package/botan/0001-Revert-workaround-a-miscompilation-issue-in-clang-12.patch

9 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
11 ---
12  src/lib/hash/sha3/sha3.cpp                | 46 ++++++-----------------
13  src/lib/hash/sha3/sha3_bmi2/sha3_bmi2.cpp | 46 ++++++-----------------
14  2 files changed, 22 insertions(+), 70 deletions(-)
16 diff --git a/src/lib/hash/sha3/sha3.cpp b/src/lib/hash/sha3/sha3.cpp
18 --- a/src/lib/hash/sha3/sha3.cpp
20 @@ -11,47 +11,23 @@
24 -#include <tuple>
25 -
30 -// This is a workaround for a suspected bug in clang 12 (and XCode 13)
31 -// that caused a miscompile of the SHA3 implementation for optimization
32 -// level -O2 and higher.
33 -//
34 -// For details, see: https://github.com/randombit/botan/issues/2802
35 -#if    defined(__clang__) && \
36 -    (( defined(__apple_build_version__) && __clang_major__ == 13) || \
37 -     (!defined(__apple_build_version__) && __clang_major__ == 12))
38 -#define BOTAN_WORKAROUND_MAYBE_INLINE __attribute__((noinline))
39 -#else
40 -#define BOTAN_WORKAROUND_MAYBE_INLINE inline
41 -#endif
42 -
43 -BOTAN_WORKAROUND_MAYBE_INLINE std::tuple<uint64_t, uint64_t, uint64_t, uint64_t, uint64_t>
44 -   xor_CNs(const uint64_t A[25])
45 -   {
46 -   return {
47 -      A[0] ^ A[5] ^ A[10] ^ A[15] ^ A[20],
48 -      A[1] ^ A[6] ^ A[11] ^ A[16] ^ A[21],
49 -      A[2] ^ A[7] ^ A[12] ^ A[17] ^ A[22],
50 -      A[3] ^ A[8] ^ A[13] ^ A[18] ^ A[23],
51 -      A[4] ^ A[9] ^ A[14] ^ A[19] ^ A[24]};
52 -   }
53 -
54 -#undef BOTAN_WORKAROUND_MAYBE_INLINE
55 -
58 -   const auto Cs = xor_CNs(A);
59 -
60 -   const uint64_t D0 = rotl<1>(std::get<0>(Cs)) ^ std::get<3>(Cs);
61 -   const uint64_t D1 = rotl<1>(std::get<1>(Cs)) ^ std::get<4>(Cs);
62 -   const uint64_t D2 = rotl<1>(std::get<2>(Cs)) ^ std::get<0>(Cs);
63 -   const uint64_t D3 = rotl<1>(std::get<3>(Cs)) ^ std::get<1>(Cs);
64 -   const uint64_t D4 = rotl<1>(std::get<4>(Cs)) ^ std::get<2>(Cs);
68 +   const uint64_t C3 = A[3] ^ A[8] ^ A[13] ^ A[18] ^ A[23];
79 diff --git a/src/lib/hash/sha3/sha3_bmi2/sha3_bmi2.cpp b/src/lib/hash/sha3/sha3_bmi2/sha3_bmi2.cpp
81 --- a/src/lib/hash/sha3/sha3_bmi2/sha3_bmi2.cpp
83 @@ -8,47 +8,23 @@
87 -#include <tuple>
88 -
93 -// This is a workaround for a suspected bug in clang 12 (and XCode 13)
94 -// that caused a miscompile of the SHA3 implementation for optimization
95 -// level -O2 and higher.
96 -//
97 -// For details, see: https://github.com/randombit/botan/issues/2802
98 -#if    defined(__clang__) && \
99 -    (( defined(__apple_build_version__) && __clang_major__ == 13) || \
100 -     (!defined(__apple_build_version__) && __clang_major__ == 12))
101 -#define BOTAN_WORKAROUND_MAYBE_INLINE __attribute__((noinline))
102 -#else
103 -#define BOTAN_WORKAROUND_MAYBE_INLINE inline
104 -#endif
105 -
106 -BOTAN_WORKAROUND_MAYBE_INLINE std::tuple<uint64_t, uint64_t, uint64_t, uint64_t, uint64_t>
107 -   xor_CNs(const uint64_t A[25])
108 -   {
109 -   return {
110 -      A[0] ^ A[5] ^ A[10] ^ A[15] ^ A[20],
111 -      A[1] ^ A[6] ^ A[11] ^ A[16] ^ A[21],
112 -      A[2] ^ A[7] ^ A[12] ^ A[17] ^ A[22],
113 -      A[3] ^ A[8] ^ A[13] ^ A[18] ^ A[23],
114 -      A[4] ^ A[9] ^ A[14] ^ A[19] ^ A[24]};
115 -   }
116 -
117 -#undef BOTAN_WORKAROUND_MAYBE_INLINE
118 -
121 -   const auto Cs = xor_CNs(A);
122 -
123 -   const uint64_t D0 = rotl<1>(std::get<0>(Cs)) ^ std::get<3>(Cs);
124 -   const uint64_t D1 = rotl<1>(std::get<1>(Cs)) ^ std::get<4>(Cs);
125 -   const uint64_t D2 = rotl<1>(std::get<2>(Cs)) ^ std::get<0>(Cs);
126 -   const uint64_t D3 = rotl<1>(std::get<3>(Cs)) ^ std::get<1>(Cs);
127 -   const uint64_t D4 = rotl<1>(std::get<4>(Cs)) ^ std::get<2>(Cs);
131 +   const uint64_t C3 = A[3] ^ A[8] ^ A[13] ^ A[18] ^ A[23];
142 --