(typ) => write!(f, "(zeroed {typ})"), Value::Type(typ) => write!(f, "{}", typ), - Value::Expr(ExprValue::Expression(expr)) => { - let expr = remove_interned_in_expression_kind(self.interner, expr.clone()); - write!(f, "{}", expr) - } - Value::Expr(ExprValue::Statement(statement)) => { - write!(f, "{}", remove_interned_in_statement_kind(self.interner, statement.clone())) - } - Value::Expr(ExprValue::LValue(lvalue)) => { - write!(f, "{}", remove_interned_in_lvalue(self.interner, lvalue.clone())) - } - Value::Expr(ExprValue::Pattern(pattern)) => { - write!(f, "{}", remove_interned_in_pattern(self.interner, pattern.clone())) - } + Value::Expr(expr) => match expr.as_ref() { + ExprValue::Expression(expr) => { + let expr = remove_interned_in_expression_kind(self.interner, expr.clone()); + write!(f, "{}", expr) + } + ExprValue::Statement(statement) => { + write!( + f, + "{}", + remove_interned_in_statement_kind(self.interner, statement.clone()) + ) + } + ExprValue::LValue(lvalue) => { + write!(f, "{}", remove_interned_in_lvalue(self.interner, lvalue.clone())) + } + ExprValue::Pattern(pattern) => { + write!(f, "{}", remove_interned_in_pattern(self.interner, pattern.clone())) + } + }, Value::TypedExpr(TypedExpr::ExprId(id)) => { let hir_expr = self.interner.expression(id); let expr = hir_expr.to_display_ast(self.interner, Span::default()); diff --git a/noir/noir-repo/compiler/noirc_frontend/src/hir/comptime/interpreter.rs b/noir/noir-repo/compiler/noirc_frontend/src/hir/comptime/interpreter.rs index 5f001192dac..1096835ae5e 100644 --- a/noir/noir-repo/compiler/noirc_frontend/src/hir/comptime/interpreter.rs +++ b/noir/noir-repo/compiler/noirc_frontend/src/hir/comptime/interpreter.rs @@ -42,7 +42,7 @@ use crate::{ }; use super::errors::{IResult, InterpreterError}; -use super::value::{unwrap_rc, Value}; +use super::value::{unwrap_rc, Closure, Value}; mod builtin; mod foreign; @@ -264,7 +264,7 @@ impl<'local, 'interner> Interpreter<'local, 'interner> { fn call_closure( &mut self, - closure: HirLambda, + lambda: HirLambda, environment: Vec, arguments: Vec<(Value, Location)>, function_scope: Option, @@ -275,7 +275,7 @@ impl<'local, 'interner> Interpreter<'local, 'interner> { let old_module = self.elaborator.replace_module(module_scope); let old_function = std::mem::replace(&mut self.current_function, function_scope); - let result = self.call_closure_inner(closure, environment, arguments, call_location); + let result = self.call_closure_inner(lambda, environment, arguments, call_location); self.current_function = old_function; self.elaborator.replace_module(old_module); @@ -1359,9 +1359,14 @@ impl<'local, 'interner> Interpreter<'local, 'interner> { } Ok(result) } - Value::Closure(closure, env, _, function_scope, module_scope) => { - self.call_closure(closure, env, arguments, function_scope, module_scope, location) - } + Value::Closure(closure) => self.call_closure( + closure.lambda, + closure.env, + arguments, + closure.function_scope, + closure.module_scope, + location, + ), value => { let typ = value.get_type().into_owned(); Err(InterpreterError::NonFunctionCalled { typ, location }) @@ -1544,12 +1549,14 @@ impl<'local, 'interner> Interpreter<'local, 'interner> { fn evaluate_lambda(&mut self, lambda: HirLambda, id: ExprId) -> IResult { let location = self.elaborator.interner.expr_location(&id); - let environment = + let env = try_vecmap(&lambda.captures, |capture| self.lookup_id(capture.ident.id, location))?; let typ = self.elaborator.interner.id_type(id).follow_bindings(); - let module = self.elaborator.module_id(); - Ok(Value::Closure(lambda, environment, typ, self.current_function, module)) + let module_scope = self.elaborator.module_id(); + let closure = + Closure { lambda, env, typ, function_scope: self.current_function, module_scope }; + Ok(Value::Closure(Box::new(closure))) } fn evaluate_quote(&mut self, mut tokens: Tokens, expr_id: ExprId) -> IResult { diff --git a/noir/noir-repo/compiler/noirc_frontend/src/hir/comptime/interpreter/builtin/builtin_helpers.rs b/noir/noir-repo/compiler/noirc_frontend/src/hir/comptime/interpreter/builtin/builtin_helpers.rs index 80251132421..095f20b3f4c 100644 --- a/noir/noir-repo/compiler/noirc_frontend/src/hir/comptime/interpreter/builtin/builtin_helpers.rs +++ b/noir/noir-repo/compiler/noirc_frontend/src/hir/comptime/interpreter/builtin/builtin_helpers.rs @@ -279,7 +279,7 @@ pub(crate) fn get_expr( (value, location): (Value, Location), ) -> IResult { match value { - Value::Expr(expr) => match expr { + Value::Expr(expr) => match *expr { ExprValue::Expression(ExpressionKind::Interned(id)) => { Ok(ExprValue::Expression(interner.get_expression_kind(id).clone())) } @@ -292,7 +292,7 @@ pub(crate) fn get_expr( ExprValue::Pattern(Pattern::Interned(id, _)) => { Ok(ExprValue::Pattern(interner.get_pattern(id).clone())) } - _ => Ok(expr), + _ => Ok(*expr), }, value => type_mismatch(value, Type::Quoted(QuotedType::Expr), location), } diff --git a/noir/noir-repo/compiler/noirc_frontend/src/hir/comptime/value.rs b/noir/noir-repo/compiler/noirc_frontend/src/hir/comptime/value.rs index a58a80fbd91..f947cd761fc 100644 --- a/noir/noir-repo/compiler/noirc_frontend/src/hir/comptime/value.rs +++ b/noir/noir-repo/compiler/noirc_frontend/src/hir/comptime/value.rs @@ -51,7 +51,7 @@ pub enum Value { // Closures also store their original scope (function & module) // in case they use functions such as `Quoted::as_type` which require them. - Closure(HirLambda, Vec, Type, Option, ModuleId), + Closure(Box), Tuple(Vec), Struct(HashMap, Value>, Type), @@ -71,11 +71,20 @@ pub enum Value { ModuleDefinition(ModuleId), Type(Type), Zeroed(Type), - Expr(ExprValue), + Expr(Box), TypedExpr(TypedExpr), UnresolvedType(UnresolvedTypeData), } +#[derive(Debug, Clone, PartialEq, Eq)] +pub struct Closure { + pub lambda: HirLambda, + pub env: Vec, + pub typ: Type, + pub function_scope: Option, + pub module_scope: ModuleId, +} + #[derive(Debug, Clone, PartialEq, Eq, Display)] pub enum ExprValue { Expression(ExpressionKind), @@ -92,19 +101,19 @@ pub enum TypedExpr { impl Value { pub(crate) fn expression(expr: ExpressionKind) -> Self { - Value::Expr(ExprValue::Expression(expr)) + Value::Expr(Box::new(ExprValue::Expression(expr))) } pub(crate) fn statement(statement: StatementKind) -> Self { - Value::Expr(ExprValue::Statement(statement)) + Value::Expr(Box::new(ExprValue::Statement(statement))) } pub(crate) fn lvalue(lvaue: LValue) -> Self { - Value::Expr(ExprValue::LValue(lvaue)) + Value::Expr(Box::new(ExprValue::LValue(lvaue))) } pub(crate) fn pattern(pattern: Pattern) -> Self { - Value::Expr(ExprValue::Pattern(pattern)) + Value::Expr(Box::new(ExprValue::Pattern(pattern))) } pub(crate) fn get_type(&self) -> Cow { @@ -127,7 +136,7 @@ impl Value { } Value::FormatString(_, typ) => return Cow::Borrowed(typ), Value::Function(_, typ, _) => return Cow::Borrowed(typ), - Value::Closure(_, _, typ, ..) => return Cow::Borrowed(typ), + Value::Closure(closure) => return Cow::Borrowed(&closure.typ), Value::Tuple(fields) => { Type::Tuple(vecmap(fields, |field| field.get_type().into_owned())) } @@ -286,15 +295,32 @@ impl Value { } }; } - Value::Expr(ExprValue::Expression(expr)) => expr, - Value::Expr(ExprValue::Statement(statement)) => { - ExpressionKind::Block(BlockExpression { - statements: vec![Statement { kind: statement, span: location.span }], - }) + + Value::Expr(ref expr) => { + // We need to do some shenanigans to get around the borrow checker here due to using a boxed value. + + // We first do whatever needs a reference to `expr` to avoid partially moving `self`. + if matches!(expr.as_ref(), ExprValue::Pattern(_)) { + let typ = Type::Quoted(QuotedType::Expr); + let value = self.display(elaborator.interner).to_string(); + return Err(InterpreterError::CannotInlineMacro { typ, value, location }); + } + + // Now drop this references and move `expr` out of `self` so we don't have to clone it. + let Value::Expr(expr) = self else { + unreachable!("Ensured by outer match statement") + }; + + match *expr { + ExprValue::Expression(expr) => expr, + ExprValue::Statement(statement) => ExpressionKind::Block(BlockExpression { + statements: vec![Statement { kind: statement, span: location.span }], + }), + ExprValue::LValue(lvalue) => lvalue.as_expression().kind, + ExprValue::Pattern(_) => unreachable!("this case is handled above"), + } } - Value::Expr(ExprValue::LValue(lvalue)) => lvalue.as_expression().kind, - Value::Expr(ExprValue::Pattern(_)) - | Value::TypedExpr(..) + Value::TypedExpr(..) | Value::Pointer(..) | Value::StructDefinition(_) | Value::TraitConstraint(..) @@ -439,9 +465,7 @@ impl Value { Value::Pointer(element, true) => { return element.unwrap_or_clone().into_hir_expression(interner, location); } - Value::Closure(hir_lambda, _args, _typ, _opt_func_id, _module_id) => { - HirExpression::Lambda(hir_lambda) - } + Value::Closure(closure) => HirExpression::Lambda(closure.lambda.clone()), Value::TypedExpr(TypedExpr::StmtId(..)) | Value::Expr(..) | Value::Pointer(..) @@ -477,21 +501,21 @@ impl Value { } Value::Quoted(tokens) => return Ok(unwrap_rc(tokens)), Value::Type(typ) => Token::QuotedType(interner.push_quoted_type(typ)), - Value::Expr(ExprValue::Expression(expr)) => { - Token::InternedExpr(interner.push_expression_kind(expr)) - } - Value::Expr(ExprValue::Statement(StatementKind::Expression(expr))) => { - Token::InternedExpr(interner.push_expression_kind(expr.kind)) - } - Value::Expr(ExprValue::Statement(statement)) => { - Token::InternedStatement(interner.push_statement_kind(statement)) - } - Value::Expr(ExprValue::LValue(lvalue)) => { - Token::InternedLValue(interner.push_lvalue(lvalue)) - } - Value::Expr(ExprValue::Pattern(pattern)) => { - Token::InternedPattern(interner.push_pattern(pattern)) - } + Value::Expr(expr) => match *expr { + ExprValue::Expression(expr) => { + Token::InternedExpr(interner.push_expression_kind(expr)) + } + ExprValue::Statement(StatementKind::Expression(expr)) => { + Token::InternedExpr(interner.push_expression_kind(expr.kind)) + } + ExprValue::Statement(statement) => { + Token::InternedStatement(interner.push_statement_kind(statement)) + } + ExprValue::LValue(lvalue) => Token::InternedLValue(interner.push_lvalue(lvalue)), + ExprValue::Pattern(pattern) => { + Token::InternedPattern(interner.push_pattern(pattern)) + } + }, Value::UnresolvedType(typ) => { Token::InternedUnresolvedTypeData(interner.push_unresolved_type_data(typ)) } diff --git a/noir/noir-repo/compiler/noirc_frontend/src/parser/errors.rs b/noir/noir-repo/compiler/noirc_frontend/src/parser/errors.rs index 508ed33857e..189b880d45e 100644 --- a/noir/noir-repo/compiler/noirc_frontend/src/parser/errors.rs +++ b/noir/noir-repo/compiler/noirc_frontend/src/parser/errors.rs @@ -110,10 +110,8 @@ pub enum ParserErrorReason { WrongNumberOfAttributeArguments { name: String, min: usize, max: usize, found: usize }, #[error("The `deprecated` attribute expects a string argument")] DeprecatedAttributeExpectsAStringArgument, - #[error("Unsafe block must have a safety doc comment above it")] + #[error("Unsafe block must have a safety comment above it")] MissingSafetyComment, - #[error("Unsafe block must start with a safety comment")] - UnsafeDocCommentDoesNotStartWithSafety, #[error("Missing parameters for function definition")] MissingParametersForFunctionDefinition, } @@ -285,18 +283,10 @@ impl<'a> From<&'a ParserError> for Diagnostic { error.span, ), ParserErrorReason::MissingSafetyComment => Diagnostic::simple_warning( - "Unsafe block must have a safety doc comment above it".into(), - "The doc comment must start with the \"Safety: \" word".into(), + "Unsafe block must have a safety comment above it".into(), + "The comment must start with the \"Safety: \" word".into(), error.span, ), - ParserErrorReason::UnsafeDocCommentDoesNotStartWithSafety => { - Diagnostic::simple_warning( - "Unsafe block must start with a safety comment".into(), - "The doc comment above this unsafe block must start with the \"Safety: \" word" - .into(), - error.span, - ) - } ParserErrorReason::MissingParametersForFunctionDefinition => { Diagnostic::simple_error( "Missing parameters for function definition".into(), @@ -304,6 +294,11 @@ impl<'a> From<&'a ParserError> for Diagnostic { error.span, ) } + ParserErrorReason::DocCommentDoesNotDocumentAnything => { + let primary = "This doc comment doesn't document anything".to_string(); + let secondary = "Consider changing it to a regular `//` comment".to_string(); + Diagnostic::simple_warning(primary, secondary, error.span) + } other => Diagnostic::simple_error(format!