HomePhabricator

[secp256k1] Update the CI docker to Debian Bullseye

Description

[secp256k1] Update the CI docker to Debian Bullseye

Summary:
Also includes a fix extracted from upstream:
https://github.com/bitcoin-core/secp256k1/pull/969/commits/5d5c74a057f3951677691113747952f4cbdde86b

Partial backport of secp256k1#969.

clang 7 to 11 (and maybe earlier versions) warn about recid being
potentially unitiliazed in "CHECK(recid >= 0 [...]", which was mitigated
in commit 3d2cf6c5bd35b0d72716b47bdd7e3892388aafc4 by initializing recid
to make clang happy but VG_UNDEF'ing the variable after initializiation
in order to ensure valgrind's memcheck analysis will still be sound and
complain if recid is not actually written to when creating a signature.

However, it turns out that at least for binaries produced by clang 11
(but not clang 7), valgrind complains about a branch on unitialized data
in the recid variable in that line before *and* after the aforementioned
commit. While the complaint after the commit could be spurious (clang
knows that recid is initialized, so it's fine to access it even though
the access is stupid), the complaint before the commit indicates a real
problem: it might be the case that clang is performing a wrong
optimization that leads to a situation where recid is really not
guaranteed to be initialized when it's accessed. As a result, clang
warns about this and generates code that just accesses the variable.

I'm not going to bother with this further because this is fixed in
clang 12 and the problem is just in our test code, not in the tested
code.

This commit rewrites the code in a way that groups the signing together
with the CHECK such that it's very easy to figure out for clang that
recid will be initialized properly. This seems to circument the issue.

Test Plan:

ninja check-secp256k1

Tested against cirrus on my personal github fork of the project.

Reviewers: #bitcoin_abc, sdulfari, PiRK

Reviewed By: #bitcoin_abc, sdulfari, PiRK

Subscribers: PiRK

Differential Revision: https://reviews.bitcoinabc.org/D12957

Details

Provenance
Tim Ruffing <crypto@timruffing.de>Authored on Aug 19 2021, 10:22
FabienCommitted on Jan 6 2023, 18:45
FabienPushed on Jan 6 2023, 18:45
Reviewer
Restricted Project
Differential Revision
D12957: [secp256k1] Update the CI docker to Debian Bullseye
Parents
rABC449d01c1f7c5: refactor, miner: Delete call to UpdatePackagesForAdded at beginning of…
Branches
Unknown
Tags
Unknown