Implementation notes: amd64, hydra5, crypto_kem/saber2

Computer: hydra5
Microarchitecture: amd64; K10 32nm (300f10)
Architecture: amd64
CPU ID: AuthenticAMD-00300f10-178bfbff
SUPERCOP version: 20240425
Operation: crypto_kem
Primitive: saber2

Compiler output

Implementation: T:avx2
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
SABER_indcpa.c: In file included from SABER_indcpa.c:9:
SABER_indcpa.c: In file included from ././polymul/toom-cook_4way.c:6:
SABER_indcpa.c: ././polymul/scm_avx.c:40:13: warning: AVX vector argument of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI [-Wpsabi]
SABER_indcpa.c: c_avx[0] = mul_add(a0, b0, c_avx[0]);
SABER_indcpa.c: ^
SABER_indcpa.c: ././polymul/scm_avx.c:43:9: error: always_inline function '_mm256_mullo_epi16' requires target feature 'avx2', but would be inlined into function 'schoolbook_avx_new3_acc' that is compiled without support for 'avx2'
SABER_indcpa.c: temp = _mm256_mullo_epi16 (a0, b1);
SABER_indcpa.c: ^
SABER_indcpa.c: ././polymul/scm_avx.c:43:9: error: AVX vector argument of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
SABER_indcpa.c: ././polymul/scm_avx.c:44:7: warning: AVX vector argument of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI [-Wpsabi]
SABER_indcpa.c: temp=mul_add(a1, b0, temp);
SABER_indcpa.c: ^
SABER_indcpa.c: ././polymul/scm_avx.c:45:13: error: always_inline function '_mm256_add_epi16' requires target feature 'avx2', but would be inlined into function 'schoolbook_avx_new3_acc' that is compiled without support for 'avx2'
SABER_indcpa.c: c_avx[1] = _mm256_add_epi16(temp, c_avx[1]);
SABER_indcpa.c: ^
SABER_indcpa.c: ././polymul/scm_avx.c:45:13: error: AVX vector argument of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
SABER_indcpa.c: ././polymul/scm_avx.c:48:9: error: always_inline function '_mm256_mullo_epi16' requires target feature 'avx2', but would be inlined into function 'schoolbook_avx_new3_acc' that is compiled without support for 'avx2'
SABER_indcpa.c: temp = _mm256_mullo_epi16 (a0, b2);
SABER_indcpa.c: ^
SABER_indcpa.c: ././polymul/scm_avx.c:48:9: error: AVX vector argument of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
SABER_indcpa.c: ././polymul/scm_avx.c:49:9: warning: AVX vector argument of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI [-Wpsabi]
SABER_indcpa.c: temp = mul_add(a1, b1, temp);
SABER_indcpa.c: ^
SABER_indcpa.c: ././polymul/scm_avx.c:50:7: warning: AVX vector argument of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI [-Wpsabi]
SABER_indcpa.c: temp=mul_add(a2, b0, temp);
SABER_indcpa.c: ...

Number of similar (compiler,implementation) pairs: 5, namely:
CompilerImplementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:avx2
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:avx2
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:avx2
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:avx2
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:avx2

Compiler output

Implementation: T:avx2
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE
SABER_indcpa.c: In file included from ./polymul/toom-cook_4way.c:6,
SABER_indcpa.c: from SABER_indcpa.c:9:
SABER_indcpa.c: ./polymul/scm_avx.c: In function 'mul_add':
SABER_indcpa.c: ./polymul/scm_avx.c:6:1: warning: AVX vector return without AVX enabled changes the ABI [-Wpsabi]
SABER_indcpa.c: 6 | inline __m256i mul_add(__m256i a, __m256i b, __m256i c) {
SABER_indcpa.c: | ^~~~~~
SABER_indcpa.c: ./polymul/scm_avx.c:6:16: note: the ABI for passing parameters with 32-byte alignment has changed in GCC 4.6
SABER_indcpa.c: 6 | inline __m256i mul_add(__m256i a, __m256i b, __m256i c) {
SABER_indcpa.c: | ^~~~~~~
SABER_indcpa.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/11/include/immintrin.h:47,
SABER_indcpa.c: from SABER_indcpa.h:4,
SABER_indcpa.c: from SABER_indcpa.c:5:
SABER_indcpa.c: /usr/lib/gcc/x86_64-linux-gnu/11/include/avx2intrin.h:112:1: error: inlining failed in call to 'always_inline' '_mm256_add_epi16': target specific option mismatch
SABER_indcpa.c: 112 | _mm256_add_epi16 (__m256i __A, __m256i __B)
SABER_indcpa.c: | ^~~~~~~~~~~~~~~~
SABER_indcpa.c: In file included from ./polymul/toom-cook_4way.c:6,
SABER_indcpa.c: from SABER_indcpa.c:9:
SABER_indcpa.c: ./polymul/scm_avx.c:7:12: note: called from here
SABER_indcpa.c: 7 | return _mm256_add_epi16(_mm256_mullo_epi16(a, b), c);
SABER_indcpa.c: | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
SABER_indcpa.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/11/include/immintrin.h:47,
SABER_indcpa.c: from SABER_indcpa.h:4,
SABER_indcpa.c: from SABER_indcpa.c:5:
SABER_indcpa.c: /usr/lib/gcc/x86_64-linux-gnu/11/include/avx2intrin.h:553:1: error: inlining failed in call to 'always_inline' '_mm256_mullo_epi16': target specific option mismatch
SABER_indcpa.c: 553 | _mm256_mullo_epi16 (__m256i __A, __m256i __B)
SABER_indcpa.c: ...