("{other}"), String::new(), error.span), }, None => { @@ -313,7 +308,7 @@ impl<'a> From<&'a ParserError> for Diagnostic { ) { let primary = "This doc comment doesn't document anything".to_string(); let secondary = "Consider changing it to a regular `//` comment".to_string(); - Diagnostic::simple_error(primary, secondary, error.span) + Diagnostic::simple_warning(primary, secondary, error.span) } else { let primary = error.to_string(); Diagnostic::simple_error(primary, String::new(), error.span) diff --git a/noir/noir-repo/compiler/noirc_frontend/src/parser/parser.rs b/noir/noir-repo/compiler/noirc_frontend/src/parser/parser.rs index e554248fb03..f4491e84471 100644 --- a/noir/noir-repo/compiler/noirc_frontend/src/parser/parser.rs +++ b/noir/noir-repo/compiler/noirc_frontend/src/parser/parser.rs @@ -85,31 +85,25 @@ pub struct Parser<'a> { current_token_span: Span, previous_token_span: Span, - /// The current statement's doc comments. - /// This is used to eventually know if an `unsafe { ... }` expression is documented + // We also keep track of comments that appear right before a token, + // because `unsafe { }` requires one before it. + current_token_comments: String, + next_token_comments: String, + + /// The current statement's comments. + /// This is used to eventually know if an `unsafe { ... }` expression is commented /// in its containing statement. For example: /// /// ```noir - /// /// Safety: test + /// // Safety: test /// let x = unsafe { call() }; /// ``` - statement_doc_comments: Option, -} - -#[derive(Debug)] -pub(crate) struct StatementDocComments { - pub(crate) doc_comments: Vec, - pub(crate) start_span: Span, - pub(crate) end_span: Span, - - /// Were these doc comments "read" by an unsafe statement? - /// If not, these doc comments aren't documenting anything and they produce an error. - pub(crate) read: bool, + statement_comments: Option, } impl<'a> Parser<'a> { pub fn for_lexer(lexer: Lexer<'a>) -> Self { - Self::new(TokenStream::Lexer(lexer)) + Self::new(TokenStream::Lexer(lexer.skip_comments(false))) } pub fn for_tokens(mut tokens: Tokens) -> Self { @@ -129,7 +123,9 @@ impl<'a> Parser<'a> { next_token: eof_spanned_token(), current_token_span: Default::default(), previous_token_span: Default::default(), - statement_doc_comments: None, + current_token_comments: String::new(), + next_token_comments: String::new(), + statement_comments: None, }; parser.read_two_first_tokens(); parser @@ -177,25 +173,45 @@ impl<'a> Parser<'a> { /// Bumps this parser by one token. Returns the token that was previously the "current" token. fn bump(&mut self) -> SpannedToken { self.previous_token_span = self.current_token_span; - let next_next_token = self.read_token_internal(); + let (next_next_token, next_next_token_comments) = self.read_token_internal(); let next_token = std::mem::replace(&mut self.next_token, next_next_token); let token = std::mem::replace(&mut self.token, next_token); + + let next_comments = + std::mem::replace(&mut self.next_token_comments, next_next_token_comments); + let _ = std::mem::replace(&mut self.current_token_comments, next_comments); + self.current_token_span = self.token.to_span(); token } fn read_two_first_tokens(&mut self) { - self.token = self.read_token_internal(); + let (token, comments) = self.read_token_internal(); + self.token = token; + self.current_token_comments = comments; self.current_token_span = self.token.to_span(); - self.next_token = self.read_token_internal(); + + let (token, comments) = self.read_token_internal(); + self.next_token = token; + self.next_token_comments = comments; } - fn read_token_internal(&mut self) -> SpannedToken { + fn read_token_internal(&mut self) -> (SpannedToken, String) { + let mut last_comments = String::new(); + loop { match self.tokens.next() { - Some(Ok(token)) => return token, + Some(Ok(token)) => match token.token() { + Token::LineComment(comment, None) | Token::BlockComment(comment, None) => { + last_comments.push_str(comment); + continue; + } + _ => { + return (token, last_comments); + } + }, Some(Err(lexer_error)) => self.errors.push(lexer_error.into()), - None => return eof_spanned_token(), + None => return (eof_spanned_token(), last_comments), } } } diff --git a/noir/noir-repo/compiler/noirc_frontend/src/parser/parser/expression.rs b/noir/noir-repo/compiler/noirc_frontend/src/parser/parser/expression.rs index 319eefc190a..b2ddc200ef2 100644 --- a/noir/noir-repo/compiler/noirc_frontend/src/parser/parser/expression.rs +++ b/noir/noir-repo/compiler/noirc_frontend/src/parser/parser/expression.rs @@ -269,19 +269,17 @@ impl<'a> Parser<'a> { fn parse_atom_kind(&mut self, allow_constructors: bool) -> Option { let span_before_doc_comments = self.current_token_span; let doc_comments = self.parse_outer_doc_comments(); - let has_doc_comments = !doc_comments.is_empty(); - - if let Some(kind) = self.parse_unsafe_expr(&doc_comments, span_before_doc_comments) { - return Some(kind); - } - - if has_doc_comments { + if !doc_comments.is_empty() { self.push_error( ParserErrorReason::DocCommentDoesNotDocumentAnything, - self.span_since(span_before_doc_comments), + span_before_doc_comments, ); } + if let Some(kind) = self.parse_unsafe_expr() { + return Some(kind); + } + if let Some(literal) = self.parse_literal() { return Some(literal); } @@ -387,41 +385,23 @@ impl<'a> Parser<'a> { } /// UnsafeExpression = 'unsafe' Block - fn parse_unsafe_expr( - &mut self, - doc_comments: &[String], - span_before_doc_comments: Span, - ) -> Option { + fn parse_unsafe_expr(&mut self) -> Option { let start_span = self.current_token_span; if !self.eat_keyword(Keyword::Unsafe) { return None; } - if doc_comments.is_empty() { - if let Some(statement_doc_comments) = &mut self.statement_doc_comments { - statement_doc_comments.read = true; - - let doc_comments = &statement_doc_comments.doc_comments; - let span_before_doc_comments = statement_doc_comments.start_span; - let span_after_doc_comments = statement_doc_comments.end_span; - - if !doc_comments[0].trim().to_lowercase().starts_with("safety:") { - self.push_error( - ParserErrorReason::UnsafeDocCommentDoesNotStartWithSafety, - Span::from( - span_before_doc_comments.start()..span_after_doc_comments.start(), - ), - ); + if self.current_token_comments.is_empty() { + if let Some(statement_comments) = &mut self.statement_comments { + if !statement_comments.trim().to_lowercase().starts_with("safety:") { + self.push_error(ParserErrorReason::MissingSafetyComment, start_span); } } else { self.push_error(ParserErrorReason::MissingSafetyComment, start_span); } - } else if !doc_comments[0].trim().to_lowercase().starts_with("safety:") { - self.push_error( - ParserErrorReason::UnsafeDocCommentDoesNotStartWithSafety, - self.span_since(span_before_doc_comments), - ); + } else if !self.current_token_comments.trim().to_lowercase().starts_with("safety:") { + self.push_error(ParserErrorReason::MissingSafetyComment, start_span); } if let Some(block) = self.parse_block() { @@ -1097,7 +1077,7 @@ mod tests { #[test] fn parses_unsafe_expression() { let src = " - /// Safety: test + // Safety: test unsafe { 1 }"; let expr = parse_expression_no_errors(src); let ExpressionKind::Unsafe(block, _) = expr.kind else { @@ -1111,7 +1091,9 @@ mod tests { let src = " /// Safety: test unsafe { 1 }"; - let expr = parse_expression_no_errors(src); + + let mut parser = Parser::for_str(src); + let expr = parser.parse_expression().unwrap(); let ExpressionKind::Unsafe(block, _) = expr.kind else { panic!("Expected unsafe expression"); }; diff --git a/noir/noir-repo/compiler/noirc_frontend/src/parser/parser/item.rs b/noir/noir-repo/compiler/noirc_frontend/src/parser/parser/item.rs index 43641935565..e05f0b2784e 100644 --- a/noir/noir-repo/compiler/noirc_frontend/src/parser/parser/item.rs +++ b/noir/noir-repo/compiler/noirc_frontend/src/parser/parser/item.rs @@ -255,7 +255,7 @@ mod tests { #[test] fn errors_on_eof_in_nested_mod() { let src = " - mod foo { fn foo() {} + mod foo { fn foo() {} ^ "; let (src, span) = get_source_with_error_span(src); @@ -276,6 +276,6 @@ mod tests { let (module, errors) = parse_program(&src); assert_eq!(module.items.len(), 1); let error = get_single_error(&errors, span); - assert!(error.to_string().contains("Documentation comment does not document anything")); + assert!(error.to_string().contains("This doc comment doesn't document anything")); } } diff --git a/noir/noir-repo/compiler/noirc_frontend/src/parser/parser/statement.rs b/noir/noir-repo/compiler/noirc_frontend/src/parser/parser/statement.rs index f9cc63a364e..d20f8c29e1e 100644 --- a/noir/noir-repo/compiler/noirc_frontend/src/parser/parser/statement.rs +++ b/noir/noir-repo/compiler/noirc_frontend/src/parser/parser/statement.rs @@ -10,7 +10,7 @@ use crate::{ token::{Attribute, Keyword, Token, TokenKind}, }; -use super::{Parser, StatementDocComments}; +use super::Parser; impl<'a> Parser<'a> { pub(crate) fn parse_statement_or_error(&mut self) -> Statement { @@ -27,35 +27,24 @@ impl<'a> Parser<'a> { loop { let span_before_doc_comments = self.current_token_span; let doc_comments = self.parse_outer_doc_comments(); - let span_after_doc_comments = self.current_token_span; - if doc_comments.is_empty() { - self.statement_doc_comments = None; + if !doc_comments.is_empty() { + self.push_error( + ParserErrorReason::DocCommentDoesNotDocumentAnything, + span_before_doc_comments, + ); + } + + if !self.current_token_comments.is_empty() { + self.statement_comments = Some(std::mem::take(&mut self.current_token_comments)); } else { - self.statement_doc_comments = Some(StatementDocComments { - doc_comments, - start_span: span_before_doc_comments, - end_span: span_after_doc_comments, - read: false, - }); + self.statement_comments = None; } let attributes = self.parse_attributes(); let start_span = self.current_token_span; let kind = self.parse_statement_kind(attributes); - if let Some(statement_doc_comments) = &self.statement_doc_comments { - if !statement_doc_comments.read { - self.push_error( - ParserErrorReason::DocCommentDoesNotDocumentAnything, - Span::from( - statement_doc_comments.start_span.start() - ..statement_doc_comments.end_span.start(), - ), - ); - } - } - - self.statement_doc_comments = None; + self.statement_comments = None; let (semicolon_token, semicolon_span) = if self.at(Token::Semicolon) { let token = self.token.clone(); @@ -491,7 +480,7 @@ mod tests { #[test] fn parses_let_statement_with_unsafe() { - let src = "/// Safety: doc comment + let src = "// Safety: comment let x = unsafe { 1 };"; let statement = parse_statement_no_errors(src); let StatementKind::Let(let_statement) = statement.kind else { @@ -500,6 +489,18 @@ mod tests { assert_eq!(let_statement.pattern.to_string(), "x"); } + #[test] + fn parses_let_statement_with_unsafe_doc_comment() { + let src = "/// Safety: doc comment + let x = unsafe { 1 };"; + let mut parser = Parser::for_str(src); + let (statement, _) = parser.parse_statement().unwrap(); + let StatementKind::Let(let_statement) = statement.kind else { + panic!("Expected let statement"); + }; + assert_eq!