Implementation notes: amd64, jasper, crypto_aead/aeadaes256ocbtaglen128v1

Computer: jasper
Microarchitecture: amd64; Tremont (906c0)
Architecture: amd64
CPU ID: GenuineIntel-000906c0-20-bfebfbff
SUPERCOP version: 20231107
Operation: crypto_aead
Primitive: aeadaes256ocbtaglen128v1
TimeObject sizeTest sizeImplementationCompilerBenchmark dateSUPERCOP version
597610811 0 032536 780 1080T:dolbeau/aesenc-intgcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023060420230530
61137212 0 026542 804 1016T:dolbeau/aesenc-intclang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023060420230530
68326491 0 027080 780 1080T:dolbeau/aesenc-intgcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023060420230530
695111090 21 033016 828 1080T:optgcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023060420230530
70826190 0 026215 772 1080T:dolbeau/aesenc-intgcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023060420230530
71406759 0 026606 804 1016T:dolbeau/aesenc-intclang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023060420230530
71748686 21 030056 860 1016T:optclang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023060420230530
720910348 0 033872 812 1016T:dolbeau/aesenc-intclang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023060420230530
721211931 21 035600 860 1016T:optclang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023060420230530
724610252 0 031472 812 1016T:dolbeau/aesenc-intclang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023060420230530
74624221 0 022835 756 1048T:dolbeau/aesenc-intgcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023060420230530
104066720 18 029813 920 1016T:optclang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023060420230530
168586493 21 027248 828 1080T:optgcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023060420230530
168656518 21 026727 820 1080T:optgcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023060420230530
176815705 21 025198 852 1016T:optclang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023060420230530
201146137 21 026150 852 1016T:optclang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023060420230530
235864729 21 023499 804 1048T:optgcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023060420230530
1538555628 0 029510 844 1016T:refclang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023060420230530
1589375388 0 026966 844 1016T:refclang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023060420230530
1702109243 0 031359 828 1048T:refgcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023060420230530
1917259772 0 032246 844 1016T:refclang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023060420230530
1988833659 0 024631 828 1048T:refgcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023060420230530
2011402217 0 021932 836 1016T:refclang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023060420230530
2062962305 0 022476 836 1016T:refclang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023060420230530
2069293209 0 023622 820 1048T:refgcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023060420230530
2342361960 0 020930 804 1048T:refgcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023060420230530

Compiler output

Implementation: T:dolbeau/aesenc-int
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
encrypt.c: encrypt.c:74:34: warning: incompatible pointer types passing 'const unsigned int *' to parameter of type 'const __m128i_u *' [-Wincompatible-pointer-types]
encrypt.c: __m128i key0 = _mm_loadu_si128((const unsigned int *)(key+0));
encrypt.c: ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
encrypt.c: /usr/lib/llvm-11/lib/clang/11.0.1/include/emmintrin.h:3548:34: note: passing argument to parameter '__p' here
encrypt.c: _mm_loadu_si128(__m128i_u const *__p)
encrypt.c: ^
encrypt.c: encrypt.c:75:34: warning: incompatible pointer types passing 'const unsigned int *' to parameter of type 'const __m128i_u *' [-Wincompatible-pointer-types]
encrypt.c: __m128i key1 = _mm_loadu_si128((const unsigned int *)(key+16));
encrypt.c: ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
encrypt.c: /usr/lib/llvm-11/lib/clang/11.0.1/include/emmintrin.h:3548:34: note: passing argument to parameter '__p' here
encrypt.c: _mm_loadu_si128(__m128i_u const *__p)
encrypt.c: ^
encrypt.c: 2 warnings generated.
Number of similar (compiler,implementation) pairs: 4, namely:
CompilerImplementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:dolbeau/aesenc-int
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:dolbeau/aesenc-int
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:dolbeau/aesenc-int
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:dolbeau/aesenc-int

