-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
test, ci: Lower default iteration count to 16 #1581
Conversation
As I mentioned in the linked issue, I don't think this is a great idea. The tests have been written with a higher test iterations in mind. Lowering the test iterations can result in some crucial tests being missed with some probability, for example, because a run of the tests may always draw points with an even Y coordinate. As your test output shows, some tests are even skipped explicitly. On the other hand, always testing with 64 iterations is overkill. Hence, it would be reasonable to reduce the default test iterations to some number higher than 4. For example, 16 or 8. I am not sure what impact this has on the runtime of the test suite. |
I agree, this will be the easiest. If Core is happy with 16 or 8, we should just this. (Also happy to increase skip limit of Alternatively, you could reduce the number in Core if that's easy. I'm not sure if it's easy to pass a command line argument if CMake's test stuff handles all of this automatically. But Core could set SECP256K1_TEST_ITERS, that should be easy in the build system. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This PR was discussed during our IRC meeting. Even with iters = 16
, the "iteration count too low"-warnings do not go away. This is misleading because it suggests to the user that something went wrong.
The test_ecmult_constants_2bit
warning will be printed for any iters < 35
, due to these lines:
CONDITIONAL_TEST(35, "test_ecmult_constants_2bit") {
test_ecmult_constants_2bit();
}
However, this is only an optimization to make the tests run faster for lower iters; test_ecmult_constants_2bit
does not read the test iterations. Thus, one possible approach is to just remove the CONDITIONAL_TEST
and let test_ecmult_constants_2bit();
run always. We could also skip the test without printing a warning. That's possible, but quite fragile and hacky.
Similarly, to make the tests run with iters = 8
without warnings, we would have to remove the conditional
test macro from the line
CONDITIONAL_TEST(16, "run_sha256_known_output_tests 1000000") ninputs++;`
Quick benchmarks (--enable-dev-mode) on my dev machine (please verify):
./tests: 80s
./tests 16: 21s,
./tests 16 with test_ecmult_constants_2bit turned on: 28s
./tests 8 with both test_ecmult_constants_2bit and run_sha256_known_output_tests turned on: 20s
So we could get a significant speedup relatively easily, without losing the ecmult_constants_2bit and sha256_known_output tests.
However, now that I am thinking about it again, running the tests always will also lead to the CI jobs taking longer. We're reducing the iters significantly, sometimes to only iter = 2
for the valgrind tests. Maybe instead of removing the CONDITIONALS entirely, we should reduce the required iterations to 16 or 8.
In any case, this approach is just quick and dirty solution to reduce the default test duration. In the future, we should rethink and rework the tests to make them both much faster and exhaustive.
This one sounds reasonable. The 1000000 bytes test for SHA256 is really a bit overkill for low iters.
I tend to think that the "skip" messages should be kept. They can be helpful, and I don't think these scare anyone. We don't even use the word warning. We could also prefix them with "note: ". So here's a concrete suggestion;
|
Thanks! Implemented. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
utACK 9743bce
I'm obviously Concept ACK for my own suggestion, but I totally don't have a strong opinion here. Okay, this reads like an invitation for bikeshedding. It's just that I made the call, and now that I look at the meeting notes again, it appears to me that I ignored points brought up in the meeting, e.g., "if a test is not run by default, it should not produce a warning when not run".
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The difference in the test duration when I replace 32
in
CONDITIONAL_TEST(32, "run_sha256_known_output_tests 1000000") ninputs++;
with 16 is less than 1 second on my machine. Can someone confirm? If that's true, we can keep it at 16 (as in master) and do not print the message.
I can confirm. On this PR branch @ 9743bce:
With the following diff: --- a/src/tests.c
+++ b/src/tests.c
@@ -475,7 +475,7 @@ static void run_sha256_known_output_tests(void) {
/* Skip last input vector for low iteration counts */
ninputs = sizeof(inputs)/sizeof(inputs[0]) - 1;
- CONDITIONAL_TEST(32, "run_sha256_known_output_tests 1000000") ninputs++;
+ CONDITIONAL_TEST(16, "run_sha256_known_output_tests 1000000") ninputs++;
for (i = 0; i < ninputs; i++) {
unsigned char out[32]; it takes a bit longer:
|
The number of test iterations in the CI remains unchanged. Additionally, the minimum iteration counts to enable the `test_ecmult_constants_2bit` test is adjusted from 35 to 16, so it is run by default.
