Merge pull request #1329 from shuoer86/main

evm/src/byte_packing/columns.rs

@@ -31,7 +31,7 @@ pub(crate) const TIMESTAMP: usize = ADDR_VIRTUAL + 1;
 // 32 byte limbs hold a total of 256 bits.
 const BYTES_VALUES_START: usize = TIMESTAMP + 1;
 // There are `NUM_BYTES` columns used to store the values of the bytes
-// that are beeing read/written for an (un)packing operation.
+// that are being read/written for an (un)packing operation.
 // If `index_bytes(i) == 1`, then all `value_bytes(j) for j <= i` may be non-zero.
 pub(crate) const fn value_bytes(i: usize) -> usize {
     debug_assert!(i < NUM_BYTES);

evm/src/cpu/docs/out-of-gas.md

@@ -8,7 +8,7 @@ When a native instruction (one that is not a syscall) is executed, a constraint
 
 If everything goes smoothly and we have not run out of gas, `gas` should be no more than the gas allowance at the point that we `STOP`, `REVERT`, stack overflow, or whatever. Indeed, because we assume that the gas overflow handler is invoked _as soon as_ we've run out of gas, all these termination methods must verify that `gas` <= allowance, and `PANIC` if this is not the case. This is also true for the out-of-gas handler, which should check that (a) we have not yet run out of gas and (b) we are about to run out of gas, `PANIC`king if either of those does not hold.
 
-When we do run out of gas, however, this event must be handled. Syscalls are responsible for checking that their execution would not cause the transaction to run out of gas. If the syscall detects that it would need to charge more gas than available, it must abort the transaction by jumping to `exc_out_of_gas`, which in turn verifies that the out-of-gas hasn't _already_ occured.
+When we do run out of gas, however, this event must be handled. Syscalls are responsible for checking that their execution would not cause the transaction to run out of gas. If the syscall detects that it would need to charge more gas than available, it must abort the transaction by jumping to `exc_out_of_gas`, which in turn verifies that the out-of-gas hasn't _already_ occurred.
 
 Native instructions do this differently. If the prover notices that execution of the instruction would cause an out-of-gas error, it must jump to the appropriate handler instead of executing the instruction. (The handler contains special code that `PANIC`s if the prover invoked it incorrectly.)
 

evm/src/cpu/kernel/asm/core/exception.asm

@@ -1,4 +1,4 @@
-// These exception codes are arbitary and assigned by us.
+// These exception codes are arbitrary and assigned by us.
 global exception_jumptable:
     // exception 0: out of gas
     JUMPTABLE exc_out_of_gas

evm/src/cpu/kernel/asm/curve/bn254/field_arithmetic/inverse.asm

@@ -1,4 +1,4 @@
-// Returns reverse order divison y/x, modulo N
+// Returns reverse order division y/x, modulo N
 %macro divr_fp254
     // stack: x   , y
     %inv_fp254

evm/src/cpu/kernel/asm/mpt/hash/hash.asm

@@ -1,7 +1,7 @@
 // Computes the Merkle root of the given trie node.
 //
 // encode_value is a function which should take as input
-// - the position withing @SEGMENT_RLP_RAW to write to,
+// - the position within @SEGMENT_RLP_RAW to write to,
 // - the offset of a value within @SEGMENT_TRIE_DATA, and
 // - a return address.
 // It should serialize the value, write it to @SEGMENT_RLP_RAW starting at the

evm/src/cpu/kernel/asm/mpt/hash/hash_trie_specific.asm

@@ -99,7 +99,7 @@ global encode_account:
 global encode_txn:
     // stack: rlp_pos, value_ptr, retdest
     
-    // Load the txn_rlp_len which is at the beginnig of value_ptr
+    // Load the txn_rlp_len which is at the beginning of value_ptr
     DUP2 %mload_trie_data
     // stack: txn_rlp_len, rlp_pos, value_ptr, retdest
     SWAP2 %increment

evm/src/cpu/modfp254.rs

@@ -15,7 +15,7 @@ const P_LIMBS: [u32; 8] = [
     0xd87cfd47, 0x3c208c16, 0x6871ca8d, 0x97816a91, 0x8181585d, 0xb85045b6, 0xe131a029, 0x30644e72,
 ];
 
