feat: merge-train/avm

barretenberg/cpp/pil/vm2/sha256.pil

@@ -71,7 +71,8 @@ namespace sha256;
     // We perform a compression operation if we are not at a latched row, or there is not an err
     pol commit perform_round;
     perform_round = (1 - LATCH_CONDITION) * SEL_NO_ERR;
-    pol LAST = SEL_NO_ERR * latch;
+    pol commit last;
+    last = SEL_NO_ERR * latch;
 
     // Counter
     pol NUM_ROUNDS = 64;
@@ -494,84 +495,84 @@ namespace sha256;
 
     // TODO: These constraints could be better - we might have to reverse the order of the rounds
     pol OUT_A = a + init_a;
-    LAST * (OUT_A - (output_a_lhs * 2**32 + output_a_rhs)) = 0;
+    last * (OUT_A - (output_a_lhs * 2**32 + output_a_rhs)) = 0;
     pol OUT_B = b + init_b;
-    LAST * (OUT_B - (output_b_lhs * 2**32 + output_b_rhs)) = 0;
+    last * (OUT_B - (output_b_lhs * 2**32 + output_b_rhs)) = 0;
     pol OUT_C = c + init_c;
-    LAST * (OUT_C - (output_c_lhs * 2**32 + output_c_rhs)) = 0;
+    last * (OUT_C - (output_c_lhs * 2**32 + output_c_rhs)) = 0;
     pol OUT_D = d + init_d;
-    LAST * (OUT_D - (output_d_lhs * 2**32 + output_d_rhs)) = 0;
+    last * (OUT_D - (output_d_lhs * 2**32 + output_d_rhs)) = 0;
     pol OUT_E = e + init_e;
-    LAST * (OUT_E - (output_e_lhs * 2**32 + output_e_rhs)) = 0;
+    last * (OUT_E - (output_e_lhs * 2**32 + output_e_rhs)) = 0;
     pol OUT_F = f + init_f;
-    LAST * (OUT_F - (output_f_lhs * 2**32 + output_f_rhs)) = 0;
+    last * (OUT_F - (output_f_lhs * 2**32 + output_f_rhs)) = 0;
     pol OUT_G = g + init_g;
-    LAST * (OUT_G - (output_g_lhs * 2**32 + output_g_rhs)) = 0;
+    last * (OUT_G - (output_g_lhs * 2**32 + output_g_rhs)) = 0;
     pol OUT_H = h + init_h;
-    LAST * (OUT_H - (output_h_lhs * 2**32 + output_h_rhs)) = 0;
+    last * (OUT_H - (output_h_lhs * 2**32 + output_h_rhs)) = 0;
 
-    // Check Modulo Add Operation
+    // Check Modulo Add Operation for final outputs
     #[RANGE_COMP_A_LHS]
-    perform_round { two_pow_32, output_a_lhs, /*result = 1*/ perform_round }
+    last { two_pow_32, output_a_lhs, /*result = 1*/ last }
     in
     gt.sel_sha256 { gt.input_a, gt.input_b, gt.res };
     #[RANGE_COMP_A_RHS]
-    perform_round { two_pow_32, output_a_rhs, /*result = 1*/ perform_round }
+    last { two_pow_32, output_a_rhs, /*result = 1*/ last }
     in
     gt.sel_sha256 { gt.input_a, gt.input_b, gt.res };
     #[RANGE_COMP_B_LHS]
-    perform_round { two_pow_32, output_b_lhs, /*result = 1*/ perform_round }
+    last { two_pow_32, output_b_lhs, /*result = 1*/ last }
     in
     gt.sel_sha256 { gt.input_a, gt.input_b, gt.res };
     #[RANGE_COMP_B_RHS]
-    perform_round { two_pow_32, output_b_rhs, /*result = 1*/ perform_round }
+    last { two_pow_32, output_b_rhs, /*result = 1*/ last }
     in
     gt.sel_sha256 { gt.input_a, gt.input_b, gt.res };
     #[RANGE_COMP_C_LHS]
-    perform_round { two_pow_32, output_c_lhs, /*result = 1*/ perform_round }
+    last { two_pow_32, output_c_lhs, /*result = 1*/ last }
     in
     gt.sel_sha256 { gt.input_a, gt.input_b, gt.res };
     #[RANGE_COMP_C_RHS]
-    perform_round { two_pow_32, output_c_rhs, /*result = 1*/ perform_round }
+    last { two_pow_32, output_c_rhs, /*result = 1*/ last }
     in
     gt.sel_sha256 { gt.input_a, gt.input_b, gt.res };
     #[RANGE_COMP_D_LHS]
-    perform_round { two_pow_32, output_d_lhs, /*result = 1*/ perform_round }
+    last { two_pow_32, output_d_lhs, /*result = 1*/ last }
     in
     gt.sel_sha256 { gt.input_a, gt.input_b, gt.res };
     #[RANGE_COMP_D_RHS]
-    perform_round { two_pow_32, output_d_rhs, /*result = 1*/ perform_round }
+    last { two_pow_32, output_d_rhs, /*result = 1*/ last }
     in
     gt.sel_sha256 { gt.input_a, gt.input_b, gt.res };
     #[RANGE_COMP_E_LHS]
-    perform_round { two_pow_32, output_e_lhs, /*result = 1*/ perform_round }
+    last { two_pow_32, output_e_lhs, /*result = 1*/ last }
     in
     gt.sel_sha256 { gt.input_a, gt.input_b, gt.res };
     #[RANGE_COMP_E_RHS]
-    perform_round { two_pow_32, output_e_rhs, /*result = 1*/ perform_round }
+    last { two_pow_32, output_e_rhs, /*result = 1*/ last }
     in
     gt.sel_sha256 { gt.input_a, gt.input_b, gt.res };
     #[RANGE_COMP_F_LHS]
-    perform_round { two_pow_32, output_f_lhs, /*result = 1*/ perform_round }
+    last { two_pow_32, output_f_lhs, /*result = 1*/ last }
     in
     gt.sel_sha256 { gt.input_a, gt.input_b, gt.res };
     #[RANGE_COMP_F_RHS]
-    perform_round { two_pow_32, output_f_rhs, /*result = 1*/ perform_round }
+    last { two_pow_32, output_f_rhs, /*result = 1*/ last }
     in
     gt.sel_sha256 { gt.input_a, gt.input_b, gt.res };
     #[RANGE_COMP_G_LHS]
-    perform_round { two_pow_32, output_g_lhs, /*result = 1*/ perform_round }
+    last { two_pow_32, output_g_lhs, /*result = 1*/ last }
     in
     gt.sel_sha256 { gt.input_a, gt.input_b, gt.res };
     #[RANGE_COMP_G_RHS]
-    perform_round { two_pow_32, output_g_rhs, /*result = 1*/ perform_round }
+    last { two_pow_32, output_g_rhs, /*result = 1*/ last }
     in
     gt.sel_sha256 { gt.input_a, gt.input_b, gt.res };
     #[RANGE_COMP_H_LHS]
-    perform_round { two_pow_32, output_h_lhs, /*result = 1*/ perform_round }
+    last { two_pow_32, output_h_lhs, /*result = 1*/ last }
     in
     gt.sel_sha256 { gt.input_a, gt.input_b, gt.res };
     #[RANGE_COMP_H_RHS]
-    perform_round { two_pow_32, output_h_rhs, /*result = 1*/ perform_round }
+    last { two_pow_32, output_h_rhs, /*result = 1*/ last }
     in
     gt.sel_sha256 { gt.input_a, gt.input_b, gt.res };

barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzz_lib/memory_manager.cpp

@@ -158,8 +158,9 @@ ResolvedAddress MemoryManager::resolve_address(AddressRef address, uint32_t max_
             address.base_offset_seed, address.pointer_address_seed, max_operand_address);
         break;
     case AddressingMode::Direct:
-        // Constrain address to fit in the operand (deserialized/mutated data may exceed max)
-        resolved_address.absolute_address = address.address % (max_operand_address + 1);
+        // Do not delete this assert, if it fails, it means that some address was generated / mutated incorrectly in
+        // instruction.cpp. Check all the `max_operand` parameters that you're passing to generate_address_ref.
+        BB_ASSERT_LTE(address.address, max_operand_address);
         resolved_address.operand_address = resolved_address.absolute_address;
         break;
     }

barretenberg/cpp/src/barretenberg/avm_fuzzer/fuzz_lib/program_block.cpp

@@ -1453,8 +1453,8 @@ void ProgramBlock::process_keccakf1600_instruction(KECCAKF1600_Instruction instr
     preprocess_memory_addresses(dst.value().first);
 
     auto keccakf1600_instruction = bb::avm2::testing::InstructionBuilder(bb::avm2::WireOpCode::KECCAKF1600)
-                                       .operand(src.value().second)
                                        .operand(dst.value().second)
+                                       .operand(src.value().second)
                                        .build();
     instructions.push_back(keccakf1600_instruction);
 

barretenberg/cpp/src/barretenberg/avm_fuzzer/harness/context_helper.hpp

@@ -48,6 +48,7 @@ class GadgetFuzzerContextHelper {
     DeduplicatingEventEmitter<RangeCheckEvent> range_check_emitter;
     DeduplicatingEventEmitter<GreaterThanEvent> greater_than_emitter;
     DeduplicatingEventEmitter<FieldGreaterThanEvent> field_gt_emitter;
+    EventEmitter<InternalCallStackEvent> internal_call_stack_emitter;
 
     // Commonly used gadgets:
     ExecutionIdManager execution_id_manager;
@@ -62,8 +63,8 @@ class GadgetFuzzerContextHelper {
     std::unique_ptr<simulation::ContextProvider> context_provider;
     // Context:
     std::unique_ptr<simulation::ContextInterface> make_enqueued_fuzzing_context(
-        AztecAddress address,
-        AztecAddress msg_sender,
+        AztecAddress address = AztecAddress(0),
+        AztecAddress msg_sender = AztecAddress(0),
         bool is_static = false,
         FF transaction_fee = FF(0),
         std::span<const FF> calldata = {},
@@ -91,7 +92,6 @@ class GadgetFuzzerContextHelper {
     EventEmitter<BytecodeDecompositionEvent> bytecode_decomposition_emitter;
     EventEmitter<RetrievedBytecodesTreeCheckEvent> retrieved_bytecodes_tree_check_emitter;
     EventEmitter<CalldataEvent> calldata_event_emitter;
-    EventEmitter<InternalCallStackEvent> internal_call_stack_emitter;
     DeduplicatingEventEmitter<InstructionFetchingEvent> instruction_fetching_emitter;
 
     // Gadgets: