--- Day changed Fri Aug 10 2018 02:02 -!- deusexbeer [~deusexbee@079-170-137-102-dynamic-pool-adsl.wbt.ru] has quit [Ping timeout: 256 seconds] 02:03 -!- deusexbeer [~deusexbee@093-092-176-095-dynamic-pool-adsl.wbt.ru] has joined #secp256k1 02:14 -!- brynjar14 [~brynjar@host-cotesma-185-252.smandes.com.ar] has joined #secp256k1 02:14 -!- brynjar14 [~brynjar@host-cotesma-185-252.smandes.com.ar] has quit [K-Lined] 02:44 -!- Georgyo20 [~Georgyo@c-ed3170d5.015-144-73746f28.cust.ownit.se] has joined #secp256k1 02:50 -!- Georgyo20 [~Georgyo@c-ed3170d5.015-144-73746f28.cust.ownit.se] has quit [Remote host closed the connection] 03:01 -!- sushichef [~sushichef@nat-31-128-141-201.pool.powernet.com.ru] has joined #secp256k1 03:03 -!- sushichef [~sushichef@nat-31-128-141-201.pool.powernet.com.ru] has quit [Remote host closed the connection] 04:17 -!- Peetz0r4 [~Peetz0r@180.211.16.80] has joined #secp256k1 04:19 -!- Peetz0r4 [~Peetz0r@180.211.16.80] has quit [Read error: Connection reset by peer] 04:20 < nsh> hm 04:25 -!- Hoosilon2 [~Hoosilon@221.9.222.135] has joined #secp256k1 04:30 -!- Hoosilon2 [~Hoosilon@221.9.222.135] has quit [Ping timeout: 240 seconds] 04:53 -!- vdamewood [~vdamewood@190.74.163.182] has joined #secp256k1 04:54 -!- vdamewood [~vdamewood@190.74.163.182] has quit [Remote host closed the connection] 05:02 -!- Louis15 [~Louis@186-93-131-25.genericrev.cantv.net] has joined #secp256k1 05:03 -!- Louis15 [~Louis@186-93-131-25.genericrev.cantv.net] has quit [Remote host closed the connection] 05:29 -!- precise6 [~precise@softbank126073156103.bbtec.net] has joined #secp256k1 05:29 -!- precise6 [~precise@softbank126073156103.bbtec.net] has quit [Remote host closed the connection] 05:51 < roconnor> The fact that ecmult_impl.h calls on secp256k1_ge_set_gej_zinv while that function is never defined in the group.h header files that it uselessly includes just serves to illustrate my point. 05:52 < roconnor> Everything still compiles only because group_impl.h is always included before ecmult_impl.h in every file that includes ecmult_impl.h 05:53 < roconnor> these "interface" header files of forward declarations are doing nothing. You could probably replace group.h with the empty file and everything would still compile. 05:54 < roconnor> (well I guess you need to keep the typedefs and the macros) 06:15 < andytoshi> the use of _impl header files rather than translation units means the compiler will be even less useful than usual 06:16 < andytoshi> so having an interface somewhere that the compiler will insist we adhere to is even more important as a sanity check 06:25 < roconnor> well you aren't adhereing to it and the compiler isn't insisting on it. 06:30 -!- tx17 [~tx@p6279227-ipngn22902marunouchi.tokyo.ocn.ne.jp] has joined #secp256k1 06:31 -!- tx17 [~tx@p6279227-ipngn22902marunouchi.tokyo.ocn.ne.jp] has quit [Killed (Sigyn (Spam is off topic on freenode.))] 07:27 -!- pwillard25 [~pwillard@dial-144.vl-cen-as3.avtlg.ru] has joined #secp256k1 07:27 -!- pwillard25 [~pwillard@dial-144.vl-cen-as3.avtlg.ru] has quit [Remote host closed the connection] 07:35 -!- quarks [~quarks@host-cotesma-174-42.smandes.com.ar] has joined #secp256k1 07:36 -!- quarks [~quarks@host-cotesma-174-42.smandes.com.ar] has quit [Killed (Sigyn (Spam is off topic on freenode.))] 07:58 -!- ken2812221 [~User@1.200.203.30] has quit [Ping timeout: 240 seconds] 08:51 < andytoshi> classic C 08:51 < andytoshi> we should add the missing declaration 08:54 -!- Guest3871 [~Guest3871@118.45.169.202] has joined #secp256k1 08:54 -!