Implementation notes: amd64, jasper3, crypto_aead/aeadaes128ocbtaglen128v1

Computer: jasper3
Microarchitecture: amd64; Tremont (906c0)
Architecture: amd64
CPU ID: GenuineIntel-000906c0-20-bfebfbff
SUPERCOP version: 20231107
Operation: crypto_aead
Primitive: aeadaes128ocbtaglen128v1
TimeObject sizeTest sizeImplementationCompilerBenchmark dateSUPERCOP version
399414714 21 036848 828 1080T:optgcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023053020230530
45829083 0 031008 780 1080T:dolbeau/aesenc-intgcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023053020230530
47296290 0 025830 804 1016T:dolbeau/aesenc-intclang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023053020230530
485313828 21 037720 860 1016T:optclang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023053020230530
487913828 21 035416 860 1016T:optclang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023053020230530
50446347 0 027136 780 1080T:dolbeau/aesenc-intgcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023053020230530
51986439 0 026502 804 1016T:dolbeau/aesenc-intclang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023053020230530
53728588 0 032328 812 1016T:dolbeau/aesenc-intclang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023053020230530
53778300 0 029736 812 1016T:dolbeau/aesenc-intclang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023053020230530
57114077 0 022907 756 1048T:dolbeau/aesenc-intgcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023053020230530
57246023 0 026255 772 1080T:dolbeau/aesenc-intgcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023053020230530
95256720 18 030029 920 1016T:optclang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023053020230530
99817970 21 028375 820 1080T:optgcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023053020230530
100767701 21 028656 828 1080T:optgcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023053020230530
115077617 21 027846 852 1016T:optclang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023053020230530
117347055 21 026766 852 1016T:optclang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023053020230530
126995853 21 024827 804 1048T:optgcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023053020230530
1207755388 0 027182 844 1016T:refclang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023053020230530
1216775628 0 029726 844 1016T:refclang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023053020230530
1412859243 0 031559 828 1048T:refgcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023053020230530
1512539772 0 032462 844 1016T:refclang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023053020230530
1676013659 0 024831 828 1048T:refgcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023053020230530
1725742305 0 022692 836 1016T:refclang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023053020230530
1756172217 0 022148 836 1016T:refclang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023053020230530
1808433209 0 023838 820 1048T:refgcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023053020230530
1965651960 0 021146 804 1048T:refgcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023053020230530

Compiler output

Implementation: T:dolbeau/aesenc-int
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
encrypt.c: encrypt.c:74:34: warning: incompatible pointer types passing 'const unsigned int *' to parameter of type 'const __m128i_u *' [-Wincompatible-pointer-types]
encrypt.c: __m128i key0 = _mm_loadu_si128((const unsigned int *)(key+0));
encrypt.c: ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
encrypt.c: /usr/lib/llvm-11/lib/clang/11.0.1/include/emmintrin.h:3548:34: note: passing argument to parameter '__p' here
encrypt.c: _mm_loadu_si128(__m128i_u const *__p)
encrypt.c: ^
encrypt.c: 1 warning generated.
Number of similar (compiler,implementation) pairs: 4, namely:
CompilerImplementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:dolbeau/aesenc-int
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:dolbeau/aesenc-int
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:dolbeau/aesenc-int
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:dolbeau/aesenc-int

Compiler output

Implementation: T:dolbeau/aesenc-int
Security model: timingleaks
Compiler: clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
encrypt.c: encrypt.c:74:34: warning: incompatible pointer types passing 'const unsigned int *' to parameter of type 'const __m128i_u *' [-Wincompatible-pointer-types]
encrypt.c: __m128i key0 = _mm_loadu_si128((const unsigned int *)(key+0));
encrypt.c: ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
encrypt.c: /usr/lib/llvm-11/lib/clang/11.0.1/include/emmintrin.h:3548:34: note: passing argument to parameter '__p' here
encrypt.c: _mm_loadu_si128(__m128i_u const *__p)
encrypt.c: ^
encrypt.c: encrypt.c:91:3: error: '__builtin_ia32_aeskeygenassist128' needs target feature aes
encrypt.c: BLOCK1(0x01);
encrypt.c: ^
encrypt.c: encrypt.c:82:11: note: expanded from macro 'BLOCK1'
encrypt.c: temp1 = _mm_aeskeygenassist_si128(temp0, IMM); \
encrypt.c: ^
encrypt.c: /usr/lib/llvm-11/lib/clang/11.0.1/include/__wmmintrin_aes.h:136:12: note: expanded from macro '_mm_aeskeygenassist_si128'
encrypt.c: (__m128i)__builtin_ia32_aeskeygenassist128((__v2di)(__m128i)(C), (int)(R))
encrypt.c: ^
encrypt.c: encrypt.c:92:3: error: '__builtin_ia32_aeskeygenassist128' needs target feature aes
encrypt.c: BLOCK1(0x02);
encrypt.c: ^
encrypt.c: encrypt.c:82:11: note: expanded from macro 'BLOCK1'
encrypt.c: temp1 = _mm_aeskeygenassist_si128(temp0, IMM); \
encrypt.c: ^
encrypt.c: /usr/lib/llvm-11/lib/clang/11.0.1/include/__wmmintrin_aes.h:136:12: note: expanded from macro '_mm_aeskeygenassist_si128'
encrypt.c: (__m128i)__builtin_ia32_aeskeygenassist128((__v2di)(__m128i)(C), (int)(R))
encrypt.c: ^
encrypt.c: encrypt.c:93:3: error: '__builtin_ia32_aeskeygenassist128' needs target feature aes
encrypt.c: ...
Number of similar (compiler,implementation) pairs: 1, namely:
CompilerImplementations
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:dolbeau/aesenc-int

