Attempting changes.

lvella · lvella · commit 0ee1f1f0fc86 · 2025-03-03T19:54:06.000-03:00
diff --git a/riscv/src/large_field/runtime.rs b/riscv/src/large_field/runtime.rs
@@ -283,10 +283,11 @@ impl Runtime {
             None,
             "poseidon2_gl",
             vec!["memory", "MIN_DEGREE", "LARGE_SUBMACHINES_MAX_DEGREE"],
-            [r#"instr poseidon2_gl X, Y
+            [r#"instr poseidon2_gl X, Y, Z
                     link ~> tmp1_col = regs.mload(X, STEP)
                     link ~> tmp2_col = regs.mload(Y, STEP + 1)
-                    link ~> poseidon2_gl.poseidon2_permutation(tmp1_col, tmp2_col, STEP)
+                    link ~> tmp?_col = regs.mload(Z, STEP + 2)
+                    link ~> poseidon2_gl.permute(tmp1_col, STEP, tmp2_col, STEP + 1, tmp?_col)
                 {
                     // make sure tmp1_col and tmp2_col are aligned memory addresses
                     tmp3_col * 4 = tmp1_col,
@@ -307,7 +308,7 @@ impl Runtime {
                 r#"instr split_gl_vec X, Y
                     link ~> tmp1_col = regs.mload(X, STEP)
                     link ~> tmp2_col = regs.mload(Y, STEP + 1)
-                    link ~> split_gl_vec.split(tmp1_col, tmp2_col, STEP + 2)
+                    link ~> split_gl_vec.split(tmp1_col, tmp2_col, STEP)
                 {
                     // make sure tmp1_col and tmp2_col are aligned memory addresses
                     tmp3_col * 4 = tmp1_col,
@@ -343,7 +344,7 @@ impl Runtime {
         // they can overlap.
         self.add_syscall(
             Syscall::Poseidon2GL,
-            std::iter::once("poseidon2_gl 10, 11;".to_string()),
+            std::iter::once(format!("{} 10, 11, 12;", Syscall::Poseidon2GL.name())),
         );
 
         self.add_syscall(
diff --git a/std/machines/hash/poseidon2_gl.asm b/std/machines/hash/poseidon2_gl.asm
@@ -1,6 +1,7 @@
 use std::array;
 use std::check::assert;
 use std::utils::unchanged_until;
+use std::utils::new_bool;
 use std::utils::force_bool;
 use std::utils::sum;
 use std::convert::expr;
@@ -19,8 +20,8 @@ use super::poseidon2_common::poseidon2;
 // state size of 8 field elements instead of 12, matching Plonky3's implementation.
 //
 // This machine assumes each memory word contains a full field element, and it
-// writes one field element per memory word. Use SplitGLVec8 to split the output
-// into 32-bit words. 
+// writes one field element per memory word. Use SplitGLVec4 to split the output
+// into 32-bit words.
 machine Poseidon2GL(mem: Memory) with
     latch: latch,
     // Allow this machine to be connected via a permutation
@@ -33,19 +34,32 @@ machine Poseidon2GL(mem: Memory) with
     // The input data is passed via a memory pointer: the machine will read STATE_SIZE
     // field elements from memory.
     //
-    // Similarly, the output data is written to memory at the provided pointer.
+    // Similarly, the output data is written to memory at the provided pointer. We don't
+    // have any use for writing the full state as output, so depending on the operation,
+    // it will either write the first half of the state (used in sponge squeeze) or the
+    // second half (used in sponge absorb and on merkle tree compression).
     //
-    // Reads happen at the provided time step; writes happen at the next time step.
+    // Memory reads happen at input_time_step and memory writes happens at output_time_step.
     //
     // The addresses must be multiple of 4.
-    operation poseidon2_permutation
+    //
+    // This operation can output any combination of the first and second half of the final
+    // state, depending on the value of output_halves:
+    //  0: no output
+    //  1: first half
+    //  2: second half
+    //  3: the entire state
+    operation permute
         input_addr,
+        input_time_step,
         output_addr,
-        time_step ->;
+        output_time_step,
+        output_halves ->;
 
     let latch = 1;
 