Done. Thank you! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK 0f73caf
utACK 0f73caf |
a38d879a1a6 Merge bitcoin-core/secp256k1#1628: Name public API structs 7d48f5ed02e Merge bitcoin-core/secp256k1#1581: test, ci: Lower default iteration count to 16 694342fdb71 Name public API structs 0f73caf7c62 test, ci: Lower default iteration count to 16 9a8db52f4e9 Merge bitcoin-core/secp256k1#1582: cmake, test: Add `secp256k1_` prefix to test names 1464f15c812 Merge bitcoin-core/secp256k1#1625: util: Remove unused (u)int64_t formatting macros 980c08df80a util: Remove unused (u)int64_t formatting macros 9b7c59cbb90 Merge bitcoin-core/secp256k1#1624: ci: Update macOS image 096e3e23f63 ci: Update macOS image 68b55209f1b Merge bitcoin-core/secp256k1#1619: musig: ctimetests: fix _declassify range for generated nonce points f0868a9b3d8 Merge bitcoin-core/secp256k1#1595: build: 45839th attempt to fix symbol visibility on Windows 1fae76f50c0 Merge bitcoin-core/secp256k1#1620: Remove unused scratch space from API 8be3839fb2e Remove unused scratch space from API 57eda3ba300 musig: ctimetests: fix _declassify range for generated nonce points 87384f5c0f2 cmake, test: Add `secp256k1_` prefix to test names e59158b6eb7 Merge bitcoin-core/secp256k1#1553: cmake: Set top-level target output locations 18f9b967c25 Merge bitcoin-core/secp256k1#1616: examples: do not retry generating seckey randomness in musig 5bab8f6d3c4 examples: make key generation doc consistent e8908221a45 examples: do not retry generating seckey randomness in musig 70b6be1834e extrakeys: improve doc of keypair_create (don't suggest retry) 01b5893389e Merge bitcoin-core/secp256k1#1599: bitcoin#1570 improve examples: remove key generation loop cd4f84f3ba8 Improve examples/documentation: remove key generation loops a88aa935063 Merge bitcoin-core/secp256k1#1603: f can never equal -m 3660fe5e2a9 Merge bitcoin-core/secp256k1#1479: Add module "musig" that implements MuSig2 multi-signatures (BIP 327) 168c92011f5 build: allow enabling the musig module in cmake f411841a46b Add module "musig" that implements MuSig2 multi-signatures (BIP 327) 0be79660f38 util: add constant-time is_zero_array function c8fbdb1b972 group: add ge_to_bytes_ext and ge_from_bytes_ext ef7ff03407f f can never equal -m c232486d84e Revert "cmake: Set `ENVIRONMENT` property for examples on Windows" 26e4a7c2146 cmake: Set top-level target output locations 4c57c7a5a95 Merge bitcoin-core/secp256k1#1554: cmake: Clean up testing code 447334cb06d include: Avoid visibility("default") on Windows 472faaa8ee6 Merge bitcoin-core/secp256k1#1604: doc: fix typos in `secp256k1_ecdsa_{recoverable_,}signature` API description 292310fbb24 doc: fix typos in `secp256k1_ecdsa_{recoverable_,}signature` API description 85e224dd97f group: add ge_to_bytes and ge_from_bytes 7c987ec89e6 cmake: Call `enable_testing()` unconditionally 6aa576515ef cmake: Delete `CTest` module git-subtree-dir: src/secp256k1 git-subtree-split: a38d879a1a6091bbbf504b42f8ca9ae6d76325a0
0cdc758a563 Merge bitcoin-core/secp256k1#1631: release: prepare for 0.6.0 39d5dfd542a release: prepare for 0.6.0 df2eceb2790 build: add ellswift.md and musig.md to release tarball a306bb7e903 tools: fix check-abi.sh after cmake out locations were changed 145868a84d2 Do not export `secp256k1_musig_nonce_gen_internal` b161bffb8bf Merge bitcoin-core/secp256k1#1579: Clear sensitive memory without getting optimized out (revival of bitcoin#636) a38d879a1a6 Merge bitcoin-core/secp256k1#1628: Name public API structs 7d48f5ed02e Merge bitcoin-core/secp256k1#1581: test, ci: Lower default iteration count to 16 694342fdb71 Name public API structs 0f73caf7c62 test, ci: Lower default iteration count to 16 9a8db52f4e9 Merge bitcoin-core/secp256k1#1582: cmake, test: Add `secp256k1_` prefix to test names 