Implementation notes: amd64, gcc14, crypto_dh/gls254

Computer: gcc14
Architecture: amd64
CPU ID: GenuineIntel-00010676-bfebfbff
SUPERCOP version: 20220506
Operation: crypto_dh
Primitive: gls254

Compiler output

Implementation: T:opt
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
dh.c: In file included from dh.c:10:
dh.c: ./ffa.h:94:5: error: '__builtin_ia32_pclmulqdq128' needs target feature pclmul
dh.c: low_kts_stp(op00,op10,k00,k02,op01,op11,r00,r01,r02,0x00); /* a0xb0 */
dh.c: ^
dh.c: ./ffa.h:62:11: note: expanded from macro 'low_kts_stp'
dh.c: re0 = _mm_clmulepi64_si128(op0, op1, ord);\
dh.c: ^
dh.c: /usr/lib/llvm-3.8/bin/../lib/clang/3.8.1/include/__wmmintrin_pclmul.h:27:13: note: expanded from macro '_mm_clmulepi64_si128'
dh.c: ((__m128i)__builtin_ia32_pclmulqdq128((__v2di)(__m128i)(__X), \
dh.c: ^
dh.c: In file included from dh.c:10:
dh.c: ./ffa.h:94:5: error: '__builtin_ia32_pclmulqdq128' needs target feature pclmul
dh.c: ./ffa.h:63:11: note: expanded from macro 'low_kts_stp'
dh.c: re1 = _mm_clmulepi64_si128(op2, op3, ord);\
dh.c: ^
dh.c: /usr/lib/llvm-3.8/bin/../lib/clang/3.8.1/include/__wmmintrin_pclmul.h:27:13: note: expanded from macro '_mm_clmulepi64_si128'
dh.c: ((__m128i)__builtin_ia32_pclmulqdq128((__v2di)(__m128i)(__X), \
dh.c: ^
dh.c: In file included from dh.c:10:
dh.c: ./ffa.h:94:5: error: '__builtin_ia32_pclmulqdq128' needs target feature pclmul
dh.c: ./ffa.h:64:11: note: expanded from macro 'low_kts_stp'
dh.c: re2 = _mm_clmulepi64_si128(op4, op5, ord);\
dh.c: ^
dh.c: /usr/lib/llvm-3.8/bin/../lib/clang/3.8.1/include/__wmmintrin_pclmul.h:27:13: note: expanded from macro '_mm_clmulepi64_si128'
dh.c: ((__m128i)__builtin_ia32_pclmulqdq128((__v2di)(__m128i)(__X), \
dh.c: ...

Number of similar (compiler,implementation) pairs: 5, namely:
CompilerImplementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:opt
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:opt
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:opt
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:opt
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:opt

Compiler output

Implementation: T:opt
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE
dh.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/6/include/x86intrin.h:45:0,
dh.c: from lib.h:2,
dh.c: from dh.c:2:
dh.c: ffa.h: In function 'low_mul':
dh.c: /usr/lib/gcc/x86_64-linux-gnu/6/include/wmmintrin.h:116:1: error: inlining failed in call to always_inline '_mm_clmulepi64_si128': target specific option mismatch
dh.c: _mm_clmulepi64_si128 (__m128i __X, __m128i __Y, const int __I)
dh.c: ^~~~~~~~~~~~~~~~~~~~
dh.c: In file included from dh.c:10:0:
dh.c: ffa.h:64:9: note: called from here
dh.c: re2 = _mm_clmulepi64_si128(op4, op5, ord);\
dh.c: ^
dh.c: ffa.h:96:5: note: in expansion of macro 'low_kts_stp'
dh.c: low_kts_stp(op00,op10,k00,k02,op01,op11,r20,r21,r22,0x11); /* a1xb1 */
dh.c: ^~~~~~~~~~~
dh.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/6/include/x86intrin.h:45:0,
dh.c: from lib.h:2,
dh.c: from dh.c:2:
dh.c: /usr/lib/gcc/x86_64-linux-gnu/6/include/wmmintrin.h:116:1: error: inlining failed in call to always_inline '_mm_clmulepi64_si128': target specific option mismatch
dh.c: _mm_clmulepi64_si128 (__m128i __X, __m128i __Y, const int __I)
dh.c: ^~~~~~~~~~~~~~~~~~~~
dh.c: In file included from dh.c:10:0:
dh.c: ffa.h:63:9: note: called from here
dh.c: re1 = _mm_clmulepi64_si128(op2, op3, ord);\
dh.c: ^
dh.c: ffa.h:96:5: note: in expansion of macro 'low_kts_stp'
dh.c: ...

Number of similar (compiler,implementation) pairs: 4, namely:
CompilerImplementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:opt
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:opt
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE T:opt
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE T:opt

Compiler output

Implementation: T:prot
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
dh.c: In file included from dh.c:7:
dh.c: ./low.incl:26:2: error: '__builtin_ia32_pclmulqdq128' needs target feature pclmul
dh.c: MUL4(m1, m0, ma, mb);
dh.c: ^
dh.c: ./gls254.h:155:7: note: expanded from macro 'MUL4'
dh.c: r0 = _mm_clmulepi64_si128(ma, mb, 0x00);\
dh.c: ^
dh.c: /usr/lib/llvm-3.8/bin/../lib/clang/3.8.1/include/__wmmintrin_pclmul.h:27:13: note: expanded from macro '_mm_clmulepi64_si128'
dh.c: ((__m128i)__builtin_ia32_pclmulqdq128((__v2di)(__m128i)(__X), \
dh.c: ^
dh.c: In file included from dh.c:7:
dh.c: ./low.incl:26:2: error: '__builtin_ia32_pclmulqdq128' needs target feature pclmul
dh.c: ./gls254.h:156:7: note: expanded from macro 'MUL4'
dh.c: r1 = _mm_clmulepi64_si128(ma, mb, 0x11);\
dh.c: ^
dh.c: /usr/lib/llvm-3.8/bin/../lib/clang/3.8.1/include/__wmmintrin_pclmul.h:27:13: note: expanded from macro '_mm_clmulepi64_si128'
dh.c: ((__m128i)__builtin_ia32_pclmulqdq128((__v2di)(__m128i)(__X), \
dh.c: ^
dh.c: In file included from dh.c:7:
dh.c: ./low.incl:26:2: error: '__builtin_ia32_pclmulqdq128' needs target feature pclmul
dh.c: ./gls254.h:157:7: note: expanded from macro 'MUL4'
dh.c: t0 = _mm_clmulepi64_si128(t0, t0, 0x10);\
dh.c: ^
dh.c: /usr/lib/llvm-3.8/bin/../lib/clang/3.8.1/include/__wmmintrin_pclmul.h:27:13: note: expanded from macro '_mm_clmulepi64_si128'
dh.c: ((__m128i)__builtin_ia32_pclmulqdq128((__v2di)(__m128i)(__X), \
dh.c: ...

Number of similar (compiler,implementation) pairs: 5, namely:
CompilerImplementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:prot
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:prot
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:prot
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:prot
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:prot

Compiler output

Implementation: T:prot
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE
dh.c: In file included from dh.c:9:0:
dh.c: scmul.incl: In function 'scmul_rand_wreg':
dh.c: scmul.incl:273:17: warning: implicit declaration of function 'types_cond_copy2' [-Wimplicit-function-declaration]
dh.c: types_cond_copy2(tab0, tab4, tabx, n1, n2);
dh.c: ^~~~~~~~~~~~~~~~
dh.c: scmul.incl:284:9: warning: implicit declaration of function 'types_cond_copy' [-Wimplicit-function-declaration]
dh.c: types_cond_copy(QX, tab0, o1);
dh.c: ^~~~~~~~~~~~~~~
dh.c: In file included from gls254.h:18:0,
dh.c: from dh.c:3:
dh.c: low.incl: In function 'low_mul':
dh.c: /usr/lib/gcc/x86_64-linux-gnu/6/include/wmmintrin.h:116:1: error: inlining failed in call to always_inline '_mm_clmulepi64_si128': target specific option mismatch
dh.c: _mm_clmulepi64_si128 (__m128i __X, __m128i __Y, const int __I)
dh.c: ^~~~~~~~~~~~~~~~~~~~
dh.c: In file included from dh.c:3:0:
dh.c: gls254.h:157:5: note: called from here
dh.c: t0 = _mm_clmulepi64_si128(t0, t0, 0x10);\
dh.c: ~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
dh.c: low.incl:26:2: note: in expansion of macro 'MUL4'
dh.c: MUL4(m1, m0, ma, mb);
dh.c: ^~~~
dh.c: In file included from gls254.h:18:0,
dh.c: from dh.c:3:
dh.c: /usr/lib/gcc/x86_64-linux-gnu/6/include/wmmintrin.h:116:1: error: inlining failed in call to always_inline '_mm_clmulepi64_si128': target specific option mismatch
dh.c: _mm_clmulepi64_si128 (__m128i __X, __m128i __Y, const int __I)
dh.c: ...

