Implementation notes: amd64, hertz, crypto_aead/grain128aeadv2

Computer: hertz
Microarchitecture: amd64; Zen 4 (a60f12)
Architecture: amd64
CPU ID: AuthenticAMD-00a60f12-178bfbff
SUPERCOP version: 20240716
Operation: crypto_aead
Primitive: grain128aeadv2

Time	Object size	Test size	Implementation	Compiler	Benchmark date	SUPERCOP version
110238	8234 0 0	23133 852 1096	`T:gf2`	`clang++_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240716	20240716
110523	41739 0 0	62691 860 1096	`T:avx512`	`clang++_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240716	20240716
111108	10830 0 0	25709 852 1096	`T:avx512`	`clang++_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240716	20240716
111328	39611 0 0	60579 860 1096	`T:gf2`	`clang++_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240716	20240716
112320	21888 0 0	42955 860 1096	`T:sse`	`clang++_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240716	20240716
112441	21888 0 0	42843 860 1096	`T:sse`	`clang++_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240716	20240716
112464	10902 0 0	25789 852 1096	`T:sse`	`clang++_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240716	20240716
118312	18695 0 0	39811 860 1096	`T:gf2`	`clang++_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240716	20240716
118780	20859 0 0	41963 860 1096	`T:avx512`	`clang++_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240716	20240716
135788	3693 0 0	17240 780 1096	`T:gf2`	`g++_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240716	20240716
140743	4072 0 0	17608 780 1096	`T:sse`	`g++_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240716	20240716
140868	9320 0 0	24453 804 1128	`T:gf2`	`g++_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240716	20240716
142258	4056 0 0	17592 780 1096	`T:avx512`	`g++_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240716	20240716
143619	13415 0 0	28549 804 1128	`T:sse`	`g++_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240716	20240716
147342	13000 0 0	28133 804 1128	`T:avx512`	`g++_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240716	20240716
252061	44626 0 0	65756 860 1096	`T:x64`	`clang++_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240716	20240716
269550	50955 0 0	71972 860 1096	`T:x64`	`clang++_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240716	20240716
300449	5175 0 0	20117 852 1096	`T:x64`	`clang++_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240716	20240716
332360	2569 0 0	16080 780 1096	`T:x64`	`g++_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240716	20240716
381188	7154 0 0	22285 804 1128	`T:x64`	`g++_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240716	20240716

Checksum failure

d0dd6234d89dbd95039a8c1c4e9e8f6fa0d58228afa4fda263447f76c3102a36

Number of similar (implementation,compiler) pairs: 1, namely:

Implementation	Compiler
`T:x64`	`g++ -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.2.0)`

Test failure

error 111
crypto_aead_encrypt is nondeterministic

Number of similar (implementation,compiler) pairs: 3, namely:

Implementation	Compiler
`T:avx512`	`g++ -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.2.0)`
`T:gf2`	`g++ -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.2.0)`
`T:sse`	`g++ -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.2.0)`