-/// Evaluates constriants to check the modulus in mem_channel[2].
+/// Evaluates constraints to check the modulus in mem_channel[2].
 pub fn eval_packed<P: PackedField>(
     lv: &CpuColumnsView<P>,
     yield_constr: &mut ConstraintConsumer<P>,
@@ -33,7 +33,7 @@ pub fn eval_packed<P: PackedField>(
 }
 
 /// Circuit version of `eval_packed`.
-/// Evaluates constriants to check the modulus in mem_channel[2].
+/// Evaluates constraints to check the modulus in mem_channel[2].
 pub fn eval_ext_circuit<F: RichField + Extendable<D>, const D: usize>(
     builder: &mut plonky2::plonk::circuit_builder::CircuitBuilder<F, D>,
     lv: &CpuColumnsView<ExtensionTarget<D>>,

evm/src/cpu/stack.rs

@@ -75,7 +75,7 @@ pub(crate) const JUMPDEST_OP: StackBehavior = StackBehavior {
 
 // AUDITORS: If the value below is `None`, then the operation must be manually checked to ensure
 // that every general-purpose memory channel is either disabled or has its read flag and address
-// propertly constrained. The same applies  when `disable_other_channels` is set to `false`,
+// properly constrained. The same applies  when `disable_other_channels` is set to `false`,
 // except the first `num_pops` and the last `pushes as usize` channels have their read flag and
 // address constrained automatically in this file.
 pub(crate) const STACK_BEHAVIORS: OpsColumnsView<Option<StackBehavior>> = OpsColumnsView {

evm/src/curve_pairings.rs

@@ -370,7 +370,7 @@ const BN_EXP: [bool; 253] = [
     false,
 ];
 
-// The folowing constants are defined above get_custom_powers
+// The following constants are defined above get_custom_powers
 
 const BN_EXPS4: [(bool, bool, bool); 64] = [
     (true, true, false),

evm/src/proof.rs

@@ -53,7 +53,7 @@ pub struct PublicValues {
     pub trie_roots_before: TrieRoots,
     /// Trie hashes after the execution of the local state transition.
     pub trie_roots_after: TrieRoots,
-    /// Block metadata: it remains unchanged withing a block.
+    /// Block metadata: it remains unchanged within a block.
     pub block_metadata: BlockMetadata,
     /// 256 previous block hashes and current block's hash.
     pub block_hashes: BlockHashes,
@@ -161,7 +161,7 @@ pub struct PublicValuesTarget {
     pub trie_roots_before: TrieRootsTarget,
     /// Trie hashes after the execution of the local state transition.
     pub trie_roots_after: TrieRootsTarget,
-    /// Block metadata: it remains unchanged withing a block.
+    /// Block metadata: it remains unchanged within a block.
     pub block_metadata: BlockMetadataTarget,
     /// 256 previous block hashes and current block's hash.
     pub block_hashes: BlockHashesTarget,

evm/src/prover.rs

@@ -468,7 +468,7 @@ where
         "Opening point is in the subgroup."
     );
 
-    // Compute all openings: evaluate all commited polynomials at `zeta` and, when necessary, at `g * zeta`.
+    // Compute all openings: evaluate all committed polynomials at `zeta` and, when necessary, at `g * zeta`.
     let openings = StarkOpeningSet::new(
         zeta,
         g,

field/src/arch/x86_64/avx2_goldilocks_field.rs

@@ -425,7 +425,7 @@ unsafe fn add_small_64s_64_s(x_s: __m256i, y: __m256i) -> __m256i {
     // 0xffffffff and the addition of the low 32 bits generated a carry. This can never occur if y
     // <= 0xffffffff00000000: if y >> 32 = 0xffffffff, then no carry can occur.
     let mask = _mm256_cmpgt_epi32(x_s, res_wrapped_s); // -1 if overflowed else 0.
-                                                       // The mask contains 0xffffffff in the high 32 bits if wraparound occured and 0 otherwise.
+                                                       // The mask contains 0xffffffff in the high 32 bits if wraparound occurred and 0 otherwise.
     let wrapback_amt = _mm256_srli_epi64::<32>(mask); // -FIELD_ORDER if overflowed else 0.
     let res_s = _mm256_add_epi64(res_wrapped_s, wrapback_amt);
     res_s
@@ -442,7 +442,7 @@ unsafe fn sub_small_64s_64_s(x_s: __m256i, y: __m256i) -> __m256i {
     // 0xffffffff and the subtraction of the low 32 bits generated a borrow. This can never occur if
     // y <= 0xffffffff00000000: if y >> 32 = 0xffffffff, then no borrow can occur.
     let mask = _mm256_cmpgt_epi32(res_wrapped_s, x_s); // -1 if underflowed else 0.
-                                                       // The mask contains 0xffffffff in the high 32 bits if wraparound occured and 0 otherwise.
+                                                       // The mask contains 0xffffffff in the high 32 bits if wraparound occurred and 0 otherwise.
     let wrapback_amt = _mm256_srli_epi64::<32>(mask); // -FIELD_ORDER if underflowed else 0.
     let res_s = _mm256_sub_epi64(res_wrapped_s, wrapback_amt);
     res_s

