Skip to content

ci: backport upstream string-initializer fixes and clean up related tests #303

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
jonasnick merged 5 commits into from
Sep 16, 2025
Merged

ci: backport upstream string-initializer fixes and clean up related tests #303

jonasnick merged 5 commits into from
Sep 16, 2025

Conversation

@BEULAHEVANJALIN
Copy link
Contributor

@BEULAHEVANJALIN BEULAHEVANJALIN commented Sep 9, 2025

Summary

This PR fixes CI failures caused by -Werror=unterminated-string-initialization by backporting upstream changes from libsecp256k1. While doing that, have also fixed a few small tests and other CI issues so the complete build passes again.

What changed

  • Backported upstream fix (bitcoin-core/secp256k1 fa67b675): switched from string literal initializers to brace-enclosed byte arrays.
  • Extra fixes needed in -zkp:
    • musig/tests: removed dead code and made sure keypair is initialized (clang warning).
      (From upstream 8d967a60, adjusted for -zkp test vectors.)
    • examples: used brace arrays for demo strings. In musig.c, we retained the ! at the end of the message (upstream dropped it) to preserve prior example output.
    • Minor brace-array conversions in bppp, ecdsa_adaptor, ecdsa_s2c, rangeproof,
      schnorrsig(_halfagg), ellswift, and testrand_impl.h.

Rationale

  • Motivation: Unblock FROST work (PR FROST Trusted Dealer #278) by fixing CI breakages caused by newer GCC/Clang.
  • Upstream parity: Backports bitcoin-core/secp256k1 commit fa67b675 (brace-initialized byte arrays) and applies the same refactor to -zkp–only modules (ecdsa_adaptor, ecdsa_s2c, musig, bppp, rangeproof, schnorrsig_halfagg). No behaviour changes.

Minor divergence from upstream

  • examples/musig.c: retained the trailing ! in the demo message (upstream dropped it). This is example-only and doesn't affect tests or APIs. Can drop it if an exact match with upstream is preferred.

MarcoFalke and others added 5 commits September 9, 2025 21:47
@BEULAHEVANJALIN
refactor: Use array initialization for unterminated strings
654a8c3 
The previous code is correct and harmless to initialize an array with a
non-terminated character sequence using a string literal.

However, it requires exactly specifying the array size, which can be
cumbersome.

Also, GCC-15 may issue the -Wunterminated-string-initialization warning.
[1]

Fix both issues by using array initialization. This refactoring commit
does not change behavior.

[1] Example warning:

src/modules/schnorrsig/main_impl.h:48:46: error: initializer-string for array of 'unsigned char' is too long [-Werror=unterminated-string-initialization]
   48 | static const unsigned char bip340_algo[13] = "BIP0340/nonce";
      |                                              ^~~~~~~~~~~~~~~

(cherry picked from commit fa67b6752d8ba3e4c41f6c36b1c6b94a21770419)

Conflicts:
	src/testrand_impl.h (kept local name `secp256k1_testrand_seed`)
@BEULAHEVANJALIN
test/fix: refactor unterminated string initializers to brace arrays
c457030 
- Mirror upstream fix (bitcoin-core/secp256k1 fa67b675)
- Convert tags, test vectors, and constants in -zkp-only modules (ecdsa_adaptor, ecdsa_s2c, musig, bppp, rangeproof, schnorrsig_halfagg)
- Avoid -Wunterminated-string-initialization without changing behavior
@real-or-random @BEULAHEVANJALIN
musig/test: Remove dead code
40bd854 
This avoids a compiler warning on clang-snapshot about &keypair being uninitialized.

(cherry picked from commit 8d967a602b14c86d0f9e43a31fdfe76f39f32091)
@jonasnick @BEULAHEVANJALIN
musig/tests: initialize keypair
53fd89b 
The keypair is unused in musig_partial_sign, but clang-snapshot gives a compiler
warning anyway.
@BEULAHEVANJALIN
examples/musig: use brace-enclosed initializer for 32-byte msg
7d779c6 
Switch msg initialization from a string literal to a brace-enclosed
array to avoid -Wunterminated-string-initialization. Upstream removed
the trailing '!' from the message; this change retains it.
@BEULAHEVANJALIN BEULAHEVANJALIN mentioned this pull request Sep 9, 2025
Merged
@real-or-random
Copy link
Collaborator

real-or-random commented Sep 10, 2025

examples/musig.c: retained the trailing ! in the demo message (upstream dropped it). This is example-only and doesn't affect tests or APIs. Can drop it if an exact match with upstream is preferred.

It really doesn't matter. We'll need to replace the entire musig module by the upstream version anyway.

real-or-random
real-or-random approved these changes Sep 10, 2025
View reviewed changes
Copy link
Collaborator

@real-or-random real-or-random left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

utACK 7d779c6 thanks!

The remaining CI failures are in the constant-time tests. These will need to be fixed as well but this can be done in a separate PR.

apoelstra
apoelstra reviewed Sep 10, 2025
View reviewed changes
Copy link
Contributor

@apoelstra apoelstra left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On 7d779c6 successfully ran local tests

jonasnick
jonasnick approved these changes Sep 16, 2025
View reviewed changes
Copy link
Contributor

@jonasnick jonasnick left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ACK 7d779c6

@jonasnick jonasnick merged commit f92fd5c into BlockstreamResearch:master Sep 16, 2025
95 of 107 checks passed
@BEULAHEVANJALIN
Copy link
Contributor Author

BEULAHEVANJALIN commented Sep 16, 2025

Opened a follow-up in #304 to address the remaining MSan failures.
@real-or-random, @apoelstra, @jonasnick, requesting your review when you have a chance.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@apoelstra apoelstra apoelstra left review comments

@real-or-random real-or-random real-or-random approved these changes

@jonasnick jonasnick jonasnick approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@BEULAHEVANJALIN @real-or-random @apoelstra @jonasnick