Implementation notes: amd64, jasper3, crypto_aead/aeadaes128ocbtaglen128v1

Computer: jasper3
Microarchitecture: amd64; Tremont (906c0)
Architecture: amd64
CPU ID: GenuineIntel-000906c0-20-bfebfbff
SUPERCOP version: 20240625
Operation: crypto_aead
Primitive: aeadaes128ocbtaglen128v1
TimeObject sizeTest sizeImplementationCompilerBenchmark dateSUPERCOP version
401214714 21 036848 828 1080T:optgcc_-march=native_-mtune=native_-O3_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
45999083 0 031008 780 1080T:dolbeau/aesenc-intgcc_-march=native_-mtune=native_-O3_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
47146290 0 025830 804 1016T:dolbeau/aesenc-intclang_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
485913828 21 035408 860 1016T:optclang_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
496613828 21 037712 860 1016T:optclang_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
50676347 0 027136 780 1080T:dolbeau/aesenc-intgcc_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
53758300 0 029728 812 1016T:dolbeau/aesenc-intclang_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
53766439 0 026502 804 1016T:dolbeau/aesenc-intclang_-march=native_-O_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
54098588 0 032320 812 1016T:dolbeau/aesenc-intclang_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
56936023 0 026255 772 1080T:dolbeau/aesenc-intgcc_-march=native_-mtune=native_-O_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
57184077 0 022907 756 1048T:dolbeau/aesenc-intgcc_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
98096720 18 030061 920 1016T:optclang_-mcpu=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
101987701 21 028656 828 1080T:optgcc_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
103547970 21 028375 820 1080T:optgcc_-march=native_-mtune=native_-O_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
113727055 21 026750 852 1016T:optclang_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
118947617 21 027846 852 1016T:optclang_-march=native_-O_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
131775853 21 024827 804 1048T:optgcc_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
1210245388 0 027174 844 1016T:refclang_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
1269895628 0 029718 844 1016T:refclang_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
1434719243 0 031559 828 1048T:refgcc_-march=native_-mtune=native_-O3_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
1572179772 0 032494 844 1016T:refclang_-mcpu=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
1663472217 0 022132 836 1016T:refclang_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
1683803659 0 024831 828 1048T:refgcc_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
1777512305 0 022692 836 1016T:refclang_-march=native_-O_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
1821063209 0 023838 820 1048T:refgcc_-march=native_-mtune=native_-O_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
1914831960 0 021146 804 1048T:refgcc_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625

Compiler output

encrypt.c: encrypt.c:74:34: warning: incompatible pointer types passing 'const unsigned int *' to parameter of type 'const __m128i_u *' [-Wincompatible-pointer-types]
encrypt.c:   __m128i key0 = _mm_loadu_si128((const unsigned int *)(key+0));
encrypt.c:                                  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
encrypt.c: /usr/lib/llvm-11/lib/clang/11.0.1/include/emmintrin.h:3548:34: note: passing argument to parameter '__p' here
encrypt.c: _mm_loadu_si128(__m128i_u const *__p)
encrypt.c:                                  ^
encrypt.c: encrypt.c:75:25: warning: unused variable 'temp2' [-Wunused-variable]
encrypt.c:   __m128i temp0, temp1, temp2, temp4;
encrypt.c:                         ^
encrypt.c: encrypt.c:448:2: warning: misleading indentation; statement is not part of the previous 'for' [-Wmisleading-indentation]
encrypt.c:         break;
encrypt.c:         ^
encrypt.c: encrypt.c:446:7: note: previous statement is here
encrypt.c:       for (i = 5; i < ntz ; i++)
encrypt.c:       ^
encrypt.c: encrypt.c:617:25: warning: variable 'sum' is uninitialized when used here [-Wuninitialized]
encrypt.c:     sum = _mm_xor_si128(sum,sum);
encrypt.c:                         ^~~
encrypt.c: encrypt.c:559:5: note: variable 'sum' is declared here
encrypt.c:     __m128i lstar, ldollar, sum, offset, ktop, pad, nonce, tag, tmp, outv;
encrypt.c:     ^
encrypt.c: encrypt.c:104:20: warning: unused function 'aes128ni_setkey_decrypt' [-Wunused-function]
encrypt.c: static inline void aes128ni_setkey_decrypt(const unsigned char* key, __m128i rkeys[11]) {
encrypt.c:                    ^
encrypt.c: encrypt.c:136:20: warning: unused function 'aes128ni_encrypt1' [-Wunused-function]
encrypt.c: ...
Number of similar (implementation,compiler) pairs: 5, namely:
ImplementationCompiler
T:dolbeau/aesenc-intclang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)
T:dolbeau/aesenc-intclang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)
T:dolbeau/aesenc-intclang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)
T:dolbeau/aesenc-intclang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)
T:dolbeau/aesenc-intclang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)