- Guest3871 [~Guest3871@118.45.169.202] has quit [Killed (Sigyn (Spam is off topic on freenode.))] 09:03 -!- johnny56 [~johnny56@181.105.146.200] has joined #secp256k1 09:04 -!- johnny56 [~johnny56@181.105.146.200] has quit [Killed (Sigyn (Spam is off topic on freenode.))] 10:25 -!- CGML13 [~CGML@210.57.244.174] has joined #secp256k1 10:26 -!- CGML13 [~CGML@210.57.244.174] has quit [Remote host closed the connection] 10:54 -!- maaku_ is now known as maaku 11:08 < roconnor> The most generous interpretation I can give for the existence of these forward declarations is that the provide a place for adding comments that document the behavour of functions where the declarations are statically checked because they are otherwise uselessly added to the compilation. 11:11 < andytoshi> if you change one the compiler will complain 11:11 < andytoshi> they are defining a contract for the functions that the compiler does enforce 11:15 < roconnor> andytoshi: unless you drop the word "static" from one of the two, in which case the compiler might complain, or it will just invoke undefined behaviour. 11:17 < roconnor> andytoshi: if they are just a contract then you should write a "contract.h" file that includes all these forward declarations and have a speical compilation target that includes "contract.h" with the "*impl.h" and leave them out otherwise. 11:18 < roconnor> you can break the contract.h into multiple files; that's fine. 11:20 < andytoshi> how would that be different from the current situation :) 11:20 < andytoshi> everything that doesn't end in _impl is a contract 11:20 < roconnor> Anyhow, it doesn't really matter. It's just a bizzare use of header files. My best guess is that the _impl files used to be real .c files a long time ago that you turned into .h files because you want to gain the benfist of cross module-inlining and optimization, but you kept the old .h files around and now you are trying to post-hoc justify why they still exist. 11:21 < roconnor> andytoshi: It would be different because make all can exclude the unused forward declarations, and you can limit their use to make test. 11:27 <@gmaxwell> roconnor: thats just incorrect, you can check the repository history to confirm there has only ever been a single .c file. They're there because it's sensible to seperate the interface from the multiple implmentations of the interface. It gives us a place to document the interface abstractly, rather than redundantly on each implementation. The reason they are .h files is indeed to get interprocedura 11:27 <@gmaxwell> l optimizations, otherwise we would prefer they be seperate c files. Perhaps you don't see an advantage of structuring things in a normal way even though to get interprocedural optimizations, but other people do. 11:27 <@gmaxwell> And your accusations of post hoc justification are outright insulting. 11:27 < roconnor> okay, I appologize. 11:28 <@gmaxwell> er *even though they're included just to get interprocedural optimization 11:30 <@gmaxwell> I don't follow the dropping static from one of the two creating undefined behavior. I don't see how that would happen. Obviously if there is a way that the forward declarations could turn out to be a foot gun, thats a concern! 11:31 < roconnor> I recall reading that if one declaration is static and the definition is not, or maybe it was vice versa, the standard says it is undefiend behaviour. 11:32 < roconnor> But I need to go check on that. 11:32 -!- Matrixiumn [~Matrixium@190.136.25.147] has joined #secp256k1 11:33 -!