Compiler output

Implementation: T:dolbeau/aesenc-int
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE
encrypt.c: encrypt.c: In function 'aes128ni_setkey_encrypt':
encrypt.c: encrypt.c:74:34: warning: passing argument 1 of '_mm_loadu_si128' from incompatible pointer type [-Wincompatible-pointer-types]
encrypt.c: 74 | __m128i key0 = _mm_loadu_si128((const unsigned int *)(key+0));
encrypt.c: | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
encrypt.c: | |
encrypt.c: | const unsigned int *
encrypt.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/10/include/xmmintrin.h:1316,
encrypt.c: from /usr/lib/gcc/x86_64-linux-gnu/10/include/immintrin.h:29,
encrypt.c: from encrypt.c:45:
encrypt.c: /usr/lib/gcc/x86_64-linux-gnu/10/include/emmintrin.h:701:35: note: expected 'const __m128i_u *' but argument is of type 'const unsigned int *'
encrypt.c: 701 | _mm_loadu_si128 (__m128i_u const *__P)
encrypt.c: | ~~~~~~~~~~~~~~~~~^~~
Number of similar (compiler,implementation) pairs: 4, namely:
CompilerImplementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:dolbeau/aesenc-int
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:dolbeau/aesenc-int
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE T:dolbeau/aesenc-int
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE T:dolbeau/aesenc-int

Compiler output

Implementation: T:vaes
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
ocb_vaes.c: ocb_vaes.c:668:19: error: always_inline function '_mm256_broadcastsi128_si256' requires target feature 'avx2', but would be inlined into function 'ae_encrypt' that is compiled without support for 'avx2'
ocb_vaes.c: k256[i] = _mm256_broadcastsi128_si256(load128(ctx->encrypt_key.rd_key+i));
ocb_vaes.c: ^
ocb_vaes.c: ocb_vaes.c:668:19: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
ocb_vaes.c: ocb_vaes.c:669:14: error: always_inline function '_mm256_broadcastsi128_si256' requires target feature 'avx2', but would be inlined into function 'ae_encrypt' that is compiled without support for 'avx2'
ocb_vaes.c: m[M01] = _mm256_broadcastsi128_si256(xor128(load128(ctx->L+0), load128(ctx->L+1)));
ocb_vaes.c: ^
ocb_vaes.c: ocb_vaes.c:669:14: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
ocb_vaes.c: ocb_vaes.c:670:14: error: always_inline function '_mm256_broadcastsi128_si256' requires target feature 'avx2', but would be inlined into function 'ae_encrypt' that is compiled without support for 'avx2'
ocb_vaes.c: m[M02] = _mm256_broadcastsi128_si256(xor128(load128(ctx->L+0), load128(ctx->L+2)));
ocb_vaes.c: ^
ocb_vaes.c: ocb_vaes.c:670:14: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
ocb_vaes.c: ocb_vaes.c:671:14: error: always_inline function '_mm256_broadcastsi128_si256' requires target feature 'avx2', but would be inlined into function 'ae_encrypt' that is compiled without support for 'avx2'
ocb_vaes.c: m[M03] = _mm256_broadcastsi128_si256(xor128(load128(ctx->L+0), load128(ctx->L+3)));
ocb_vaes.c: ^
ocb_vaes.c: ocb_vaes.c:671:14: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
ocb_vaes.c: ocb_vaes.c:672:16: error: always_inline function '_mm256_set_m128i' requires target feature 'avx', but would be inlined into function 'ae_encrypt' that is compiled without support for 'avx'
ocb_vaes.c: m[M0_01] = _mm256_set_m128i(xor128(load128(ctx->L+0), load128(ctx->L+1)), load128(ctx->L+0));
ocb_vaes.c: ^
ocb_vaes.c: ocb_vaes.c:672:16: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
ocb_vaes.c: ocb_vaes.c:677:20: error: always_inline function '_mm256_setzero_si256' requires target feature 'avx', but would be inlined into function 'ae_encrypt' that is compiled without support for 'avx'
ocb_vaes.c: checksum = zero256();
ocb_vaes.c: ^
ocb_vaes.c: ocb_vaes.c:150:27: note: expanded from macro 'zero256'
ocb_vaes.c: #define zero256 _mm256_setzero_si256
ocb_vaes.c: ...
Number of similar (compiler,implementation) pairs: 4, namely:
CompilerImplementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:vaes
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:vaes
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:vaes
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:vaes