Compiler output

grain128aead-v2_opt.cpp: In function 'void grain_auth(grain_ctx*, u8*, int)',
grain128aead-v2_opt.cpp:     inlined from 'void grain_auth(grain_ctx*, u8*, int)' at grain128aead-v2_opt.cpp:248:20,
grain128aead-v2_opt.cpp:     inlined from 'int grain_aead_encdec(unsigned char*, long long unsigned int*, const unsigned char*, long long unsigned int, const unsigned char*, long long unsigned int, const unsigned char*, const unsigned char*) [with int to_decrypt = 0]' at grain128aead-v2_opt.cpp:413:12,
grain128aead-v2_opt.cpp:     inlined from 'int crypto_aead_grain128aeadv2_avx512_timingleaks_encrypt(unsigned char*, long long unsigned int*, const unsigned char*, long long unsigned int, const unsigned char*, long long unsigned int, const unsigned char*, const unsigned char*, const unsigned char*)' at grain128aead-v2_opt.cpp:504:29:
grain128aead-v2_opt.cpp: grain128aead-v2_opt.cpp:294:16: warning: 'grain.grain_ctx::A' is used uninitialized [-Wuninitialized]
grain128aead-v2_opt.cpp:   294 |         grain->A ^= ((*(u64*)(tmp + bytes)) << 1) ^ ((u64)tmp[bytes - 1] >> 7) ^ (((u64)_mm_cvtsi128_si64(reg)) << (65 - bits));
grain128aead-v2_opt.cpp:       |         ~~~~~~~^
grain128aead-v2_opt.cpp: grain128aead-v2_opt.cpp: In function 'int crypto_aead_grain128aeadv2_avx512_timingleaks_encrypt(unsigned char*, long long unsigned int*, const unsigned char*, long long unsigned int, const unsigned char*, long long unsigned int, const unsigned char*, const unsigned char*, const unsigned char*)':
grain128aead-v2_opt.cpp: grain128aead-v2_opt.cpp:383:19: note: 'grain' declared here
grain128aead-v2_opt.cpp:   383 |         grain_ctx grain;
grain128aead-v2_opt.cpp:       |                   ^~~~~
grain128aead-v2_opt.cpp: In function 'void grain_auth(grain_ctx*, u8*, int)',
grain128aead-v2_opt.cpp:     inlined from 'void grain_auth(grain_ctx*, u8*, int)' at grain128aead-v2_opt.cpp:248:20,
grain128aead-v2_opt.cpp:     inlined from 'int grain_aead_encdec(unsigned char*, long long unsigned int*, const unsigned char*, long long unsigned int, const unsigned char*, long long unsigned int, const unsigned char*, const unsigned char*) [with int to_decrypt = 1]' at grain128aead-v2_opt.cpp:413:12,
grain128aead-v2_opt.cpp:     inlined from 'int crypto_aead_grain128aeadv2_avx512_timingleaks_decrypt(unsigned char*, long long unsigned int*, unsigned char*, const unsigned char*, long long unsigned int, const unsigned char*, long long unsigned int, const unsigned char*, const unsigned char*)' at grain128aead-v2_opt.cpp:518:29:
grain128aead-v2_opt.cpp: grain128aead-v2_opt.cpp:294:16: warning: 'grain.grain_ctx::A' may be used uninitialized [-Wmaybe-uninitialized]
grain128aead-v2_opt.cpp:   294 |         grain->A ^= ((*(u64*)(tmp + bytes)) << 1) ^ ((u64)tmp[bytes - 1] >> 7) ^ (((u64)_mm_cvtsi128_si64(reg)) << (65 - bits));
grain128aead-v2_opt.cpp:       |         ~~~~~~~^
grain128aead-v2_opt.cpp: grain128aead-v2_opt.cpp: In function 'int crypto_aead_grain128aeadv2_avx512_timingleaks_decrypt(unsigned char*, long long unsigned int*, unsigned char*, const unsigned char*, long long unsigned int, const unsigned char*, long long unsigned int, const unsigned char*, const unsigned char*)':
grain128aead-v2_opt.cpp: grain128aead-v2_opt.cpp:383:19: note: 'grain' declared here
grain128aead-v2_opt.cpp:   383 |         grain_ctx grain;
grain128aead-v2_opt.cpp:       |                   ^~~~~

Number of similar (implementation,compiler) pairs: 2, namely:

Implementation	Compiler
`T:avx512`	`g++ -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.2.0)`
`T:avx512`	`g++ -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.2.0)`