plonky2/src/hash/arch/aarch64/poseidon_goldilocks_neon.rs

@@ -89,7 +89,7 @@ unsafe fn add_with_wraparound(a: u64, b: u64) -> u64 {
         adj = lateout(reg) adj,
         options(pure, nomem, nostack),
     );
-    res + adj // adj is EPSILON if wraparound occured and 0 otherwise
+    res + adj // adj is EPSILON if wraparound occurred and 0 otherwise
 }
 
 /// Subtraction of a and (b >> 32) modulo ORDER accounting for wraparound.
@@ -152,7 +152,7 @@ unsafe fn multiply(x: u64, y: u64) -> u64 {
 // ==================================== STANDALONE CONST LAYER =====================================
 
 /// Standalone const layer. Run only once, at the start of round 1. Remaining const layers are fused
-/// with the preceeding MDS matrix multiplication.
+/// with the preceding MDS matrix multiplication.
 /*
 #[inline(always)]
 #[unroll_for_loops]

plonky2/src/hash/arch/x86_64/poseidon_goldilocks_avx2_bmi2.rs

@@ -18,7 +18,7 @@ use crate::util::branch_hint;
 
 const WIDTH: usize = 12;
 
-// These tranformed round constants are used where the constant layer is fused with the preceeding
+// These transformed round constants are used where the constant layer is fused with the preceding
 // MDS layer. The FUSED_ROUND_CONSTANTS for round i are the ALL_ROUND_CONSTANTS for round i + 1.
 // The FUSED_ROUND_CONSTANTS for the very last round are 0, as it is not followed by a constant
 // layer. On top of that, all FUSED_ROUND_CONSTANTS are shifted by 2 ** 63 to save a few XORs per
@@ -183,10 +183,10 @@ unsafe fn const_layer(
     // occur if all round constants are < 0xffffffff00000001 = ORDER: if the high bits are
     // 0xffffffff, then the low bits are 0, so the carry bit cannot occur. So this trick is valid
     // as long as all the round constants are in canonical form.
-    // The mask contains 0xffffffff in the high doubleword if wraparound occured and 0 otherwise.
+    // The mask contains 0xffffffff in the high doubleword if wraparound occurred and 0 otherwise.
     // We will ignore the low doubleword.
     let wraparound_mask = map3!(_mm256_cmpgt_epi32, state_s, res_maybe_wrapped_s);
-    // wraparound_adjustment contains 0xffffffff = EPSILON if wraparound occured and 0 otherwise.
+    // wraparound_adjustment contains 0xffffffff = EPSILON if wraparound occurred and 0 otherwise.
     let wraparound_adjustment = map3!(_mm256_srli_epi64::<32>, wraparound_mask);
     // XOR commutes with the addition below. Placing it here helps mask latency.
     let res_maybe_wrapped = map3!(_mm256_xor_si256, res_maybe_wrapped_s, rep sign_bit);
@@ -939,7 +939,7 @@ pub unsafe fn poseidon(state: &[GoldilocksField; 12]) -> [GoldilocksField; 12] {
     let state = load_state(state);
 
     // The first constant layer must be done explicitly. The remaining constant layers are fused
-    // with the preceeding MDS layer.
+    // with the preceding MDS layer.
     let state = const_layer(state, &ALL_ROUND_CONSTANTS[0..WIDTH].try_into().unwrap());
 
     let state = half_full_rounds(state, 0);