765ef53335a Clear _gej instances after point multiplication to avoid potential leaks 349e6ab916b Introduce separate _clear functions for hash module 99cc9fd6d01 Don't rely on memset to set signed integers to 0 97c57f42ba8 Implement various _clear() functions with secp256k1_memclear() 9bb368d1466 Use secp256k1_memclear() to clear stack memory instead of memset() e3497bbf001 Separate between clearing memory and setting to zero in tests d79a6ccd43a Separate secp256k1_fe_set_int( . , 0 ) from secp256k1_fe_clear() 1c081262227 Add secp256k1_memclear() for clearing secret data 1464f15c812 Merge bitcoin-core/secp256k1#1625: util: Remove unused (u)int64_t formatting macros 980c08df80a util: Remove unused (u)int64_t formatting macros 9b7c59cbb90 Merge bitcoin-core/secp256k1#1624: ci: Update macOS image 096e3e23f63 ci: Update macOS image e7d384488e8 Don't clear secrets in pippenger implementation 68b55209f1b Merge bitcoin-core/secp256k1#1619: musig: ctimetests: fix _declassify range for generated nonce points f0868a9b3d8 Merge bitcoin-core/secp256k1#1595: build: 45839th attempt to fix symbol visibility on Windows 1fae76f50c0 Merge bitcoin-core/secp256k1#1620: Remove unused scratch space from API 8be3839fb2e Remove unused scratch space from API 57eda3ba300 musig: ctimetests: fix _declassify range for generated nonce points 87384f5c0f2 cmake, test: Add `secp256k1_` prefix to test names e59158b6eb7 Merge bitcoin-core/secp256k1#1553: cmake: Set top-level target output locations 18f9b967c25 Merge bitcoin-core/secp256k1#1616: examples: do not retry generating seckey randomness in musig 5bab8f6d3c4 examples: make key generation doc consistent e8908221a45 examples: do not retry generating seckey randomness in musig 70b6be1834e extrakeys: improve doc of keypair_create (don't suggest retry) 01b5893389e Merge bitcoin-core/secp256k1#1599: bitcoin#1570 improve examples: remove key generation loop cd4f84f3ba8 Improve examples/documentation: remove key generation loops a88aa935063 Merge bitcoin-core/secp256k1#1603: f can never equal -m 3660fe5e2a9 Merge bitcoin-core/secp256k1#1479: Add module "musig" that implements MuSig2 multi-signatures (BIP 327) 168c92011f5 build: allow enabling the musig module in cmake f411841a46b Add module "musig" that implements MuSig2 multi-signatures (BIP 327) 0be79660f38 util: add constant-time is_zero_array function c8fbdb1b972 group: add ge_to_bytes_ext and ge_from_bytes_ext ef7ff03407f f can never equal -m c232486d84e Revert "cmake: Set `ENVIRONMENT` property for examples on Windows" 26e4a7c2146 cmake: Set top-level target output locations 4c57c7a5a95 Merge bitcoin-core/secp256k1#1554: cmake: Clean up testing code 447334cb06d include: Avoid visibility("default") on Windows 472faaa8ee6 Merge bitcoin-core/secp256k1#1604: doc: fix typos in `secp256k1_ecdsa_{recoverable_,}signature` API description 292310fbb24 doc: fix typos in `secp256k1_ecdsa_{recoverable_,}signature` API description 85e224dd97f group: add ge_to_bytes and ge_from_bytes 7c987ec89e6 cmake: Call `enable_testing()` unconditionally 6aa576515ef cmake: Delete `CTest` module git-subtree-dir: src/secp256k1 git-subtree-split: 0cdc758a56360bf58a851fe91085a327ec97685a
8deef00b3 Merge bitcoin-core/secp256k1#1634: Fix some misspellings 39705450e Fix some misspellings ec329c250 Merge bitcoin-core/secp256k1#1633: release cleanup: bump version after 0.6.0 c97059f59 release cleanup: bump version after 0.6.0 0cdc758a5 Merge bitcoin-core/secp256k1#1631: release: prepare for 0.6.0 39d5dfd54 release: prepare for 0.6.0 df2eceb27 build: add ellswift.md and musig.md to release tarball a306bb7e9 tools: fix check-abi.sh after cmake out locations were changed 145868a84 Do not export `secp256k1_musig_nonce_gen_internal` b161bffb8 Merge bitcoin-core/secp256k1#1579: Clear sensitive memory without