Implementation notes: amd64, hydra4, crypto_kem/kyber90s768
Computer: hydra4
Microarchitecture: amd64; K10 32nm (300f10)
Architecture: amd64
CPU ID: AuthenticAMD-00300f10-178bfbff
SUPERCOP version: 20240625
Operation: crypto_kem
Primitive: kyber90s768
Time | Object size | Test size | Implementation | Compiler | Benchmark date | SUPERCOP version |
1303990 | 62486 0 0 | 81952 820 1720 | ref | clang_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall | 20240708 | 20240625 |
1318586 | 52022 0 0 | 70656 820 1720 | ref | clang_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall | 20240708 | 20240625 |
1321140 | 62358 0 0 | 81824 820 1720 | ref | clang_-mcpu=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall | 20240708 | 20240625 |
1357299 | 41625 0 0 | 58374 812 1720 | ref | clang_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall | 20240708 | 20240625 |
1476334 | 43114 0 0 | 61768 788 1752 | ref | gcc_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall | 20240708 | 20240625 |
1477975 | 58696 0 0 | 78456 788 1752 | ref | gcc_-march=native_-mtune=native_-O3_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall | 20240708 | 20240625 |
1518229 | 41821 0 0 | 59512 788 1752 | ref | gcc_-march=native_-mtune=native_-O_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall | 20240708 | 20240625 |
1572436 | 42645 0 0 | 60198 812 1720 | ref | clang_-march=native_-O_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall | 20240708 | 20240625 |
2144145 | 40199 0 0 | 56624 780 1720 | ref | gcc_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall | 20240708 | 20240625 |
Compiler output
aes256ctr.c: aes256ctr.c:90:3: error: '__builtin_ia32_aeskeygenassist128' needs target feature aes
aes256ctr.c: BLOCK1(0x01);
aes256ctr.c: ^
aes256ctr.c: aes256ctr.c:71:11: note: expanded from macro 'BLOCK1'
aes256ctr.c: temp1 = _mm_aeskeygenassist_si128(temp2, IMM); \
aes256ctr.c: ^
aes256ctr.c: /usr/lib/llvm-11/lib/clang/11.0.1/include/__wmmintrin_aes.h:136:12: note: expanded from macro '_mm_aeskeygenassist_si128'
aes256ctr.c: (__m128i)__builtin_ia32_aeskeygenassist128((__v2di)(__m128i)(C), (int)(R))
aes256ctr.c: ^
aes256ctr.c: aes256ctr.c:91:3: error: '__builtin_ia32_aeskeygenassist128' needs target feature aes
aes256ctr.c: BLOCK2(0x01);
aes256ctr.c: ^
aes256ctr.c: aes256ctr.c:81:11: note: expanded from macro 'BLOCK2'
aes256ctr.c: temp1 = _mm_aeskeygenassist_si128(temp0, IMM); \
aes256ctr.c: ^
aes256ctr.c: /usr/lib/llvm-11/lib/clang/11.0.1/include/__wmmintrin_aes.h:136:12: note: expanded from macro '_mm_aeskeygenassist_si128'
aes256ctr.c: (__m128i)__builtin_ia32_aeskeygenassist128((__v2di)(__m128i)(C), (int)(R))
aes256ctr.c: ^
aes256ctr.c: aes256ctr.c:93:3: error: '__builtin_ia32_aeskeygenassist128' needs target feature aes
aes256ctr.c: BLOCK1(0x02);
aes256ctr.c: ^
aes256ctr.c: aes256ctr.c:71:11: note: expanded from macro 'BLOCK1'
aes256ctr.c: temp1 = _mm_aeskeygenassist_si128(temp2, IMM); \
aes256ctr.c: ^
aes256ctr.c: /usr/lib/llvm-11/lib/clang/11.0.1/include/__wmmintrin_aes.h:136:12: note: expanded from macro '_mm_aeskeygenassist_si128'
aes256ctr.c: ...