-    let time_step;
+    let input_time_step;
+    let output_time_step;
 
     // Poseidon2 parameters, compatible with our powdr-plonky3 implementation.
     //
@@ -120,14 +134,14 @@ machine Poseidon2GL(mem: Memory) with
     let input: col[STATE_SIZE];
 
     // TODO: when link is available inside functions, we can turn this into array operations.
-    link if is_used ~> input[0] = mem.mload(input_addr + 0, time_step);
-    link if is_used ~> input[1] = mem.mload(input_addr + 4, time_step);
-    link if is_used ~> input[2] = mem.mload(input_addr + 8, time_step);
-    link if is_used ~> input[3] = mem.mload(input_addr + 12, time_step);
-    link if is_used ~> input[4] = mem.mload(input_addr + 16, time_step);
-    link if is_used ~> input[5] = mem.mload(input_addr + 20, time_step);
-    link if is_used ~> input[6] = mem.mload(input_addr + 24, time_step);
-    link if is_used ~> input[7] = mem.mload(input_addr + 28, time_step);
+    link if is_used ~> input[0] = mem.mload(input_addr + 0, input_time_step);
+    link if is_used ~> input[1] = mem.mload(input_addr + 4, input_time_step);
+    link if is_used ~> input[2] = mem.mload(input_addr + 8, input_time_step);
+    link if is_used ~> input[3] = mem.mload(input_addr + 12, input_time_step);
+    link if is_used ~> input[4] = mem.mload(input_addr + 16, input_time_step);
+    link if is_used ~> input[5] = mem.mload(input_addr + 20, input_time_step);
+    link if is_used ~> input[6] = mem.mload(input_addr + 24, input_time_step);
+    link if is_used ~> input[7] = mem.mload(input_addr + 28, input_time_step);
 
     // Generate the Poseidon2 permutation
     let output = poseidon2(
@@ -143,16 +157,25 @@ machine Poseidon2GL(mem: Memory) with
         input,
     );
 
-    // Write the output to memory at the next time step
-    let output_addr;
+    // Decide which halves to output:
+    let output_halves;
+    let output_first_half = new_bool();
+    let output_second_half = new_bool();
+    output_halves = output_first_half + 2 * output_second_half;
 
-    // TODO: turn this into array operations
-    link if is_used ~> mem.mstore(output_addr + 0, time_step + 1, output[0]);
-    link if is_used ~> mem.mstore(output_addr + 4, time_step + 1, output[1]);
-    link if is_used ~> mem.mstore(output_addr + 8, time_step + 1, output[2]);
-    link if is_used ~> mem.mstore(output_addr + 12, time_step + 1, output[3]);
-    link if is_used ~> mem.mstore(output_addr + 16, time_step + 1, output[4]);
-    link if is_used ~> mem.mstore(output_addr + 20, time_step + 1, output[5]);
-    link if is_used ~> mem.mstore(output_addr + 24, time_step + 1, output[6]);
-    link if is_used ~> mem.mstore(output_addr + 28, time_step + 1, output[7]);
+    // TODO: turn these into array operations:
+
+    // Write the first half of the output
+    let output_addr;
+    link if is_used * output_first_half ~> mem.mstore(output_addr + 0, output_time_step, output[0]);
+    link if is_used * output_first_half ~> mem.mstore(output_addr + 4, output_time_step, output[1]);
+    link if is_used * output_first_half ~> mem.mstore(output_addr + 8, output_time_step, output[2]);
+    link if is_used * output_first_half ~> mem.mstore(output_addr + 12, output_time_step, output[3]);
+
+    // Write the second half of the output
+    let second_half_addr = output_addr + 16 * output_first_half;
+    link if is_used * output_second_half ~> mem.mstore(second_half_addr + 0, output_time_step, output[4]);
+    link if is_used * output_second_half ~> mem.mstore(second_half_addr + 4, output_time_step, output[5]);
+    link if is_used * output_second_half ~> mem.mstore(second_half_addr + 8, output_time_step, output[6]);
+    link if is_used * output_second_half ~> mem.mstore(second_half_addr + 12, output_time_step, output[7]);
 }
diff --git a/std/machines/hash/poseidon_bb.asm b/std/machines/hash/poseidon_bb.asm
@@ -2,7 +2,6 @@ use std::array;
 use std::check::assert;
 use std::utils::unchanged_until;
 use std::utils::force_bool;
-use std::utils::new_bool;
 use std::utils::sum;
 use std::convert::expr;
 use std::machines::small_field::memory::Memory;
diff --git a/test_data/std/poseidon2_gl_test.asm b/test_data/std/poseidon2_gl_test.asm
@@ -16,17 +16,18 @@ machine Main with degree: main_degree {
     reg ADDR1[<=];
     reg ADDR2[<=];
 
