contexts: Forbid destroying, cloning and randomizing the static context #1170
Conversation
real-or-random
force-pushed
the
202212-static-ctx-api
branch
from
fae2e69 to
8c6c4de
Compare
|
force-pushed to clarify a comment and fix a commit message, ready for review edit: okay, really ready now, I promise. |
real-or-random
force-pushed
the
202212-static-ctx-api
branch
from
8c6c4de to
0da5617
Compare
|
real-or-random
force-pushed
the
202212-static-ctx-api
branch
from
0da5617 to
29cac36
Compare
|
.... should be fixed. (If you think you can write a single line of code without rerunning the tests...) |
|
utACK 29cac36 |
|
I'm starting to think that it would in fact be preferable not to have this in 0.2.0. The changes here are not crucial or urgent. And they're strictly speaking still breaking changes, and so they'd fit a 0.3.0 or 1.0.0 nicely, where the version bump will indicate that the API has changed. |
|
@real-or-random Sounds good. Making breaking changes (no matter how small) after we've started doing releases is better in reducing API ambiguity. Are there perhaps still some cleanups from this PR we'd want? |
The second commit is certainly a (tiny) fix. We should abort the API function (with Let me create a PR that doesn't have the breaking API changes and the test changes. |
#1171, marking this one a draft. |
real-or-random
left a comment
real-or-random
left a comment
There was a problem hiding this comment.
A cleaner way will be to split run_context_tests() into one function for normal contexts (which has its separate local my_ctx) and one for static contexts (which can use the global sttc).
real-or-random
force-pushed
the
202212-static-ctx-api
branch
from
29cac36 to
45eef02
Compare
|
(force-pushed a rebased version here but please ignore... the plan is to get #1186 merged first and then I need to reapply the interesting commits from here on top of it) |
real-or-random
force-pushed
the
202212-static-ctx-api
branch
2 times, most recently
from
7c7b2fe to
71caa81
Compare
|
Ready for review. I should have done the last commit first, but I want to avoid the effort to reorder unless someone insists. @apoelstra This introduces the macro you proposed. I initially didn't plan to add it in this PR but I got too annoyed by the ecounts. Another PR can use it in the rest of the tests. |
real-or-random
force-pushed
the
202212-static-ctx-api
branch
from
71caa81 to
98982ea
Compare
|
force-pushed to make LSan happy (hopefully) |
real-or-random
force-pushed
the
202212-static-ctx-api
branch
from
98982ea to
0403278
Compare
| { CHECK((expr) == 0); } \ | ||
| secp256k1_context_set_illegal_callback(ctx, NULL, NULL); \ | ||
| CHECK(ILLEGAL == 1); \ | ||
| } while(0); |
There was a problem hiding this comment.
In 0403278:
I'd prefer that ILLEGAL be a local variable and that we used the data pointer to pass it into the callback function, rather than having it be a global.
There was a problem hiding this comment.
Yeah, I had feared this makes the job of the optimizer harder, but maybe that concern is unnecessary (or even wrong).
I'll fix it.
There was a problem hiding this comment.
It probably will make the optimizer's job harder but I doubt it'll be noticeable, and these are only unit tests.
real-or-random
force-pushed
the
202212-static-ctx-api
branch
3 times, most recently
from
abcd6e9 to
7a6cc4d
Compare
real-or-random
force-pushed
the
202212-static-ctx-api
branch
from
7a6cc4d to
6862279
Compare
|
Ooops, that line ended up in the wrong commit after rebasing. Should be fixed! |
real-or-random
force-pushed
the
202212-static-ctx-api
branch
from
6862279 to
e39d954
Compare
|
utACK e39d954 |
3 participants
As discussed in #1126.
For randomization, this has a history. Initially, this threw the illegal callback but then we changed it to be a no-op on non-signing contexts: 6198375 But this was with (non-static) none/verification contexts in mind, not with the static context. If we anyway forbid cloning the static context, you should never a way to randomize a copy of the static context. (You need a copy because the static context itself is not writable. But you cannot obtain a copy except when using memcpy etc.)