Implementation notes: amd64, cel02, crypto_encrypt/ntruees1499ep1

Computer: cel02
Architecture: amd64
CPU ID: GenuineIntel-00050657-bfebfbff
SUPERCOP version: 20201130
Operation: crypto_encrypt
Primitive: ntruees1499ep1

Test failure

Implementation: T:ref
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE

error 111
crypto_encrypt returns nonzero

Number of similar (compiler,implementation) pairs: 4, namely:

Compiler	Implementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:ref
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:ref
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:ref
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:ref

Compiler output

Implementation: T:ref
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

ntru_crypto_ntru_mult_coeffs_karat.c: fatal error: error in backend: Cannot select: 0x55c7e7588510: v32i16 = X86ISD::VBROADCAST 0x55c7e7588050
ntru_crypto_ntru_mult_coeffs_karat.c: 0x55c7e7588050: i16,ch = CopyFromReg 0x55c7e74a4210, Register:i16 %vreg0
ntru_crypto_ntru_mult_coeffs_karat.c: 0x55c7e7587420: i16 = Register %vreg0
ntru_crypto_ntru_mult_coeffs_karat.c: In function: ntru_ring_mult_coefficients
ntru_crypto_ntru_mult_coeffs_karat.c: clang: error: clang frontend command failed with exit code 70 (use -v to see invocation)
ntru_crypto_ntru_mult_coeffs_karat.c: clang version 3.8.1-24 (tags/RELEASE_381/final)
ntru_crypto_ntru_mult_coeffs_karat.c: Target: x86_64-pc-linux-gnu
ntru_crypto_ntru_mult_coeffs_karat.c: Thread model: posix
ntru_crypto_ntru_mult_coeffs_karat.c: InstalledDir: /usr/bin
ntru_crypto_ntru_mult_coeffs_karat.c: clang: note: diagnostic msg: PLEASE submit a bug report to http://llvm.org/bugs/ and include the crash backtrace, preprocessed source, and associated run script.
ntru_crypto_ntru_mult_coeffs_karat.c: clang: note: diagnostic msg:
ntru_crypto_ntru_mult_coeffs_karat.c: ********************
ntru_crypto_ntru_mult_coeffs_karat.c:
ntru_crypto_ntru_mult_coeffs_karat.c: PLEASE ATTACH THE FOLLOWING FILES TO THE BUG REPORT:
ntru_crypto_ntru_mult_coeffs_karat.c: Preprocessed source(s) and associated run script(s) are located at:
ntru_crypto_ntru_mult_coeffs_karat.c: clang: note: diagnostic msg: /tmp/ntru_crypto_ntru_mult_coeffs_karat-67711c.c
ntru_crypto_ntru_mult_coeffs_karat.c: clang: note: diagnostic msg: /tmp/ntru_crypto_ntru_mult_coeffs_karat-67711c.sh
ntru_crypto_ntru_mult_coeffs_karat.c: clang: note: diagnostic msg:
ntru_crypto_ntru_mult_coeffs_karat.c:
ntru_crypto_ntru_mult_coeffs_karat.c: ********************

Number of similar (compiler,implementation) pairs: 1, namely:

Compiler	Implementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:ref

Compiler output

Implementation: T:ref
Security model: timingleaks
Compiler: clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