(let_statement.pattern.to_string(), "x"); + } + #[test] fn parses_comptime_block() { let src = "comptime { 1 }"; @@ -613,7 +614,7 @@ mod tests { #[test] fn parses_assignment_with_unsafe() { - let src = "/// Safety: test + let src = "// Safety: test x = unsafe { 1 }"; let statement = parse_statement_no_errors(src); let StatementKind::Assign(assign) = statement.kind else { @@ -647,7 +648,7 @@ mod tests { #[test] fn parses_op_assignment_with_unsafe() { - let src = "/// Safety: comment + let src = "// Safety: comment x += unsafe { 1 }"; let statement = parse_statement_no_errors(src); let StatementKind::Assign(_) = statement.kind else { diff --git a/noir/noir-repo/compiler/noirc_frontend/src/tests.rs b/noir/noir-repo/compiler/noirc_frontend/src/tests.rs index 40e9f778f07..af1948f012e 100644 --- a/noir/noir-repo/compiler/noirc_frontend/src/tests.rs +++ b/noir/noir-repo/compiler/noirc_frontend/src/tests.rs @@ -3904,7 +3904,7 @@ fn errors_on_cyclic_globals() { fn warns_on_unneeded_unsafe() { let src = r#" fn main() { - /// Safety: test + // Safety: test unsafe { foo() } @@ -3924,9 +3924,9 @@ fn warns_on_unneeded_unsafe() { fn warns_on_nested_unsafe() { let src = r#" fn main() { - /// Safety: test + // Safety: test unsafe { - /// Safety: test + // Safety: test unsafe { foo() } @@ -4253,7 +4253,7 @@ fn error_with_duplicate_enum_variant() { fn errors_on_empty_loop_no_break() { let src = r#" fn main() { - /// Safety: test + // Safety: test unsafe { foo() } @@ -4275,7 +4275,7 @@ fn errors_on_empty_loop_no_break() { fn errors_on_loop_without_break() { let src = r#" fn main() { - /// Safety: test + // Safety: test unsafe { foo() } @@ -4303,7 +4303,7 @@ fn errors_on_loop_without_break() { fn errors_on_loop_without_break_with_nested_loop() { let src = r#" fn main() { - /// Safety: test + // Safety: test unsafe { foo() } diff --git a/noir/noir-repo/compiler/noirc_frontend/src/tests/references.rs b/noir/noir-repo/compiler/noirc_frontend/src/tests/references.rs index 956b2c5f05e..5dbc395eb59 100644 --- a/noir/noir-repo/compiler/noirc_frontend/src/tests/references.rs +++ b/noir/noir-repo/compiler/noirc_frontend/src/tests/references.rs @@ -87,7 +87,7 @@ fn constrained_reference_to_unconstrained() { fn main(mut x: u32, y: pub u32) { let x_ref = &mut x; if x == 5 { - /// Safety: test context + // Safety: test context unsafe { mut_ref_input(x_ref, y); } diff --git a/noir/noir-repo/compiler/noirc_printable_type/Cargo.toml b/noir/noir-repo/compiler/noirc_printable_type/Cargo.toml index a1eae750b1f..d9ca50c8d51 100644 --- a/noir/noir-repo/compiler/noirc_printable_type/Cargo.toml +++ b/noir/noir-repo/compiler/noirc_printable_type/Cargo.toml @@ -16,3 +16,4 @@ acvm.workspace = true serde.workspace = true [dev-dependencies] +proptest.workspace = true diff --git a/noir/noir-repo/compiler/noirc_printable_type/src/lib.rs b/noir/noir-repo/compiler/noirc_printable_type/src/lib.rs index 1831180d0ab..6ff211cac2a 100644 --- a/noir/noir-repo/compiler/noirc_printable_type/src/lib.rs +++ b/noir/noir-repo/compiler/noirc_printable_type/src/lib.rs @@ -97,7 +97,13 @@ fn to_string(value: &PrintableValue, typ: &PrintableType) -> Op output.push_str(&format_field_string(*f)); } (PrintableValue::Field(f), PrintableType::UnsignedInteger { width }) => { - let uint_cast = f.to_u128() & ((1 << width) - 1); // Retain the lower 'width' bits + // Retain the lower 'width' bits + debug_assert!(*width <= 128, "We don't currently support uints larger than u128"); + let mut uint_cast = f.to_u128(); + if *width != 128 { + uint_cast &= (1 << width) - 1; + }; + output.push_str(&uint_cast.to_string()); } (PrintableValue::Field(f), PrintableType::SignedInteger { width }) => { @@ -267,6 +273,10 @@ fn format_field_string(field: F) -> String { mod tests { use acvm::FieldElement; + use proptest::prelude::*; + + use crate::to_string; + use super::{PrintableType, PrintableValue, PrintableValueDisplay}; #[test] @@ -299,4 +309,16 @@ mod tests { PrintableValueDisplay::::FmtString(template.to_string(), values); assert_eq!(display.to_string(), expected); } + + proptest! { + #[test] + fn handles_decoding_u128_values(uint_value: u128) { + let value = PrintableValue::Field(FieldElement::from(uint_value)); + let typ = PrintableType::UnsignedInteger { width: 128 }; + + let value_as_string = to_string(&value, &typ).unwrap(); + // We want to match rust's stringification. + prop_assert_eq!(value_as_string, uint_value.to_string()); + } + } } diff --git a/noir/noir-repo/docs/docs/noir/concepts/unconstrained.md b/noir/noir-repo/docs/docs/noir/concepts/unconstrained.md index 26a5df0be3e..467253bed0d 100644 --- a/noir/noir-repo/docs/docs/noir/concepts/unconstrained.md +++ b/noir/noir-repo/docs/docs/noir/concepts/unconstrained.md @@ -66,7 +66,7 @@ We can then run `u72_to_u8` as unconstrained brillig code in order to calculate ```rust fn main(num: u72) -> pub [u8; 8] { - /// Safety: 'out' is properly constrained below in 'assert(num == reconstructed_num);' + // Safety: 'out' is properly constrained below in 'assert(num == reconstructed_num);' let out = unsafe { u72_to_u8(num) }; let mut reconstructed_num: u72 = 0; @@ -95,7 +95,7 @@ This ends up taking off another ~250 gates from our circuit! We've ended up with Note that in order to invoke unconstrained functions we need to wrap them in an `unsafe` block, to make it clear that the call is unconstrained. -Furthermore, a warning is emitted unless the `unsafe` block is documented with a `/// Safety: ...` doc comment explaining why it is fine to call the unconstrained function. Note that either the `unsafe` block can be documented this way or the statement it exists in (like in the `let` example above). +Furthermore, a warning is emitted unless the `unsafe` block is commented with a `// Safety: ...` comment explaining why it is fine to call the unconstrained function. Note that either the `unsafe` block can be commented this way or the statement it exists in (like in the `let` example above). Generally we want to use brillig whenever there's something that's easy to verify but hard to compute within the circuit. For example, if you wanted to calculate a square root of a number it'll be a much better idea to calculate this in brillig and then assert that if you square the result you get back your number. diff --git a/noir/noir-repo/noir_stdlib/src/array/check_shuffle.nr b/noir/noir-repo/noir_stdlib/src/array/check_shuffle.nr index 327f0559810..70c54a6d842 100644 --- a/noir/noir-repo/noir_stdlib/src/array/check_shuffle.nr +++ b/noir/noir-repo/noir_stdlib/src/array/check_shuffle.nr @@ -42,8 +42,8 @@ pub(crate) fn check_shuffle(lhs: [T; N], rhs: [T; N]) where T: Eq, { - /// Safety: shuffle_indices is ensured to be a permutation of 0..N, and then - /// shuffle_indices is ensured to map lhs to rhs: assert(lhs[i] == rhs[shuffle_indices[i]]), for all i in 0..N + // Safety: shuffle_indices is ensured to be a permutation of 0..N, and then + // shuffle_indices is ensured to map lhs to rhs: assert(lhs[i] == rhs[shuffle_indices[i]]), for all i in 0..N unsafe { let shuffle_indices = __get_shuffle_indices(lhs, rhs); diff --git a/noir/noir-repo/noir_stdlib/src/array/mod.nr b/noir/noir-repo/noir_stdlib/src/array/mod.nr index 85cc0580aae..bca59d5ade0 100644 --- a/noir/noir-repo/noir_stdlib/src/array/mod.nr +++ b/noir/noir-repo/noir_stdlib/src/array/mod.nr @@ -184,9 +184,9 @@ where /// } /// ``` pub fn sort_via(self, ordering: fn[Env](T, T) -> bool) -> Self { - /// Safety: `sorted` array is checked to be: - /// a. a permutation of `input`'s elements - /// b. satisfying the predicate `ordering` + // Safety: `sorted` array is checked to be: + // a. a permutation of `input`'s elements + // b. satisfying the predicate `ordering` unsafe { let sorted = quicksort::quicksort(self, ordering); diff --git a/noir/noir-repo/noir_stdlib/src/collections/umap.nr b/noir/noir-repo/noir_stdlib/src/collections/umap.nr index bcb9759b4db..fa7fb774ce3 100644 --- a/noir/noir-repo/noir_stdlib/src/collections/umap.nr +++ b/noir/noir-repo/noir_stdlib/src/collections/umap.nr @@ -113,7 +113,7 @@ impl UHashMap { H: Hasher, { // docs:end:contains_key - /// Safety: unconstrained context + // Safety: unconstrained context unsafe { self.get(key) }.is_some() } @@ -433,7 +433,7 @@ where // Not marked as deleted and has key-value. if equal & slot.is_valid() { let (key, value) = slot.key_value_unchecked(); - /// Safety: unconstrained context + // Safety: unconstrained context let other_value = unsafe { other.get(key) }; if other_value.is_none() { diff --git a/noir/noir-repo/noir_stdlib/src/field/bn254.nr b/noir/noir-repo/noir_stdlib/src/field/bn254.nr index a298a5d1e38..90a439d2010 100644 --- a/noir/noir-repo/noir_stdlib/src/field/bn254.nr +++ b/noir/noir-repo/noir_stdlib/src/field/bn254.nr @@ -38,9 +38,9 @@ unconstrained fn lte_hint(x: Field, y: Field) -> bool { fn assert_gt_limbs(a: (Field, Field), b: (Field, Field)) { let (alo, ahi) = a; let (blo, bhi) = b; - /// Safety: borrow is enforced to be boolean due to its type. - /// if borrow is 0, it asserts that (alo > blo && ahi >= bhi) - /// if borrow is 1, it asserts that (alo <= blo && ahi > bhi) + // Safety: borrow is enforced to be boolean due to its type. + // if borrow is 0, it asserts that (alo > blo && ahi >= bhi) + // if borrow is 1, it asserts that (alo <= blo && ahi > bhi) unsafe { let borrow = lte_hint(alo, blo); @@ -57,7 +57,7 @@ pub fn decompose(x: Field) -> (Field, Field) { if is_unconstrained() { compute_decomposition(x) } else { - /// Safety: decomposition is properly checked below + // Safety: decomposition is properly checked below unsafe { // Take hints of the decomposition let (xlo, xhi) = decompose_hint(x); @@ -79,7 +79,7 @@ pub fn decompose(x: Field) -> (Field, Field) { pub fn assert_gt(a: Field, b: Field) { if is_unconstrained() { assert( - /// Safety: already unconstrained + // Safety: already unconstrained unsafe { field_less_than(b, a) }, ); } else { @@ -98,14 +98,14 @@ pub fn assert_lt(a: Field, b: Field) { pub fn gt(a: Field, b: Field) -> bool { if is_unconstrained() { - /// Safety: unsafe in unconstrained + // Safety: unsafe in unconstrained unsafe { field_less_than(b, a) } } else if a == b { false } else { - /// Safety: Take a hint of the comparison and verify it + // Safety: Take a hint of the comparison and verify it unsafe { if field_less_than(a, b) { assert_gt(b, a); diff --git a/noir/noir-repo/noir_stdlib/src/field/mod.nr b/noir/noir-repo/noir_stdlib/src/field/mod.nr index 3dad654dfc7..b1e9ec1edf9 100644 --- a/noir/noir-repo/noir_stdlib/src/field/mod.nr +++ b/noir/noir-repo/noir_stdlib/src/field/mod.nr @@ -315,7 +315,7 @@ pub fn bytes32_to_field(bytes32: [u8; 32]) -> Field { fn lt_fallback(x: Field, y: Field) -> bool { if is_unconstrained() { - /// Safety: unconstrained context + // Safety: unconstrained context unsafe { field_less_than(x, y) } diff --git a/noir/noir-repo/noir_stdlib/src/hash/mod.nr b/noir/noir-repo/noir_stdlib/src/hash/mod.nr index 104368b50fa..ee78d04c91b 100644 --- a/noir/noir-repo/noir_stdlib/src/hash/mod.nr +++ b/noir/noir-repo/noir_stdlib/src/hash/mod.nr @@ -96,7 +96,7 @@ fn __derive_generators( // does not assert the limbs are 128 bits // does not assert the decomposition does not overflow the EmbeddedCurveScalar fn from_field_unsafe(scalar: Field) -> EmbeddedCurveScalar { - /// Safety: xlo and xhi decomposition is checked below + // Safety: xlo and xhi decomposition is checked below let (xlo, xhi) = unsafe { crate::field::bn254::decompose_hint(scalar) }; // Check that the decomposition is correct assert_eq(scalar, xlo + crate::field::bn254::TWO_POW_128 * xhi); diff --git a/noir/noir-repo/noir_stdlib/src/hash/sha256.nr b/noir/noir-repo/noir_stdlib/src/hash/sha256.nr index 1bbeada3431..a8bd71a2111 100644 --- a/noir/noir-repo/noir_stdlib/src/hash/sha256.nr +++ b/noir/noir-repo/noir_stdlib/src/hash/sha256.nr @@ -76,7 +76,7 @@ pub fn sha256_var(msg: [u8; N], message_size: u64) -> HASH { let mut msg_byte_ptr = 0; for i in 0..num_blocks { let msg_start = BLOCK_SIZE * i; - /// Safety: the msg_block is checked below in verify_msg_block + // Safety: the msg_block is checked below in verify_msg_block let (new_msg_block, new_msg_byte_ptr) = unsafe { build_msg_block(msg, message_size, msg_start) }; @@ -107,7 +107,7 @@ pub fn sha256_var(msg: [u8; N], message_size: u64) -> HASH { // or our message cannot be evenly split into blocks. if modulo != 0 { let msg_start = BLOCK_SIZE * num_blocks; - /// Safety: the msg_block is checked below in verify_msg_block + // Safety: the msg_block is checked below in verify_msg_block let (new_msg_block, new_msg_byte_ptr) = unsafe { build_msg_block(msg, message_size, msg_start) }; @@ -150,7 +150,7 @@ pub fn sha256_var(msg: [u8; N], message_size: u64) -> HASH { msg_byte_ptr = 0; } - /// Safety: the msg_len is checked below in verify_msg_len + // Safety: the msg_len is checked below in verify_msg_len msg_block = unsafe { attach_len_to_msg_block(msg_block, msg_byte_ptr, message_size) }; if !is_unconstrained() { @@ -804,7 +804,7 @@ mod tests { ]; assert_eq(input.len(), 22); - /// Safety: testing context + // Safety: testing context let (msg_block, msg_byte_ptr) = unsafe { build_msg_block(input, input.len(), 0) }; assert_eq(msg_byte_ptr, input.len()); assert_eq(msg_block[0], make_item(input[0], input[1], input[2], input[3])); @@ -822,7 +822,7 @@ mod tests { 108, 97, 105, 110, 59, 32, 99, 104, 97, 114, 115, 101, 116, ]; assert_eq(input.len(), 68); - /// Safety: test context + // Safety: test context let (msg_block, msg_byte_ptr) = unsafe { build_msg_block(input, input.len(), 64) }; assert_eq(msg_byte_ptr, 4); assert_eq(msg_block[0], make_item(input[64], input[65], input[66], input[67])); @@ -836,7 +836,7 @@ mod tests { 1919905082, 1131376244, 1701737517, 1417244773, 978151789, 1697470053, 1920166255, 1849316213, 1651139939, ]; - /// Safety: testing context + // Safety: testing context let msg_block = unsafe { attach_len_to_msg_block(input, 1, 448) }; assert_eq(msg_block[0], ((1 << 7) as u32) * 256 * 256 * 256); assert_eq(msg_block[1], 0); diff --git a/noir/noir-repo/noir_stdlib/src/lib.nr b/noir/noir-repo/noir_stdlib/src/lib.nr index fb073516d29..4074e5e6920 100644 --- a/noir/noir-repo/noir_stdlib/src/lib.nr +++ b/noir/noir-repo/noir_stdlib/src/lib.nr @@ -40,14 +40,14 @@ unconstrained fn print_unconstrained(with_newline: bool, input: T) { } pub fn println(input: T) { - /// Safety: a print statement cannot be constrained + // Safety: a print statement cannot be constrained unsafe { print_unconstrained(true, input); } } pub fn print(input: T) { - /// Safety: a print statement cannot be constrained + // Safety: a print statement cannot be constrained unsafe { print_unconstrained(false, input); } diff --git a/noir/noir-repo/noir_stdlib/src/meta/expr.nr b/noir/noir-repo/noir_stdlib/src/meta/expr.nr index a1663135c20..b71a3b17429 100644 --- a/noir/noir-repo/noir_stdlib/src/meta/expr.nr +++ b/noir/noir-repo/noir_stdlib/src/meta/expr.nr @@ -643,7 +643,7 @@ comptime fn new_unary_op(op: UnaryOp, rhs: Expr) -> Expr { comptime fn new_unsafe(exprs: [Expr]) -> Expr { let exprs = join_expressions(exprs, quote { ; }); quote { - /// Safety: generated by macro + // Safety: generated by macro unsafe { $exprs } } .as_expr() diff --git a/noir/noir-repo/noir_stdlib/src/uint128.nr b/noir/noir-repo/noir_stdlib/src/uint128.nr index c053c0b339a..f41958e0e30 100644 --- a/noir/noir-repo/noir_stdlib/src/uint128.nr +++ b/noir/noir-repo/noir_stdlib/src/uint128.nr @@ -104,7 +104,7 @@ impl U128 { if ascii < 58 { ascii - 48 } else { - /// Safety: optionally adds 32 and then check (below) the result is in 'a..f' range + // Safety: optionally adds 32 and then check (below) the result is in 'a..f' range let ascii = ascii + 32 * (unsafe { U128::unconstrained_check_is_upper_ascii(ascii) as u8 }); assert(ascii >= 97); // enforce >= 'a' @@ -213,8 +213,8 @@ impl Mul for U128 { impl Div for U128 { fn div(self: Self, b: U128) -> U128 { - /// Safety: euclidian division is asserted to be correct: assert(a == b * q + r); and assert(r < b); - /// Furthermore, U128 addition and multiplication ensures that b * q + r does not overflow + // Safety: euclidian division is asserted to be correct: assert(a == b * q + r); and assert(r < b); + // Furthermore, U128 addition and multiplication ensures that b * q + r does not overflow unsafe { let (q, r) = self.unconstrained_div(b); let a = b * q + r; @@ -227,7 +227,7 @@ impl Div for U128 { impl Rem for U128 { fn rem(self: Self, b: U128) -> U128 { - /// Safety: cf div() above + // Safety: cf div() above unsafe { let (q, r) = self.unconstrained_div(b); let a = b * q + r; @@ -455,7 +455,7 @@ mod tests { let b = U128::from_u64s_le(0x0, 0xfffffffffffffffe); let c = U128::one(); let d = U128::from_u64s_le(0x0, 0x1); - /// Safety: testing context + // Safety: testing context unsafe { let (q, r) = a.unconstrained_div(b); assert_eq(q, c); @@ -465,14 +465,14 @@ mod tests { let a = U128::from_u64s_le(2, 0); let b = U128::one(); // Check the case where a is a multiple of b - /// Safety: testing context + // Safety: testing context unsafe { let (c, d) = a.unconstrained_div(b); assert_eq((c, d), (a, U128::zero())); } // Check where b is a multiple of a - /// Safety: testing context + // Safety: testing context unsafe { let (c, d) = b.unconstrained_div(a); assert_eq((c, d), (U128::zero(), b)); @@ -481,7 +481,7 @@ mod tests { // Dividing by zero returns 0,0 let a = U128::from_u64s_le(0x1, 0x0); let b = U128::zero(); - /// Safety: testing context + // Safety: testing context unsafe { let (c, d) = a.unconstrained_div(b); assert_eq((c, d), (U128::zero(), U128::zero())); @@ -489,7 +489,7 @@ mod tests { // Dividing 1<<127 by 1<<127 (special case) let a = U128::from_u64s_le(0x0, pow63 as u64); let b = U128::from_u64s_le(0x0, pow63 as u64); - /// Safety: testing context + // Safety: testing context unsafe { let (c, d) = a.unconstrained_div(b); assert_eq((c, d), (U128::one(), U128::zero())); diff --git a/noir/noir-repo/test_programs/compile_failure/brillig_mut_ref_from_acir/src/main.nr b/noir/noir-repo/test_programs/compile_failure/brillig_mut_ref_from_acir/src/main.nr index d4450ec62b1..6c545d60ea3 100644 --- a/noir/noir-repo/test_programs/compile_failure/brillig_mut_ref_from_acir/src/main.nr +++ b/noir/noir-repo/test_programs/compile_failure/brillig_mut_ref_from_acir/src/main.nr @@ -3,7 +3,7 @@ unconstrained fn mut_ref_identity(value: &mut Field) -> Field { } fn main(mut x: Field, y: pub Field) { - /// Safety: testing context + // Safety: testing context let returned_x = unsafe { mut_ref_identity(&mut x) }; assert(returned_x == x); } diff --git a/noir/noir-repo/test_programs/compile_failure/regression_5008/src/main.nr b/noir/noir-repo/test_programs/compile_failure/regression_5008/src/main.nr index 5155900734c..54c6333b1bd 100644 --- a/noir/noir-repo/test_programs/compile_failure/regression_5008/src/main.nr +++ b/noir/noir-repo/test_programs/compile_failure/regression_5008/src/main.nr @@ -13,6 +13,6 @@ impl Foo { fn main() { let foo = Foo { bar: &mut Bar { value: 0 } }; - /// Safety: testing context + // Safety: testing context unsafe { foo.crash_fn() }; } diff --git a/noir/noir-repo/test_programs/compile_failure/unconstrained_ref/src/main.nr b/noir/noir-repo/test_programs/compile_failure/unconstrained_ref/src/main.nr index 23dc1d66673..db6f74d3c51 100644 --- a/noir/noir-repo/test_programs/compile_failure/unconstrained_ref/src/main.nr +++ b/noir/noir-repo/test_programs/compile_failure/unconstrained_ref/src/main.nr @@ -4,6 +4,6 @@ unconstrained fn uncon_ref() -> &mut Field { } fn main() { - /// Safety: testing context + // Safety: testing context let e = unsafe { uncon_ref() }; } diff --git a/noir/noir-repo/test_programs/compile_success_contract/abi_attribute/src/main.nr b/noir/noir-repo/test_programs/compile_success_contract/abi_attribute/src/main.nr index c4d4a24e3c2..5091852d581 100644 --- a/noir/noir-repo/test_programs/compile_success_contract/abi_attribute/src/main.nr +++ b/noir/noir-repo/test_programs/compile_success_contract/abi_attribute/src/main.nr @@ -4,6 +4,6 @@ contract Foo { #[abi(bar)] pub struct Bar { - inner: Field + inner: Field, } } diff --git a/noir/noir-repo/test_programs/compile_success_contract/contract_with_impl/src/main.nr b/noir/noir-repo/test_programs/compile_success_contract/contract_with_impl/src/main.nr index 9d45b88fbc9..f583f888a00 100644 --- a/noir/noir-repo/test_programs/compile_success_contract/contract_with_impl/src/main.nr +++ b/noir/noir-repo/test_programs/compile_success_contract/contract_with_impl/src/main.nr @@ -1,5 +1,7 @@ contract Foo { - pub struct T { x: [Field] } + pub struct T { + x: [Field], + } impl T { fn t(self) { diff --git a/noir/noir-repo/test_programs/compile_success_contract/non_entry_point_method/src/main.nr b/noir/noir-repo/test_programs/compile_success_contract/non_entry_point_method/src/main.nr index f49c2f14f9d..3487ff2b94e 100644 --- a/noir/noir-repo/test_programs/compile_success_contract/non_entry_point_method/src/main.nr +++ b/noir/noir-repo/test_programs/compile_success_contract/non_entry_point_method/src/main.nr @@ -1,5 +1,7 @@ contract Foo { - pub struct PlaceholderStruct{x : u32 } + pub struct PlaceholderStruct { + x: u32, + } #[contract_library_method] pub fn has_mut(_context: &mut PlaceholderStruct) {} diff --git a/noir/noir-repo/test_programs/compile_success_empty/acir_inside_brillig_recursion/src/main.nr b/noir/noir-repo/test_programs/compile_success_empty/acir_inside_brillig_recursion/src/main.nr index 12c663b2705..c0e8a9942d5 100644 --- a/noir/noir-repo/test_programs/compile_success_empty/acir_inside_brillig_recursion/src/main.nr +++ b/noir/noir-repo/test_programs/compile_success_empty/acir_inside_brillig_recursion/src/main.nr @@ -1,5 +1,5 @@ fn main() { - /// Safety: testing context + // Safety: testing context unsafe { assert_eq(fibonacci(3), fibonacci_hint(3)); } diff --git a/noir/noir-repo/test_programs/compile_success_empty/brillig_cast/src/main.nr b/noir/noir-repo/test_programs/compile_success_empty/brillig_cast/src/main.nr index d7d0b1b8fa5..7b523827398 100644 --- a/noir/noir-repo/test_programs/compile_success_empty/brillig_cast/src/main.nr +++ b/noir/noir-repo/test_programs/compile_success_empty/brillig_cast/src/main.nr @@ -2,7 +2,7 @@ // // The features being tested are cast operations on brillig fn main() { - /// Safety: testing context + // Safety: testing context unsafe { bool_casts(); field_casts(); diff --git a/noir/noir-repo/test_programs/compile_success_empty/brillig_field_binary_operations/src/main.nr b/noir/noir-repo/test_programs/compile_success_empty/brillig_field_binary_operations/src/main.nr index f55beb6d1a8..aad22aaf38f 100644 --- a/noir/noir-repo/test_programs/compile_success_empty/brillig_field_binary_operations/src/main.nr +++ b/noir/noir-repo/test_programs/compile_success_empty/brillig_field_binary_operations/src/main.nr @@ -1,6 +1,6 @@ // Tests arithmetic operations on fields fn main() { - /// Safety: testing context + // Safety: testing context unsafe { let x = 4; let y = 2; diff --git a/noir/noir-repo/test_programs/compile_success_empty/brillig_integer_binary_operations/src/main.nr b/noir/noir-repo/test_programs/compile_success_empty/brillig_integer_binary_operations/src/main.nr index 0e00f25e5bb..032fbf457b6 100644 --- a/noir/noir-repo/test_programs/compile_success_empty/brillig_integer_binary_operations/src/main.nr +++ b/noir/noir-repo/test_programs/compile_success_empty/brillig_integer_binary_operations/src/main.nr @@ -3,7 +3,7 @@ fn main() { let x: u32 = 6; let y: u32 = 2; - /// Safety: testing context + // Safety: testing context unsafe { assert((x + y) == add(x, y)); diff --git a/noir/noir-repo/test_programs/compile_success_empty/brillig_modulo/src/main.nr b/noir/noir-repo/test_programs/compile_success_empty/brillig_modulo/src/main.nr index 841d7d2dfca..b60d781e0c8 100644 --- a/noir/noir-repo/test_programs/compile_success_empty/brillig_modulo/src/main.nr +++ b/noir/noir-repo/test_programs/compile_success_empty/brillig_modulo/src/main.nr @@ -2,7 +2,7 @@ // // The features being tested is modulo operations on brillig fn main() { - /// Safety: testing context + // Safety: testing context unsafe { assert(modulo(47, 3) == 2); assert(modulo(2, 3) == 2); diff --git a/noir/noir-repo/test_programs/compile_success_empty/brillig_slice_input/src/main.nr b/noir/noir-repo/test_programs/compile_success_empty/brillig_slice_input/src/main.nr index c43c5fae162..2aace852db9 100644 --- a/noir/noir-repo/test_programs/compile_success_empty/brillig_slice_input/src/main.nr +++ b/noir/noir-repo/test_programs/compile_success_empty/brillig_slice_input/src/main.nr @@ -16,14 +16,14 @@ unconstrained fn sum_slice(slice: [[Point; 2]]) -> Field { fn main() { let mut slice = &[]; slice = slice.push_back([Point { x: 13, y: 14 }, Point { x: 20, y: 