jets-bench: fix multiple issues with Ctx8 encoding

[apoelstra]

• changes var_len_buf_from_slice to interpret its n such that it's reading the type (2^8)^<2^n rather than (2^8)^<2^(n+1); subtract 1 from all instances of n except the loop counter. (Previously we were looping the wrong number of times, which this fixes.)
• calls var_len_buf_from_slice with n = 6, which matches the type signature for Ctx8. Before we were calling with n = 8 which was just wrong
• Changes SimplicityCtx8::buffer to have type [u8; 64] instead of the wrong [u8; 512]
• Changes the nonsense "v.len() >= 1 << n" comparison to one that checks the bits of v.len()
• Corrects various off-by-one errors

See #318 for more information.

Fixes #318

[apoelstra]

On 0d4c323 successfully ran local tests

[roconnor-blockstream]

Why the reduction on the limit of n down from 16 to 8?

[apoelstra]

@roconnor-blockstream because I replaced n+1 with n.

[apoelstra]

If the 8 is wrong now, the 16 was wrong before. (Which now that I think about it, is likely to be the case.)

[roconnor-blockstream]

You can verify that if 0 <= n < 16 was the restriction for when the rule was Read bytes from a Simplicity buffer of type (TWO^8)^<2^(n+1) as Value., then performing then the substitution replacing n+1 with n’ yields the following math

0 <= n < 16
⇔
0 <= (n + 1) - 1< 16
⇔
0 <= n’ - 1< 16
⇔
1 <= n’ < 17
⇔
1 <= n’ <= 16.

Indeed n’ <= 16 is the assertion I think you should be using.

Also the comment

Cannot represent >= 2**16 bytes […] as simplicity consensus rule.

is incorrect; this is not a consensus rule. This comes from

https://github.com/BlockstreamResearch/simplicity/blob/ba440a0999da8b06f2be4a0f337f52a3c7f355ba/C/frame.c#L92-L116

where simplicity_read_buffer8 only handles up to 16. However this isn't a consensus rule. It is simply what I've implemented since that more than enough to implement our set of jets.

[apoelstra]

Updated the comment and the assertion.

[roconnor-blockstream]

Let's just remove this comment entirely or say "n < 16" is a precondition.

P.S. I recommend you adjust the code so that "n <= 16" is the precondition.
Really the only reason not to go to as far as "n <= 32" is that I don't know if 1 << 32 fits in a usize.

[apoelstra]

It will on a 64-bit machine but not on a 32-bit one. (In theory usize could even be 16 bits but probably our code is broken in many cases on such machines.)

[apoelstra]

How about this?

[roconnor-blockstream]

panics if n > 16.

[roconnor-blockstream]

So I'm going to actually recommend that you have precondition that 1 <= n, because 𝟙 is not actually a buffer type, and if people are passing 0 here it is probably a big mistake.

If you strongly disagree then you can keep the code as it is.

[roconnor-blockstream]

Actually I take that back. Arguably 𝟙 is a buffer type for a degenerate empty buffer type. So you can leave the code as is.

[canndrew]

It wasn't immediately obvious what this code was doing, so I had to read the doc comment, write it myself, then compare my code against this. It might've been clearer if while n > 0 was replaced with for i in (0..n).rev() (since the loop is just counting down to zero), plus that means you can get rid of (n - 1) (subtraction on usize always makes me do a double-take) and it changes two_two_n(n + 2) to two_two_n(i + 3) (where + 3 is obviously just a bytes-to-bits conversion).

That's all nit-picking though. Otherwise LGTM.

[apoelstra]

Took @canndrew's suggestions.

[roconnor-blockstream]

n is no longer mutable?

[apoelstra]

oh, oops, I test-compiled the wrong crate. You're right (and the compiler warns about this).

[roconnor-blockstream]

Whew. I was confused why this wasn't noticed by the compiler.

[roconnor-blockstream]

LGTM

[apoelstra]

On 934a787 successfully ran local tests