Compiler output

grain128aead-v2_opt.cpp: In function 'void grain_auth(grain_ctx*, u8*, int)',
grain128aead-v2_opt.cpp:     inlined from 'void grain_auth(grain_ctx*, u8*, int)' at grain128aead-v2_opt.cpp:248:20,
grain128aead-v2_opt.cpp:     inlined from 'int grain_aead_encdec(unsigned char*, long long unsigned int*, const unsigned char*, long long unsigned int, const unsigned char*, long long unsigned int, const unsigned char*, const unsigned char*) [with int to_decrypt = 0]' at grain128aead-v2_opt.cpp:413:12,
grain128aead-v2_opt.cpp:     inlined from 'int crypto_aead_grain128aeadv2_gf2_timingleaks_encrypt(unsigned char*, long long unsigned int*, const unsigned char*, long long unsigned int, const unsigned char*, long long unsigned int, const unsigned char*, const unsigned char*, const unsigned char*)' at grain128aead-v2_opt.cpp:504:29:
grain128aead-v2_opt.cpp: grain128aead-v2_opt.cpp:294:16: warning: 'grain.grain_ctx::A' is used uninitialized [-Wuninitialized]
grain128aead-v2_opt.cpp:   294 |         grain->A ^= ((*(u64*)(tmp + bytes)) << 1) ^ ((u64)tmp[bytes - 1] >> 7) ^ (((u64)_mm_cvtsi128_si64(reg)) << (65 - bits));
grain128aead-v2_opt.cpp:       |         ~~~~~~~^
grain128aead-v2_opt.cpp: grain128aead-v2_opt.cpp: In function 'int crypto_aead_grain128aeadv2_gf2_timingleaks_encrypt(unsigned char*, long long unsigned int*, const unsigned char*, long long unsigned int, const unsigned char*, long long unsigned int, const unsigned char*, const unsigned char*, const unsigned char*)':
grain128aead-v2_opt.cpp: grain128aead-v2_opt.cpp:383:19: note: 'grain' declared here
grain128aead-v2_opt.cpp:   383 |         grain_ctx grain;
grain128aead-v2_opt.cpp:       |                   ^~~~~
grain128aead-v2_opt.cpp: In function 'void grain_auth(grain_ctx*, u8*, int)',
grain128aead-v2_opt.cpp:     inlined from 'void grain_auth(grain_ctx*, u8*, int)' at grain128aead-v2_opt.cpp:248:20,
grain128aead-v2_opt.cpp:     inlined from 'int grain_aead_encdec(unsigned char*, long long unsigned int*, const unsigned char*, long long unsigned int, const unsigned char*, long long unsigned int, const unsigned char*, const unsigned char*) [with int to_decrypt = 1]' at grain128aead-v2_opt.cpp:413:12,
grain128aead-v2_opt.cpp:     inlined from 'int crypto_aead_grain128aeadv2_gf2_timingleaks_decrypt(unsigned char*, long long unsigned int*, unsigned char*, const unsigned char*, long long unsigned int, const unsigned char*, long long unsigned int, const unsigned char*, const unsigned char*)' at grain128aead-v2_opt.cpp:518:29:
grain128aead-v2_opt.cpp: grain128aead-v2_opt.cpp:294:16: warning: 'grain.grain_ctx::A' may be used uninitialized [-Wmaybe-uninitialized]
grain128aead-v2_opt.cpp:   294 |         grain->A ^= ((*(u64*)(tmp + bytes)) << 1) ^ ((u64)tmp[bytes - 1] >> 7) ^ (((u64)_mm_cvtsi128_si64(reg)) << (65 - bits));
grain128aead-v2_opt.cpp:       |         ~~~~~~~^
grain128aead-v2_opt.cpp: grain128aead-v2_opt.cpp: In function 'int crypto_aead_grain128aeadv2_gf2_timingleaks_decrypt(unsigned char*, long long unsigned int*, unsigned char*, const unsigned char*, long long unsigned int, const unsigned char*, long long unsigned int, const unsigned char*, const unsigned char*)':
grain128aead-v2_opt.cpp: grain128aead-v2_opt.cpp:383:19: note: 'grain' declared here
grain128aead-v2_opt.cpp:   383 |         grain_ctx grain;
grain128aead-v2_opt.cpp:       |                   ^~~~~

Number of similar (implementation,compiler) pairs: 2, namely:

Implementation	Compiler
`T:gf2`	`g++ -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.2.0)`
`T:gf2`	`g++ -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.2.0)`

Compiler output

grain128aead-v2.c: grain128aead-v2.c:150:31: warning: argument 'sr' of type 'unsigned char[64]' with mismatched bound [-Warray-parameter]
grain128aead-v2.c:   150 | void auth_shift(unsigned char sr[64], unsigned char fb)
grain128aead-v2.c:       |                               ^
grain128aead-v2.c: ./grain128aead-v2.h:26:31: note: previously declared as 'unsigned char[32]' here
grain128aead-v2.c:    26 | void auth_shift(unsigned char sr[32], unsigned char fb);
grain128aead-v2.c:       |                               ^
grain128aead-v2.c: grain128aead-v2.c:426:21: warning: variable 'ac_cnt' set but not used [-Wunused-but-set-variable]
grain128aead-v2.c:   426 |         unsigned long long ac_cnt = 0;
grain128aead-v2.c:       |                            ^
grain128aead-v2.c: 2 warnings generated.

Number of similar (implementation,compiler) pairs: 3, namely:

Implementation	Compiler
`T:ref`	`clang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_18.1.3_(1ubuntu1))`
`T:ref`	`clang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_18.1.3_(1ubuntu1))`
`T:ref`	`clang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_18.1.3_(1ubuntu1))`

Compiler output

grain128aead-v2.c: grain128aead-v2.c:150:31: warning: argument 1 of type 'unsigned char[64]' with mismatched bound [-Warray-parameter=]
grain128aead-v2.c:   150 | void auth_shift(unsigned char sr[64], unsigned char fb)
grain128aead-v2.c:       |                 ~~~~~~~~~~~~~~^~~~~~
grain128aead-v2.c: In file included from grain128aead-v2.c:20:
grain128aead-v2.c: grain128aead-v2.h:26:31: note: previously declared as 'unsigned char[32]'
grain128aead-v2.c:    26 | void auth_shift(unsigned char sr[32], unsigned char fb);
grain128aead-v2.c:       |                 ~~~~~~~~~~~~~~^~~~~~
grain128aead-v2.c: grain128aead-v2.c: In function 'auth_shift':
grain128aead-v2.c: grain128aead-v2.c:155:11: warning: array subscript 63 is outside array bounds of 'unsigned char[32]' [-Warray-bounds=]
grain128aead-v2.c:   155 |         sr[63] = fb;
grain128aead-v2.c:       |         ~~^~~~
grain128aead-v2.c: grain128aead-v2.c:150:31: note: at offset 63 into object 'sr' of size [0, 32]
grain128aead-v2.c:   150 | void auth_shift(unsigned char sr[64], unsigned char fb)
grain128aead-v2.c:       |                 ~~~~~~~~~~~~~~^~~~~~
grain128aead-v2.c: grain128aead-v2.c:153:23: warning: '__builtin_memmove' forming offset [32, 62] is out of the bounds [0, 32] [-Warray-bounds=]
grain128aead-v2.c:   153 |                 sr[i] = sr[i+1];
grain128aead-v2.c:       |                 ~~~~~~^~~~~~~~~

Number of similar (implementation,compiler) pairs: 3, namely:

Implementation	Compiler
`T:ref`	`gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.2.0)`
`T:ref`	`gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.2.0)`
`T:ref`	`gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.2.0)`

