Implementation notes: amd64, margaux, crypto_aead/morus1280128v1

Computer: margaux
Microarchitecture: amd64; Core 2 65nm (6fb)
Architecture: amd64
CPU ID: GenuineIntel-000006fb-bfebfbff
SUPERCOP version: 20240107
Operation: crypto_aead
Primitive: morus1280128v1

Time	Object size	Test size	Implementation	Compiler	Benchmark date	SUPERCOP version
11666	12685 0 0	27963 844 1024	`T:sse2`	`clang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20231215	20231212
11666	12685 0 0	29075 844 1024	`T:sse2`	`clang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20231215	20231212
11750	8426 0 0	21645 836 1024	`T:sse2`	`clang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20231215	20231212
12181	12315 0 0	28643 844 1024	`T:sse2`	`clang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20231215	20231212
12986	13707 0 0	27691 844 1024	`T:sse2`	`clang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20231215	20231212
14339	10401 0 0	27004 812 1088	`T:sse2`	`gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20231215	20231212
16292	15046 0 0	31660 812 1088	`T:ref64`	`gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20231215	20231212
16430	11910 0 0	28500 812 1088	`T:ref`	`gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20231215	20231212
18532	18131 0 0	32219 844 1024	`T:ref`	`clang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20231215	20231212
19462	13483 0 0	29915 844 1024	`T:ref`	`clang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20231215	20231212
19707	13621 0 0	30107 844 1024	`T:ref`	`clang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20231215	20231212
19739	13557 0 0	28931 844 1024	`T:ref`	`clang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20231215	20231212
20020	9183 0 0	22429 836 1024	`T:ref`	`clang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20231215	20231212
27440	3662 0 0	17319 788 1056	`T:ref`	`gcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20231215	20231212
28885	4414 0 0	19836 812 1088	`T:ref`	`gcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20231215	20231212
29427	4321 0 0	19267 804 1088	`T:ref`	`gcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20231215	20231212
29541	6867 0 0	23371 844 1024	`T:ref64`	`clang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20231215	20231212
29715	6867 0 0	22259 844 1024	`T:ref64`	`clang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20231215	20231212
29942	6730 0 0	23179 844 1024	`T:ref64`	`clang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20231215	20231212
30012	5575 0 0	18837 836 1024	`T:ref64`	`clang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20231215	20231212
30100	5494 0 0	19159 788 1056	`T:ref64`	`gcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20231215	20231212
30117	6102 0 0	21540 812 1088	`T:ref64`	`gcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20231215	20231212
31232	5911 0 0	20875 804 1088	`T:ref64`	`gcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20231215	20231212
32911	7634 0 0	21731 844 1024	`T:ref64`	`clang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20231215	20231212

