Mark more assembly outputs as early clobber #1307

pull sipa wants to merge 3 commits into bitcoin-core:master from sipa:202305_scalar_clobber changing 3 files +6 −3
  1. sipa commented at 9:20 AM on May 12, 2023: contributor

    This fixes #766.

    In the existing code, the compiler is allowed to allocate the RSI register for outputs m0, m1, or m2, which are written to before the input in RSI is read from. Fix this by marking them as early clobber.

    Make a similar change in the field logic, even though not triggerable there.

  2. real-or-random added the label bug on May 12, 2023
  3. real-or-random added the label assurance on May 12, 2023
  4. real-or-random removed the label assurance on May 12, 2023
  5. Bugfix: mark outputs as early clobber in scalar x86_64 asm
    In the existing code, the compiler is allowed to allocate the RSI register
for outputs m0, m1, or m2, which are written to before the input in RSI is
read from. Fix this by marking them as early clobber.

Reported by ehoffman2 in https://github.com/bitcoin-core/secp256k1/issues/766
    0c729ba70d
  6. Mark stack variables as early clobber for technical correctness
    In the field 5x52 asm for x86_64, stack variables are provided as outputs.
The existing inputs are all forcibly allocated to registers, so cannot
coincide, but mark them as early clobber anyway to make this clearer.
    350b4bd6e6
  7. sipa force-pushed on May 12, 2023
  8. real-or-random added the label needs-changelog on May 12, 2023
  9. Add release note 8c9ae37a5a
  10. sipa added this to the milestone 0.3.2 (or 0.4.0) on May 12, 2023
  11. real-or-random approved
  12. real-or-random commented at 12:56 PM on May 12, 2023: contributor

    ACK 8c9ae37a5a26cdeb6365624fee43f41b238830e4

  13. jonasnick commented at 1:34 PM on May 12, 2023: contributor

    ACK 8c9ae37a5a26cdeb6365624fee43f41b238830e4

    I'm reasonably sure that we with this PR we found all outputs that needed to be marked as early clobbers.

  14. jonasnick merged this on May 12, 2023
  15. jonasnick closed this on May 12, 2023
  16. hebasto referenced this in commit 49c52ea2b1 on May 13, 2023
  17. real-or-random removed the label needs-changelog on May 13, 2023
  18. vmta referenced this in commit e1120c94a1 on Jun 4, 2023
  19. sipa referenced this in commit 901336eee7 on Jun 21, 2023
  20. vmta referenced this in commit 8f03457eed on Jul 1, 2023
  21. jonasnick cross-referenced this on Jul 24, 2023 from issue Upstream PRs 1268, 1276, 1267, 1265, 1230, 1279, 1273, 1263, 1231, 1285, 1283, 1205, 1286, 1275, 1234, 1239, 1240, 1284, 1277, 1289, 1270, 1296, 1301, 1299, 1066, 1300, 1292, 1305, 1303, 1133, 1306, 1207, 1304, 1307, 1311, 1309, 1312 by jonasnick
Contributors
sipareal-or-randomjonasnick
Labels
bug

Milestone
0.3.3 (or 0.4.0)

Linked (view graph)
#766 Missing early clobber
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin-core/secp256k1. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-14 11:15 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me