Compiler output

Implementation: T:dolbeau/aesenc-int
Security model: timingleaks
Compiler: clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
encrypt.c: encrypt.c:74:34: warning: incompatible pointer types passing 'const unsigned int *' to parameter of type 'const __m128i_u *' [-Wincompatible-pointer-types]
encrypt.c: __m128i key0 = _mm_loadu_si128((const unsigned int *)(key+0));
encrypt.c: ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
encrypt.c: /usr/lib/llvm-11/lib/clang/11.0.1/include/emmintrin.h:3548:34: note: passing argument to parameter '__p' here
encrypt.c: _mm_loadu_si128(__m128i_u const *__p)
encrypt.c: ^
encrypt.c: encrypt.c:75:34: warning: incompatible pointer types passing 'const unsigned int *' to parameter of type 'const __m128i_u *' [-Wincompatible-pointer-types]
encrypt.c: __m128i key1 = _mm_loadu_si128((const unsigned int *)(key+16));
encrypt.c: ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
encrypt.c: /usr/lib/llvm-11/lib/clang/11.0.1/include/emmintrin.h:3548:34: note: passing argument to parameter '__p' here
encrypt.c: _mm_loadu_si128(__m128i_u const *__p)
encrypt.c: ^
encrypt.c: encrypt.c:104:3: error: '__builtin_ia32_aeskeygenassist128' needs target feature aes
encrypt.c: BLOCK1(0x01);
encrypt.c: ^
encrypt.c: encrypt.c:85:11: note: expanded from macro 'BLOCK1'
encrypt.c: temp1 = _mm_aeskeygenassist_si128(temp2, IMM); \
encrypt.c: ^
encrypt.c: /usr/lib/llvm-11/lib/clang/11.0.1/include/__wmmintrin_aes.h:136:12: note: expanded from macro '_mm_aeskeygenassist_si128'
encrypt.c: (__m128i)__builtin_ia32_aeskeygenassist128((__v2di)(__m128i)(C), (int)(R))
encrypt.c: ^
encrypt.c: encrypt.c:105:3: error: '__builtin_ia32_aeskeygenassist128' needs target feature aes
encrypt.c: BLOCK2(0x01);
encrypt.c: ^
encrypt.c: encrypt.c:95:11: note: expanded from macro 'BLOCK2'
encrypt.c: ...
Number of similar (compiler,implementation) pairs: 1, namely:
CompilerImplementations
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:dolbeau/aesenc-int

Compiler output

Implementation: T:dolbeau/aesenc-int
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE
encrypt.c: encrypt.c: In function 'aes256ni_setkey_encrypt':
encrypt.c: encrypt.c:74:34: warning: passing argument 1 of '_mm_loadu_si128' from incompatible pointer type [-Wincompatible-pointer-types]
encrypt.c: 74 | __m128i key0 = _mm_loadu_si128((const unsigned int *)(key+0));
encrypt.c: | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
encrypt.c: | |
encrypt.c: | const unsigned int *
encrypt.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/10/include/xmmintrin.h:1316,
encrypt.c: from /usr/lib/gcc/x86_64-linux-gnu/10/include/immintrin.h:29,
encrypt.c: from encrypt.c:45:
encrypt.c: /usr/lib/gcc/x86_64-linux-gnu/10/include/emmintrin.h:701:35: note: expected 'const __m128i_u *' but argument is of type 'const unsigned int *'
encrypt.c: 701 | _mm_loadu_si128 (__m128i_u const *__P)
encrypt.c: | ~~~~~~~~~~~~~~~~~^~~
encrypt.c: encrypt.c:75:34: warning: passing argument 1 of '_mm_loadu_si128' from incompatible pointer type [-Wincompatible-pointer-types]
encrypt.c: 75 | __m128i key1 = _mm_loadu_si128((const unsigned int *)(key+16));
encrypt.c: | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
encrypt.c: | |
encrypt.c: | const unsigned int *
encrypt.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/10/include/xmmintrin.h:1316,
encrypt.c: from /usr/lib/gcc/x86_64-linux-gnu/10/include/immintrin.h:29,
encrypt.c: from encrypt.c:45:
encrypt.c: /usr/lib/gcc/x86_64-linux-gnu/10/include/emmintrin.h:701:35: note: expected 'const __m128i_u *' but argument is of type 'const unsigned int *'
encrypt.c: 701 | _mm_loadu_si128 (__m128i_u const *__P)
encrypt.c: | ~~~~~~~~~~~~~~~~~^~~
Number of similar (compiler,implementation) pairs: 4, namely:
CompilerImplementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:dolbeau/aesenc-int
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:dolbeau/aesenc-int
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE T:dolbeau/aesenc-int
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE T:dolbeau/aesenc-int

