Convert YASM code to inline assembly #128

pull sipa wants to merge 3 commits into bitcoin-core:master from sipa:inlineasm changing 9 files +514 −590
  1. sipa commented at 3:23 PM on December 2, 2014: contributor
    • Updates the assembly code to use @peterdettman's parallel multiplication algorithm.
    • Convert the YASM code to inline asm blocks.
  2. sipa cross-referenced this on Dec 2, 2014 from issue Portability fixups by luke-jr
  3. gmaxwell commented at 3:28 PM on December 2, 2014: contributor

    Any performance impact?

  4. gmaxwell commented at 3:28 PM on December 2, 2014: contributor

    This is going to be MSVC incompatible. Do we care?

  5. sipa force-pushed on Dec 2, 2014
  6. sipa commented at 3:31 PM on December 2, 2014: contributor

    @gmaxwell Haven't benchmarked yet, but I would be very surprised, as the object code generated from the assembly blocks is identical, except there's one less function call involved (secp256k1_fe_mul_inner is now inlined into secp256k1_fe_mul). @gmaxwell Was the previous code working in MSVC at all?

  7. jgarzik commented at 3:33 PM on December 2, 2014: none

    +1 If the inline asm conditions are properly and fully specified, sometimes the code is slightly more efficient, as the compiler has more information to work with.

  8. gmaxwell commented at 3:38 PM on December 2, 2014: contributor

    Chatter from bitcoin-dev

    07:34 @gmaxwell (MSFT decided that for 64-bit they were not going to support inline asm... apparently windows developers were disrupting msft's portability hopes by needlessly writing too much of their software in ASM.) 07:34 @gmaxwell sipa: yes, assuming someone adds yasm to their msvc setup. 07:34 < sipa> well, if MSFT doesn't like app developers writing ASM, they won't get any ASM... 07:34 @gmaxwell instead they'd have to add GCC to it. :) 07:35 @gmaxwell I am not arguing against it. Just making sure we know and are all okay with it. I certantly am okay with it.

    (I support this, and would have ACKed right away too except it'll take me a bit to review and test)

  9. sipa force-pushed on Dec 2, 2014
  10. sipa force-pushed on Dec 2, 2014
  11. sipa force-pushed on Dec 2, 2014
  12. sipa cross-referenced this on Dec 2, 2014 from issue Rewrite field assembly to match the C version by sipa
  13. sipa force-pushed on Dec 2, 2014
  14. gmaxwell commented at 10:23 AM on December 3, 2014: contributor

    So on a fedora host here, gcc version 4.8.3 20140624 (Red Hat 4.8.3-1) (GCC)

    w/ endomorphism configure: Using field implementation: 64bit_asm configure: Using bignum implementation: gmp configure: Using scalar implementation: 64bit

    bench_sign and bench_verify are segfaulting. The tests pass, however.

    segfault is at 0x0000000000400b59 <+25>: push %rbp 0x0000000000400b5a <+26>: mov %rdx,%r15 0x0000000000400b5d <+29>: mov (%rsi),%r10 0x0000000000400b60 <+32>: mov 0x8(%rsi),%r11 0x0000000000400b64 <+36>: mov 0x10(%rsi),%r12 0x0000000000400b68 <+40>: mov 0x18(%rsi),%r13 0x0000000000400b6c <+44>: mov 0x20(%rsi),%r14 0x0000000000400b70 <+48>: movabs $0x1000003d10,%rbp => 0x0000000000400b7a <+58>: mov (%r15),%rax 0x0000000000400b7d <+61>: mul %r13

    Importantly: the tests crash too if I compile them without -DVERIFY. (I'd kinda worried we'd run into something like this eventually... the verify stuff is stirring the optimizer) Crashes go away at O0.

  15. sipa force-pushed on Dec 3, 2014
  16. sipa commented at 12:50 PM on December 3, 2014: contributor

    @gmaxwell Got it. Apparently, input arguments to the asm block are assumed to not be modified. I've changed the ones that are changed during execution to input/output arguments, which seems to fix the problem.

  17. gmaxwell commented at 7:18 PM on December 3, 2014: contributor

    It's gratitiously incompatible with clang (at least some commonly deployed versions): http://llvm.org/bugs/show_bug.cgi?id=18916

  18. sipa force-pushed on Dec 3, 2014
  19. sipa commented at 8:35 PM on December 3, 2014: contributor

    Gah, to be compatible with OSX we need att_syntax? :(

  20. gmaxwell commented at 11:22 PM on December 3, 2014: contributor

    You broke it now. :)

  21. sipa force-pushed on Dec 4, 2014
  22. sipa commented at 12:02 AM on December 4, 2014: contributor

    Converted to att syntax :(

  23. sipa force-pushed on Dec 4, 2014
  24. sipa force-pushed on Dec 4, 2014
  25. sipa force-pushed on Dec 4, 2014
  26. Rewrite field assembly to match the C version f048615970
  27. Convert YASM code into inline assembly 67935050e1
  28. Make {mul,sqr}_inner use the same argument order as {mul,sqr} b2c9681c6f
  29. sipa force-pushed on Dec 4, 2014
  30. gmaxwell commented at 1:03 PM on December 7, 2014: contributor

    ACK.

  31. sipa merged this on Dec 7, 2014
  32. sipa closed this on Dec 7, 2014
  33. sipa referenced this in commit 376b28b096 on Dec 7, 2014
Contributors
sipagmaxwelljgarzik
Linked (view graph)
#112 Portability fixups#125 Rewrite field assembly to match the C version#1623 `src/scalar_4x64_impl.h:361:5: error: ‘asm’ operand has impossible constraints`
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin-core/secp256k1. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-14 11:15 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me