Implementation notes: amd64, hydra8, crypto_kem/frodokem640

Computer: hydra8
Microarchitecture: amd64; Ivy Bridge+AES (306a9)
Architecture: amd64
CPU ID: GenuineIntel-000306a9-bfebfbff
SUPERCOP version: 20240716
Operation: crypto_kem
Primitive: frodokem640
TimeObject sizeTest sizeImplementationCompilerBenchmark dateSUPERCOP version
469810151479 0 867014 884 1760T:optimizedgcc_-march=native_-mtune=native_-O3_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024072020240716
481904324740 0 840794 924 1728T:optimizedclang_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024072020240716
502634928911 0 846442 924 1728T:optimizedclang_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024072020240716
506980828255 0 844490 924 1728T:optimizedclang_-mcpu=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024072020240716
797710212528 0 827604 916 1728T:optimizedclang_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024072020240716
1336552616333 0 831714 924 1728T:optimizedclang_-march=native_-O_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024072020240716
1916997714109 0 830494 884 1760T:optimizedgcc_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024072020240716
2165297048607 40 864182 932 1760T:referencegcc_-march=native_-mtune=native_-O3_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024072020240716
2245685712961 0 829038 884 1760T:optimizedgcc_-march=native_-mtune=native_-O_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024072020240716
2593550611706 0 826790 876 1728T:optimizedgcc_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024072020240716
2744925928021 26 845930 964 1728T:referenceclang_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024072020240716
2760287825674 26 842074 964 1728T:referenceclang_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024072020240716
2766140826773 26 843386 964 1728T:referenceclang_-mcpu=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024072020240716
2872555816035 26 831362 964 1728T:referenceclang_-march=native_-O_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024072020240716
2892125211926 26 826996 956 1728T:referenceclang_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024072020240716
3233692313357 40 829766 932 1760T:referencegcc_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024072020240716
3531625911097 40 826182 924 1728T:referencegcc_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024072020240716
3720636912404 40 828494 932 1760T:referencegcc_-march=native_-mtune=native_-O_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024072020240716

Compiler output

fips202.c: fips202.c:428:39: warning: argument 1 of type 'uint64_t[25]' {aka 'long unsigned int[25]'} with mismatched bound [-Warray-parameter=]
fips202.c:   428 | void cshake128_simple_absorb(uint64_t s[25], uint16_t cstm, const unsigned char *in, unsigned long long inlen)
fips202.c:       |                              ~~~~~~~~~^~~~~
fips202.c: In file included from fips202.c:16:
fips202.c: fips202.h:14:40: note: previously declared as 'uint64_t *' {aka 'long unsigned int *'}
fips202.c:    14 | void cshake128_simple_absorb(uint64_t *s, uint16_t cstm, const unsigned char *in, unsigned long long inlen);
fips202.c:       |                              ~~~~~~~~~~^
fips202.c: fips202.c:524:39: warning: argument 1 of type 'uint64_t[25]' {aka 'long unsigned int[25]'} with mismatched bound [-Warray-parameter=]
fips202.c:   524 | void cshake256_simple_absorb(uint64_t s[25], uint16_t cstm, const unsigned char *in, unsigned long long inlen)
fips202.c:       |                              ~~~~~~~~~^~~~~
fips202.c: In file included from fips202.c:16:
fips202.c: fips202.h:22:40: note: previously declared as 'uint64_t *' {aka 'long unsigned int *'}
fips202.c:    22 | void cshake256_simple_absorb(uint64_t *s, uint16_t cstm, const unsigned char *in, unsigned long long inlen);
fips202.c:       |                              ~~~~~~~~~~^
Number of similar (implementation,compiler) pairs: 8, namely:
ImplementationCompiler
T:optimizedgcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)
T:optimizedgcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)
T:optimizedgcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)
T:optimizedgcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)
T:referencegcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)
T:referencegcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)
T:referencegcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)
T:referencegcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)

