ct: Use volatile "trick" in all fe/scalar cmov implementations #1257

pull real-or-random wants to merge 1 commits into bitcoin-core:master from real-or-random:20230401-volatile-cmov changing 5 files +14 −7
  1. real-or-random commented at 7:04 AM on April 1, 2023: contributor

    Apparently clang 15 is able to compile our cmov code into a branch, at least for fe_cmov and fe_storage_cmov. This commit makes the condition volatile in all cmov implementations (except ge but that one only calls into the fe impls).

    This is just a quick fix. We should still look into other methods, e.g., asm and #457. We should also consider not caring about constant-time in scalar_low_impl.h

    We should also consider testing on very new compilers in nightly CI, see #864 (comment)

  2. ct: Use volatile "trick" in all fe/scalar cmov implementations
    Apparently clang 15 is able to compile our cmov code into a branch,
at least for fe_cmov and fe_storage_cmov. This commit makes the
condition volatile in all cmov implementations (except ge but that
one only calls into the fe impls).

This is just a quick fix. We should still look into other methods,
e.g., asm and #457. We should also consider not caring about
constant-time in scalar_low_impl.h

We should also consider testing on very new compilers in nightly CI,
see https://github.com/bitcoin-core/secp256k1/pull/864#issuecomment-769211867
    4a496a36fb
  3. jonasnick approved
  4. jonasnick commented at 11:49 AM on April 3, 2023: contributor

    ACK 4a496a36fb07d6cc8c99e591994f4ce0c3b1174c

    I can reproduce the issue in master with clang 15 and that this PR fixes it.

  5. sipa commented at 1:37 AM on April 6, 2023: contributor

    Code review ACK

  6. real-or-random merged this on Apr 6, 2023
  7. real-or-random closed this on Apr 6, 2023
  8. sipa referenced this in commit e1552d578e on Apr 11, 2023
  9. sipa referenced this in commit c981671e9b on Apr 14, 2023
  10. hebasto referenced this in commit 49c52ea2b1 on May 13, 2023
  11. RandyMcMillan referenced this in commit 3cc75121b3 on May 27, 2023
  12. vmta referenced this in commit e1120c94a1 on Jun 4, 2023
  13. vmta referenced this in commit 8f03457eed on Jul 1, 2023
  14. delta1 referenced this in commit 3f32c20932 on Aug 8, 2023
  15. delta1 referenced this in commit 31ac0c1081 on Aug 31, 2023
  16. janus referenced this in commit 05145db5ff on Sep 3, 2023
  17. backpacker69 referenced this in commit e66b1bd882 on Mar 5, 2024
  18. div72 referenced this in commit af627d47c3 on Apr 12, 2025
  19. Fabcien referenced this in commit 6b92961820 on May 27, 2025
  20. Fabcien referenced this in commit 7adfed3998 on May 28, 2025
  21. str4d referenced this in commit f634fc6004 on Jun 4, 2025
Contributors
real-or-randomjonasnicksipa
Linked (view graph)
#457 Alternative cmov implementation#864 Add support for Cirrus CI#1303 ct: Use more volatile
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin-core/secp256k1. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-05-19 06:52 UTC