8 }]); - /// Safety: testing context + // Safety: testing context unsafe { let brillig_sum = sum_slice(slice); assert_eq(brillig_sum, 55); } slice = slice.push_back([Point { x: 15, y: 5 }, Point { x: 12, y: 13 }]); - /// Safety: testing context + // Safety: testing context unsafe { let brillig_sum = sum_slice(slice); assert_eq(brillig_sum, 100); diff --git a/noir/noir-repo/test_programs/compile_success_empty/comptime_function_definition/src/main.nr b/noir/noir-repo/test_programs/compile_success_empty/comptime_function_definition/src/main.nr index f912ecb7bfc..4ce641cbe7d 100644 --- a/noir/noir-repo/test_programs/compile_success_empty/comptime_function_definition/src/main.nr +++ b/noir/noir-repo/test_programs/compile_success_empty/comptime_function_definition/src/main.nr @@ -116,7 +116,7 @@ mod test_as_typed_expr_1 { comptime fn foo(module: Module) -> Quoted { let method = module.functions().filter(|f| f.name() == quote { method })[0]; let func = method.as_typed_expr(); - quote { + quote { pub fn bar() -> i32 { $func(1) } @@ -140,9 +140,9 @@ mod test_as_typed_expr_2 { comptime fn foo(module: Module) -> Quoted { let method = module.functions().filter(|f| f.name() == quote { method })[0]; let func = method.as_typed_expr(); - quote { + quote { pub fn bar() -> u32 { - /// Safety: test program + // Safety: test program unsafe { $func([1, 2, 3, 0]) } } } @@ -166,9 +166,9 @@ mod test_as_typed_expr_3 { comptime fn foo(module: Module) -> Quoted { let method = module.functions().filter(|f| f.name() == quote { method })[0]; let func = method.as_typed_expr(); - quote { + quote { pub fn bar() -> u32 { - /// Safety: test program + // Safety: test program comptime { $func(([1, 2, 3, 0], "a")) } } } diff --git a/noir/noir-repo/test_programs/compile_success_empty/is_unconstrained/src/main.nr b/noir/noir-repo/test_programs/compile_success_empty/is_unconstrained/src/main.nr index 856040b2274..34e29bb948b 100644 --- a/noir/noir-repo/test_programs/compile_success_empty/is_unconstrained/src/main.nr +++ b/noir/noir-repo/test_programs/compile_success_empty/is_unconstrained/src/main.nr @@ -9,7 +9,7 @@ unconstrained fn unconstrained_intermediate() { } fn main() { - /// Safety: testing context + // Safety: testing context unsafe { unconstrained_intermediate(); } diff --git a/noir/noir-repo/test_programs/compile_success_no_bug/check_unconstrained_regression/src/main.nr b/noir/noir-repo/test_programs/compile_success_no_bug/check_unconstrained_regression/src/main.nr index e4cb15f099d..096d2fee24b 100644 --- a/noir/noir-repo/test_programs/compile_success_no_bug/check_unconstrained_regression/src/main.nr +++ b/noir/noir-repo/test_programs/compile_success_no_bug/check_unconstrained_regression/src/main.nr @@ -19,7 +19,7 @@ unconstrained fn convert(trigger: Trigger) -> ResultType { } impl Trigger { fn execute(self) -> ResultType { - /// Safety: testing context + // Safety: testing context let result = unsafe { convert(self) }; assert(result.a == self.x + 1); assert(result.b == self.y - 1 + self.z[2]); diff --git a/noir/noir-repo/test_programs/compile_success_no_bug/databus_mapping_regression/src/main.nr b/noir/noir-repo/test_programs/compile_success_no_bug/databus_mapping_regression/src/main.nr index 9b6ad264a9e..b2c8ceacdf7 100644 --- a/noir/noir-repo/test_programs/compile_success_no_bug/databus_mapping_regression/src/main.nr +++ b/noir/noir-repo/test_programs/compile_success_no_bug/databus_mapping_regression/src/main.nr @@ -8,11 +8,17 @@ impl Empty for Field { } } -pub fn is_empty(item: T) -> bool where T: Empty + Eq { +pub fn is_empty(item: T) -> bool +where + T: Empty + Eq, +{ item.eq(T::empty()) } -pub fn array_to_bounded_vec(array: [T; N]) -> BoundedVec where T: Empty + Eq { +pub fn array_to_bounded_vec(array: [T; N]) -> BoundedVec +where + T: Empty + Eq, +{ let mut len = 0; for elem in array { if !is_empty(elem) { @@ -28,7 +34,7 @@ global APP_CALL_SIZE: u32 = 2; fn main( a: call_data(0) [Field; TX_SIZE], - b: call_data(1) [Field; APP_CALL_SIZE] + b: call_data(1) [Field; APP_CALL_SIZE], ) -> return_data [Field; TX_SIZE] { let mut a_as_bounded_vec = array_to_bounded_vec(a); diff --git a/noir/noir-repo/test_programs/compile_success_no_bug/regression_7062/src/main.nr b/noir/noir-repo/test_programs/compile_success_no_bug/regression_7062/src/main.nr index c640062b45b..f992a596fd7 100644 --- a/noir/noir-repo/test_programs/compile_success_no_bug/regression_7062/src/main.nr +++ b/noir/noir-repo/test_programs/compile_success_no_bug/regression_7062/src/main.nr @@ -1,8 +1,8 @@ fn main(args: [Field; 2]) { - /// Safety: n/a + // Safety: n/a unsafe { store(args) }; // Dummy test to remove the 'underconstraint bug' assert(args[0] + args[1] != 0); } -pub unconstrained fn store(_: [Field]) {} \ No newline at end of file +pub unconstrained fn store(_: [Field]) {} diff --git a/noir/noir-repo/test_programs/compile_success_no_bug/regression_7292/src/main.nr b/noir/noir-repo/test_programs/compile_success_no_bug/regression_7292/src/main.nr index 395cd82e1ca..dde1b2c89a3 100644 --- a/noir/noir-repo/test_programs/compile_success_no_bug/regression_7292/src/main.nr +++ b/noir/noir-repo/test_programs/compile_success_no_bug/regression_7292/src/main.nr @@ -3,7 +3,7 @@ unconstrained fn foo(_x: T) -> Field { } fn main() { - /// Safety: test + // Safety: test unsafe { assert(foo(0) == 0); } diff --git a/noir/noir-repo/test_programs/compile_success_with_bug/regression_7103/src/main.nr b/noir/noir-repo/test_programs/compile_success_with_bug/regression_7103/src/main.nr index 7ce01c2b079..74a6fc8148c 100644 --- a/noir/noir-repo/test_programs/compile_success_with_bug/regression_7103/src/main.nr +++ b/noir/noir-repo/test_programs/compile_success_with_bug/regression_7103/src/main.nr @@ -1,9 +1,8 @@ fn main() { - /// Safety: n/a + // Safety: n/a unsafe { loophole() }; } - unconstrained fn loophole() { let mut i = 0; loop { @@ -13,4 +12,4 @@ unconstrained fn loophole() { break; } } -} \ No newline at end of file +} diff --git a/noir/noir-repo/test_programs/compile_success_with_bug/underconstrained_value_detector_5425/src/main.nr b/noir/noir-repo/test_programs/compile_success_with_bug/underconstrained_value_detector_5425/src/main.nr index 22e2bc0b49d..84215e50901 100644 --- a/noir/noir-repo/test_programs/compile_success_with_bug/underconstrained_value_detector_5425/src/main.nr +++ b/noir/noir-repo/test_programs/compile_success_with_bug/underconstrained_value_detector_5425/src/main.nr @@ -9,7 +9,7 @@ unconstrained fn maximum_price(options: [u32; 3]) -> u32 { } fn main(sandwiches: pub [u32; 3], drinks: pub [u32; 3], snacks: pub [u32; 3], best_value: u32) { - /// Safety: testing context + // Safety: testing context unsafe { let meal_deal_cost: u32 = 390; let most_expensive_sandwich = maximum_price(sandwiches); diff --git a/noir/noir-repo/test_programs/execution_failure/brillig_assert_fail/src/main.nr b/noir/noir-repo/test_programs/execution_failure/brillig_assert_fail/src/main.nr index 18e6422361c..9aaf026a550 100644 --- a/noir/noir-repo/test_programs/execution_failure/brillig_assert_fail/src/main.nr +++ b/noir/noir-repo/test_programs/execution_failure/brillig_assert_fail/src/main.nr @@ -2,7 +2,7 @@ // // The features being tested is using assert on brillig fn main(x: Field) { - /// Safety: testing context + // Safety: testing context assert(1 == unsafe { conditional(x as bool) }); } diff --git a/noir/noir-repo/test_programs/execution_failure/brillig_assert_msg_runtime/src/main.nr b/noir/noir-repo/test_programs/execution_failure/brillig_assert_msg_runtime/src/main.nr index 9c07660217b..82d58a0b70c 100644 --- a/noir/noir-repo/test_programs/execution_failure/brillig_assert_msg_runtime/src/main.nr +++ b/noir/noir-repo/test_programs/execution_failure/brillig_assert_msg_runtime/src/main.nr @@ -1,5 +1,5 @@ fn main(x: Field) { - /// Safety: testing context + // Safety: testing context assert(1 == unsafe { conditional(x) }); } diff --git a/noir/noir-repo/test_programs/execution_failure/regression_5202/src/main.nr b/noir/noir-repo/test_programs/execution_failure/regression_5202/src/main.nr index 0c3a9693958..3b6972165fa 100644 --- a/noir/noir-repo/test_programs/execution_failure/regression_5202/src/main.nr +++ b/noir/noir-repo/test_programs/execution_failure/regression_5202/src/main.nr @@ -17,12 +17,12 @@ unconstrained fn should_i_assert() -> bool { } fn get_magical_boolean() -> bool { - /// Safety: testing context + // Safety: testing context let option = unsafe { get_unconstrained_option() }; let pre_assert = option.is_some().to_field(); - /// Safety: testing context + // Safety: testing context if unsafe { should_i_assert() } { // Note that `should_i_assert` is unconstrained, so Noir should not be able to infer // any behavior from the contents of this block. In this case it is actually false, so the diff --git a/noir/noir-repo/test_programs/execution_success/aes128_encrypt/src/main.nr b/noir/noir-repo/test_programs/execution_success/aes128_encrypt/src/main.nr index 11f9512444e..dbb7fc4d7b8 100644 --- a/noir/noir-repo/test_programs/execution_success/aes128_encrypt/src/main.nr +++ b/noir/noir-repo/test_programs/execution_success/aes128_encrypt/src/main.nr @@ -29,11 +29,11 @@ fn main(inputs: str<12>, iv: str<16>, key: str<16>, output: str<32>) { let result: [u8; 16] = std::aes128::aes128_encrypt(inputs.as_bytes(), iv.as_bytes(), key.as_bytes()); - /// Safety: testing context + // Safety: testing context let output_bytes: [u8; 16] = unsafe { decode_hex(output) }; assert(result == output_bytes); - /// Safety: testing context + // Safety: testing context let unconstrained_result = unsafe { cipher(inputs.as_bytes(), iv.as_bytes(), key.as_bytes()) }; assert(unconstrained_result == output_bytes); } diff --git a/noir/noir-repo/test_programs/execution_success/array_to_slice_constant_length/src/main.nr b/noir/noir-repo/test_programs/execution_success/array_to_slice_constant_length/src/main.nr index 1d29db4973a..132d0a19248 100644 --- a/noir/noir-repo/test_programs/execution_success/array_to_slice_constant_length/src/main.nr +++ b/noir/noir-repo/test_programs/execution_success/array_to_slice_constant_length/src/main.nr @@ -4,7 +4,7 @@ unconstrained fn return_array(val: Field) -> [Field; 1] { } fn main(val: Field) { - /// Safety: testing context + // Safety: testing context unsafe { let array = return_array(val); assert_constant(array.as_slice().len()); diff --git a/noir/noir-repo/test_programs/execution_success/bigint/src/main.nr b/noir/noir-repo/test_programs/execution_success/bigint/src/main.nr index 2095c92349a..2ccb446b8b4 100644 --- a/noir/noir-repo/test_programs/execution_success/bigint/src/main.nr +++ b/noir/noir-repo/test_programs/execution_success/bigint/src/main.nr @@ -17,7 +17,7 @@ fn main(mut x: [u8; 5], y: [u8; 5]) { let c = if x[0] != 0 { test_unconstrained1(a, b) } else { - /// Safety: testing context + // Safety: testing context unsafe { test_unconstrained2(a, b) } diff --git a/noir/noir-repo/test_programs/execution_success/brillig_acir_as_brillig/src/main.nr b/noir/noir-repo/test_programs/execution_success/brillig_acir_as_brillig/src/main.nr index a327dfd7533..c7e68f0edd6 100644 --- a/noir/noir-repo/test_programs/execution_success/brillig_acir_as_brillig/src/main.nr +++ b/noir/noir-repo/test_programs/execution_success/brillig_acir_as_brillig/src/main.nr @@ -1,5 +1,5 @@ fn main(x: u32) { - /// Safety: testing context + // Safety: testing context unsafe { assert(entry_point(x) == 2); swap_entry_point(x, x + 1); diff --git a/noir/noir-repo/test_programs/execution_success/brillig_arrays/src/main.nr b/noir/noir-repo/test_programs/execution_success/brillig_arrays/src/main.nr index f0524842ac6..5de6e08ac15 100644 --- a/noir/noir-repo/test_programs/execution_success/brillig_arrays/src/main.nr +++ b/noir/noir-repo/test_programs/execution_success/brillig_arrays/src/main.nr @@ -2,7 +2,7 @@ // // The features being tested are array reads and writes fn main(x: [Field; 3]) { - /// Safety: testing context + // Safety: testing context unsafe { read_array(x); read_write_array(x); diff --git a/noir/noir-repo/test_programs/execution_success/brillig_blake2s/src/main.nr