b4ac1a1d5f ci: Run valgrind/memcheck tasks with 2 CPUs (Tim Ruffing)
e70acab601 ci: Use Cirrus "greedy" flag to use idle CPU time when available (Tim Ruffing)
d07e30176e ci: Update brew on macOS (Tim Ruffing)
22382f0ea0 ci: Test different ecmult window sizes (Tim Ruffing)
26a022a3a0 ci: Remove STATICPRECOMPUTATION (Tim Ruffing)
10461d8bd3 precompute_ecmult: Always compute all tables up to default WINDOW_G (Tim Ruffing)
Pull request description:
ACKs for top commit:
elichai:
utACK b4ac1a1d5f
jonasnick:
ACK b4ac1a1d5f
Tree-SHA512: b283d7b1c72cf87484de1fe98318298698fe9982dc33389eaca62e92318ab0074c183b9799add274f46358032491fee875e5ffb2a76a47f3b07520b850f4c85e
1287786c7a doc: Add comment to top of field_10x26_impl.h (Elliott Jin)
58da5bd589 doc: Fix upper bounds + cleanup in field_5x52_impl.h comment (Elliott Jin)
Pull request description:
When reviewing #816 I noticed the upper bounds in the comment at the top of `field_5x52_impl.h` were off by 1 (see `fe_verify`). This PR fixes the upper bounds and also cleans up the comment along the way.
ACKs for top commit:
real-or-random:
ACK 1287786c7a
Tree-SHA512: 4b7dadc92451ab1ceb5a547a3101ff37f3ffd0645490563f1f3442ea8d6219f100ed914289d22435c4172d190fa1ff52e37e4464132bb3f9bbcc338488227f7b
22d25c8e0a Add another ecmult_multi test (Pieter Wuille)
Pull request description:
ACKs for top commit:
jonasnick:
ACK 22d25c8e0a
Tree-SHA512: e1394fa1708e65a66d4b324cca60dd49c67e37b23b7da2a3ff0db7a2a25c23976cb03b96a8c8584ee81aaec559feb84fb113dff2e2ebf89110ed466a4a6b158b
The preinstalled brew is very old and tries to download prebuilt bottles
from a server which is no longer available. Because that will fail, brew
falls back to building our dependencies (e.g., autotools) from source,
which takes very long.
This commit makes sure that brew is updated before we start the build.
We also need to remove the `--shallow` argument from `brew tap`. It
doesn't exist in recent brew versions.
515e7953ca Improve checks at top of _fe_negate methods (Peter Dettman)
Pull request description:
In theory we could have a single static assertion that would ensure all of these are always true (for any magnitude up to the limit), but I think this small redundancy is clearer.
ACKs for top commit:
sipa:
utACK 515e7953ca
real-or-random:
ACK 515e7953ca bounds hold by inspection and by robot-dreams's script
Tree-SHA512: c33e47e186b37ca0b4e8d23712f8e5ab0c113024a0229fc6ce63b8cbad21bddbecc0c50029721a1fb3376b2d1da678c1ddb69c5ae971d84ddb7993c755867da4
e05da9e480 Fix c++ build (Pieter Wuille)
c45386d994 Cleanup preprocessor indentation in precompute{,d}_ecmult{,_gen} (Pieter Wuille)
19d96e15f9 Split off .c file from precomputed_ecmult.h (Pieter Wuille)
1a6691adae Split off .c file from precomputed_ecmult_gen.h (Pieter Wuille)
bb36331412 Simplify precompute_ecmult_print_* (Pieter Wuille)
38cd84a0cb Compute ecmult tables at runtime for tests_exhaustive (Pieter Wuille)
e458ec26d6 Move ecmult table computation code to separate file (Pieter Wuille)
fc1bf9f15f Split ecmult table computation and printing (Pieter Wuille)
31feab053b Rename function secp256k1_ecmult_gen_{create_prec -> compute}_table (Pieter Wuille)
725370c3f2 Rename ecmult_gen_prec -> ecmult_gen_compute_table (Pieter Wuille)
075252c1b7 Rename ecmult_static_pre_g -> precomputed_ecmult (Pieter Wuille)
7cf47f72bc Rename ecmult_gen_static_prec_table -> precomputed_ecmult_gen (Pieter Wuille)
f95b8106d0 Rename gen_ecmult_static_pre_g -> precompute_ecmult (Pieter Wuille)
bae77685eb Rename gen_ecmult_gen_static_prec_table -> precompute_ecmult_gen (Pieter Wuille)
Pull request description:
This PR implements a number of changes to follow up after merging #988:
* Naming consistency:
* All precomputed table files now have name `precomputed_*.*`
* All source files related to the creation of the precomputed table files have name `precompute_*.*`.