Compiler output

Implementation: T:vaes
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
ocb_vaes.c: ocb_vaes.c:668:19: error: always_inline function '_mm256_broadcastsi128_si256' requires target feature 'avx2', but would be inlined into function 'ae_encrypt' that is compiled without support for 'avx2'
ocb_vaes.c: k256[i] = _mm256_broadcastsi128_si256(load128(ctx->encrypt_key.rd_key+i));
ocb_vaes.c: ^
ocb_vaes.c: ocb_vaes.c:668:19: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
ocb_vaes.c: ocb_vaes.c:669:14: error: always_inline function '_mm256_broadcastsi128_si256' requires target feature 'avx2', but would be inlined into function 'ae_encrypt' that is compiled without support for 'avx2'
ocb_vaes.c: m[M01] = _mm256_broadcastsi128_si256(xor128(load128(ctx->L+0), load128(ctx->L+1)));
ocb_vaes.c: ^
ocb_vaes.c: ocb_vaes.c:669:14: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
ocb_vaes.c: ocb_vaes.c:670:14: error: always_inline function '_mm256_broadcastsi128_si256' requires target feature 'avx2', but would be inlined into function 'ae_encrypt' that is compiled without support for 'avx2'
ocb_vaes.c: m[M02] = _mm256_broadcastsi128_si256(xor128(load128(ctx->L+0), load128(ctx->L+2)));
ocb_vaes.c: ^
ocb_vaes.c: ocb_vaes.c:670:14: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
ocb_vaes.c: ocb_vaes.c:671:14: error: always_inline function '_mm256_broadcastsi128_si256' requires target feature 'avx2', but would be inlined into function 'ae_encrypt' that is compiled without support for 'avx2'
ocb_vaes.c: m[M03] = _mm256_broadcastsi128_si256(xor128(load128(ctx->L+0), load128(ctx->L+3)));
ocb_vaes.c: ^
ocb_vaes.c: ocb_vaes.c:671:14: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
ocb_vaes.c: ocb_vaes.c:672:16: error: always_inline function '_mm256_set_m128i' requires target feature 'avx', but would be inlined into function 'ae_encrypt' that is compiled without support for 'avx'
ocb_vaes.c: m[M0_01] = _mm256_set_m128i(xor128(load128(ctx->L+0), load128(ctx->L+1)), load128(ctx->L+0));
ocb_vaes.c: ^
ocb_vaes.c: ocb_vaes.c:672:16: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
ocb_vaes.c: ocb_vaes.c:677:20: error: always_inline function '_mm256_setzero_si256' requires target feature 'avx', but would be inlined into function 'ae_encrypt' that is compiled without support for 'avx'
ocb_vaes.c: checksum = zero256();
ocb_vaes.c: ^
ocb_vaes.c: ocb_vaes.c:150:27: note: expanded from macro 'zero256'
ocb_vaes.c: #define zero256 _mm256_setzero_si256
ocb_vaes.c: ...
Number of similar (compiler,implementation) pairs: 4, namely:
CompilerImplementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:vaes
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:vaes
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:vaes
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:vaes