b/noir/noir-repo/test_programs/execution_success/brillig_blake2s/src/main.nr index 7e567b84139..2dbbca771ed 100644 --- a/noir/noir-repo/test_programs/execution_success/brillig_blake2s/src/main.nr +++ b/noir/noir-repo/test_programs/execution_success/brillig_blake2s/src/main.nr @@ -2,7 +2,7 @@ // // The features being tested is blake2s in brillig fn main(x: [u8; 5], result: [u8; 32]) { - /// Safety: testing context + // Safety: testing context unsafe { assert(blake2s(x) == result); } diff --git a/noir/noir-repo/test_programs/execution_success/brillig_calls_array/src/main.nr b/noir/noir-repo/test_programs/execution_success/brillig_calls_array/src/main.nr index b27eb30da17..d2006071b0d 100644 --- a/noir/noir-repo/test_programs/execution_success/brillig_calls_array/src/main.nr +++ b/noir/noir-repo/test_programs/execution_success/brillig_calls_array/src/main.nr @@ -2,7 +2,7 @@ // // The features being tested is brillig calls passing arrays around fn main(x: [u32; 3]) { - /// Safety: testing context + // Safety: testing context unsafe { assert(entry_point(x) == 9); another_entry_point(x); diff --git a/noir/noir-repo/test_programs/execution_success/brillig_calls_conditionals/src/main.nr b/noir/noir-repo/test_programs/execution_success/brillig_calls_conditionals/src/main.nr index 31b70cb12cf..e8bce638ebe 100644 --- a/noir/noir-repo/test_programs/execution_success/brillig_calls_conditionals/src/main.nr +++ b/noir/noir-repo/test_programs/execution_success/brillig_calls_conditionals/src/main.nr @@ -2,7 +2,7 @@ // // The features being tested is brillig calls with conditionals fn main(x: [u32; 3]) { - /// Safety: testing context + // Safety: testing context unsafe { assert(entry_point(x[0]) == 7); assert(entry_point(x[1]) == 8); diff --git a/noir/noir-repo/test_programs/execution_success/brillig_conditional/src/main.nr b/noir/noir-repo/test_programs/execution_success/brillig_conditional/src/main.nr index 0261ebe9cd8..5d61abe6aac 100644 --- a/noir/noir-repo/test_programs/execution_success/brillig_conditional/src/main.nr +++ b/noir/noir-repo/test_programs/execution_success/brillig_conditional/src/main.nr @@ -2,7 +2,7 @@ // // The features being tested is basic conditional on brillig fn main(x: Field) { - /// Safety: testing context + // Safety: testing context unsafe { assert(4 == conditional(x == 1)); } diff --git a/noir/noir-repo/test_programs/execution_success/brillig_fns_as_values/src/main.nr b/noir/noir-repo/test_programs/execution_success/brillig_fns_as_values/src/main.nr index ff1c36c9ddf..486262f2a86 100644 --- a/noir/noir-repo/test_programs/execution_success/brillig_fns_as_values/src/main.nr +++ b/noir/noir-repo/test_programs/execution_success/brillig_fns_as_values/src/main.nr @@ -3,7 +3,7 @@ struct MyStruct { } fn main(x: u32) { - /// Safety: testing context + // Safety: testing context unsafe { assert(wrapper(increment, x) == x + 1); assert(wrapper(increment_acir, x) == x + 1); diff --git a/noir/noir-repo/test_programs/execution_success/brillig_identity_function/src/main.nr b/noir/noir-repo/test_programs/execution_success/brillig_identity_function/src/main.nr index b676c46120e..c4f52d3e02b 100644 --- a/noir/noir-repo/test_programs/execution_success/brillig_identity_function/src/main.nr +++ b/noir/noir-repo/test_programs/execution_success/brillig_identity_function/src/main.nr @@ -6,7 +6,7 @@ struct myStruct { // // The features being tested is the identity function in Brillig fn main(x: Field) { - /// Safety: testing context + // Safety: testing context unsafe { assert(x == identity(x)); // TODO: add support for array comparison diff --git a/noir/noir-repo/test_programs/execution_success/brillig_nested_arrays/src/main.nr b/noir/noir-repo/test_programs/execution_success/brillig_nested_arrays/src/main.nr index feb5433738f..3f5e5a0f8eb 100644 --- a/noir/noir-repo/test_programs/execution_success/brillig_nested_arrays/src/main.nr +++ b/noir/noir-repo/test_programs/execution_success/brillig_nested_arrays/src/main.nr @@ -28,7 +28,7 @@ unconstrained fn create_and_assert_inside_brillig(x: Field, y: Field) { } fn main(x: Field, y: Field) { - /// Safety: testing context + // Safety: testing context unsafe { let header = Header { params: [1, 2, 3] }; let note0 = MyNote { array: [1, 2], plain: 3, header }; diff --git a/noir/noir-repo/test_programs/execution_success/brillig_not/src/main.nr b/noir/noir-repo/test_programs/execution_success/brillig_not/src/main.nr index 6dc91f86127..e9e7c1bea81 100644 --- a/noir/noir-repo/test_programs/execution_success/brillig_not/src/main.nr +++ b/noir/noir-repo/test_programs/execution_success/brillig_not/src/main.nr @@ -2,7 +2,7 @@ // // The features being tested is not instruction on brillig fn main(x: Field, y: Field) { - /// Safety: testing context + // Safety: testing context unsafe { assert(false == not_operator(x as bool)); assert(true == not_operator(y as bool)); diff --git a/noir/noir-repo/test_programs/execution_success/brillig_recursion/src/main.nr b/noir/noir-repo/test_programs/execution_success/brillig_recursion/src/main.nr index e7140ffa06c..8d8997834c7 100644 --- a/noir/noir-repo/test_programs/execution_success/brillig_recursion/src/main.nr +++ b/noir/noir-repo/test_programs/execution_success/brillig_recursion/src/main.nr @@ -2,7 +2,7 @@ // // The feature being tested is brillig recursion fn main(x: u32) { - /// Safety: testing context + // Safety: testing context unsafe { assert(fibonacci(x) == 55); } diff --git a/noir/noir-repo/test_programs/execution_success/brillig_uninitialized_arrays/src/main.nr b/noir/noir-repo/test_programs/execution_success/brillig_uninitialized_arrays/src/main.nr index 39a13440ca9..03b1518cd35 100644 --- a/noir/noir-repo/test_programs/execution_success/brillig_uninitialized_arrays/src/main.nr +++ b/noir/noir-repo/test_programs/execution_success/brillig_uninitialized_arrays/src/main.nr @@ -1,5 +1,5 @@ fn main(x: Field, y: Field) -> pub Field { - /// Safety: testing context + // Safety: testing context unsafe { let notes = create_notes(x, y); sum_x(notes, x, y) diff --git a/noir/noir-repo/test_programs/execution_success/dont_deduplicate_call/src/main.nr b/noir/noir-repo/test_programs/execution_success/dont_deduplicate_call/src/main.nr index cb658eab763..cec4d7fd38f 100644 --- a/noir/noir-repo/test_programs/execution_success/dont_deduplicate_call/src/main.nr +++ b/noir/noir-repo/test_programs/execution_success/dont_deduplicate_call/src/main.nr @@ -1,6 +1,6 @@ fn main(x: Field, active: bool) { let mut x1 = false; - /// Safety:) + // Safety:) unsafe { if active { x1 = foo(x); diff --git a/noir/noir-repo/test_programs/execution_success/global_var_regression_entry_points/src/main.nr b/noir/noir-repo/test_programs/execution_success/global_var_regression_entry_points/src/main.nr index c55a6ac01e9..4a50be0881e 100644 --- a/noir/noir-repo/test_programs/execution_success/global_var_regression_entry_points/src/main.nr +++ b/noir/noir-repo/test_programs/execution_success/global_var_regression_entry_points/src/main.nr @@ -2,7 +2,7 @@ mod consts; use consts::EXPONENTIATE; fn main(x: Field, y: pub Field) { - /// Safety: testing context + // Safety: testing context unsafe { assert(entry_point_only_const_global(x) == 2); check_acc_entry_point(x, y); diff --git a/noir/noir-repo/test_programs/execution_success/hint_black_box/src/main.nr b/noir/noir-repo/test_programs/execution_success/hint_black_box/src/main.nr index ed2dc2d3760..0cc28383216 100644 --- a/noir/noir-repo/test_programs/execution_success/hint_black_box/src/main.nr +++ b/noir/noir-repo/test_programs/execution_success/hint_black_box/src/main.nr @@ -23,7 +23,7 @@ fn main(a: u32, b: u32) { //assert_eq(slice_sum(black_box(arr.as_slice())), b); // But we can pass a blackboxed slice to Brillig. - /// Safety: testing context + // Safety: testing context let s = unsafe { brillig_slice_sum(black_box(arr.as_slice())) }; assert_eq(s, b); diff --git a/noir/noir-repo/test_programs/execution_success/loop_keyword/src/main.nr b/noir/noir-repo/test_programs/execution_success/loop_keyword/src/main.nr index b038ae22343..ccdc20bc16f 100644 --- a/noir/noir-repo/test_programs/execution_success/loop_keyword/src/main.nr +++ b/noir/noir-repo/test_programs/execution_success/loop_keyword/src/main.nr @@ -1,5 +1,5 @@ fn main() { - /// Safety: test code + // Safety: test code unsafe { check_loop(); } diff --git a/noir/noir-repo/test_programs/execution_success/nested_arrays_from_brillig/src/main.nr b/noir/noir-repo/test_programs/execution_success/nested_arrays_from_brillig/src/main.nr index f724d0cdedd..387454b9e21 100644 --- a/noir/noir-repo/test_programs/execution_success/nested_arrays_from_brillig/src/main.nr +++ b/noir/noir-repo/test_programs/execution_success/nested_arrays_from_brillig/src/main.nr @@ -20,7 +20,7 @@ unconstrained fn create_inside_brillig(values: [Field; 6]) -> [MyNote; 2] { } fn main(values: [Field; 6]) { - /// Safety: testing context + // Safety: testing context let notes = unsafe { create_inside_brillig(values) }; assert(access_nested(notes) == (2 + 4 + 3 + 1)); } diff --git a/noir/noir-repo/test_programs/execution_success/reference_counts/src/main.nr b/noir/noir-repo/test_programs/execution_success/reference_counts/src/main.nr index a4c573baf39..2ee8a13f7a4 100644 --- a/noir/noir-repo/test_programs/execution_success/reference_counts/src/main.nr +++ b/noir/noir-repo/test_programs/execution_success/reference_counts/src/main.nr @@ -15,7 +15,7 @@ fn main() { let rc2 = array_refcount(u32_array); borrow_mut_two_separate(&mut array, &mut u32_array, rc1, rc2); - /// Safety: test + // Safety: test unsafe { regression_7297(); } diff --git a/noir/noir-repo/test_programs/execution_success/reference_only_used_as_alias/src/main.nr b/noir/noir-repo/test_programs/execution_success/reference_only_used_as_alias/src/main.nr index 3bbf1cf9ccb..c8dd38d9aca 100644 --- a/noir/noir-repo/test_programs/execution_success/reference_only_used_as_alias/src/main.nr +++ b/noir/noir-repo/test_programs/execution_success/reference_only_used_as_alias/src/main.nr @@ -61,7 +61,7 @@ where Event: EventInterface, { |e: Event| { - /// Safety: testing context + // Safety: testing context unsafe { func(context.a); } diff --git a/noir/noir-repo/test_programs/execution_success/regression_5435/src/main.nr b/noir/noir-repo/test_programs/execution_success/regression_5435/src/main.nr index a83ca055aab..7242dc48ce3 100644 --- a/noir/noir-repo/test_programs/execution_success/regression_5435/src/main.nr +++ b/noir/noir-repo/test_programs/execution_success/regression_5435/src/main.nr @@ -3,7 +3,7 @@ fn main(input: Field, enable: bool) { let hash = no_predicate_function(input); // `EnableSideEffects` instruction from above instruction leaks out and removes the predicate from this call, // resulting in execution failure. - /// Safety: testing context + // Safety: testing context unsafe { fail(hash) }; } } diff --git a/noir/noir-repo/test_programs/execution_success/regression_6451/src/main.nr b/noir/noir-repo/test_programs/execution_success/regression_6451/src/main.nr index edef71020e4..a20104d894e 100644 --- a/noir/noir-repo/test_programs/execution_success/regression_6451/src/main.nr +++ b/noir/noir-repo/test_programs/execution_success/regression_6451/src/main.nr @@ -10,7 +10,7 @@ fn main(x: Field) { value.assert_max_bit_size::<1>(); // Regression test for #6447 (Aztec Packages issue #9488) - /// Safety: testing context + // Safety: testing context let y = unsafe { empty(x + 1) }; let z = y + x + 1; let z1 = z + y; diff --git a/noir/noir-repo/test_programs/execution_success/regression_7062/src/main.nr b/noir/noir-repo/test_programs/execution_success/regression_7062/src/main.nr index 47e7593c0e6..726eacad30e 100644 --- a/noir/noir-repo/test_programs/execution_success/regression_7062/src/main.nr +++ b/noir/noir-repo/test_programs/execution_success/regression_7062/src/main.nr @@ -1,7 +1,7 @@ fn main(value: Field, index: u32) { let mut args = &[0, 1]; args[index] = value; - /// Safety: n/a + // Safety: n/a unsafe { store(args) }; // Dummy test to remove the 'underconstraint bug' assert(args[0] + args[1] != 0); diff --git