* All source files related to the computation of tables (whether they go in precomputed files or not) have name `*_compute_table.*`.
* Make the tables for exhaustive tests be computed at runtime rather than compile time (this was already the case for ecmult_gen, but not ecmult). This is a preparation for the next point, as the alternative would be to have separate precomputed libraries for the exhaustive tests and other binaries.
* Moves the actual tables to separate `precomputed_*.c` files, which are compiled only once as part of a new `libsecp256k1_precomputed.la`, included where relevant. The corresponding `precomputed_*.h` file are normal source files.
Retry of #1041.
ACKs for top commit:
real-or-random:
ACK e05da9e480
jonasnick:
ACK e05da9e480
Tree-SHA512: 71eadd66e30e511b786e910755e0eda53330dfa163b37e33602c3392f7b893569f56d3ca9870e85cbb3de83880fc5aef61ac3d55d759d7395086a69023f13f03
7dfceceea6 build: Remove #undef hack for ASM in the precomputation programs (Tim Ruffing)
bb36fe9be0 ci: Test `make precomp` (Tim Ruffing)
d94a37a20c build: Remove CC_FOR_BUILD stuff (Tim Ruffing)
ad63bb4c29 build: Prebuild and distribute ecmult_gen table (Tim Ruffing)
ac49361ed0 prealloc: Get rid of manual memory management for prealloc contexts (Tim Ruffing)
6573c08f65 ecmult_gen: Tidy precomputed file and save space (Tim Ruffing)
5eba83f17c ecmult_gen: Precompute tables for all values of ECMULT_GEN_PREC_BITS (Tim Ruffing)
fdb33dd122 refactor: Make PREC_BITS a parameter of ecmult_gen_build_prec_table (Tim Ruffing)
a4875e30a6 refactor: Move default callbacks to util.h (Tim Ruffing)
4c94c55bce doc: Remove obsolete hint for valgrind stack size (Tim Ruffing)
5106226991 exhaustive_tests: Fix with ecmult_gen table with custom generator (Tim Ruffing)
e1a76530db refactor: Make generator a parameter of ecmult_gen_create_prec_table (Tim Ruffing)
9ad09f6911 refactor: Rename program that generates static ecmult_gen table (Tim Ruffing)
8ae18f1ab3 refactor: Rename file that contains static ecmult_gen table (Tim Ruffing)
00d2fa116e ecmult_gen: Make code consistent with comment (Tim Ruffing)
3b0c2185ea ecmult_gen: Simplify ecmult_gen context after making table static (Tim Ruffing)
e43ba02cfc refactor: Decouple table generation and ecmult_gen context (Tim Ruffing)
22dc2c0a0d ecmult_gen: Move table creation to new file and force static prec (Tim Ruffing)
Pull request description:
This resolves#893, resolves#692 (and also resolvesbitcoin/bitcoin#22854).
- [x] Extract table generation to separate function in separate file (to be used by generation script and exhaustive tests)
- [x] Tidy up
- [x] Remove code that deals with non-static tables
- [x] Make functions that need ecmult_gen not depend on signing context
- [x] Rename stuff to make it fit the new structure and consistent with how we hande verification tables (#956)
- [x] Fix exhaustive tests
- [x] Make table generation function take generator as input
- [x] Overwrite the static tables with a table with custom generator in exhaustive tests
- [x] Overhaul script that generates table files
- [x] Make table generation function take PREC_BITS as input (I have some code already, just not yet in this branch)
- [x] Change generation script to generate three tables (for all three values of ECMULT_GEN_PREC_BITS)
- [x] Ship pre-built tables
- [x] Add pregenerated table file to repo
- [x] Remove generation of table file from build process (like in #956)
- [x] Remove left-over stuff (e.g., detecting a compiler running on the build machine) from build system
- [x] Final cleanups (copyright headers, commit, messages, etc.)
- [ ] (separate PR:) Make sure link-time optimization remove corresponding static tables (and code) when no signing/verifcation function is called
- [ ] (separate PR:) Compile precomputation as a separate object file and link it (https://github.com/bitcoin-core/secp256k1/pull/988#issuecomment-977813538)
- [ ] (separate PR:) Document the backwards-compatible API changes made in this PR and in #956.