ntru_crypto_ntru_mult_coeffs_karat.c: fatal error: error in backend: Cannot select: 0x562487e85340: v32i16 = X86ISD::VBROADCAST 0x562487e84e80
ntru_crypto_ntru_mult_coeffs_karat.c: 0x562487e84e80: i16,ch = CopyFromReg 0x562487d932a0, Register:i16 %vreg0
ntru_crypto_ntru_mult_coeffs_karat.c: 0x562487e52d90: i16 = Register %vreg0
ntru_crypto_ntru_mult_coeffs_karat.c: In function: ntru_ring_mult_coefficients
ntru_crypto_ntru_mult_coeffs_karat.c: clang: error: clang frontend command failed with exit code 70 (use -v to see invocation)
ntru_crypto_ntru_mult_coeffs_karat.c: clang version 3.8.1-24 (tags/RELEASE_381/final)
ntru_crypto_ntru_mult_coeffs_karat.c: Target: x86_64-pc-linux-gnu
ntru_crypto_ntru_mult_coeffs_karat.c: Thread model: posix
ntru_crypto_ntru_mult_coeffs_karat.c: InstalledDir: /usr/bin
ntru_crypto_ntru_mult_coeffs_karat.c: clang: note: diagnostic msg: PLEASE submit a bug report to http://llvm.org/bugs/ and include the crash backtrace, preprocessed source, and associated run script.
ntru_crypto_ntru_mult_coeffs_karat.c: clang: note: diagnostic msg:
ntru_crypto_ntru_mult_coeffs_karat.c: ********************
ntru_crypto_ntru_mult_coeffs_karat.c:
ntru_crypto_ntru_mult_coeffs_karat.c: PLEASE ATTACH THE FOLLOWING FILES TO THE BUG REPORT:
ntru_crypto_ntru_mult_coeffs_karat.c: Preprocessed source(s) and associated run script(s) are located at:
ntru_crypto_ntru_mult_coeffs_karat.c: clang: note: diagnostic msg: /tmp/ntru_crypto_ntru_mult_coeffs_karat-062eaa.c
ntru_crypto_ntru_mult_coeffs_karat.c: clang: note: diagnostic msg: /tmp/ntru_crypto_ntru_mult_coeffs_karat-062eaa.sh
ntru_crypto_ntru_mult_coeffs_karat.c: clang: note: diagnostic msg:
ntru_crypto_ntru_mult_coeffs_karat.c:
ntru_crypto_ntru_mult_coeffs_karat.c: ********************

Number of similar (compiler,implementation) pairs: 1, namely:

Compiler	Implementations
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:ref

Compiler output

Implementation: T:ref
Security model: timingleaks
Compiler: clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

ntru_crypto_ntru_mult_coeffs_karat.c: fatal error: error in backend: Cannot select: 0x560668aac3a0: v32i16 = X86ISD::VBROADCAST 0x560668aabee0
ntru_crypto_ntru_mult_coeffs_karat.c: 0x560668aabee0: i16,ch = CopyFromReg 0x5606689e8200, Register:i16 %vreg0
ntru_crypto_ntru_mult_coeffs_karat.c: 0x560668aa00c0: i16 = Register %vreg0
ntru_crypto_ntru_mult_coeffs_karat.c: In function: ntru_ring_mult_coefficients
ntru_crypto_ntru_mult_coeffs_karat.c: clang: error: clang frontend command failed with exit code 70 (use -v to see invocation)
ntru_crypto_ntru_mult_coeffs_karat.c: clang version 3.8.1-24 (tags/RELEASE_381/final)
ntru_crypto_ntru_mult_coeffs_karat.c: Target: x86_64-pc-linux-gnu
ntru_crypto_ntru_mult_coeffs_karat.c: Thread model: posix
ntru_crypto_ntru_mult_coeffs_karat.c: InstalledDir: /usr/bin
ntru_crypto_ntru_mult_coeffs_karat.c: clang: note: diagnostic msg: PLEASE submit a bug report to http://llvm.org/bugs/ and include the crash backtrace, preprocessed source, and associated run script.
ntru_crypto_ntru_mult_coeffs_karat.c: clang: note: diagnostic msg:
ntru_crypto_ntru_mult_coeffs_karat.c: ********************
ntru_crypto_ntru_mult_coeffs_karat.c:
ntru_crypto_ntru_mult_coeffs_karat.c: PLEASE ATTACH THE FOLLOWING FILES TO THE BUG REPORT:
ntru_crypto_ntru_mult_coeffs_karat.c: Preprocessed source(s) and associated run script(s) are located at:
ntru_crypto_ntru_mult_coeffs_karat.c: clang: note: diagnostic msg: /tmp/ntru_crypto_ntru_mult_coeffs_karat-2961f2.c
ntru_crypto_ntru_mult_coeffs_karat.c: clang: note: diagnostic msg: /tmp/ntru_crypto_ntru_mult_coeffs_karat-2961f2.sh
ntru_crypto_ntru_mult_coeffs_karat.c: clang: note: diagnostic msg:
ntru_crypto_ntru_mult_coeffs_karat.c:
ntru_crypto_ntru_mult_coeffs_karat.c: ********************

Number of similar (compiler,implementation) pairs: 1, namely:

Compiler	Implementations
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:ref

Compiler output

Implementation: T:ref
Security model: timingleaks
Compiler: clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

ntru_crypto_sha1.c: ntru_crypto_sha1.c:83:33: warning: '&' within '^' [-Wbitwise-op-parentheses]
ntru_crypto_sha1.c: E += RL(A, 5) + K00_19 + (B & (C ^ D) ^ D) + data[ 0]; B = RL(B, 30);
ntru_crypto_sha1.c: ~~^~~~~~~~~ ~
ntru_crypto_sha1.c: ntru_crypto_sha1.c:83:33: note: place parentheses around the '&' expression to silence this warning
ntru_crypto_sha1.c: E += RL(A, 5) + K00_19 + (B & (C ^ D) ^ D) + data[ 0]; B = RL(B, 30);
ntru_crypto_sha1.c: ^
ntru_crypto_sha1.c: ( )
ntru_crypto_sha1.c: ntru_crypto_sha1.c:84:33: warning: '&' within '^' [-Wbitwise-op-parentheses]
ntru_crypto_sha1.c: D += RL(E, 5) + K00_19 + (A & (B ^ C) ^ C) + data[ 1]; A = RL(A, 30);
ntru_crypto_sha1.c: ~~^~~~~~~~~ ~
ntru_crypto_sha1.c: ntru_crypto_sha1.c:84:33: note: place parentheses around the '&' expression to silence this warning
ntru_crypto_sha1.c: D += RL(E, 5) + K00_19 + (A & (B ^ C) ^ C) + data[ 1]; A = RL(A, 30);
ntru_crypto_sha1.c: ^
ntru_crypto_sha1.c: ( )
ntru_crypto_sha1.c: ntru_crypto_sha1.c:85:33: warning: '&' within '^' [-Wbitwise-op-parentheses]
ntru_crypto_sha1.c: C += RL(D, 5) + K00_19 + (E & (A ^ B) ^ B) + data[ 2]; E = RL(E, 30);
ntru_crypto_sha1.c: ~~^~~~~~~~~ ~
ntru_crypto_sha1.c: ntru_crypto_sha1.c:85:33: note: place parentheses around the '&' expression to silence this warning
ntru_crypto_sha1.c: C += RL(D, 5) + K00_19 + (E & (A ^ B) ^ B) + data[ 2]; E = RL(E, 30);
ntru_crypto_sha1.c: ^
ntru_crypto_sha1.c: ( )
ntru_crypto_sha1.c: ntru_crypto_sha1.c:86:33: warning: '&' within '^' [-Wbitwise-op-parentheses]
ntru_crypto_sha1.c: B += RL(C, 5) + K00_19 + (D & (E ^ A) ^ A) + data[ 3]; D = RL(D, 30);
ntru_crypto_sha1.c: ~~^~~~~~~~~ ~
ntru_crypto_sha1.c: ntru_crypto_sha1.c:86:33: note: place parentheses around the '&' expression to silence this warning
ntru_crypto_sha1.c: ...

Number of similar (compiler,implementation) pairs: 1, namely:

Compiler	Implementations
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:ref

Compiler output

Implementation: T:ref
Security model: timingleaks
Compiler: clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

ntru_crypto_ntru_mult_coeffs_simd.c: ntru_crypto_ntru_mult_coeffs_simd.c:62:15: error: '__builtin_ia32_palignr128' needs target feature ssse3
ntru_crypto_ntru_mult_coeffs_simd.c: cur = _mm_alignr_epi8(next, cur, 2);
ntru_crypto_ntru_mult_coeffs_simd.c: ^
ntru_crypto_ntru_mult_coeffs_simd.c: /usr/lib/llvm-3.8/bin/../lib/clang/3.8.1/include/tmmintrin.h:69:12: note: expanded from macro '_mm_alignr_epi8'
ntru_crypto_ntru_mult_coeffs_simd.c: (__m128i)__builtin_ia32_palignr128((__v16qi)(__m128i)(a), \
ntru_crypto_ntru_mult_coeffs_simd.c: ^
ntru_crypto_ntru_mult_coeffs_simd.c: 1 error generated.

Number of similar (compiler,implementation) pairs: 1, namely:

Compiler	Implementations
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	T:ref