Compiler output

Implementation: T:vaes
Security model: timingleaks
Compiler: clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
ocb_vaes.c: ocb_vaes.c:476:15: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'ae_init' that is compiled without support for 'ssse3'
ocb_vaes.c: tmp_blk = reverse_bytes(load128(&ctx->Lstar));
ocb_vaes.c: ^
ocb_vaes.c: ocb_vaes.c:155:5: note: expanded from macro 'reverse_bytes'
ocb_vaes.c: _mm_shuffle_epi8(b,_mm_set_epi8(0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15))
ocb_vaes.c: ^
ocb_vaes.c: ocb_vaes.c:478:29: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'ae_init' that is compiled without support for 'ssse3'
ocb_vaes.c: store128(&ctx->Ldollar, reverse_bytes(tmp_blk));
ocb_vaes.c: ^
ocb_vaes.c: ocb_vaes.c:155:5: note: expanded from macro 'reverse_bytes'
ocb_vaes.c: _mm_shuffle_epi8(b,_mm_set_epi8(0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15))
ocb_vaes.c: ^
ocb_vaes.c: ocb_vaes.c:480:24: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'ae_init' that is compiled without support for 'ssse3'
ocb_vaes.c: store128(ctx->L+0, reverse_bytes(tmp_blk));
ocb_vaes.c: ^
ocb_vaes.c: ocb_vaes.c:155:5: note: expanded from macro 'reverse_bytes'
ocb_vaes.c: _mm_shuffle_epi8(b,_mm_set_epi8(0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15))
ocb_vaes.c: ^
ocb_vaes.c: ocb_vaes.c:483:25: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'ae_init' that is compiled without support for 'ssse3'
ocb_vaes.c: store128(ctx->L+i, reverse_bytes(tmp_blk));
ocb_vaes.c: ^
ocb_vaes.c: ocb_vaes.c:155:5: note: expanded from macro 'reverse_bytes'
ocb_vaes.c: _mm_shuffle_epi8(b,_mm_set_epi8(0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15))
ocb_vaes.c: ^
ocb_vaes.c: 4 errors generated.
Number of similar (compiler,implementation) pairs: 1, namely:
CompilerImplementations
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:vaes

Compiler output

Implementation: T:vaes
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE
ocb_vaes.c: ocb_vaes.c: In function 'ae_encrypt':
ocb_vaes.c: ocb_vaes.c:668:17: warning: AVX vector return without AVX enabled changes the ABI [-Wpsabi]
ocb_vaes.c: 668 | k256[i] = _mm256_broadcastsi128_si256(load128(ctx->encrypt_key.rd_key+i));
ocb_vaes.c: | ~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ocb_vaes.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/10/include/immintrin.h:51,
ocb_vaes.c: from ocb_vaes.c:71:
ocb_vaes.c: ocb_vaes.c: In function 'process_ad':
ocb_vaes.c: /usr/lib/gcc/x86_64-linux-gnu/10/include/avxintrin.h:1521:1: error: inlining failed in call to 'always_inline' '_mm256_set_m128i': target specific option mismatch
ocb_vaes.c: 1521 | _mm256_set_m128i (__m128i __H, __m128i __L)
ocb_vaes.c: | ^~~~~~~~~~~~~~~~
ocb_vaes.c: ocb_vaes.c:554:13: note: called from here
ocb_vaes.c: 554 | oa[7] = _mm256_set_m128i(hi, lo);
ocb_vaes.c: | ^~~~~~~~~~~~~~~~~~~~~~~~
ocb_vaes.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/10/include/immintrin.h:51,
ocb_vaes.c: from ocb_vaes.c:71:
ocb_vaes.c: /usr/lib/gcc/x86_64-linux-gnu/10/include/avxintrin.h:1460:1: error: inlining failed in call to 'always_inline' '_mm256_castsi256_si128': target specific option mismatch
ocb_vaes.c: 1460 | _mm256_castsi256_si128 (__m256i __A)
ocb_vaes.c: | ^~~~~~~~~~~~~~~~~~~~~~
ocb_vaes.c: ocb_vaes.c:139:27: note: called from here
ocb_vaes.c: 139 | #define xor128(x,y) _mm_xor_si128(x,y)
ocb_vaes.c: | ^~~~~~~~~~~~~~~~~~
ocb_vaes.c: ocb_vaes.c:552:10: note: in expansion of macro 'xor128'
ocb_vaes.c: 552 | lo = xor128(_mm256_castsi256_si128(oa[6]), _mm256_castsi256_si128(m[M01]));
ocb_vaes.c: | ^~~~~~
ocb_vaes.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/10/include/immintrin.h:51,
ocb_vaes.c: ...
Number of similar (compiler,implementation) pairs: 4, namely:
CompilerImplementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:vaes
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:vaes
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE T:vaes
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE T:vaes