- [ ] Maybe deprecate the static context
ACKs for top commit:
sipa:
ACK 7dfceceea6
robot-dreams:
ACK 7dfceceea6 (based on range-diff between 56284c7d44c0ed46e636588bfbf6c403b7dfa6c1 and 7dfceceea6)
Tree-SHA512: 6efb3f36f05efe3b79bbd877881fe1409f71fd6488d24c811b2e77d9f053bed78670dd1dcbb42ad780458a51c4ffa36de9cd6567271b22041dc7a122ceb677c5
This was necessary because we used to cross-compile the library but
compile the precomputation programs for the build host. Now it's no
longer necessary and we can cleanly link even the external ASM
(which was the intent of #935).
On the way, remove an obsolete "-I" parameter.
- Improve Makefile.am for both prebuilt tables files
- On the way, tidy EXTRA_DIST: Move the header files to noinst_HEADERS,
where they conceptually belong, and add missing SECURITY.md to EXTRA_DIST
099bad945e Comment and check a parameter for inf in secp256k1_ecmult_const. (Russell O'Connor)
6c0be857f8 Verify that secp256k1_ge_set_gej_zinv does not operate on infinity. a->x and a->y should not be used if the infinity flag is set. (Russell O'Connor)
Pull request description:
a->x and a->y should not be used if the infinity flag is set.
ACKs for top commit:
robot-dreams:
ACK 099bad945e
real-or-random:
ACK 099bad945e I inspected all call sites, they all ensure that a is not infinity
Tree-SHA512: 495fcfe4ec4cacb3fc64bd5d04ecc67ab34f6b63666c6169d473abfd63c2041bc501a9a60d817566517435b986406ea2b7db3f5806043cecf30e214eba9892e9
5eb519e1f6 ci: reduce TEST_ITERS in memcheck run (Pieter Wuille)
e2cf77328a Test ecmult functions for all i*2^j for j=0..255 and odd i=1..255. (Pieter Wuille)
Pull request description:
Instead of just testing properties of the points xG for x=-36..36:
* also compute all xG where x=j*2^i for i=0..255 and odd j=1..255.
* test them against known exact results (SHA256 all of them, and compared against an independently created result)
* test all 4 ecmult functions (and for secp256k1_ecmult and secp256k1_ecmult_multi_var, both as G, and through the generic point input)
ACKs for top commit:
real-or-random:
ACK 5eb519e1f6
jonasnick:
ACK 5eb519e1f6
Tree-SHA512: 5d3fcbff754e859ba27d4f4581fa91fafb450fa3f7880364667dba51287e7f02f489af19b9de6a6e0f52faa183c0c7ae46db6add05180c3d4f45a6557b00c0ed
c0cd7de6d4 build: add -no-undefined to libtool LDFLAGS (fanquake)
fe32a79d35 build: pass win32-dll to LT_INIT (fanquake)
Pull request description:
This takes care of two of the outstanding issues in #923. One being initializing libtool with `win32-dll` and the other being the addition of `-no-undefined` to the libtool LDFLAGS. See each commit for more details.
Builders cross-compiling for Windows (including Core) will no-longer see:
```bash
libtool: warning: undefined symbols not allowed in x86_64-w64-mingw32 shared libraries; building static only
```
I'm planning on making some related changes downstream.
ACKs for top commit:
sipa:
utACK c0cd7de6d4. We indeed have done the work to propertly mark exported symbols, and AFAIK have no imported symbols apart from standard library ones.
real-or-random:
ACK c0cd7de6d4
hebasto:
ACK c0cd7de6d4
Tree-SHA512: 6756bc88ac439a27117a1341d82a801cef70354a9e7a563592ab3ac7298fbefdaa0a2c410ea3fba8953d53f254c449dc491069f30468db12791027a65dd02f80
592661c22f ci: move test environment variable declaration to .cirrus.yml (siv2r)
dcbe84b841 bench: add --help option to bench. (siv2r)
Pull request description:
Fixes#1005
**Changes:**
- added `--help` option to `bench.c`
- `help()` function prints the help to command-line
- `have_invalid_args()` checks if the user has entered an invalid argument
- moved `secp256k1_bench_iters` and `secp256k1_test_iters` environment variables declaration to `.cirrus.yml`
ACKs for top commit:
sipa:
utACK 592661c22f
real-or-random:
ACK 592661c22f
Tree-SHA512: ebc6a2e6e47b529212efa1c9b75cc79649fca7f42aa75ce46502db24ac94f46b6cef59c828d13265d1fa69187a81c140d1951e7daeb7c8e008a6c1ad75259741
Jonas Nick
Tim Ruffing
Elliott Jin
Pieter Wuille
Peter Dettman
siv2r