Number of similar (implementation,compiler) pairs: 5, namely:
Implementation | Compiler |
avx2 | clang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1) |
avx2 | clang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1) |
avx2 | clang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1) |
avx2 | clang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1) |
avx2 | clang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1) |
Compiler output
aes256ctr.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/10/include/immintrin.h:35,
aes256ctr.c: from aes256ctr.c:8:
aes256ctr.c: aes256ctr.c: In function 'aesni_encrypt4':
aes256ctr.c: /usr/lib/gcc/x86_64-linux-gnu/10/include/tmmintrin.h:136:1: error: inlining failed in call to 'always_inline' '_mm_shuffle_epi8': target specific option mismatch
aes256ctr.c: 136 | _mm_shuffle_epi8 (__m128i __X, __m128i __Y)
aes256ctr.c: | ^~~~~~~~~~~~~~~~
aes256ctr.c: aes256ctr.c:23:8: note: called from here
aes256ctr.c: 23 | f3 = _mm_shuffle_epi8(_mm_add_epi64(f,_mm_set_epi64x(3,0)),idx);
aes256ctr.c: | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
aes256ctr.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/10/include/immintrin.h:35,
aes256ctr.c: from aes256ctr.c:8:
aes256ctr.c: /usr/lib/gcc/x86_64-linux-gnu/10/include/tmmintrin.h:136:1: error: inlining failed in call to 'always_inline' '_mm_shuffle_epi8': target specific option mismatch
aes256ctr.c: 136 | _mm_shuffle_epi8 (__m128i __X, __m128i __Y)
aes256ctr.c: | ^~~~~~~~~~~~~~~~
aes256ctr.c: aes256ctr.c:22:8: note: called from here
aes256ctr.c: 22 | f2 = _mm_shuffle_epi8(_mm_add_epi64(f,_mm_set_epi64x(2,0)),idx);
aes256ctr.c: | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
aes256ctr.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/10/include/immintrin.h:35,
aes256ctr.c: from aes256ctr.c:8:
aes256ctr.c: /usr/lib/gcc/x86_64-linux-gnu/10/include/tmmintrin.h:136:1: error: inlining failed in call to 'always_inline' '_mm_shuffle_epi8': target specific option mismatch
aes256ctr.c: 136 | _mm_shuffle_epi8 (__m128i __X, __m128i __Y)
aes256ctr.c: | ^~~~~~~~~~~~~~~~
aes256ctr.c: aes256ctr.c:21:8: note: called from here
aes256ctr.c: 21 | f1 = _mm_shuffle_epi8(_mm_add_epi64(f,_mm_set_epi64x(1,0)),idx);
aes256ctr.c: | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
aes256ctr.c: ...
Number of similar (implementation,compiler) pairs: 4, namely:
Implementation | Compiler |
avx2 | gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110) |
avx2 | gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110) |
avx2 | gcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110) |
avx2 | gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110) |
TIMECOP error (can be valgrind bug)
error 111
Process terminating with default action of signal 4 (SIGILL)
Illegal opcode at address 0x40BACF
at 0x...: crypto_kem_kyber90s768_ref_constbranchindex_poly_frommsg (poly.c:176)
by 0x...: crypto_kem_kyber90s768_ref_constbranchindex_indcpa_enc (indcpa.c:271)
by 0x...: crypto_kem_kyber90s768_ref_constbranchindex_enc (kem.c:68)
by 0x...: test (try.c:141)
by 0x...: main (try-anything.c:345)
Number of similar (implementation,compiler) pairs: 1, namely:
Implementation | Compiler |
ref | clang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1) |
TIMECOP error (can be valgrind bug)
error 111
Process terminating with default action of signal 4 (SIGILL)
Illegal opcode at address 0x40BF27
at 0x...: crypto_kem_kyber90s768_ref_constbranchindex_poly_frommsg (poly.c:176)
by 0x...: crypto_kem_kyber90s768_ref_constbranchindex_indcpa_enc (indcpa.c:271)
by 0x...: crypto_kem_kyber90s768_ref_constbranchindex_enc (kem.c:68)
by 0x...: test (try.c:141)
by 0x...: main (try-anything.c:345)
Number of similar (implementation,compiler) pairs: 1, namely:
Implementation | Compiler |
ref | clang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1) |
TIMECOP error (can be valgrind bug)
error 111
Process terminating with default action of signal 4 (SIGILL)
Illegal opcode at address 0x40A80C
at 0x...: crypto_kem_kyber90s768_ref_constbranchindex_polyvec_compress (polyvec.c:56)
by 0x...: pack_ciphertext (indcpa.c:92)
by 0x...: crypto_kem_kyber90s768_ref_constbranchindex_indcpa_enc (indcpa.c:297)
by 0x...: crypto_kem_kyber90s768_ref_constbranchindex_enc (kem.c:68)
by 0x...: test (try.c:141)
by 0x...: main (try-anything.c:345)
Number of similar (implementation,compiler) pairs: 1, namely:
Implementation | Compiler |
ref | clang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1) |
Passed TIMECOP
TIMECOP iterations: 1
Number of similar (implementation,compiler) pairs: 6, namely:
Implementation | Compiler |
ref | clang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1) |
ref | clang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1) |
ref | gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110) |
ref | gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110) |
ref | gcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110) |
ref | gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110) |