a/noir/noir-repo/test_programs/execution_success/regression_unsafe_no_predicates/src/main.nr b/noir/noir-repo/test_programs/execution_success/regression_unsafe_no_predicates/src/main.nr index b4dd6a57e80..9fd97ad7f2b 100644 --- a/noir/noir-repo/test_programs/execution_success/regression_unsafe_no_predicates/src/main.nr +++ b/noir/noir-repo/test_programs/execution_success/regression_unsafe_no_predicates/src/main.nr @@ -7,7 +7,7 @@ fn main(x: u8, nest: bool) { #[no_predicates] pub fn unsafe_assert(msg: [u8; N]) -> u8 { - /// Safety: testing context + // Safety: testing context let block = unsafe { get_block(msg) }; verify_block(msg, block); block[0] diff --git a/noir/noir-repo/test_programs/execution_success/u16_support/src/main.nr b/noir/noir-repo/test_programs/execution_success/u16_support/src/main.nr index d86ad348708..ceaf45a3fc6 100644 --- a/noir/noir-repo/test_programs/execution_success/u16_support/src/main.nr +++ b/noir/noir-repo/test_programs/execution_success/u16_support/src/main.nr @@ -1,6 +1,6 @@ fn main(x: u16) { test_u16(x); - /// Safety: testing context + // Safety: testing context unsafe { test_u16_unconstrained(x); } diff --git a/noir/noir-repo/test_programs/execution_success/uhashmap/src/main.nr b/noir/noir-repo/test_programs/execution_success/uhashmap/src/main.nr index 6163d5b954b..4015559f11d 100644 --- a/noir/noir-repo/test_programs/execution_success/uhashmap/src/main.nr +++ b/noir/noir-repo/test_programs/execution_success/uhashmap/src/main.nr @@ -293,7 +293,7 @@ unconstrained fn doc_tests() { // docs:start:get_example fn get_example(map: UHashMap>) { - /// Safety: testing context + // Safety: testing context let x = unsafe { map.get(12) }; if x.is_some() { @@ -319,7 +319,7 @@ fn entries_examples(map: UHashMap {value}"); } diff --git a/noir/noir-repo/test_programs/format.sh b/noir/noir-repo/test_programs/format.sh index fa63d228752..8fa96541f92 100755 --- a/noir/noir-repo/test_programs/format.sh +++ b/noir/noir-repo/test_programs/format.sh @@ -33,7 +33,11 @@ echo "[workspace]" > Nargo.toml echo "members = [" >> Nargo.toml collect_dirs compile_success_empty +collect_dirs compile_success_contract +collect_dirs compile_success_no_bug +collect_dirs compile_success_with_bug collect_dirs execution_success +collect_dirs noir_test_success echo "]" >> Nargo.toml diff --git a/noir/noir-repo/test_programs/noir_test_success/brillig_oracle/src/main.nr b/noir/noir-repo/test_programs/noir_test_success/brillig_oracle/src/main.nr index 77dbeef9aa1..b0ffb1a0d88 100644 --- a/noir/noir-repo/test_programs/noir_test_success/brillig_oracle/src/main.nr +++ b/noir/noir-repo/test_programs/noir_test_success/brillig_oracle/src/main.nr @@ -8,7 +8,7 @@ fn test_main() { // Tests oracle usage in brillig/unconstrained functions fn main(_x: Field) { - /// Safety: testing context + // Safety: testing context unsafe { let size = 20; // TODO: Add a method along the lines of `(0..size).to_array()`. diff --git a/noir/noir-repo/test_programs/noir_test_success/brillig_overflow_checks/src/main.nr b/noir/noir-repo/test_programs/noir_test_success/brillig_overflow_checks/src/main.nr index 35a0c44218f..019f757591e 100644 --- a/noir/noir-repo/test_programs/noir_test_success/brillig_overflow_checks/src/main.nr +++ b/noir/noir-repo/test_programs/noir_test_success/brillig_overflow_checks/src/main.nr @@ -1,4 +1,4 @@ -use std::field::bn254::{TWO_POW_128, assert_gt}; +use std::field::bn254::{assert_gt, TWO_POW_128}; #[test(should_fail_with = "attempt to add with overflow")] unconstrained fn test_overflow_add() { diff --git a/noir/noir-repo/test_programs/noir_test_success/comptime_blackbox/src/main.nr b/noir/noir-repo/test_programs/noir_test_success/comptime_blackbox/src/main.nr index 859790f7d2d..c5ca59c7afc 100644 --- a/noir/noir-repo/test_programs/noir_test_success/comptime_blackbox/src/main.nr +++ b/noir/noir-repo/test_programs/noir_test_success/comptime_blackbox/src/main.nr @@ -75,13 +75,31 @@ fn test_blake3() { #[test] fn test_ecdsa_secp256k1() { let (valid_array, valid_slice) = comptime { - let pub_key_x: [u8; 32] = hex_to_bytes("a0434d9e47f3c86235477c7b1ae6ae5d3442d49b1943c2b752a68e2a47e247c7").as_array(); - let pub_key_y: [u8; 32] = hex_to_bytes("893aba425419bc27a3b6c7e693a24c696f794c2ed877a1593cbee53b037368d7").as_array(); - let signature: [u8; 64] = hex_to_bytes("e5081c80ab427dc370346f4a0e31aa2bad8d9798c38061db9ae55a4e8df454fd28119894344e71b78770cc931d61f480ecbb0b89d6eb69690161e49a715fcd55").as_array(); - let hashed_message: [u8; 32] = hex_to_bytes("3a73f4123a5cd2121f21cd7e8d358835476949d035d9c2da6806b4633ac8c1e2").as_array(); + let pub_key_x: [u8; 32] = hex_to_bytes( + "a0434d9e47f3c86235477c7b1ae6ae5d3442d49b1943c2b752a68e2a47e247c7", + ) + .as_array(); + let pub_key_y: [u8; 32] = hex_to_bytes( + "893aba425419bc27a3b6c7e693a24c696f794c2ed877a1593cbee53b037368d7", + ) + .as_array(); + let signature: [u8; 64] = hex_to_bytes( + "e5081c80ab427dc370346f4a0e31aa2bad8d9798c38061db9ae55a4e8df454fd28119894344e71b78770cc931d61f480ecbb0b89d6eb69690161e49a715fcd55", + ) + .as_array(); + let hashed_message: [u8; 32] = hex_to_bytes( + "3a73f4123a5cd2121f21cd7e8d358835476949d035d9c2da6806b4633ac8c1e2", + ) + .as_array(); - let valid_array = std::ecdsa_secp256k1::verify_signature(pub_key_x, pub_key_y, signature, hashed_message); - let valid_slice = std::ecdsa_secp256k1::verify_signature_slice(pub_key_x, pub_key_y, signature, hashed_message.as_slice()); + let valid_array = + std::ecdsa_secp256k1::verify_signature(pub_key_x, pub_key_y, signature, hashed_message); + let valid_slice = std::ecdsa_secp256k1::verify_signature_slice( + pub_key_x, + pub_key_y, + signature, + hashed_message.as_slice(), + ); (valid_array, valid_slice) }; @@ -93,13 +111,31 @@ fn test_ecdsa_secp256k1() { #[test] fn test_ecdsa_secp256r1() { let (valid_array, valid_slice) = comptime { - let pub_key_x: [u8; 32] = hex_to_bytes("550f471003f3df97c3df506ac797f6721fb1a1fb7b8f6f83d224498a65c88e24").as_array(); - let pub_key_y: [u8; 32] = hex_to_bytes("136093d7012e509a73715cbd0b00a3cc0ff4b5c01b3ffa196ab1fb327036b8e6").as_array(); - let signature: [u8; 64] = hex_to_bytes("2c70a8d084b62bfc5ce03641caf9f72ad4da8c81bfe6ec9487bb5e1bef62a13218ad9ee29eaf351fdc50f1520c425e9b908a07278b43b0ec7b872778c14e0784").as_array(); - let hashed_message: [u8; 32] = hex_to_bytes("54705ba3baafdbdfba8c5f9a70f7a89bee98d906b53e31074da7baecdc0da9ad").as_array(); + let pub_key_x: [u8; 32] = hex_to_bytes( + "550f471003f3df97c3df506ac797f6721fb1a1fb7b8f6f83d224498a65c88e24", + ) + .as_array(); + let pub_key_y: [u8; 32] = hex_to_bytes( + "136093d7012e509a73715cbd0b00a3cc0ff4b5c01b3ffa196ab1fb327036b8e6", + ) + .as_array(); + let signature: [u8; 64] = hex_to_bytes( + "2c70a8d084b62bfc5ce03641caf9f72ad4da8c81bfe6ec9487bb5e1bef62a13218ad9ee29eaf351fdc50f1520c425e9b908a07278b43b0ec7b872778c14e0784", + ) + .as_array(); + let hashed_message: [u8; 32] = hex_to_bytes( + "54705ba3baafdbdfba8c5f9a70f7a89bee98d906b53e31074da7baecdc0da9ad", + ) + .as_array(); - let valid_array = std::ecdsa_secp256r1::verify_signature(pub_key_x, pub_key_y, signature, hashed_message); - let valid_slice = std::ecdsa_secp256r1::verify_signature_slice(pub_key_x, pub_key_y, signature, hashed_message.as_slice()); + let valid_array = + std::ecdsa_secp256r1::verify_signature(pub_key_x, pub_key_y, signature, hashed_message); + let valid_slice = std::ecdsa_secp256r1::verify_signature_slice( + pub_key_x, + pub_key_y, + signature, + hashed_message.as_slice(), + ); (valid_array, valid_slice) }; assert(valid_array); @@ -123,7 +159,11 @@ fn test_embedded_curve_ops() { let (sum, mul) = comptime { let s1 = EmbeddedCurveScalar { lo: 1, hi: 0 }; let s2 = EmbeddedCurveScalar { lo: 2, hi: 0 }; - let g1 = EmbeddedCurvePoint { x: 1, y: 17631683881184975370165255887551781615748388533673675138860, is_infinite: false }; + let g1 = EmbeddedCurvePoint { + x: 1, + y: 17631683881184975370165255887551781615748388533673675138860, + is_infinite: false, + }; let g2 = multi_scalar_mul([g1], [s2]); let sum = g1 + g2; let mul = multi_scalar_mul([g1, g2], [s1, s1]); @@ -138,7 +178,7 @@ comptime fn hex_to_bytes(s: str) -> [u8] { let mut out = &[]; let bz = s.as_bytes(); let mut h: u32 = 0; - for i in 0 .. bz.len() { + for i in 0..bz.len() { let ascii = bz[i]; let d = if ascii < 58 { ascii - 48 diff --git a/noir/noir-repo/test_programs/noir_test_success/comptime_expr/src/main.nr b/noir/noir-repo/test_programs/noir_test_success/comptime_expr/src/main.nr index 6efbc212cbe..1b20104cf00 100644 --- a/noir/noir-repo/test_programs/noir_test_success/comptime_expr/src/main.nr +++ b/noir/noir-repo/test_programs/noir_test_success/comptime_expr/src/main.nr @@ -554,7 +554,7 @@ mod tests { fn test_expr_as_unsafe() { comptime { let expr = quote { - /// Safety: test + // Safety: test unsafe { 1; 4; 23 } } .as_expr() @@ -568,7 +568,7 @@ mod tests { fn test_expr_modify_for_unsafe() { comptime { let expr = quote { - /// Safety: test + // Safety: test unsafe { 1; 4; 23 } } .as_expr() diff --git a/noir/noir-repo/test_programs/noir_test_success/comptime_globals/src/main.nr b/noir/noir-repo/test_programs/noir_test_success/comptime_globals/src/main.nr index 95c54b96609..6033635b17e 100644 --- a/noir/noir-repo/test_programs/noir_test_success/comptime_globals/src/main.nr +++ b/noir/noir-repo/test_programs/noir_test_success/comptime_globals/src/main.nr @@ -7,7 +7,11 @@ comptime global FOO: Field = foo(); // is evaluated before loop unrolling. comptime fn foo() -> Field { let mut three = 3; - if three == 3 { 5 } else { 6 } + if three == 3 { + 5 + } else { + 6 + } } #[test] diff --git a/noir/noir-repo/test_programs/noir_test_success/embedded_curve_ops/src/main.nr b/noir/noir-repo/test_programs/noir_test_success/embedded_curve_ops/src/main.nr index 760df58c34a..1deb826e5e2 100644 --- a/noir/noir-repo/test_programs/noir_test_success/embedded_curve_ops/src/main.nr +++ b/noir/noir-repo/test_programs/noir_test_success/embedded_curve_ops/src/main.nr @@ -1,10 +1,14 @@ use std::embedded_curve_ops::{EmbeddedCurvePoint, EmbeddedCurveScalar, multi_scalar_mul}; #[test] - - fn test_infinite_point() { + +fn test_infinite_point() { let zero = EmbeddedCurvePoint::point_at_infinity(); - let g1 = EmbeddedCurvePoint { x: 1, y: 17631683881184975370165255887551781615748388533673675138860, is_infinite: false }; + let g1 = EmbeddedCurvePoint { + x: 1, + y: 17631683881184975370165255887551781615748388533673675138860, + is_infinite: false, + }; let g2 = g1 + g1; let s1 = EmbeddedCurveScalar { lo: 1, hi: 0 }; @@ -16,21 +20,25 @@ use std::embedded_curve_ops::{EmbeddedCurvePoint, EmbeddedCurveScalar, multi_sca assert(zero + zero == zero); assert( multi_scalar_mul([g1], [s1]) - == EmbeddedCurvePoint { x: 1, y: 17631683881184975370165255887551781615748388533673675138860, is_infinite: false } + == EmbeddedCurvePoint { + x: 1, + y: 17631683881184975370165255887551781615748388533673675138860, + is_infinite: false, + }, ); assert(multi_scalar_mul([g1, g1], [s1, s1]) == g2); assert( multi_scalar_mul( - [g1, zero], - [EmbeddedCurveScalar { lo: 2, hi: 0 }, EmbeddedCurveScalar { lo: 42, hi: 25 }] - ) - == g2 + [g1, zero], + [EmbeddedCurveScalar { lo: 2, hi: 0 }, EmbeddedCurveScalar { lo: 42, hi: 25 }], + ) + == g2, ); assert( multi_scalar_mul( - [g1, g1, zero], - [s1, s1, EmbeddedCurveScalar { lo: 42, hi: 25 }] - ) - == g2 + [g1, g1, zero], + [s1, s1, EmbeddedCurveScalar { lo: 42, hi: 25 }], + ) + == g2, ); } diff --git a/noir/noir-repo/test_programs/noir_test_success/field_comparisons/src/main.nr b/noir/noir-repo/test_programs/noir_test_success/field_comparisons/src/main.nr index 8613e6d6c4f..5bd24008b21 100644 --- a/noir/noir-repo/test_programs/noir_test_success/field_comparisons/src/main.nr +++ b/noir/noir-repo/test_programs/noir_test_success/field_comparisons/src/main.nr @@ -1,4 +1,4 @@ -use std::field::bn254::{TWO_POW_128, assert_gt}; +use std::field::bn254::{assert_gt, TWO_POW_128}; #[test(should_fail)] fn test_assert_gt_should_fail_eq() { diff --git a/noir/noir-repo/test_programs/noir_test_success/global_eval/src/main.nr b/noir/noir-repo/test_programs/noir_test_success/global_eval/src/main.nr index 6ec366c4cd6..87a2d50a916 