Compiler output

grain128aead-v2_opt.cpp: In function 'void grain_auth(grain_ctx*, u8*, int)',
grain128aead-v2_opt.cpp:     inlined from 'void grain_auth(grain_ctx*, u8*, int)' at grain128aead-v2_opt.cpp:248:20,
grain128aead-v2_opt.cpp:     inlined from 'int grain_aead_encdec(unsigned char*, long long unsigned int*, const unsigned char*, long long unsigned int, const unsigned char*, long long unsigned int, const unsigned char*, const unsigned char*) [with int to_decrypt = 0]' at grain128aead-v2_opt.cpp:413:12,
grain128aead-v2_opt.cpp:     inlined from 'int crypto_aead_grain128aeadv2_sse_timingleaks_encrypt(unsigned char*, long long unsigned int*, const unsigned char*, long long unsigned int, const unsigned char*, long long unsigned int, const unsigned char*, const unsigned char*, const unsigned char*)' at grain128aead-v2_opt.cpp:504:29:
grain128aead-v2_opt.cpp: grain128aead-v2_opt.cpp:294:16: warning: 'grain.grain_ctx::A' is used uninitialized [-Wuninitialized]
grain128aead-v2_opt.cpp:   294 |         grain->A ^= ((*(u64*)(tmp + bytes)) << 1) ^ ((u64)tmp[bytes - 1] >> 7) ^ (((u64)_mm_cvtsi128_si64(reg)) << (65 - bits));
grain128aead-v2_opt.cpp:       |         ~~~~~~~^
grain128aead-v2_opt.cpp: grain128aead-v2_opt.cpp: In function 'int crypto_aead_grain128aeadv2_sse_timingleaks_encrypt(unsigned char*, long long unsigned int*, const unsigned char*, long long unsigned int, const unsigned char*, long long unsigned int, const unsigned char*, const unsigned char*, const unsigned char*)':
grain128aead-v2_opt.cpp: grain128aead-v2_opt.cpp:383:19: note: 'grain' declared here
grain128aead-v2_opt.cpp:   383 |         grain_ctx grain;
grain128aead-v2_opt.cpp:       |                   ^~~~~
grain128aead-v2_opt.cpp: In function 'void grain_auth(grain_ctx*, u8*, int)',
grain128aead-v2_opt.cpp:     inlined from 'void grain_auth(grain_ctx*, u8*, int)' at grain128aead-v2_opt.cpp:248:20,
grain128aead-v2_opt.cpp:     inlined from 'int grain_aead_encdec(unsigned char*, long long unsigned int*, const unsigned char*, long long unsigned int, const unsigned char*, long long unsigned int, const unsigned char*, const unsigned char*) [with int to_decrypt = 1]' at grain128aead-v2_opt.cpp:413:12,
grain128aead-v2_opt.cpp:     inlined from 'int crypto_aead_grain128aeadv2_sse_timingleaks_decrypt(unsigned char*, long long unsigned int*, unsigned char*, const unsigned char*, long long unsigned int, const unsigned char*, long long unsigned int, const unsigned char*, const unsigned char*)' at grain128aead-v2_opt.cpp:518:29:
grain128aead-v2_opt.cpp: grain128aead-v2_opt.cpp:294:16: warning: 'grain.grain_ctx::A' may be used uninitialized [-Wmaybe-uninitialized]
grain128aead-v2_opt.cpp:   294 |         grain->A ^= ((*(u64*)(tmp + bytes)) << 1) ^ ((u64)tmp[bytes - 1] >> 7) ^ (((u64)_mm_cvtsi128_si64(reg)) << (65 - bits));
grain128aead-v2_opt.cpp:       |         ~~~~~~~^
grain128aead-v2_opt.cpp: grain128aead-v2_opt.cpp: In function 'int crypto_aead_grain128aeadv2_sse_timingleaks_decrypt(unsigned char*, long long unsigned int*, unsigned char*, const unsigned char*, long long unsigned int, const unsigned char*, long long unsigned int, const unsigned char*, const unsigned char*)':
grain128aead-v2_opt.cpp: grain128aead-v2_opt.cpp:383:19: note: 'grain' declared here
grain128aead-v2_opt.cpp:   383 |         grain_ctx grain;
grain128aead-v2_opt.cpp:       |                   ^~~~~

Number of similar (implementation,compiler) pairs: 2, namely:

Implementation	Compiler
`T:sse`	`g++ -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.2.0)`
`T:sse`	`g++ -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.2.0)`