Implementation notes: amd64, hydra7, crypto_aead/hs1sivhiv2

Computer: hydra7
Microarchitecture: amd64; Sandy Bridge+AES (206a7)
Architecture: amd64
CPU ID: GenuineIntel-000206a7-bfebfbff
SUPERCOP version: 20240625
Operation: crypto_aead
Primitive: hs1sivhiv2

Time	Object size	Test size	Implementation	Compiler	Benchmark date	SUPERCOP version
20097	9884 0 0	31341 820 1088	`T:faster`	`gcc_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240626	20240625
20274	8224 0 0	27544 796 1056	`T:faster`	`gcc_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240626	20240625
22397	9061 0 0	29988 812 1088	`T:faster`	`gcc_-march=native_-mtune=native_-O_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240626	20240625
62246	7628 0 0	30781 820 1088	`T:ref`	`gcc_-march=native_-mtune=native_-O3_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240626	20240625
63285	6244 0 0	28133 820 1088	`T:ref`	`gcc_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240626	20240625
97203	6358 0 0	27821 820 1088	`T:ref`	`gcc_-march=native_-mtune=native_-O_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall`	20240626	20240625

Test failure

error 111
crypto_aead_decrypt allows trivial forgeries

Number of similar (implementation,compiler) pairs: 1, namely:

Implementation	Compiler
`T:ref`	`gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`

Compiler output

encrypt.c: encrypt.c:85: warning: "_bswap64" redefined
encrypt.c:    85 | #define _bswap64(a) __builtin_bswap64(a)
encrypt.c:       |
encrypt.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/11/include/x86gprintrin.h:33,
encrypt.c:                  from /usr/lib/gcc/x86_64-linux-gnu/11/include/immintrin.h:27,
encrypt.c:                  from encrypt.c:54:
encrypt.c: /usr/lib/gcc/x86_64-linux-gnu/11/include/ia32intrin.h:273: note: this is the location of the previous definition
encrypt.c:   273 | #define _bswap64(a)             __bswapq(a)
encrypt.c:       |
encrypt.c: encrypt.c:86: warning: "_bswap" redefined
encrypt.c:    86 | #define _bswap(a) __builtin_bswap(a)
encrypt.c:       |
encrypt.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/11/include/x86gprintrin.h:33,
encrypt.c:                  from /usr/lib/gcc/x86_64-linux-gnu/11/include/immintrin.h:27,
encrypt.c:                  from encrypt.c:54:
encrypt.c: /usr/lib/gcc/x86_64-linux-gnu/11/include/ia32intrin.h:307: note: this is the location of the previous definition
encrypt.c:   307 | #define _bswap(a)               __bswapd(a)
encrypt.c:       |
encrypt.c: encrypt.c:90:2: error: #error "This code requires AVX2 to work"
encrypt.c:    90 | #error "This code requires AVX2 to work"
encrypt.c:       |  ^~~~~
encrypt.c: encrypt.c: In function 'prf_hash2_3':
encrypt.c: encrypt.c:484:24: warning: unused variable 'ia1' [-Wunused-variable]
encrypt.c:   484 |       ALIGN32 uint64_t ia1[4];
encrypt.c:       |                        ^~~
encrypt.c: ...

Number of similar (implementation,compiler) pairs: 4, namely:

Implementation	Compiler
`T:dolbeau/amd64-avx2`	`gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`
`T:dolbeau/amd64-avx2`	`gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`
`T:dolbeau/amd64-avx2`	`gcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`
`T:dolbeau/amd64-avx2`	`gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`

Compiler output

encrypt.c: encrypt.c:85: warning: "_bswap64" redefined
encrypt.c:    85 | #define _bswap64(a) __builtin_bswap64(a)
encrypt.c:       |
encrypt.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/11/include/x86gprintrin.h:33,
encrypt.c:                  from /usr/lib/gcc/x86_64-linux-gnu/11/include/immintrin.h:27,
encrypt.c:                  from encrypt.c:54:
encrypt.c: /usr/lib/gcc/x86_64-linux-gnu/11/include/ia32intrin.h:273: note: this is the location of the previous definition
encrypt.c:   273 | #define _bswap64(a)             __bswapq(a)
encrypt.c:       |
encrypt.c: encrypt.c:86: warning: "_bswap" redefined
encrypt.c:    86 | #define _bswap(a) __builtin_bswap(a)
encrypt.c:       |
encrypt.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/11/include/x86gprintrin.h:33,
encrypt.c:                  from /usr/lib/gcc/x86_64-linux-gnu/11/include/immintrin.h:27,
encrypt.c:                  from encrypt.c:54:
encrypt.c: /usr/lib/gcc/x86_64-linux-gnu/11/include/ia32intrin.h:307: note: this is the location of the previous definition
encrypt.c:   307 | #define _bswap(a)               __bswapd(a)
encrypt.c:       |
encrypt.c: encrypt.c:90:2: error: #error "This code requires AVX512F to work"
encrypt.c:    90 | #error "This code requires AVX512F to work"
encrypt.c:       |  ^~~~~
encrypt.c: In file included from encrypt.c:195:
encrypt.c: encrypt.c: In function 'chacha_noxor368':
encrypt.c: c368.h:158:11: warning: unused variable 't_15' [-Wunused-variable]
encrypt.c:   158 |   __m512i t_15;
encrypt.c: ...

