Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(acir): Attach locations to MemoryOps in ACIR #2389

Merged
merged 8 commits into from
Aug 22, 2023
Merged

Conversation

vezenovm
Copy link
Contributor

@vezenovm vezenovm commented Aug 21, 2023

Description

Problem*

Initial work towards resolving #2133. Pushing for visibility in case we want to merge this now as this does fix reporting for index out of bounds errors from ACVM, but does not fully resolve #2133. Read the summary for more details.

Summary*

I have added reporting for IndexOutOfBounds errors triggered by ACVM. These occur when there is an index out of bounds on a dynamic arrray that uses the MemoryOp ACIR opcode. The reporting essentially extends the work for unsatisfied constrain statements, but I felt a true refactor of how nargo execute handles ACVM errors can be left for another PR.

In order to report the error accurately, a couple other changes had to be made as well. When we were creating MemoryOp's to work with dynamic arrays in ACIR we were pushing to the list of opcodes directly and not attaching location information. I have switched to calling the push_opcode method when adding opcodes that deal with memory. I have also restricted the opcodes field to now be private with the goal to avoid this error in the future. Any opcodes should be included using the push_opcode method that also attaches a location.

A new dynamic_array_index test has been included under compile_failure which will now exit with this:
Screenshot 2023-08-21 at 2 46 38 PM

The new location data has also exposed the actual bug that occurs in #2133. It looks like we are not handling locations correctly during flattening. A smaller reproduced snippet of the storage proof example is provided in the dynamic_array_index. If the dynamic array is accessed with an index out of bounds later after flattening, only the then case of the array merger is shown. For example

    if z == 20 {
        x[0] = x[4];
    } else {
        x[idx] = 10;
        for i in 0..5 {
            x[idx] = x[i];
        }
    }
    // TODO(#2133): This line should be where we show the error
    // but instead it will show x[0] == x[4] as the line where there is an index out of bounds
    assert(x[idx] != 0)

This bug is also seen in the storage proof example, which will return the below output when calling nargo execute:
Screenshot 2023-08-21 at 2 53 15 PM

However, based on the smaller snippet above, it looks to be using the incorrect location, as the array access being reported is within the then case of an if statement:

        if ((i + n) as u32) < (N as u32)
        {
            out[i] = input[i+n];
        }

Documentation

  • This PR requires documentation updates when merged.

    • I will submit a noir-lang/docs PR.
    • I will request for and support Dev Rel's help in documenting this PR.

Additional Context

PR Checklist*

  • I have tested the changes locally.
  • I have formatted the changes with Prettier and/or cargo fmt on default settings.

@vezenovm
Copy link
Contributor Author

However, based on the smaller snippet above, it looks to be using the incorrect location, as the array access being reported is within the then case of an if statement:

I have found the cause of this bug, and it is not due to misplaced location data during SSA, but rather a missing predicate from MemoryOps. I have a fix locally that I will push based off of this branch after I am done testing the changes.

@vezenovm vezenovm requested a review from jfecher August 22, 2023 15:18
@vezenovm
Copy link
Contributor Author

The follow-up PR (#2400) requires a breaking ACVM release so I have re-requested review on this PR as we can merge it in separately.

@vezenovm vezenovm requested a review from jfecher August 22, 2023 17:28
@vezenovm vezenovm added this pull request to the merge queue Aug 22, 2023
Merged via the queue into master with commit d7d7f22 Aug 22, 2023
@vezenovm vezenovm deleted the mv/dyn-array-index branch August 22, 2023 18:58
TomAFrench added a commit that referenced this pull request Aug 22, 2023
* master:
  fix(acir): Attach locations to MemoryOps in ACIR (#2389)
  feat: Use equivalence information from equality assertions to simplify circuit (#2378)
  chore: fix body expr span (#2402)
  feat(attributes): enable custom attributes (#2395)
  chore: Remove `serde` from `noirc_frontend` (#2390)
  chore: allow parenthesizing in two type locations  (#2388)
  chore(ci): automatically delete cache entries associated with closed PRs (#2342)
TomAFrench added a commit that referenced this pull request Aug 23, 2023
* master: (34 commits)
  chore: Decouple `noirc_abi` from frontend by introducing `PrintableType` (#2373)
  feat(brillig): Added locations for brillig artifacts (#2415)
  feat: Report compilation warnings before errors (#2398)
  chore: Rework `CrateGraph` to only have one root crate (#2391)
  chore: clippy fix (#2408)
  chore(deps): bump rustls-webpki from 0.101.1 to 0.101.4 (#2404)
  fix(acir): Attach locations to MemoryOps in ACIR (#2389)
  feat: Use equivalence information from equality assertions to simplify circuit (#2378)
  chore: fix body expr span (#2402)
  feat(attributes): enable custom attributes (#2395)
  chore: Remove `serde` from `noirc_frontend` (#2390)
  chore: allow parenthesizing in two type locations  (#2388)
  chore(ci): automatically delete cache entries associated with closed PRs (#2342)
  feat: Perform more checks for compile-time arithmetic (#2380)
  chore: Remove `noirc_abi::FunctionSignature` and define in terms of HIR (#2372)
  feat: Update to `acvm` 0.22.0 (#2363)
  chore: Update committed ACIR artifacts (#2376)
  feat(ssa): Merge slices in if statements with witness conditions (#2347)
  chore: Separate frontend `Visibility` and `Distinctness` from the ABI (#2369)
  feat: add syntax for specifying function type environments (#2357)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Noir program attempts to read uninitialised memory
2 participants