Compiler output

encrypt.c: encrypt.c: In function 'aes128ni_setkey_encrypt':
encrypt.c: encrypt.c:74:34: warning: passing argument 1 of '_mm_loadu_si128' from incompatible pointer type [-Wincompatible-pointer-types]
encrypt.c:    74 |   __m128i key0 = _mm_loadu_si128((const unsigned int *)(key+0));
encrypt.c:       |                                  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
encrypt.c:       |                                  |
encrypt.c:       |                                  const unsigned int *
encrypt.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/10/include/xmmintrin.h:1316,
encrypt.c:                  from /usr/lib/gcc/x86_64-linux-gnu/10/include/immintrin.h:29,
encrypt.c:                  from encrypt.c:45:
encrypt.c: /usr/lib/gcc/x86_64-linux-gnu/10/include/emmintrin.h:701:35: note: expected 'const __m128i_u *' but argument is of type 'const unsigned int *'
encrypt.c:   701 | _mm_loadu_si128 (__m128i_u const *__P)
encrypt.c:       |                  ~~~~~~~~~~~~~~~~~^~~
encrypt.c: encrypt.c:75:25: warning: unused variable 'temp2' [-Wunused-variable]
encrypt.c:    75 |   __m128i temp0, temp1, temp2, temp4;
encrypt.c:       |                         ^~~~~
encrypt.c: encrypt.c: In function 'aes128ni_setkey_decrypt':
encrypt.c: encrypt.c:109: warning: ignoring '#pragma unroll ' [-Wunknown-pragmas]
encrypt.c:   109 | #pragma unroll(9)
encrypt.c:       |
encrypt.c: encrypt.c: In function 'aes128ni_setkey_e2d':
encrypt.c: encrypt.c:118: warning: ignoring '#pragma unroll ' [-Wunknown-pragmas]
encrypt.c:   118 | #pragma unroll(9)
encrypt.c:       |
encrypt.c: encrypt.c: In function 'aes128ni_encrypt1_si128':
encrypt.c: encrypt.c:129: warning: ignoring '#pragma unroll ' [-Wunknown-pragmas]
encrypt.c: ...
Number of similar (implementation,compiler) pairs: 4, namely:
ImplementationCompiler
T:dolbeau/aesenc-intgcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110)
T:dolbeau/aesenc-intgcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110)
T:dolbeau/aesenc-intgcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110)
T:dolbeau/aesenc-intgcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110)

Compiler output

ocb_vaes.c: ocb_vaes.c:668:19: error: always_inline function '_mm256_broadcastsi128_si256' requires target feature 'avx2', but would be inlined into function 'ae_encrypt' that is compiled without support for 'avx2'
ocb_vaes.c:         k256[i] = _mm256_broadcastsi128_si256(load128(ctx->encrypt_key.rd_key+i));
ocb_vaes.c:                   ^
ocb_vaes.c: ocb_vaes.c:668:19: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
ocb_vaes.c: ocb_vaes.c:669:14: error: always_inline function '_mm256_broadcastsi128_si256' requires target feature 'avx2', but would be inlined into function 'ae_encrypt' that is compiled without support for 'avx2'
ocb_vaes.c:     m[M01] = _mm256_broadcastsi128_si256(xor128(load128(ctx->L+0), load128(ctx->L+1)));
ocb_vaes.c:              ^
ocb_vaes.c: ocb_vaes.c:669:14: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
ocb_vaes.c: ocb_vaes.c:670:14: error: always_inline function '_mm256_broadcastsi128_si256' requires target feature 'avx2', but would be inlined into function 'ae_encrypt' that is compiled without support for 'avx2'
ocb_vaes.c:     m[M02] = _mm256_broadcastsi128_si256(xor128(load128(ctx->L+0), load128(ctx->L+2)));
ocb_vaes.c:              ^
ocb_vaes.c: ocb_vaes.c:670:14: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
ocb_vaes.c: ocb_vaes.c:671:14: error: always_inline function '_mm256_broadcastsi128_si256' requires target feature 'avx2', but would be inlined into function 'ae_encrypt' that is compiled without support for 'avx2'
ocb_vaes.c:     m[M03] = _mm256_broadcastsi128_si256(xor128(load128(ctx->L+0), load128(ctx->L+3)));
ocb_vaes.c:              ^
ocb_vaes.c: ocb_vaes.c:671:14: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
ocb_vaes.c: ocb_vaes.c:672:16: error: always_inline function '_mm256_set_m128i' requires target feature 'avx', but would be inlined into function 'ae_encrypt' that is compiled without support for 'avx'
ocb_vaes.c:     m[M0_01] = _mm256_set_m128i(xor128(load128(ctx->L+0), load128(ctx->L+1)), load128(ctx->L+0));
ocb_vaes.c:                ^
ocb_vaes.c: ocb_vaes.c:672:16: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
ocb_vaes.c: ocb_vaes.c:677:20: error: always_inline function '_mm256_setzero_si256' requires target feature 'avx', but would be inlined into function 'ae_encrypt' that is compiled without support for 'avx'
ocb_vaes.c:         checksum = zero256();
ocb_vaes.c:                    ^
ocb_vaes.c: ocb_vaes.c:150:27: note: expanded from macro 'zero256'
ocb_vaes.c: #define zero256           _mm256_setzero_si256
ocb_vaes.c: ...
Number of similar (implementation,compiler) pairs: 4, namely:
ImplementationCompiler
T:vaesclang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)
T:vaesclang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)
T:vaesclang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)
T:vaesclang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)