- Matrixiumn [~Matrixium@190.136.25.147] has quit [K-Lined] 11:45 < roconnor> Okay so this is the reference I think I read @ http://www.msg.ucsf.edu/local/programs/IBM_Compilers/C:C++/html/language/ref/clrc03extsc.htm 11:45 < roconnor> ``It is an error to include a declaration for the same function with the storage class specifier static before the declaration with no storage class specifier because of the incompatible declarations. Including the extern storage class specifier on the original declaration is valid and the function has internal linkage. 11:45 < roconnor> But perhaps my leap to undefined behaviour was all in my head, since that is usually the case for C. 11:58 < roconnor> Sorry. 12:01 <@gmaxwell> It's always good to have more eyes looking at it! 12:04 < roconnor> ECMULT_TABLE_GET_GE calls secp256k1_ge_neg which in turn calls secp256k1_fe_normalize_weak. 12:05 < roconnor> Is it worthwhile to precompute secp256k1_fe_normalize_weak on the y-cooridnates of all the points in the table to avoid repeated calls to secp256k1_fe_normalize_weak? 12:07 < andytoshi> my feeling is that small optimizations in the precomp aren't worth extra code complexity (like adding a second non-normalizing ge_neg function) 12:08 <@gmaxwell> The may reason signed digits are used there is because it reduces the table size. If you add the Ys for the negative values, you'll double the size of the oblivious reads for y. I know that doubling the size of the table generally isn't a win (or otherwise we would have set it larger). 12:08 < andytoshi> because precomp takes many milliseconds, so if you're doing it frequently your code is badly wrong anyway 12:08 < roconnor> gmaxwell: I don't mean to change the size of the table. 12:09 < roconnor> gmaxwell: Just to a pass to weak-normalize all the y values so that ECMULT_TABLE_GET_GE never needs to call secp256k1_fe_normalize_weak. 12:09 <@gmaxwell> roconnor: but then we would have to store all those negated y's, right? (I'm not sure I understand you) 12:10 < roconnor> gmaxwell: I mean ECMULT_TABLE_GET_GE would call a new function, that isn't secp256k1_ge_neg, whose precondition is that the y coordinate is of magnitude 1. 12:10 < roconnor> and than make sure the table satifies that precondition. 12:11 < roconnor> \away 12:11 <@gmaxwell> oh it normalizes the input, obviously. 12:11 <@gmaxwell> I dunno that might well be a reasonable win. 12:12 < andytoshi> are these functions called from the strauss code? 12:13 <@gmaxwell> andytoshi: this isn't an optimization in the precomp, it's an optimization that moves the normalization into the precomp. 12:13 < andytoshi> ah! 12:13 <@gmaxwell> and perhaps it should go all the way to store the points in compact form, like ECMULT_GEN does. 12:15 <@gmaxwell> (use of _storage type was a non-trivial speedup for ECMULT_GEN... because it makes the oblivious reads faster) 12:17 -!- Netham4527 [~Netham45@ae118166.dynamic.ppp.asahi-net.or.jp] has joined #secp256k1 12:18 -!- Netham4527 [~Netham45@ae118166.dynamic.ppp.asahi-net.or.jp] has quit [Killed (Sigyn (Spam is off topic on freenode.))] 12:46 -!- deusexbeer [~deusexbee@093-092-176-095-dynamic-pool-adsl.wbt.ru] has quit [Quit: Konversation terminated!] 13:31 < roconnor> andytoshi: the table construction call secp256k1_ge_set_gej_zinv t the end on most, if not all, elements, meaning all the y values are acutally already magnitude 1. 13:31 < roconnor> I can see about throwing a patch together this weekend so we can look at it in github. 13:34 < andytoshi> cool .. could you also run the bench_ecmult benchmarks before and after? 13:36 < roconnor> I can do it ... on my laptop. 