Number of similar (implementation,compiler) pairs: 4, namely:

Implementation	Compiler
`T:dolbeau/amd64-avx512`	`gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`
`T:dolbeau/amd64-avx512`	`gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`
`T:dolbeau/amd64-avx512`	`gcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`
`T:dolbeau/amd64-avx512`	`gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`

Compiler output

encrypt.c: In file included from encrypt.c:192:
encrypt.c: c256.h: In function 'chacha_noxor368':
encrypt.c: c256.h:110:27: warning: unused variable 't3' [-Wunused-variable]
encrypt.c:   110 |       __m128i t0, t1, t2, t3;                                           \
encrypt.c:       |                           ^~
encrypt.c: c256.h:129:26: note: in expansion of macro 'ONEQUAD_TRANSPOSE_NOXOR'
encrypt.c:   129 | #define ONEQUAD(a,b,c,d) ONEQUAD_TRANSPOSE_NOXOR(a,b,c,d)
encrypt.c:       |                          ^~~~~~~~~~~~~~~~~~~~~~~
encrypt.c: c256.h:131:5: note: in expansion of macro 'ONEQUAD'
encrypt.c:   131 |     ONEQUAD(0,1,2,3);
encrypt.c:       |     ^~~~~~~
encrypt.c: c256.h:110:23: warning: unused variable 't2' [-Wunused-variable]
encrypt.c:   110 |       __m128i t0, t1, t2, t3;                                           \
encrypt.c:       |                       ^~
encrypt.c: c256.h:129:26: note: in expansion of macro 'ONEQUAD_TRANSPOSE_NOXOR'
encrypt.c:   129 | #define ONEQUAD(a,b,c,d) ONEQUAD_TRANSPOSE_NOXOR(a,b,c,d)
encrypt.c:       |                          ^~~~~~~~~~~~~~~~~~~~~~~
encrypt.c: c256.h:131:5: note: in expansion of macro 'ONEQUAD'
encrypt.c:   131 |     ONEQUAD(0,1,2,3);
encrypt.c:       |     ^~~~~~~
encrypt.c: c256.h:110:19: warning: unused variable 't1' [-Wunused-variable]
encrypt.c:   110 |       __m128i t0, t1, t2, t3;                                           \
encrypt.c:       |                   ^~
encrypt.c: c256.h:129:26: note: in expansion of macro 'ONEQUAD_TRANSPOSE_NOXOR'
encrypt.c:   129 | #define ONEQUAD(a,b,c,d) ONEQUAD_TRANSPOSE_NOXOR(a,b,c,d)
encrypt.c: ...

Number of similar (implementation,compiler) pairs: 4, namely:

Implementation	Compiler
`T:dolbeau/amd64-sse`	`gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`
`T:dolbeau/amd64-sse`	`gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`
`T:dolbeau/amd64-sse`	`gcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`
`T:dolbeau/amd64-sse`	`gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`

Compiler output

hs1.c: hs1.c:116:23: warning: 'm61' defined but not used [-Wunused-const-variable=]
hs1.c:   116 | static const uint64_t m61 = ((uint64_t)1 << 61) - 1;
hs1.c:       |                       ^~~

Number of similar (implementation,compiler) pairs: 3, namely:

Implementation	Compiler
`T:faster`	`gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`
`T:faster`	`gcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`
`T:faster`	`gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`

Compiler output

hs1.c: hs1.c:116:23: warning: 'm61' defined but not used [-Wunused-const-variable=]
hs1.c:   116 | static const uint64_t m61 = ((uint64_t)1 << 61) - 1;
hs1.c:       |                       ^~~
hs1.c: In function 'xor_copy_chacha_key',
hs1.c:     inlined from 'hs1_gen_siv' at hs1.c:973:5:
hs1.c: hs1.c:890:34: warning: 'chacha_state' is used uninitialized [-Wuninitialized]
hs1.c:   890 |             ((uint64_t *)dst)[2] ^= ((uint64_t *)src)[2];
hs1.c:       |                                  ^~
hs1.c: hs1.c: In function 'hs1_gen_siv':
hs1.c: hs1.c:936:50: note: 'chacha_state' declared here
hs1.c:   936 |     __attribute__ ((aligned(32))) chacha_state_t chacha_state;
hs1.c:       |                                                  ^~~~~~~~~~~~
hs1.c: In function 'xor_copy_chacha_key',
hs1.c:     inlined from 'hs1siv_decrypt.part.0' at hs1.c:1023:5:
hs1.c: hs1.c:890:34: warning: 'chacha_state' is used uninitialized [-Wuninitialized]
hs1.c:   890 |             ((uint64_t *)dst)[2] ^= ((uint64_t *)src)[2];
hs1.c:       |                                  ^~
hs1.c: hs1.c: In function 'hs1siv_decrypt.part.0':
hs1.c: hs1.c:1011:50: note: 'chacha_state' declared here
hs1.c:  1011 |     __attribute__ ((aligned(32))) chacha_state_t chacha_state;
hs1.c:       |                                                  ^~~~~~~~~~~~
hs1.c: In function 'xor_copy_chacha_key',
hs1.c:     inlined from 'hs1' at hs1.c:1062:5:
hs1.c: hs1.c:890:34: warning: 'chacha_state' is used uninitialized [-Wuninitialized]
hs1.c:   890 |             ((uint64_t *)dst)[2] ^= ((uint64_t *)src)[2];
hs1.c: ...

Number of similar (implementation,compiler) pairs: 1, namely:

Implementation	Compiler
`T:faster`	`gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)`