[secp256k1] ct: Use volatile "trick" in all fe/scalar cmov implementations
Summary:
Apparently clang 15 is able to compile our cmov code into a branch, at least for fe_cmov and fe_storage_cmov. This commit makes the condition volatile in all cmov implementations (except ge but that one only calls into the fe impls). This is just a quick fix. We should still look into other methods, e.g., asm and #457. We should also consider not caring about constant-time in scalar_low_impl.h We should also consider testing on very new compilers in nightly CI, see https://github.com/bitcoin-core/secp256k1/pull/864#issuecomment-769211867
Backport of secp256k1#1257 and secp256k1#1303.
Depends on D18157.
Test Plan:
See CI (the issue occurs after the CI migration to bookworm) here: https://cirrus-ci.com/build/6479968802177024
ninja check-secp256k1
Reviewers: #bitcoin_abc, PiRK
Reviewed By: #bitcoin_abc, PiRK
Differential Revision: https://reviews.bitcoinabc.org/D18158