Implementation notes: amd64, comet, crypto_kem/kyber1024

Computer: comet
Microarchitecture: amd64; Comet Lake (806ec)
Architecture: amd64
CPU ID: GenuineIntel-000806ec-bfebfbff
SUPERCOP version: 20240625
Operation: crypto_kem
Primitive: kyber1024

Time	Object size	Test size	Implementation	Compiler	Benchmark date	SUPERCOP version
135452	147913 0 0	169977 860 1792	`avx2`	`clang_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240719	20240625
135909	142287 0 0	164049 860 1728	`avx2`	`clang_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240719	20240625
140909	127768 0 0	146951 852 1792	`avx2`	`clang_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240719	20240625
144453	154910 0 0	176332 788 1760	`avx2`	`gcc_-march=native_-mtune=native_-O3_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240719	20240625
144581	132768 0 0	151177 860 1728	`avx2`	`clang_-march=native_-O_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240719	20240625
150410	130057 0 0	149580 788 1760	`avx2`	`gcc_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240719	20240625
152187	125244 0 0	143124 780 1728	`avx2`	`gcc_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240719	20240625
156521	125471 0 0	144500 788 1760	`avx2`	`gcc_-march=native_-mtune=native_-O_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240719	20240625
566238	88511 0 0	119257 860 1792	`compact`	`clang_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240709	20240625
607136	61688 0 0	91852 788 1760	`compact`	`gcc_-march=native_-mtune=native_-O3_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240709	20240625
614177	65455 0 0	96385 860 1728	`compact`	`clang_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240709	20240625
710201	54011 0 0	75465 860 1792	`ref`	`clang_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240709	20240625
715278	73728 0 0	103489 860 1728	`compact`	`clang_-mcpu=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240709	20240625
728223	6861 0 0	35447 852 1792	`compact`	`clang_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240709	20240625
745883	42963 0 0	64153 860 1728	`ref`	`clang_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240709	20240625
747611	8750 0 0	36473 860 1728	`compact`	`clang_-march=native_-O_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240709	20240625
762552	7860 0 0	36132 788 1760	`compact`	`gcc_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240709	20240625
770209	14987 0 0	33873 860 1728	`ref`	`clang_-march=native_-O_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240709	20240625
773418	44245 0 0	65572 788 1760	`ref`	`gcc_-march=native_-mtune=native_-O3_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240709	20240625
785753	12654 0 0	32191 852 1792	`ref`	`clang_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240709	20240625
795840	40544 0 0	61769 860 1728	`ref`	`clang_-mcpu=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240709	20240625
819982	14552 0 0	33948 788 1760	`ref`	`gcc_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240709	20240625
832247	12380 0 0	31324 788 1760	`ref`	`gcc_-march=native_-mtune=native_-O_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240709	20240625
901020	6166 0 0	34076 788 1760	`compact`	`gcc_-march=native_-mtune=native_-O_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240709	20240625
914159	11476 0 0	29260 780 1728	`ref`	`gcc_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240709	20240625
1085991	5090 0 0	31812 780 1728	`compact`	`gcc_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240709	20240625