Compiler output

Implementation: T:avx2
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

morus1280128v1avx2.c: morus1280128v1avx2.c:55:13: error: always_inline function '_mm256_xor_si256' requires target feature 'avx2', but would be inlined into function 'morus_stateupdate' that is compiled without support for 'avx2'
morus1280128v1avx2.c: state[0] = XOR256(state[0], state[3]);
morus1280128v1avx2.c: ^
morus1280128v1avx2.c: morus1280128v1avx2.c:25:27: note: expanded from macro 'XOR256'
morus1280128v1avx2.c: #define XOR256(x,y) _mm256_xor_si256((x),(y)) /*XOR256(x,y) = x ^ y, where x and y are two 256-bit word*/
morus1280128v1avx2.c: ^
morus1280128v1avx2.c: morus1280128v1avx2.c:55:13: error: AVX vector argument of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
morus1280128v1avx2.c: morus1280128v1avx2.c:25:27: note: expanded from macro 'XOR256'
morus1280128v1avx2.c: #define XOR256(x,y) _mm256_xor_si256((x),(y)) /*XOR256(x,y) = x ^ y, where x and y are two 256-bit word*/
morus1280128v1avx2.c: ^
morus1280128v1avx2.c: morus1280128v1avx2.c:56:30: error: always_inline function '_mm256_and_si256' requires target feature 'avx2', but would be inlined into function 'morus_stateupdate' that is compiled without support for 'avx2'
morus1280128v1avx2.c: state[0] = XOR256(state[0], AND256(state[1], state[2]));
morus1280128v1avx2.c: ^
morus1280128v1avx2.c: morus1280128v1avx2.c:26:27: note: expanded from macro 'AND256'
morus1280128v1avx2.c: #define AND256(x,y) _mm256_and_si256((x),(y)) /*AND(x,y) = x & y, where x and y are two 256-bit word*/
morus1280128v1avx2.c: ^
morus1280128v1avx2.c: morus1280128v1avx2.c:56:30: error: AVX vector argument of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
morus1280128v1avx2.c: morus1280128v1avx2.c:26:27: note: expanded from macro 'AND256'
morus1280128v1avx2.c: #define AND256(x,y) _mm256_and_si256((x),(y)) /*AND(x,y) = x & y, where x and y are two 256-bit word*/
morus1280128v1avx2.c: ^
morus1280128v1avx2.c: morus1280128v1avx2.c:56:13: error: always_inline function '_mm256_xor_si256' requires target feature 'avx2', but would be inlined into function 'morus_stateupdate' that is compiled without support for 'avx2'
morus1280128v1avx2.c: state[0] = XOR256(state[0], AND256(state[1], state[2]));
morus1280128v1avx2.c: ^
morus1280128v1avx2.c: morus1280128v1avx2.c:25:27: note: expanded from macro 'XOR256'
morus1280128v1avx2.c: #define XOR256(x,y) _mm256_xor_si256((x),(y)) /*XOR256(x,y) = x ^ y, where x and y are two 256-bit word*/
morus1280128v1avx2.c: ...

Number of similar (compiler,implementation) pairs: 5, namely:

Compiler	Implementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:avx2
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:avx2
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:avx2
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:avx2
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:avx2

Compiler output

Implementation: T:avx2
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE

morus1280128v1avx2.c: morus1280128v1avx2.c: In function 'morus_stateupdate':
morus1280128v1avx2.c: morus1280128v1avx2.c:53:6: note: the ABI for passing parameters with 32-byte alignment has changed in GCC 4.6
morus1280128v1avx2.c: 53 | void morus_stateupdate(__m256i msgblk, __m256i *state)
morus1280128v1avx2.c: | ^~~~~~~~~~~~~~~~~
morus1280128v1avx2.c: morus1280128v1avx2.c:55:18: warning: AVX vector return without AVX enabled changes the ABI [-Wpsabi]
morus1280128v1avx2.c: 55 | state[0] = XOR256(state[0], state[3]);
morus1280128v1avx2.c: | ^
morus1280128v1avx2.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/11/include/immintrin.h:47,
morus1280128v1avx2.c: from morus1280128v1avx2.c:2:
morus1280128v1avx2.c: morus1280128v1avx2.c: In function 'morus_enc_aut_step':
morus1280128v1avx2.c: /usr/lib/gcc/x86_64-linux-gnu/11/include/avx2intrin.h:1071:1: error: inlining failed in call to 'always_inline' '_mm256_permute4x64_epi64': target specific option mismatch
morus1280128v1avx2.c: 1071 | _mm256_permute4x64_epi64 (__m256i __X, const int __M)
morus1280128v1avx2.c: | ^~~~~~~~~~~~~~~~~~~~~~~~
morus1280128v1avx2.c: morus1280128v1avx2.c:41:27: note: called from here
morus1280128v1avx2.c: 41 | #define ROTL256_64(x) _mm256_permute4x64_epi64((x), _MM_SHUFFLE(2,1,0,3)) /*Rotate x by 64-bit positions to the left*/
morus1280128v1avx2.c: | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
morus1280128v1avx2.c: morus1280128v1avx2.c:204:20: note: in expansion of macro 'ROTL256_64'
morus1280128v1avx2.c: 204 | state[2] = ROTL256_64(state[2]);
morus1280128v1avx2.c: | ^~~~~~~~~~
morus1280128v1avx2.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/11/include/immintrin.h:47,
morus1280128v1avx2.c: from morus1280128v1avx2.c:2:
morus1280128v1avx2.c: /usr/lib/gcc/x86_64-linux-gnu/11/include/avx2intrin.h:574:1: error: inlining failed in call to 'always_inline' '_mm256_or_si256': target specific option mismatch
morus1280128v1avx2.c: 574 | _mm256_or_si256 (__m256i __A, __m256i __B)
morus1280128v1avx2.c: | ^~~~~~~~~~~~~~~
morus1280128v1avx2.c: morus1280128v1avx2.c:28:27: note: called from here
morus1280128v1avx2.c: ...