getting optimized out (revival of #636) a38d879a1 Merge bitcoin-core/secp256k1#1628: Name public API structs 7d48f5ed0 Merge bitcoin-core/secp256k1#1581: test, ci: Lower default iteration count to 16 694342fdb Name public API structs 0f73caf7c test, ci: Lower default iteration count to 16 9a8db52f4 Merge bitcoin-core/secp256k1#1582: cmake, test: Add `secp256k1_` prefix to test names 765ef5333 Clear _gej instances after point multiplication to avoid potential leaks 349e6ab91 Introduce separate _clear functions for hash module 99cc9fd6d Don't rely on memset to set signed integers to 0 97c57f42b Implement various _clear() functions with secp256k1_memclear() 9bb368d14 Use secp256k1_memclear() to clear stack memory instead of memset() e3497bbf0 Separate between clearing memory and setting to zero in tests d79a6ccd4 Separate secp256k1_fe_set_int( . , 0 ) from secp256k1_fe_clear() 1c0812622 Add secp256k1_memclear() for clearing secret data e7d384488 Don't clear secrets in pippenger implementation 87384f5c0 cmake, test: Add `secp256k1_` prefix to test names git-subtree-dir: src/secp256k1 git-subtree-split: 8deef00b33ca81202aca80fe0bcd9730f084fbd2
8deef00b3 Merge bitcoin-core/secp256k1#1634: Fix some misspellings 39705450e Fix some misspellings ec329c250 Merge bitcoin-core/secp256k1#1633: release cleanup: bump version after 0.6.0 c97059f59 release cleanup: bump version after 0.6.0 0cdc758a5 Merge bitcoin-core/secp256k1#1631: release: prepare for 0.6.0 39d5dfd54 release: prepare for 0.6.0 df2eceb27 build: add ellswift.md and musig.md to release tarball a306bb7e9 tools: fix check-abi.sh after cmake out locations were changed 145868a84 Do not export `secp256k1_musig_nonce_gen_internal` b161bffb8 Merge bitcoin-core/secp256k1#1579: Clear sensitive memory without getting optimized out (revival of #636) a38d879a1 Merge bitcoin-core/secp256k1#1628: Name public API structs 7d48f5ed0 Merge bitcoin-core/secp256k1#1581: test, ci: Lower default iteration count to 16 694342fdb Name public API structs 0f73caf7c test, ci: Lower default iteration count to 16 9a8db52f4 Merge bitcoin-core/secp256k1#1582: cmake, test: Add `secp256k1_` prefix to test names 765ef5333 Clear _gej instances after point multiplication to avoid potential leaks 349e6ab91 Introduce separate _clear functions for hash module 99cc9fd6d Don't rely on memset to set signed integers to 0 97c57f42b Implement various _clear() functions with secp256k1_memclear() 9bb368d14 Use secp256k1_memclear() to clear stack memory instead of memset() e3497bbf0 Separate between clearing memory and setting to zero in tests d79a6ccd4 Separate secp256k1_fe_set_int( . , 0 ) from secp256k1_fe_clear() 1c0812622 Add secp256k1_memclear() for clearing secret data e7d384488 Don't clear secrets in pippenger implementation 87384f5c0 cmake, test: Add `secp256k1_` prefix to test names git-subtree-dir: src/secp256k1 git-subtree-split: 8deef00b33ca81202aca80fe0bcd9730f084fbd2
9827fbfd41 Setup batch experimental module on cmake 89a54e23de Clear warnings fb52de16b9 WIP: Silent merge conflicts f1a167edff batch: Generate graphs for batch verification speed up 63823d9423 batch, extrakeys: Add benchmark for batch verify and `tweak_add_check` b2f217c0ec batch: Add tests for `batch_add_*` APIs ac564e9a23 batch,ecmult: Add tests for core batch APIs and `strauss_batch` refactor f0c9b8801d batch: Add API usage example 3ab4a4c81e batch: Add `batch_add_*` APIs ee9c242a80 batch, ecmult: Add `batch_verify` API and refactor `strauss_batch` a00fbe43aa batch: Add `create` and `destroy` APIs e7e627fa52 batch: Initialize an experimental batch module 0cdc758a56 Merge bitcoin-core/secp256k1#1631: release: prepare for 0.6.0 39d5dfd542 release: prepare for 0.6.0 df2eceb279 build: add ellswift.md and musig.md to release tarball a306bb7e90 tools: fix