Compiler output

KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:146:9: error: always_inline function '_mm256_xor_si256' requires target feature 'avx2', but would be inlined into function 'KeccakP1600times4_AddLanesAll' that is compiled without support for 'avx2'
KeccakP-1600-times4-SIMD256.c:         Xor_In4( 0 );
KeccakP-1600-times4-SIMD256.c:         ^
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:140:33: note: expanded from macro 'Xor_In4'
KeccakP-1600-times4-SIMD256.c:                                 XOReq256( stateAsLanes[argIndex+0], lanes0 ),\
KeccakP-1600-times4-SIMD256.c:                                 ^
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:55:41: note: expanded from macro 'XOReq256'
KeccakP-1600-times4-SIMD256.c:     #define XOReq256(a, b)          a = _mm256_xor_si256(a, b)
KeccakP-1600-times4-SIMD256.c:                                         ^
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:146:9: error: always_inline function '_mm256_xor_si256' requires target feature 'avx2', but would be inlined into function 'KeccakP1600times4_AddLanesAll' that is compiled without support for 'avx2'
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:141:33: note: expanded from macro 'Xor_In4'
KeccakP-1600-times4-SIMD256.c:                                 XOReq256( stateAsLanes[argIndex+1], lanes1 ),\
KeccakP-1600-times4-SIMD256.c:                                 ^
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:55:41: note: expanded from macro 'XOReq256'
KeccakP-1600-times4-SIMD256.c:     #define XOReq256(a, b)          a = _mm256_xor_si256(a, b)
KeccakP-1600-times4-SIMD256.c:                                         ^
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:146:9: error: always_inline function '_mm256_xor_si256' requires target feature 'avx2', but would be inlined into function 'KeccakP1600times4_AddLanesAll' that is compiled without support for 'avx2'
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:142:33: note: expanded from macro 'Xor_In4'
KeccakP-1600-times4-SIMD256.c:                                 XOReq256( stateAsLanes[argIndex+2], lanes2 ),\
KeccakP-1600-times4-SIMD256.c:                                 ^
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:55:41: note: expanded from macro 'XOReq256'
KeccakP-1600-times4-SIMD256.c:     #define XOReq256(a, b)          a = _mm256_xor_si256(a, b)
KeccakP-1600-times4-SIMD256.c:                                         ^
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:146:9: error: always_inline function '_mm256_xor_si256' requires target feature 'avx2', but would be inlined into function 'KeccakP1600times4_AddLanesAll' that is compiled without support for 'avx2'
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:143:33: note: expanded from macro 'Xor_In4'
KeccakP-1600-times4-SIMD256.c: ...
Number of similar (implementation,compiler) pairs: 4, namely:
ImplementationCompiler
T:x64clang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)
T:x64clang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)
T:x64clang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)
T:x64clang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)