Compiler output

Implementation: T:vaes
Security model: timingleaks
Compiler: clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
ocb_vaes.c: ocb_vaes.c:476:15: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'ae_init' that is compiled without support for 'ssse3'
ocb_vaes.c: tmp_blk = reverse_bytes(load128(&ctx->Lstar));
ocb_vaes.c: ^
ocb_vaes.c: ocb_vaes.c:155:5: note: expanded from macro 'reverse_bytes'
ocb_vaes.c: _mm_shuffle_epi8(b,_mm_set_epi8(0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15))
ocb_vaes.c: ^
ocb_vaes.c: ocb_vaes.c:478:29: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'ae_init' that is compiled without support for 'ssse3'
ocb_vaes.c: store128(&ctx->Ldollar, reverse_bytes(tmp_blk));
ocb_vaes.c: ^
ocb_vaes.c: ocb_vaes.c:155:5: note: expanded from macro 'reverse_bytes'
ocb_vaes.c: _mm_shuffle_epi8(b,_mm_set_epi8(0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15))
ocb_vaes.c: ^
ocb_vaes.c: ocb_vaes.c:480:24: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'ae_init' that is compiled without support for 'ssse3'
ocb_vaes.c: store128(ctx->L+0, reverse_bytes(tmp_blk));
ocb_vaes.c: ^
ocb_vaes.c: ocb_vaes.c:155:5: note: expanded from macro 'reverse_bytes'
ocb_vaes.c: _mm_shuffle_epi8(b,_mm_set_epi8(0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15))
ocb_vaes.c: ^
ocb_vaes.c: ocb_vaes.c:483:25: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'ae_init' that is compiled without support for 'ssse3'
ocb_vaes.c: store128(ctx->L+i, reverse_bytes(tmp_blk));
ocb_vaes.c: ^
ocb_vaes.c: ocb_vaes.c:155:5: note: expanded from macro 'reverse_bytes'
ocb_vaes.c: _mm_shuffle_epi8(b,_mm_set_epi8(0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15))
ocb_vaes.c: ^
ocb_vaes.c: 4 errors generated.
Number of similar (compiler,implementation) pairs: 1, namely:
CompilerImplementations
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:vaes

Compiler output

Implementation: T:vaes
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE
ocb_vaes.c: ocb_vaes.c: In function 'ae_encrypt':
ocb_vaes.c: ocb_vaes.c:668:17: warning: AVX vector return without AVX enabled changes the ABI [-Wpsabi]
ocb_vaes.c: 668 | k256[i] = _mm256_broadcastsi128_si256(load128(ctx->encrypt_key.rd_key+i));
ocb_vaes.c: | ~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ocb_vaes.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/10/include/immintrin.h:51,
ocb_vaes.c: from ocb_vaes.c:71:
ocb_vaes.c: ocb_vaes.c: In function 'process_ad':
ocb_vaes.c: /usr/lib/gcc/x86_64-linux-gnu/10/include/avxintrin.h:1521:1: error: inlining failed in call to 'always_inline' '_mm256_set_m128i': target specific option mismatch
ocb_vaes.c: 1521 | _mm256_set_m128i (__m128i __H, __m128i __L)
ocb_vaes.c: | ^~~~~~~~~~~~~~~~
ocb_vaes.c: ocb_vaes.c:554:13: note: called from here
ocb_vaes.c: 554 | oa[7] = _mm256_set_m128i(hi, lo);
ocb_vaes.c: | ^~~~~~~~~~~~~~~~~~~~~~~~
ocb_vaes.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/10/include/immintrin.h:51,
ocb_vaes.c: from ocb_vaes.c:71:
ocb_vaes.c: /usr/lib/gcc/x86_64-linux-gnu/10/include/avxintrin.h:1460:1: error: inlining failed in call to 'always_inline' '_mm256_castsi256_si128': target specific option mismatch
ocb_vaes.c: 1460 | _mm256_castsi256_si128 (__m256i __A)
ocb_vaes.c: | ^~~~~~~~~~~~~~~~~~~~~~
ocb_vaes.c: ocb_vaes.c:139:27: note: called from here
ocb_vaes.c: 139 | #define xor128(x,y) _mm_xor_si128(x,y)
ocb_vaes.c: | ^~~~~~~~~~~~~~~~~~
ocb_vaes.c: ocb_vaes.c:552:10: note: in expansion of macro 'xor128'
ocb_vaes.c: 552 | lo = xor128(_mm256_castsi256_si128(oa[6]), _mm256_castsi256_si128(m[M01]));
ocb_vaes.c: | ^~~~~~
ocb_vaes.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/10/include/immintrin.h:51,
ocb_vaes.c: ...
Number of similar (compiler,implementation) pairs: 4, namely:
CompilerImplementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:vaes
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:vaes
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE T:vaes
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE T:vaes