Implementation notes: aarch64, pi4b, crypto_aead/romulusm

Computer: pi4b
Microarchitecture: aarch64; Cortex-A72 (410fd083)
Architecture: aarch64
CPU ID: 410fd083
SUPERCOP version: 20230530
Operation: crypto_aead
Primitive: romulusm

Time	Object size	Test size	Implementation	Compiler	Benchmark date	SUPERCOP version
694834	9384 0 0	21604 816 848	`aadomn/armv8a/onthefly`	`gcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221028	20221025
698566	9224 0 0	20420 800 840	`aadomn/armv8a/onthefly`	`gcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221028	20221025
698782	9612 0 0	21851 808 848	`aadomn/armv8a/onthefly`	`gcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221028	20221025
701886	10804 0 0	23964 816 864	`aadomn/armv8a/onthefly`	`gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221028	20221025
796752	11004 0 0	24156 816 864	`aadomn/armv8a/precalculate`	`gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221028	20221025
797273	9584 0 0	21796 816 848	`aadomn/armv8a/precalculate`	`gcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221028	20221025
799416	9324 0 0	20548 800 840	`aadomn/armv8a/precalculate`	`gcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221028	20221025
800957	9772 0 0	22019 808 848	`aadomn/armv8a/precalculate`	`gcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221028	20221025
1254417	27908 640 0	41220 1464 864	`aadomn/opt32`	`gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221028	20221025
1382703	28772 640 0	42450 1480 856	`aadomn/opt32`	`clang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20221007	20221005
1767871	18984 640 0	31356 1456 848	`aadomn/opt32`	`gcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221028	20221025
1797148	18416 640 0	29756 1440 840	`aadomn/opt32`	`gcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221028	20221025
1804482	19704 640 0	32156 1456 848	`aadomn/opt32`	`gcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221028	20221025
2451745	15412 12 0	29290 852 856	`T:ref`	`clang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20221007	20221005
2561522	22236 12 0	35572 828 864	`T:ref`	`gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221028	20221025
9539330	8020 12 0	20364 828 848	`T:ref`	`gcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221028	20221025
10483696	6068 12 0	17372 812 840	`T:ref`	`gcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221028	20221025
10574037	7092 12 0	19435 820 848	`T:ref`	`gcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20221028	20221025

Test failure

Implementation: T:fixslice_opt32
Security model: timingleaks
Compiler: clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

error 111
crypto_aead_decrypt returns nonzero

Number of similar (compiler,implementation) pairs: 5, namely:

Compiler	Implementations
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:fixslice_opt32
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:fixslice_opt32
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:fixslice_opt32
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:fixslice_opt32
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:fixslice_opt32

Test failure

Implementation: T:opt32t
Security model: timingleaks
Compiler: clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

error 111
crypto_aead_decrypt allows trivial forgeries

Number of similar (compiler,implementation) pairs: 5, namely:

Compiler	Implementations
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:opt32t
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:opt32t
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:opt32t
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:opt32t
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:opt32t

Compiler output

Implementation: aadomn/armv8a/onthefly
Security model: constbranchindex
Compiler: clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

skinny128.S: <instantiation>:1:11: error: literal value out of range for directive
skinny128.S: ldr q20, =0x0b0c0e0a0d080f090304060205000701
skinny128.S: ^
skinny128.S: skinny128.S:156:2: note: while in macro instantiation
skinny128.S: prepare_encrypt
skinny128.S: ^
skinny128.S: <instantiation>:2:12: error: literal value out of range for directive
skinny128.S: ldr q21, =0x00000000000000020000000000000000
skinny128.S: ^
skinny128.S: skinny128.S:156:2: note: while in macro instantiation
skinny128.S: prepare_encrypt
skinny128.S: ^
skinny128.S: <instantiation>:3:6: error: invalid operand for instruction
skinny128.S: ldr q22, =0x00000000000000000000000000000000
skinny128.S: ^
skinny128.S: skinny128.S:156:2: note: while in macro instantiation
skinny128.S: prepare_encrypt
skinny128.S: ^
skinny128.S: <instantiation>:4:12: error: literal value out of range for directive
skinny128.S: ldr q23, =0x09080b0a06050407030201000c0f0e0d
skinny128.S: ^
skinny128.S: skinny128.S:156:2: note: while in macro instantiation
skinny128.S: prepare_encrypt
skinny128.S: ^
skinny128.S: <instantiation>:5:12: error: literal value out of range for directive
skinny128.S: ...

Number of similar (compiler,implementation) pairs: 1, namely:

Compiler	Implementations
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	aadomn/armv8a/onthefly

Compiler output

Implementation: aadomn/armv8a/precalculate
Security model: constbranchindex
Compiler: clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

skinny128.S: <instantiation>:1:11: error: literal value out of range for directive
skinny128.S: ldr q21, =0x00000000000000020000000000000000
skinny128.S: ^
skinny128.S: skinny128.S:113:2: note: while in macro instantiation
skinny128.S: prepare_encrypt
skinny128.S: ^
skinny128.S: <instantiation>:2:12: error: literal value out of range for directive
skinny128.S: ldr q22, =0x0f0e0d0c0a0b09080304060205000701
skinny128.S: ^
skinny128.S: skinny128.S:113:2: note: while in macro instantiation
skinny128.S: prepare_encrypt
skinny128.S: ^
skinny128.S: <instantiation>:3:12: error: literal value out of range for directive
skinny128.S: ldr q23, =0x09080b0a06050407030201000c0f0e0d
skinny128.S: ^
skinny128.S: skinny128.S:113:2: note: while in macro instantiation
skinny128.S: prepare_encrypt
skinny128.S: ^
skinny128.S: <instantiation>:4:12: error: literal value out of range for directive
skinny128.S: ldr q24, =0x0302010009080b0a1010101009080b0a
skinny128.S: ^
skinny128.S: skinny128.S:113:2: note: while in macro instantiation
skinny128.S: prepare_encrypt
skinny128.S: ^
skinny128.S: <instantiation>:6:12: error: literal value out of range for directive
skinny128.S: ...

Number of similar (compiler,implementation) pairs: 1, namely:

Compiler	Implementations
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	aadomn/armv8a/precalculate