Compiler output

ocb_vaes.c: ocb_vaes.c:476:15: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'ae_init' that is compiled without support for 'ssse3'
ocb_vaes.c:     tmp_blk = reverse_bytes(load128(&ctx->Lstar));
ocb_vaes.c:               ^
ocb_vaes.c: ocb_vaes.c:155:5: note: expanded from macro 'reverse_bytes'
ocb_vaes.c:     _mm_shuffle_epi8(b,_mm_set_epi8(0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15))
ocb_vaes.c:     ^
ocb_vaes.c: ocb_vaes.c:478:29: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'ae_init' that is compiled without support for 'ssse3'
ocb_vaes.c:     store128(&ctx->Ldollar, reverse_bytes(tmp_blk));
ocb_vaes.c:                             ^
ocb_vaes.c: ocb_vaes.c:155:5: note: expanded from macro 'reverse_bytes'
ocb_vaes.c:     _mm_shuffle_epi8(b,_mm_set_epi8(0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15))
ocb_vaes.c:     ^
ocb_vaes.c: ocb_vaes.c:480:24: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'ae_init' that is compiled without support for 'ssse3'
ocb_vaes.c:     store128(ctx->L+0, reverse_bytes(tmp_blk));
ocb_vaes.c:                        ^
ocb_vaes.c: ocb_vaes.c:155:5: note: expanded from macro 'reverse_bytes'
ocb_vaes.c:     _mm_shuffle_epi8(b,_mm_set_epi8(0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15))
ocb_vaes.c:     ^
ocb_vaes.c: ocb_vaes.c:483:25: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'ae_init' that is compiled without support for 'ssse3'
ocb_vaes.c:         store128(ctx->L+i, reverse_bytes(tmp_blk));
ocb_vaes.c:                            ^
ocb_vaes.c: ocb_vaes.c:155:5: note: expanded from macro 'reverse_bytes'
ocb_vaes.c:     _mm_shuffle_epi8(b,_mm_set_epi8(0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15))
ocb_vaes.c:     ^
ocb_vaes.c: 4 errors generated.
Number of similar (implementation,compiler) pairs: 1, namely:
ImplementationCompiler
T:vaesclang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)

Compiler output

ocb_vaes.c: ocb_vaes.c: In function 'ae_encrypt':
ocb_vaes.c: ocb_vaes.c:668:17: warning: AVX vector return without AVX enabled changes the ABI [-Wpsabi]
ocb_vaes.c:   668 |         k256[i] = _mm256_broadcastsi128_si256(load128(ctx->encrypt_key.rd_key+i));
ocb_vaes.c:       |         ~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ocb_vaes.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/10/include/immintrin.h:51,
ocb_vaes.c:                  from ocb_vaes.c:71:
ocb_vaes.c: ocb_vaes.c: In function 'process_ad':
ocb_vaes.c: /usr/lib/gcc/x86_64-linux-gnu/10/include/avxintrin.h:1521:1: error: inlining failed in call to 'always_inline' '_mm256_set_m128i': target specific option mismatch
ocb_vaes.c:  1521 | _mm256_set_m128i (__m128i __H, __m128i __L)
ocb_vaes.c:       | ^~~~~~~~~~~~~~~~
ocb_vaes.c: ocb_vaes.c:554:13: note: called from here
ocb_vaes.c:   554 |     oa[7] = _mm256_set_m128i(hi, lo);
ocb_vaes.c:       |             ^~~~~~~~~~~~~~~~~~~~~~~~
ocb_vaes.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/10/include/immintrin.h:51,
ocb_vaes.c:                  from ocb_vaes.c:71:
ocb_vaes.c: /usr/lib/gcc/x86_64-linux-gnu/10/include/avxintrin.h:1460:1: error: inlining failed in call to 'always_inline' '_mm256_castsi256_si128': target specific option mismatch
ocb_vaes.c:  1460 | _mm256_castsi256_si128 (__m256i __A)
ocb_vaes.c:       | ^~~~~~~~~~~~~~~~~~~~~~
ocb_vaes.c: ocb_vaes.c:139:27: note: called from here
ocb_vaes.c:   139 | #define xor128(x,y)       _mm_xor_si128(x,y)
ocb_vaes.c:       |                           ^~~~~~~~~~~~~~~~~~
ocb_vaes.c: ocb_vaes.c:552:10: note: in expansion of macro 'xor128'
ocb_vaes.c:   552 |     lo = xor128(_mm256_castsi256_si128(oa[6]), _mm256_castsi256_si128(m[M01]));
ocb_vaes.c:       |          ^~~~~~
ocb_vaes.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/10/include/immintrin.h:51,
ocb_vaes.c: ...
Number of similar (implementation,compiler) pairs: 4, namely:
ImplementationCompiler
T:vaesgcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110)
T:vaesgcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110)
T:vaesgcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110)
T:vaesgcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110)