Compiler output

KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:146:9: error: always_inline function '_mm256_loadu_si256' requires target feature 'avx', but would be inlined into function 'KeccakP1600times4_AddLanesAll' that is compiled without support for 'avx'
KeccakP-1600-times4-SIMD256.c:         Xor_In4( 0 );
KeccakP-1600-times4-SIMD256.c:         ^
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:135:42: note: expanded from macro 'Xor_In4'
KeccakP-1600-times4-SIMD256.c:     #define Xor_In4( argIndex ) lanes0 = LOAD256u( curData0[argIndex]),\
KeccakP-1600-times4-SIMD256.c:                                          ^
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:44:37: note: expanded from macro 'LOAD256u'
KeccakP-1600-times4-SIMD256.c:     #define LOAD256u(a)             _mm256_loadu_si256((const V256 *)&(a))
KeccakP-1600-times4-SIMD256.c:                                     ^
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:146:9: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:135:42: note: expanded from macro 'Xor_In4'
KeccakP-1600-times4-SIMD256.c:     #define Xor_In4( argIndex ) lanes0 = LOAD256u( curData0[argIndex]),\
KeccakP-1600-times4-SIMD256.c:                                          ^
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:44:37: note: expanded from macro 'LOAD256u'
KeccakP-1600-times4-SIMD256.c:     #define LOAD256u(a)             _mm256_loadu_si256((const V256 *)&(a))
KeccakP-1600-times4-SIMD256.c:                                     ^
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:146:9: error: always_inline function '_mm256_loadu_si256' requires target feature 'avx', but would be inlined into function 'KeccakP1600times4_AddLanesAll' that is compiled without support for 'avx'
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:136:42: note: expanded from macro 'Xor_In4'
KeccakP-1600-times4-SIMD256.c:                                 lanes1 = LOAD256u( curData1[argIndex]),\
KeccakP-1600-times4-SIMD256.c:                                          ^
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:44:37: note: expanded from macro 'LOAD256u'
KeccakP-1600-times4-SIMD256.c:     #define LOAD256u(a)             _mm256_loadu_si256((const V256 *)&(a))
KeccakP-1600-times4-SIMD256.c:                                     ^
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:146:9: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:136:42: note: expanded from macro 'Xor_In4'
KeccakP-1600-times4-SIMD256.c: ...
Number of similar (implementation,compiler) pairs: 1, namely:
ImplementationCompiler
T:x64clang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)

Compiler output

KeccakP-1600-times4-SIMD256.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/11/include/immintrin.h:47,
KeccakP-1600-times4-SIMD256.c:                  from KeccakP-1600-times4-SIMD256.c:21:
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c: In function 'KeccakP1600times4_AddLanesAll':
KeccakP-1600-times4-SIMD256.c: /usr/lib/gcc/x86_64-linux-gnu/11/include/avx2intrin.h:913:1: error: inlining failed in call to 'always_inline' '_mm256_xor_si256': target specific option mismatch
KeccakP-1600-times4-SIMD256.c:   913 | _mm256_xor_si256 (__m256i __A, __m256i __B)
KeccakP-1600-times4-SIMD256.c:       | ^~~~~~~~~~~~~~~~
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:55:41: note: called from here
KeccakP-1600-times4-SIMD256.c:    55 |     #define XOReq256(a, b)          a = _mm256_xor_si256(a, b)
KeccakP-1600-times4-SIMD256.c:       |                                         ^~~~~~~~~~~~~~~~~~~~~~
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:143:33: note: in expansion of macro 'XOReq256'
KeccakP-1600-times4-SIMD256.c:   143 |                                 XOReq256( stateAsLanes[argIndex+3], lanes3 )
KeccakP-1600-times4-SIMD256.c:       |                                 ^~~~~~~~
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:149:9: note: in expansion of macro 'Xor_In4'
KeccakP-1600-times4-SIMD256.c:   149 |         Xor_In4( 12 );
KeccakP-1600-times4-SIMD256.c:       |         ^~~~~~~
KeccakP-1600-times4-SIMD256.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/11/include/immintrin.h:47,
KeccakP-1600-times4-SIMD256.c:                  from KeccakP-1600-times4-SIMD256.c:21:
KeccakP-1600-times4-SIMD256.c: /usr/lib/gcc/x86_64-linux-gnu/11/include/avx2intrin.h:913:1: error: inlining failed in call to 'always_inline' '_mm256_xor_si256': target specific option mismatch
KeccakP-1600-times4-SIMD256.c:   913 | _mm256_xor_si256 (__m256i __A, __m256i __B)
KeccakP-1600-times4-SIMD256.c:       | ^~~~~~~~~~~~~~~~
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:55:41: note: called from here
KeccakP-1600-times4-SIMD256.c:    55 |     #define XOReq256(a, b)          a = _mm256_xor_si256(a, b)
KeccakP-1600-times4-SIMD256.c:       |                                         ^~~~~~~~~~~~~~~~~~~~~~
KeccakP-1600-times4-SIMD256.c: KeccakP-1600-times4-SIMD256.c:142:33: note: in expansion of macro 'XOReq256'
KeccakP-1600-times4-SIMD256.c:   142 |                                 XOReq256( stateAsLanes[argIndex+2], lanes2 ),\
KeccakP-1600-times4-SIMD256.c: ...
Number of similar (implementation,compiler) pairs: 4, namely:
ImplementationCompiler
T:x64gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)
T:x64gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)
T:x64gcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)
T:x64gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)