13:36 < roconnor> I'll ask for help if I have any trouble with that. 13:40 < andytoshi> cool. and yeah, even laptop benchmarks are useful because they'll show if there's any difference at all 13:47 <@gmaxwell> I think the only reason we're not using storage types there is because of avoiding the need to normalize. Might also want to benchmark just swaping the entries out for a storage type. 13:59 -!- MrPaz [~PazPazPaz@84.39.112.91] has joined #secp256k1 15:07 -!- Guest23877 [~Guest2387@190-198-44-67.dyn.dsl.cantv.net] has joined #secp256k1 15:08 -!- Guest23877 [~Guest2387@190-198-44-67.dyn.dsl.cantv.net] has quit [Killed (Sigyn (Spam is off topic on freenode.))] 15:18 -!- ken2812221 [~User@1.200.203.30] has joined #secp256k1 15:48 -!- cottongin29 [~cottongin@111.246.210.23] has joined #secp256k1 15:53 -!- cottongin29 [~cottongin@111.246.210.23] has quit [Ping timeout: 240 seconds] 15:55 -!- cfields8 [~cfields@117.14.230.237] has joined #secp256k1 15:55 -!- cfields8 [~cfields@117.14.230.237] has quit [K-Lined] 16:21 -!- fredrikhl [~fredrikhl@119.red-83-33-69.dynamicip.rima-tde.net] has joined #secp256k1 16:28 -!- fredrikhl [~fredrikhl@119.red-83-33-69.dynamicip.rima-tde.net] has quit [Ping timeout: 240 seconds] 16:53 -!- deusexbeer [~deusexbee@093-092-176-095-dynamic-pool-adsl.wbt.ru] has joined #secp256k1 16:53 -!- israfel [~israfel@c-73-106-218-69.hsd1.ga.comcast.net] has joined #secp256k1 16:54 -!- israfel [~israfel@c-73-106-218-69.hsd1.ga.comcast.net] has quit [Remote host closed the connection] 17:07 -!- hpt20 [~hpt@host245-49-dynamic.49-82-r.retail.telecomitalia.it] has joined #secp256k1 17:13 -!- hpt20 [~hpt@host245-49-dynamic.49-82-r.retail.telecomitalia.it] has quit [Ping timeout: 268 seconds] 17:15 <@gmaxwell> oh man, dettman strikes again. I just noticed the recent PR. 17:15 <@gmaxwell> Awesome. 17:18 <@gmaxwell> Has anyone looked into fusing this idea into the bigger multiexp? 17:23 -!- mww113 [~mww113@117.82.63.10] has joined #secp256k1 17:23 -!- mww113 [~mww113@117.82.63.10] has quit [Killed (Sigyn (Spam is off topic on freenode.))] 18:14 -!- mozzarella6 [~mozzarell@187.169.229.140] has joined #secp256k1 18:15 -!- mozzarella6 [~mozzarell@187.169.229.140] has quit [Read error: Connection reset by peer] 18:40 -!- MJ9423 [~MJ94@121.133.46.194] has joined #secp256k1 18:41 -!- MJ9423 [~MJ94@121.133.46.194] has quit [Killed (Unit193 (Spam is not permitted on freenode.))] 18:45 -!- Zombie0 [~Zombie@98.29.4.221] has joined #secp256k1 18:46 -!- Zombie0 [~Zombie@98.29.4.221] has quit [Remote host closed the connection] 20:08 -!- SlashLife22 [~SlashLife@108.180.203.107] has joined #secp256k1 20:08 -!- SlashLife22 [~SlashLife@108.180.203.107] has quit [K-Lined] 20:16 -!- KanerixWolfe [~KanerixWo@2402:800:6144:a29c:dd79:af9b:7135:332b] has joined #secp256k1 20:22 -!- KanerixWolfe [~KanerixWo@2402:800:6144:a29c:dd79:af9b:7135:332b] has quit [Ping timeout: 240 seconds] 20:53 -!- MisterPaz [~PazPazPaz@185.156.175.182] has joined #secp256k1 20:56 -!- MrPaz [~PazPazPaz@84.39.112.91] has quit [Ping timeout: 240 seconds] 21:57 -!- nitrix1 [~nitrix@49.142.67.120] has joined #secp256k1 21:57 -!- nitrix1 [~nitrix@49.142.67.120] has quit [Killed (Sigyn (Spam is off topic on freenode.))] 22:10 -!- earlz8 [~earlz@ANancy-555-1-122-73.w92-161.abo.wanadoo.fr] has joined #secp256k1 22:16 -!- earlz8 [~earlz@ANancy-555-1-122-73.w92-161.abo.wanadoo.fr] has quit [Ping timeout: 256 seconds] 22:55 -!- vectr0n26 [~vectr0n@146.66.18.5] has joined #secp256k1 22:55 -!- vectr0n26 [~vectr0n@146.66.18.5] has quit [K-Lined]