-    // Increase the time step by 2 in each row, so that the poseidon machine
+    // Increase the time step by 4 in each row, so that the poseidon machine
     // can read in the given time step and write in the next time step.
-    col fixed STEP(i) { 2 * i };
+    col fixed STEP(i) { 4 * i };
     Byte2 byte2;
     Memory memory(byte2, memory_degree, memory_degree);
 
     instr mstore ADDR1, X1 ->
         link ~> memory.mstore(ADDR1, STEP, X1);
 
     Poseidon2GL poseidon2(memory, poseidon2_degree, poseidon2_degree);
-    instr poseidon2 ADDR1, ADDR2 -> link ~> poseidon2.poseidon2_permutation(ADDR1, ADDR2, STEP);
+    instr poseidon2 ADDR1, ADDR2, X1 ->
+        link ~> poseidon2.permute(ADDR1, STEP, ADDR2, STEP + 2, X1);
 
     col witness val;
     instr assert_eq ADDR1, X1 ->
@@ -50,7 +51,24 @@ machine Main with degree: main_degree {
         mstore 24, 0;
         mstore 28, 0;
 
-        poseidon2 0, 0;
+        // Test only second half output
+        poseidon2 0, 100, 2;
+    
+        assert_eq 100, 5905145432652609062;
+        assert_eq 104, 9814446752588696081;
+        assert_eq 108, 13759450385053274731;
+        assert_eq 112, 2402148582355896469;
+
+        // Test only first half output
+        poseidon2 0, 100, 1;
+
+        assert_eq 100, 14905565590733827480;
+        assert_eq 104, 640905753703258831;
+        assert_eq 108, 4579128623722792381;
+        assert_eq 112, 158153743058056413;
+
+        // Test full state output
+        poseidon2 0, 0, 3;
 
         assert_eq 0, 14905565590733827480;
         assert_eq 4, 640905753703258831;
@@ -72,7 +90,7 @@ machine Main with degree: main_degree {
         mstore 24, 1;
         mstore 28, 1;
 
-        poseidon2 0, 0;
+        poseidon2 0, 0, 3;
 
         assert_eq 0, 18201552556563266798;
         assert_eq 4, 6814935789744812745;
@@ -94,7 +112,7 @@ machine Main with degree: main_degree {
         mstore 24, 0xffffffff00000000;
         mstore 28, 0xffffffff00000000;
 
-        poseidon2 0, 0;
+        poseidon2 0, 0, 3;
 
         assert_eq 0, 13601391594672984423;
         assert_eq 4, 7799837486760213030;
@@ -116,7 +134,7 @@ machine Main with degree: main_degree {
         mstore 24, 1456 * 2**32 + 1394942011;
         mstore 28, 2087;
 
-        poseidon2 0, 0;
+        poseidon2 0, 0, 3;
 
         assert_eq 0, 14498150941209346562;
         assert_eq 4, 8038616707062714447;
@@ -138,7 +156,7 @@ machine Main with degree: main_degree {
         mstore 124, 0;
         mstore 128, 0;
 
-        poseidon2 100, 104;
+        poseidon2 100, 104, 3;
 
         assert_eq 104, 14905565590733827480;
         assert_eq 108, 640905753703258831;