Number of similar (compiler,implementation) pairs: 4, namely:

Compiler	Implementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:avx2
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:avx2
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:avx2
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:avx2

Compiler output

Implementation: T:sse2
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE

Number of similar (compiler,implementation) pairs: 2, namely:

Compiler	Implementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:sse2
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:sse2

Compiler output

Implementation: T:sse2
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE

try.c: /usr/bin/ld: libcrypto_aead_morus1280128v1.a(morus1280128v1sse2.o): in function `morus_initialization':
try.c: morus1280128v1sse2.c:(.text+0x...): undefined reference to `morus_stateupdate'
try.c: /usr/bin/ld: libcrypto_aead_morus1280128v1.a(morus1280128v1sse2.o): in function `morus_initialization_key_256':
try.c: morus1280128v1sse2.c:(.text+0x...): undefined reference to `morus_stateupdate'
try.c: /usr/bin/ld: libcrypto_aead_morus1280128v1.a(morus1280128v1sse2.o): in function `morus_tag_generation':
try.c: morus1280128v1sse2.c:(.text+0x...): undefined reference to `morus_stateupdate'
try.c: /usr/bin/ld: libcrypto_aead_morus1280128v1.a(morus1280128v1sse2.o): in function `morus_tag_verification':
try.c: morus1280128v1sse2.c:(.text+0x...): undefined reference to `morus_stateupdate'
try.c: /usr/bin/ld: libcrypto_aead_morus1280128v1.a(morus1280128v1sse2.o): in function `morus_enc_aut_partialblock':
try.c: morus1280128v1sse2.c:(.text+0x...): undefined reference to `morus_stateupdate'
try.c: /usr/bin/ld: libcrypto_aead_morus1280128v1.a(morus1280128v1sse2.o):morus1280128v1sse2.c:(.text+0x...): more undefined references to `morus_stateupdate' follow
try.c: /usr/bin/ld: libcrypto_aead_morus1280128v1.a(morus1280128v1sse2.o): in function `crypto_aead_morus1280128v1_sse2_timingleaks_encrypt':
try.c: morus1280128v1sse2.c:(.text+0x...): undefined reference to `morus_enc_aut_step'
try.c: /usr/bin/ld: morus1280128v1sse2.c:(.text+0x...): undefined reference to `morus_enc_aut_step'
try.c: /usr/bin/ld: libcrypto_aead_morus1280128v1.a(morus1280128v1sse2.o): in function `crypto_aead_morus1280128v1_sse2_timingleaks_decrypt':
try.c: morus1280128v1sse2.c:(.text+0x...): undefined reference to `morus_enc_aut_step'
try.c: /usr/bin/ld: morus1280128v1sse2.c:(.text+0x...): undefined reference to `morus_dec_aut_step'
try.c: collect2: error: ld returned 1 exit status

Number of similar (compiler,implementation) pairs: 1, namely:

Compiler	Implementations
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:sse2