Number of similar (compiler,implementation) pairs: 4, namely:
CompilerImplementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:prot
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:prot
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE T:prot
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE T:prot

Compiler output

Implementation: T:ref
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
dh.c: In file included from dh.c:6:
dh.c: ./curves.incl:53:2: error: '__builtin_ia32_aeskeygenassist128' needs target feature aes
dh.c: STEP(k, t, tmp, 16*1, 0x01);
dh.c: ^
dh.c: ./gls254.h:272:6: note: expanded from macro 'STEP'
dh.c: t = _mm_aeskeygenassist_si128(k, rcon);\
dh.c: ^
dh.c: /usr/lib/llvm-3.8/bin/../lib/clang/3.8.1/include/__wmmintrin_aes.h:62:12: note: expanded from macro '_mm_aeskeygenassist_si128'
dh.c: (__m128i)__builtin_ia32_aeskeygenassist128((__v2di)(__m128i)(C), (int)(R))
dh.c: ^
dh.c: In file included from dh.c:6:
dh.c: ./curves.incl:54:2: error: '__builtin_ia32_aeskeygenassist128' needs target feature aes
dh.c: STEP(k, t, tmp, 16*2, 0x02);
dh.c: ^
dh.c: ./gls254.h:272:6: note: expanded from macro 'STEP'
dh.c: t = _mm_aeskeygenassist_si128(k, rcon);\
dh.c: ^
dh.c: /usr/lib/llvm-3.8/bin/../lib/clang/3.8.1/include/__wmmintrin_aes.h:62:12: note: expanded from macro '_mm_aeskeygenassist_si128'
dh.c: (__m128i)__builtin_ia32_aeskeygenassist128((__v2di)(__m128i)(C), (int)(R))
dh.c: ^
dh.c: In file included from dh.c:6:
dh.c: ./curves.incl:55:2: error: '__builtin_ia32_aeskeygenassist128' needs target feature aes
dh.c: STEP(k, t, tmp, 16*3, 0x04);
dh.c: ^
dh.c: ./gls254.h:272:6: note: expanded from macro 'STEP'
dh.c: ...

Number of similar (compiler,implementation) pairs: 5, namely:
CompilerImplementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ref
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ref
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ref
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ref
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ref

Compiler output

Implementation: T:ref
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE
dh.c: In file included from gls254.h:18:0,
dh.c: from dh.c:3:
dh.c: curves.incl: In function 'AESkeyExp':
dh.c: /usr/lib/gcc/x86_64-linux-gnu/6/include/wmmintrin.h:87:1: error: inlining failed in call to always_inline '_mm_aeskeygenassist_si128': target specific option mismatch
dh.c: _mm_aeskeygenassist_si128 (__m128i __X, const int __C)
dh.c: ^~~~~~~~~~~~~~~~~~~~~~~~~
dh.c: In file included from dh.c:3:0:
dh.c: gls254.h:272:4: note: called from here
dh.c: t = _mm_aeskeygenassist_si128(k, rcon);\
dh.c:
dh.c: curves.incl:62:2: note: in expansion of macro 'STEP'
dh.c: STEP(k, t, tmp, 16*10, 0x36);
dh.c: ^~~~
dh.c: In file included from gls254.h:18:0,
dh.c: from dh.c:3:
dh.c: /usr/lib/gcc/x86_64-linux-gnu/6/include/wmmintrin.h:87:1: error: inlining failed in call to always_inline '_mm_aeskeygenassist_si128': target specific option mismatch
dh.c: _mm_aeskeygenassist_si128 (__m128i __X, const int __C)
dh.c: ^~~~~~~~~~~~~~~~~~~~~~~~~
dh.c: In file included from dh.c:3:0:
dh.c: gls254.h:272:4: note: called from here
dh.c: t = _mm_aeskeygenassist_si128(k, rcon);\
dh.c:
dh.c: curves.incl:61:2: note: in expansion of macro 'STEP'
dh.c: STEP(k, t, tmp, 16*9, 0x1b);
dh.c: ^~~~
dh.c: ...

Number of similar (compiler,implementation) pairs: 4, namely:
CompilerImplementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ref
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ref
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ref
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ref