Compiler output

KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:146:9: error: always_inline function '_mm256_loadu_si256' requires target feature 'avx', but would be inlined into function 'crypto_kem_kyber1024_avx2_constbranchindex_KeccakP1600times4_AddLanesAll' that is compiled without support for 'avx'
KeccakP-1600-times4-SIMD256.c:         Xor_In4( 0 );
KeccakP-1600-times4-SIMD256.c:         ^
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:135:42: note: expanded from macro 'Xor_In4'
KeccakP-1600-times4-SIMD256.c:     #define Xor_In4( argIndex ) lanes0 = LOAD256u( curData0[argIndex]),\
KeccakP-1600-times4-SIMD256.c:                                          ^
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:44:37: note: expanded from macro 'LOAD256u'
KeccakP-1600-times4-SIMD256.c:     #define LOAD256u(a)             _mm256_loadu_si256((const V256 *)&(a))
KeccakP-1600-times4-SIMD256.c:                                     ^
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:146:9: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:135:42: note: expanded from macro 'Xor_In4'
KeccakP-1600-times4-SIMD256.c:     #define Xor_In4( argIndex ) lanes0 = LOAD256u( curData0[argIndex]),\
KeccakP-1600-times4-SIMD256.c:                                          ^
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:44:37: note: expanded from macro 'LOAD256u'
KeccakP-1600-times4-SIMD256.c:     #define LOAD256u(a)             _mm256_loadu_si256((const V256 *)&(a))
KeccakP-1600-times4-SIMD256.c:                                     ^
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:146:9: error: always_inline function '_mm256_loadu_si256' requires target feature 'avx', but would be inlined into function 'crypto_kem_kyber1024_avx2_constbranchindex_KeccakP1600times4_AddLanesAll' that is compiled without support for 'avx'
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:136:42: note: expanded from macro 'Xor_In4'
KeccakP-1600-times4-SIMD256.c:                                 lanes1 = LOAD256u( curData1[argIndex]),\
KeccakP-1600-times4-SIMD256.c:                                          ^
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:44:37: note: expanded from macro 'LOAD256u'
KeccakP-1600-times4-SIMD256.c:     #define LOAD256u(a)             _mm256_loadu_si256((const V256 *)&(a))
KeccakP-1600-times4-SIMD256.c:                                     ^
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:146:9: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:136:42: note: expanded from macro 'Xor_In4'
KeccakP-1600-times4-SIMD256.c: ...

Number of similar (implementation,compiler) pairs: 1, namely:

Implementation	Compiler
`avx2`	`clang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_14.0.6)`

Compiler output

kem.c: kem.c:24:32: warning: argument 1 of type 'uint8_t[1568]' {aka 'unsigned char[1568]'} with mismatched bound [-Warray-parameter=]
kem.c:    24 | int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES],
kem.c:       |                        ~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~
kem.c: In file included from kem.c:5:
kem.c: kem.h:33:33: note: previously declared as 'uint8_t *' {aka 'unsigned char *'}
kem.c:    33 | int crypto_kem_keypair(uint8_t *pk, uint8_t *sk);
kem.c:       |                        ~~~~~~~~~^~
kem.c: kem.c:25:32: warning: argument 2 of type 'uint8_t[3168]' {aka 'unsigned char[3168]'} with mismatched bound [-Warray-parameter=]
kem.c:    25 |                        uint8_t sk[KYBER_SECRETKEYBYTES])
kem.c:       |                        ~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~
kem.c: kem.h:33:46: note: previously declared as 'uint8_t *' {aka 'unsigned char *'}
kem.c:    33 | int crypto_kem_keypair(uint8_t *pk, uint8_t *sk);
kem.c:       |                                     ~~~~~~~~~^~
kem.c: kem.c:50:28: warning: argument 1 of type 'uint8_t[1568]' {aka 'unsigned char[1568]'} with mismatched bound [-Warray-parameter=]
kem.c:    50 | int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES],
kem.c:       |                    ~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~
kem.c: kem.h:36:29: note: previously declared as 'uint8_t *' {aka 'unsigned char *'}
kem.c:    36 | int crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk);
kem.c:       |                    ~~~~~~~~~^~
kem.c: kem.c:51:28: warning: argument 2 of type 'uint8_t[32]' {aka 'unsigned char[32]'} with mismatched bound [-Warray-parameter=]
kem.c:    51 |                    uint8_t ss[KYBER_SSBYTES],
kem.c:       |                    ~~~~~~~~^~~~~~~~~~~~~~~~~
kem.c: kem.h:36:42: note: previously declared as 'uint8_t *' {aka 'unsigned char *'}
kem.c:    36 | int crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk);
kem.c:       |                                 ~~~~~~~~~^~
kem.c: ...
poly.c: poly.c:407:42: warning: argument 5 of type 'const uint8_t[32]' {aka 'const unsigned char[32]'} with mismatched bound [-Warray-parameter=]
poly.c:   407 |                            const uint8_t seed[32],
poly.c:       |                            ~~~~~~~~~~~~~~^~~~~~~~
poly.c: In file included from poly.c:6:
poly.c: poly.h:37:43: note: previously declared as 'const uint8_t *' {aka 'const unsigned char *'}
poly.c:    37 |                            const uint8_t *seed,
poly.c:       |                            ~~~~~~~~~~~~~~~^~~~

Number of similar (implementation,compiler) pairs: 4, namely:

Implementation	Compiler
`avx2`	`gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (12.2.0)`
`avx2`	`gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (12.2.0)`
`avx2`	`gcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (12.2.0)`
`avx2`	`gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (12.2.0)`

Compiler output

kem.c: kem.c:23:32: warning: argument 1 of type 'uint8_t[1568]' {aka 'unsigned char[1568]'} with mismatched bound [-Warray-parameter=]
kem.c:    23 | int crypto_kem_keypair(uint8_t pk[KYBER_PUBLICKEYBYTES],
kem.c:       |                        ~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~
kem.c: In file included from kem.c:4:
kem.c: kem.h:33:33: note: previously declared as 'uint8_t *' {aka 'unsigned char *'}
kem.c:    33 | int crypto_kem_keypair(uint8_t *pk, uint8_t *sk);
kem.c:       |                        ~~~~~~~~~^~
kem.c: kem.c:24:32: warning: argument 2 of type 'uint8_t[3168]' {aka 'unsigned char[3168]'} with mismatched bound [-Warray-parameter=]
kem.c:    24 |                        uint8_t sk[KYBER_SECRETKEYBYTES])
kem.c:       |                        ~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~
kem.c: kem.h:33:46: note: previously declared as 'uint8_t *' {aka 'unsigned char *'}
kem.c:    33 | int crypto_kem_keypair(uint8_t *pk, uint8_t *sk);
kem.c:       |                                     ~~~~~~~~~^~
kem.c: kem.c:51:28: warning: argument 1 of type 'uint8_t[1568]' {aka 'unsigned char[1568]'} with mismatched bound [-Warray-parameter=]
kem.c:    51 | int crypto_kem_enc(uint8_t ct[KYBER_CIPHERTEXTBYTES],
kem.c:       |                    ~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~
kem.c: kem.h:36:29: note: previously declared as 'uint8_t *' {aka 'unsigned char *'}
kem.c:    36 | int crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk);
kem.c:       |                    ~~~~~~~~~^~
kem.c: kem.c:52:28: warning: argument 2 of type 'uint8_t[32]' {aka 'unsigned char[32]'} with mismatched bound [-Warray-parameter=]
kem.c:    52 |                    uint8_t ss[KYBER_SSBYTES],
kem.c:       |                    ~~~~~~~~^~~~~~~~~~~~~~~~~
kem.c: kem.h:36:42: note: previously declared as 'uint8_t *' {aka 'unsigned char *'}
kem.c:    36 | int crypto_kem_enc(uint8_t *ct, uint8_t *ss, const uint8_t *pk);
kem.c:       |                                 ~~~~~~~~~^~
kem.c: ...

Number of similar (implementation,compiler) pairs: 4, namely:

Implementation	Compiler
`ref`	`gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (12.2.0)`
`ref`	`gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (12.2.0)`
`ref`	`gcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (12.2.0)`
`ref`	`gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (12.2.0)`

Passed TIMECOP

TIMECOP iterations: 1

Number of similar (implementation,compiler) pairs: 26, namely:

Implementation	Compiler
`avx2`	`clang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_14.0.6)`
`avx2`	`clang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_14.0.6)`
`avx2`	`clang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_14.0.6)`
`avx2`	`clang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_14.0.6)`
`avx2`	`gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (12.2.0)`
`avx2`	`gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (12.2.0)`
`avx2`	`gcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (12.2.0)`
`avx2`	`gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (12.2.0)`
`compact`	`clang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_14.0.6)`
`compact`	`clang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_14.0.6)`
`compact`	`clang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_14.0.6)`
`compact`	`clang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_14.0.6)`
`compact`	`clang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_14.0.6)`
`compact`	`gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (12.2.0)`
`compact`	`gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (12.2.0)`
`compact`	`gcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (12.2.0)`
`compact`	`gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (12.2.0)`
`ref`	`clang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_14.0.6)`
`ref`	`clang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_14.0.6)`
`ref`	`clang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_14.0.6)`
`ref`	`clang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_14.0.6)`
`ref`	`clang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_14.0.6)`
`ref`	`gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (12.2.0)`
`ref`	`gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (12.2.0)`
`ref`	`gcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (12.2.0)`
`ref`	`gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (12.2.0)`