check-abi.sh after cmake out locations were changed 145868a84d Do not export `secp256k1_musig_nonce_gen_internal` b161bffb8b Merge bitcoin-core/secp256k1#1579: Clear sensitive memory without getting optimized out (revival of bitcoin#636) a38d879a1a Merge bitcoin-core/secp256k1#1628: Name public API structs 7d48f5ed02 Merge bitcoin-core/secp256k1#1581: test, ci: Lower default iteration count to 16 694342fdb7 Name public API structs 0f73caf7c6 test, ci: Lower default iteration count to 16 9a8db52f4e Merge bitcoin-core/secp256k1#1582: cmake, test: Add `secp256k1_` prefix to test names 765ef53335 Clear _gej instances after point multiplication to avoid potential leaks 349e6ab916 Introduce separate _clear functions for hash module 99cc9fd6d0 Don't rely on memset to set signed integers to 0 97c57f42ba Implement various _clear() functions with secp256k1_memclear() 9bb368d146 Use secp256k1_memclear() to clear stack memory instead of memset() e3497bbf00 Separate between clearing memory and setting to zero in tests d79a6ccd43 Separate secp256k1_fe_set_int( . , 0 ) from secp256k1_fe_clear() 1c08126222 Add secp256k1_memclear() for clearing secret data 1464f15c81 Merge bitcoin-core/secp256k1#1625: util: Remove unused (u)int64_t formatting macros 980c08df80 util: Remove unused (u)int64_t formatting macros 9b7c59cbb9 Merge bitcoin-core/secp256k1#1624: ci: Update macOS image 096e3e23f6 ci: Update macOS image e7d384488e Don't clear secrets in pippenger implementation 68b55209f1 Merge bitcoin-core/secp256k1#1619: musig: ctimetests: fix _declassify range for generated nonce points f0868a9b3d Merge bitcoin-core/secp256k1#1595: build: 45839th attempt to fix symbol visibility on Windows 1fae76f50c Merge bitcoin-core/secp256k1#1620: Remove unused scratch space from API 8be3839fb2 Remove unused scratch space from API 57eda3ba30 musig: ctimetests: fix _declassify range for generated nonce points 87384f5c0f cmake, test: Add `secp256k1_` prefix to test names e59158b6eb Merge bitcoin-core/secp256k1#1553: cmake: Set top-level target output locations 18f9b967c2 Merge bitcoin-core/secp256k1#1616: examples: do not retry generating seckey randomness in musig 5bab8f6d3c examples: make key generation doc consistent e8908221a4 examples: do not retry generating seckey randomness in musig 70b6be1834 extrakeys: improve doc of keypair_create (don't suggest retry) 01b5893389 Merge bitcoin-core/secp256k1#1599: bitcoin#1570 improve examples: remove key generation loop cd4f84f3ba Improve examples/documentation: remove key generation loops a88aa93506 Merge bitcoin-core/secp256k1#1603: f can never equal -m 3660fe5e2a Merge bitcoin-core/secp256k1#1479: Add module "musig" that implements MuSig2 multi-signatures (BIP 327) 168c92011f build: allow enabling the musig module in cmake f411841a46 Add module "musig" that implements MuSig2 multi-signatures (BIP 327) 0be79660f3 util: add constant-time is_zero_array function c8fbdb1b97 group: add ge_to_bytes_ext and ge_from_bytes_ext ef7ff03407 f can never equal -m c232486d84 Revert "cmake: Set `ENVIRONMENT` property for examples on Windows" 26e4a7c214 cmake: Set top-level target output locations 4c57c7a5a9 Merge bitcoin-core/secp256k1#1554: cmake: Clean up testing code 447334cb06 include: Avoid visibility("default") on Windows 472faaa8ee Merge bitcoin-core/secp256k1#1604: doc: fix typos in `secp256k1_ecdsa_{recoverable_,}signature` API description 292310fbb2 doc: fix typos in `secp256k1_ecdsa_{recoverable_,}signature` API description 85e224dd97 group: add ge_to_bytes and ge_from_bytes 7c987ec89e cmake: Call `enable_testing()` unconditionally 6aa576515e cmake: Delete `CTest` module git-subtree-dir: src/secp256k1 git-subtree-split: 9827fbfd4164080b3de5e1238bc75fb4f07dd5e1
The number of test iterations in the CI remains the same.
Resolves #1561.