100644 --- a/noir/noir-repo/test_programs/noir_test_success/global_eval/src/main.nr +++ b/noir/noir-repo/test_programs/noir_test_success/global_eval/src/main.nr @@ -10,8 +10,8 @@ global POW64_B: Field = (U128::one() << 64).to_integer(); #[test] fn test_be_and_le_bits() { - assert_eq(BITS_BE_13, [1,1,0,1]); - assert_eq(BITS_LE_13, [1,0,1,1]); + assert_eq(BITS_BE_13, [1, 1, 0, 1]); + assert_eq(BITS_LE_13, [1, 0, 1, 1]); } #[test] diff --git a/noir/noir-repo/test_programs/noir_test_success/mock_oracle/src/main.nr b/noir/noir-repo/test_programs/noir_test_success/mock_oracle/src/main.nr index aaf2c87ddb0..bdffd62bb80 100644 --- a/noir/noir-repo/test_programs/noir_test_success/mock_oracle/src/main.nr +++ b/noir/noir-repo/test_programs/noir_test_success/mock_oracle/src/main.nr @@ -34,7 +34,7 @@ unconstrained fn struct_field(point: Point, array: [Field; 4]) -> Field { #[test(should_fail)] fn test_mock_no_returns() { - /// Safety: testing context + // Safety: testing context unsafe { OracleMock::mock("void_field"); void_field(); // Some return value must be set @@ -43,7 +43,7 @@ fn test_mock_no_returns() { #[test] fn test_mock() { - /// Safety: testing context + // Safety: testing context unsafe { OracleMock::mock("void_field").returns(10); assert_eq(void_field(), 10); @@ -52,7 +52,7 @@ fn test_mock() { #[test] fn test_multiple_mock() { - /// Safety: testing context + // Safety: testing context unsafe { let first_mock = OracleMock::mock("void_field").returns(10); OracleMock::mock("void_field").returns(42); @@ -67,7 +67,7 @@ fn test_multiple_mock() { #[test] fn test_multiple_mock_times() { - /// Safety: testing context + // Safety: testing context unsafe { OracleMock::mock("void_field").returns(10).times(2); OracleMock::mock("void_field").returns(42); @@ -80,7 +80,7 @@ fn test_multiple_mock_times() { #[test] fn test_mock_with_params() { - /// Safety: testing context + // Safety: testing context unsafe { OracleMock::mock("field_field").with_params((5,)).returns(10); assert_eq(field_field(5), 10); @@ -89,7 +89,7 @@ fn test_mock_with_params() { #[test] fn test_multiple_mock_with_params() { - /// Safety: testing context + // Safety: testing context unsafe { OracleMock::mock("field_field").with_params((5,)).returns(10); OracleMock::mock("field_field").with_params((7,)).returns(14); @@ -101,7 +101,7 @@ fn test_multiple_mock_with_params() { #[test] fn test_mock_last_params() { - /// Safety: testing context + // Safety: testing context unsafe { let mock = OracleMock::mock("field_field").returns(10); assert_eq(field_field(5), 10); @@ -112,7 +112,7 @@ fn test_mock_last_params() { #[test] fn test_mock_last_params_many_calls() { - /// Safety: testing context + // Safety: testing context unsafe { let mock = OracleMock::mock("field_field").returns(10); assert_eq(field_field(5), 10); @@ -129,7 +129,7 @@ fn test_mock_struct_field() { let another_array = [4, 3, 2, 1]; let point = Point { x: 14, y: 27 }; - /// Safety: testing context + // Safety: testing context unsafe { OracleMock::mock("struct_field").returns(42).times(2); let timeless_mock = OracleMock::mock("struct_field").returns(0); diff --git a/noir/noir-repo/test_programs/noir_test_success/out_of_bounds_alignment/src/main.nr b/noir/noir-repo/test_programs/noir_test_success/out_of_bounds_alignment/src/main.nr index 05bc2a5ce13..8848b9ad001 100644 --- a/noir/noir-repo/test_programs/noir_test_success/out_of_bounds_alignment/src/main.nr +++ b/noir/noir-repo/test_programs/noir_test_success/out_of_bounds_alignment/src/main.nr @@ -16,7 +16,7 @@ fn test_acir() { #[test(should_fail)] fn test_brillig() { - /// Safety: testing context + // Safety: testing context unsafe { assert_eq(out_of_bounds_unconstrained_wrapper([0; 50], [0; 50]), 0); } diff --git a/noir/noir-repo/test_programs/noir_test_success/regression_4561/src/main.nr b/noir/noir-repo/test_programs/noir_test_success/regression_4561/src/main.nr index da89135e531..d925ed01cd8 100644 --- a/noir/noir-repo/test_programs/noir_test_success/regression_4561/src/main.nr +++ b/noir/noir-repo/test_programs/noir_test_success/regression_4561/src/main.nr @@ -40,7 +40,10 @@ unconstrained fn two_nested_return_unconstrained() -> (Field, TReturn, Field, TR #[test] unconstrained fn two_nested_return() { OracleMock::mock("two_nested_return").returns((0, [1, 2, 3, 4, 5, 6], 7, [1, 2, 3, 4, 5, 6])); - assert_eq(two_nested_return_unconstrained(), (0, [[1, 2, 3], [4, 5, 6]], 7, [[1, 2, 3], [4, 5, 6]])); + assert_eq( + two_nested_return_unconstrained(), + (0, [[1, 2, 3], [4, 5, 6]], 7, [[1, 2, 3], [4, 5, 6]]), + ); } #[oracle(foo_return)] @@ -57,19 +60,21 @@ struct TestTypeFoo { } #[test] -unconstrained fn complex_struct_return() { - OracleMock::mock("foo_return").returns( - ( - 0, [1, 2, 3, 4, 5, 6], 7, [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24], [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12], [1, 2, 3, 4, 5, 6] - ) - ); +unconstrained fn complexe_struct_return() { + OracleMock::mock("foo_return").returns(( + 0, [1, 2, 3, 4, 5, 6], 7, + [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24], + [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12], [1, 2, 3, 4, 5, 6], + )); let foo_x = foo_return_unconstrained(); assert_eq((foo_x.0, foo_x.1), (0, [[1, 2, 3], [4, 5, 6]])); assert_eq(foo_x.2.a, 7); assert_eq( - foo_x.2.b, [ - [[1, 2, 3], [4, 5, 6], [7, 8, 9], [10, 11, 12]], [[13, 14, 15], [16, 17, 18], [19, 20, 21], [22, 23, 24]] - ] + foo_x.2.b, + [ + [[1, 2, 3], [4, 5, 6], [7, 8, 9], [10, 11, 12]], + [[13, 14, 15], [16, 17, 18], [19, 20, 21], [22, 23, 24]], + ], ); let a: TReturnElem = [1, 2, 3]; let b: TReturnElem = [4, 5, 6]; diff --git a/noir/noir-repo/tooling/nargo_fmt/src/formatter/doc_comments.rs b/noir/noir-repo/tooling/nargo_fmt/src/formatter/doc_comments.rs index ac2cae10c78..f591f09e729 100644 --- a/noir/noir-repo/tooling/nargo_fmt/src/formatter/doc_comments.rs +++ b/noir/noir-repo/tooling/nargo_fmt/src/formatter/doc_comments.rs @@ -36,6 +36,48 @@ impl<'a> Formatter<'a> { } } } + + /// Formats outer doc comments, turning them into regular comments if they start with "Safety:" + pub(super) fn format_outer_doc_comments_checking_safety(&mut self) { + self.skip_comments_and_whitespace(); + + let is_safety = match &self.token { + Token::LineComment(comment, Some(DocStyle::Outer)) + | Token::BlockComment(comment, Some(DocStyle::Outer)) => { + comment.trim().to_lowercase().starts_with("safety:") + } + _ => false, + }; + if !is_safety { + return self.format_outer_doc_comments(); + } + + loop { + self.skip_comments_and_whitespace(); + + match self.token { + Token::LineComment(_, Some(DocStyle::Outer)) => { + self.write_indentation(); + let string = self.token.to_string(); + let string = string.trim_end(); + let string = string.replacen("///", "//", 1); + self.write(&string); + self.bump(); + self.write_line(); + } + Token::BlockComment(_, Some(DocStyle::Outer)) => { + self.write_indentation(); + let string = self.token.to_string(); + let string = string.trim_end(); + let string = string.replacen("/**", "/*", 1); + self.write(&string); + self.bump(); + self.write_line(); + } + _ => break, + } + } + } } #[cfg(test)] diff --git a/noir/noir-repo/tooling/nargo_fmt/src/formatter/expression.rs b/noir/noir-repo/tooling/nargo_fmt/src/formatter/expression.rs index 54d9d2e41f5..1a6610364f2 100644 --- a/noir/noir-repo/tooling/nargo_fmt/src/formatter/expression.rs +++ b/noir/noir-repo/tooling/nargo_fmt/src/formatter/expression.rs @@ -377,7 +377,7 @@ impl<'a, 'b> ChunkFormatter<'a, 'b> { ) -> ChunkGroup { let mut group = ChunkGroup::new(); group.text(self.chunk(|formatter| { - formatter.format_outer_doc_comments(); + formatter.format_outer_doc_comments_checking_safety(); formatter.write_keyword(Keyword::Unsafe); formatter.write_space(); })); @@ -2033,12 +2033,12 @@ global y = 1; } #[test] - fn format_unsafe_with_doc_comment() { + fn format_unsafe_with_comment() { let src = "fn foo() { - /// Comment + // Comment unsafe { 1 } }"; let expected = "fn foo() { - /// Comment + // Comment unsafe { 1 } @@ -2047,6 +2047,25 @@ global y = 1; assert_format(src, expected); } + #[test] + fn format_unsafe_with_doc_comment() { + let src = "fn foo() { + assert( + /// Safety: comment + /// More comments... + unsafe { 1 } + ); } "; + let expected = "fn foo() { + assert( + // Safety: comment + // More comments... + unsafe { 1 }, + ); +} +"; + assert_format(src, expected); + } + #[test] fn format_comptime_one_expression() { let src = "global x = comptime { 1 } ;"; diff --git a/noir/noir-repo/tooling/nargo_fmt/src/formatter/global.rs b/noir/noir-repo/tooling/nargo_fmt/src/formatter/global.rs index 783629c8e32..c351e15e3b6 100644 --- a/noir/noir-repo/tooling/nargo_fmt/src/formatter/global.rs +++ b/noir/noir-repo/tooling/nargo_fmt/src/formatter/global.rs @@ -12,6 +12,8 @@ impl<'a> Formatter<'a> { let_statement: LetStatement, visibility: ItemVisibility, ) { + self.format_secondary_attributes(let_statement.attributes.clone()); + let group = self.chunk_formatter().format_global(let_statement, visibility); self.write_indentation(); self.format_chunk_group(group); @@ -99,4 +101,13 @@ mod tests { let expected = "pub comptime mut global x: Field = 1;\n"; assert_format(src, expected); } + + #[test] + fn format_global_with_attributes() { + let src = " #[abi ( foo ) ] global x = 1 ; "; + let expected = "#[abi(foo)] +global x = 1; +"; + assert_format(src, expected); + } } diff --git a/noir/noir-repo/tooling/nargo_fmt/src/formatter/statement.rs b/noir/noir-repo/tooling/nargo_fmt/src/formatter/statement.rs index ae4177c224b..7ce5801cf36 100644 --- a/noir/noir-repo/tooling/nargo_fmt/src/formatter/statement.rs +++ b/noir/noir-repo/tooling/nargo_fmt/src/formatter/statement.rs @@ -24,14 +24,14 @@ impl<'a, 'b> ChunkFormatter<'a, 'b> { group.leading_comment(self.chunk(|formatter| { // Doc comments for a let statement could come before a potential non-doc comment if formatter.token.kind() == TokenKind::OuterDocComment { - formatter.format_outer_doc_comments(); + formatter.format_outer_doc_comments_checking_safety(); } formatter.skip_comments_and_whitespace_writing_multiple_lines_if_found(); // Or doc comments could come after a potential non-doc comment if formatter.token.kind() == TokenKind::OuterDocComment { - formatter.format_outer_doc_comments(); + formatter.format_outer_doc_comments_checking_safety(); } })); @@ -374,12 +374,12 @@ mod tests { } #[test] - fn format_let_statement_with_unsafe() { + fn format_let_statement_with_unsafe_comment() { let src = " fn foo() { - /// Safety: some doc + // Safety: some comment let x = unsafe { 1 } ; } "; let expected = "fn foo() { - /// Safety: some doc + // Safety: some comment let x = unsafe { 1 }; } "; @@ -387,14 +387,12 @@ mod tests { } #[test] - fn format_let_statement_with_unsafe_and_comment_before_it() { + fn format_let_statement_with_unsafe_doc_comment() { let src = " fn foo() { - // Some comment - /// Safety: some doc + /// Safety: some comment let x = unsafe { 1 } ; } "; let expected = "fn foo() { - // Some comment - /// Safety: some doc + // Safety: some comment let x = unsafe { 1 }; } "; diff --git a/noir/noir-repo/tooling/nargo_fmt/tests/expected/unsafe.nr b/noir/noir-repo/tooling/nargo_fmt/tests/expected/unsafe.nr index 0cf587ea549..265cba9604f 100644 --- a/noir/noir-repo/tooling/nargo_fmt/tests/expected/unsafe.nr +++ b/noir/noir-repo/tooling/nargo_fmt/tests/expected/unsafe.nr @@ -1,8 +1,13 @@ fn main(x: pub u8, y: u8) { - /// Safety: testing + // Safety: testing unsafe {} - /// Safety: testing + // Safety: testing + unsafe { + assert_eq(x, y); + } + + // Safety: testing unsafe { assert_eq(x, y); } diff --git a/noir/noir-repo/tooling/nargo_fmt/tests/input/unsafe.nr b/noir/noir-repo/tooling/nargo_fmt/tests/input/unsafe.nr index 0aeffd0b983..6e9319fcb17 100644 --- a/noir/noir-repo/tooling/nargo_fmt/tests/input/unsafe.nr +++ b/noir/noir-repo/tooling/nargo_fmt/tests/input/unsafe.nr @@ -1,8 +1,13 @@ fn main(x: pub u8, y: u8) { - /// Safety: testing + // Safety: testing unsafe { } + // Safety: testing + unsafe { + assert_eq(x, y); + } + /// Safety: testing unsafe { assert_eq(x, y);