Namespace violations

aes.o AES128_free_schedule T
aes.o AES256_free_schedule T
aes.o handleErrors T
aes_c.o aes128_enc_c T
aes_c.o aes128_load_schedule_c T
aes_c.o aes256_enc_c T
aes_c.o aes256_load_schedule_c T
fips202.o KeccakF1600_StatePermute T
fips202.o cshake128_simple T
fips202.o cshake128_simple_absorb T
fips202.o cshake128_simple_squeezeblocks T
fips202.o cshake256_simple T
fips202.o cshake256_simple_absorb T
fips202.o cshake256_simple_squeezeblocks T
fips202.o shake128 T
fips202.o shake128_absorb T
fips202.o shake128_squeezeblocks T
fips202.o shake256 T
fips202.o shake256_absorb T
fips202.o shake256_squeezeblocks T
frodo640.o CDF_TABLE R
frodo640.o CDF_TABLE_LEN R
frodo640.o frodo_add T
frodo640.o frodo_key_decode T
frodo640.o frodo_key_encode T
frodo640.o frodo_mul_add_as_plus_e T
frodo640.o frodo_mul_add_sa_plus_e T
frodo640.o frodo_mul_add_sb_plus_e T
frodo640.o frodo_mul_bs T
frodo640.o frodo_sample_n T
frodo640.o frodo_sub T
util.o clear_words T
util.o frodo_pack T
util.o frodo_unpack T
Number of similar (implementation,compiler) pairs: 9, namely:
ImplementationCompiler
T:optimizedclang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)
T:optimizedclang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)
T:optimizedclang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)
T:optimizedclang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)
T:optimizedclang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)
T:optimizedgcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)
T:optimizedgcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)
T:optimizedgcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)
T:optimizedgcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)

Namespace violations

aes.o AES128_free_schedule T
aes.o AES256_free_schedule T
aes.o handleErrors T
aes_c.o aes128_enc_c T
aes_c.o aes128_load_schedule_c T
aes_c.o aes256_enc_c T
aes_c.o aes256_load_schedule_c T
fips202.o KeccakF1600_StatePermute T
fips202.o cshake128_simple T
fips202.o cshake128_simple_absorb T
fips202.o cshake128_simple_squeezeblocks T
fips202.o cshake256_simple T
fips202.o cshake256_simple_absorb T
fips202.o cshake256_simple_squeezeblocks T
fips202.o shake128 T
fips202.o shake128_absorb T
fips202.o shake128_squeezeblocks T
fips202.o shake256 T
fips202.o shake256_absorb T
fips202.o shake256_squeezeblocks T
frodo640.o CDF_TABLE D
frodo640.o CDF_TABLE_LEN D
frodo640.o frodo_add T
frodo640.o frodo_key_decode T
frodo640.o frodo_key_encode T
frodo640.o frodo_mul_add_as_plus_e T
frodo640.o frodo_mul_add_sa_plus_e T
frodo640.o frodo_mul_add_sb_plus_e T
frodo640.o frodo_mul_bs T
frodo640.o frodo_sample_n T
frodo640.o frodo_sub T
util.o clear_words T
util.o frodo_pack T
util.o frodo_unpack T
Number of similar (implementation,compiler) pairs: 9, namely:
ImplementationCompiler
T:referenceclang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)
T:referenceclang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)
T:referenceclang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)
T:referenceclang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)
T:referenceclang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Ubuntu_Clang_14.0.0)
T:referencegcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)
T:referencegcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)
T:referencegcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)
T:referencegcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (11.4.0)