Number of similar (compiler,implementation) pairs: 4, namely:
CompilerImplementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:avx2
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:avx2
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE T:avx2
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE T:avx2

Compiler output

Implementation: T:avx2_nttmul
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
poly.c: poly.c:31:26: error: always_inline function '_mm256_set1_epi16' requires target feature 'avx', but would be inlined into function 'nttmul_poly_crt' that is compiled without support for 'avx'
poly.c: const __m256i u_pinv = _mm256_set1_epi16(CRT_U_PINV);
poly.c: ^
poly.c: poly.c:31:26: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
poly.c: poly.c:32:21: error: always_inline function '_mm256_set1_epi16' requires target feature 'avx', but would be inlined into function 'nttmul_poly_crt' that is compiled without support for 'avx'
poly.c: const __m256i u = _mm256_set1_epi16(CRT_U);
poly.c: ^
poly.c: poly.c:32:21: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
poly.c: poly.c:33:22: error: always_inline function '_mm256_load_si256' requires target feature 'avx', but would be inlined into function 'nttmul_poly_crt' that is compiled without support for 'avx'
poly.c: const __m256i p0 = _mm256_load_si256((__m256i *)&PDATA0[_16XP]);
poly.c: ^
poly.c: poly.c:33:22: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
poly.c: poly.c:34:22: error: always_inline function '_mm256_load_si256' requires target feature 'avx', but would be inlined into function 'nttmul_poly_crt' that is compiled without support for 'avx'
poly.c: const __m256i p1 = _mm256_load_si256((__m256i *)&PDATA1[_16XP]);
poly.c: ^
poly.c: poly.c:34:22: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
poly.c: poly.c:35:23: error: always_inline function '_mm256_set1_epi16' requires target feature 'avx', but would be inlined into function 'nttmul_poly_crt' that is compiled without support for 'avx'
poly.c: const __m256i mod = _mm256_set1_epi16(KEM_Q-1);
poly.c: ^
poly.c: poly.c:35:23: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
poly.c: poly.c:36:30: error: always_inline function '_mm256_load_si256' requires target feature 'avx', but would be inlined into function 'nttmul_poly_crt' that is compiled without support for 'avx'
poly.c: const __m256i mont0_pinv = _mm256_load_si256((__m256i *)&PDATA0[_16XMONT_PINV]);
poly.c: ^
poly.c: poly.c:36:30: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
poly.c: poly.c:37:25: error: always_inline function '_mm256_load_si256' requires target feature 'avx', but would be inlined into function 'nttmul_poly_crt' that is compiled without support for 'avx'
poly.c: ...

Number of similar (compiler,implementation) pairs: 5, namely:
CompilerImplementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:avx2_nttmul
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:avx2_nttmul
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:avx2_nttmul
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:avx2_nttmul
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:avx2_nttmul

Compiler output

Implementation: T:avx2_nttmul
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE
poly.c: poly.c: In function 'mulmod':
poly.c: poly.c:7:1: warning: AVX vector return without AVX enabled changes the ABI [-Wpsabi]
poly.c: 7 | static inline __m256i mulmod(const __m256i a, const __m256i b_pinv, const __m256i b, const __m256i p) {
poly.c: | ^~~~~~
poly.c: poly.c:7:23: note: the ABI for passing parameters with 32-byte alignment has changed in GCC 4.6
poly.c: 7 | static inline __m256i mulmod(const __m256i a, const __m256i b_pinv, const __m256i b, const __m256i p) {
poly.c: | ^~~~~~
poly.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/11/include/immintrin.h:47,
poly.c: from poly.c:3:
poly.c: /usr/lib/gcc/x86_64-linux-gnu/11/include/avx2intrin.h:808:1: error: inlining failed in call to 'always_inline' '_mm256_sub_epi16': target specific option mismatch
poly.c: 808 | _mm256_sub_epi16 (__m256i __A, __m256i __B)
poly.c: | ^~~~~~~~~~~~~~~~
poly.c: poly.c:12:7: note: called from here
poly.c: 12 | t = _mm256_sub_epi16(u,t);
poly.c: | ^~~~~~~~~~~~~~~~~~~~~
poly.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/11/include/immintrin.h:47,
poly.c: from poly.c:3:
poly.c: /usr/lib/gcc/x86_64-linux-gnu/11/include/avx2intrin.h:546:1: error: inlining failed in call to 'always_inline' '_mm256_mulhi_epi16': target specific option mismatch
poly.c: 546 | _mm256_mulhi_epi16 (__m256i __A, __m256i __B)
poly.c: | ^~~~~~~~~~~~~~~~~~
poly.c: poly.c:11:7: note: called from here
poly.c: 11 | t = _mm256_mulhi_epi16(t,p);
poly.c: | ^~~~~~~~~~~~~~~~~~~~~~~
poly.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/11/include/immintrin.h:47,
poly.c: from poly.c:3:
poly.c: ...

Number of similar (compiler,implementation) pairs: 4, namely:
CompilerImplementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:avx2_nttmul
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:avx2_nttmul
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE T:avx2_nttmul
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE T:avx2_nttmul

Compiler output

Implementation: T:ref
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
try.c: /usr/bin/ld: libcrypto_kem_saber2.a(SABER_indcpa.o):(.bss+0x0): multiple definition of `clock1'; libcrypto_kem_saber2.a(kem.o):(.bss+0x0): first defined here
try.c: /usr/bin/ld: libcrypto_kem_saber2.a(SABER_indcpa.o):(.bss+0x8): multiple definition of `clock2'; libcrypto_kem_saber2.a(kem.o):(.bss+0x8): first defined here
try.c: /usr/bin/ld: libcrypto_kem_saber2.a(SABER_indcpa.o):(.bss+0x10): multiple definition of `clock_kp_mv'; libcrypto_kem_saber2.a(kem.o):(.bss+0x10): first defined here
try.c: /usr/bin/ld: libcrypto_kem_saber2.a(SABER_indcpa.o):(.bss+0x18): multiple definition of `clock_cl_mv'; libcrypto_kem_saber2.a(kem.o):(.bss+0x18): first defined here
try.c: /usr/bin/ld: libcrypto_kem_saber2.a(SABER_indcpa.o):(.bss+0x20): multiple definition of `clock_kp_sm'; libcrypto_kem_saber2.a(kem.o):(.bss+0x20): first defined here
try.c: /usr/bin/ld: libcrypto_kem_saber2.a(SABER_indcpa.o):(.bss+0x28): multiple definition of `clock_cl_sm'; libcrypto_kem_saber2.a(kem.o):(.bss+0x28): first defined here
try.c: clang: error: linker command failed with exit code 1 (use -v to see invocation)

Number of similar (compiler,implementation) pairs: 5, namely:
CompilerImplementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ref
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ref
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ref
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ref
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:ref

Compiler output

Implementation: T:ref
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE
try.c: /usr/bin/ld: libcrypto_kem_saber2.a(SABER_indcpa.o):(.bss+0x0): multiple definition of `clock_cl_sm'; libcrypto_kem_saber2.a(kem.o):(.bss+0x0): first defined here
try.c: /usr/bin/ld: libcrypto_kem_saber2.a(SABER_indcpa.o):(.bss+0x8): multiple definition of `clock_kp_sm'; libcrypto_kem_saber2.a(kem.o):(.bss+0x8): first defined here
try.c: /usr/bin/ld: libcrypto_kem_saber2.a(SABER_indcpa.o):(.bss+0x10): multiple definition of `clock_cl_mv'; libcrypto_kem_saber2.a(kem.o):(.bss+0x10): first defined here
try.c: /usr/bin/ld: libcrypto_kem_saber2.a(SABER_indcpa.o):(.bss+0x18): multiple definition of `clock_kp_mv'; libcrypto_kem_saber2.a(kem.o):(.bss+0x18): first defined here
try.c: /usr/bin/ld: libcrypto_kem_saber2.a(SABER_indcpa.o):(.bss+0x20): multiple definition of `clock2'; libcrypto_kem_saber2.a(kem.o):(.bss+0x20): first defined here
try.c: /usr/bin/ld: libcrypto_kem_saber2.a(SABER_indcpa.o):(.bss+0x28): multiple definition of `clock1'; libcrypto_kem_saber2.a(kem.o):(.bss+0x28): first defined here
try.c: collect2: error: ld returned 1 exit status

Number of similar (compiler,implementation) pairs: 4, namely:
CompilerImplementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ref
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ref
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ref
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ref