Implementation notes: amd64, nucnuc, crypto_sign/dilithium5aes

Computer: nucnuc
Microarchitecture: amd64; Airmont (406c3)
Architecture: amd64
CPU ID: GenuineIntel-000406c3-bfebfbff
SUPERCOP version: 20240107
Operation: crypto_sign
Primitive: dilithium5aes

Time	Object size	Test size	Implementation	Compiler	Benchmark date	SUPERCOP version
12077234	42515 0 0	63048 820 1720	`ref`	`clang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20231230	20231217
12805928	31573 0 0	50912 820 1720	`ref`	`clang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20231230	20231217
13395458	22750 0 0	40390 812 1720	`ref`	`clang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20231230	20231217
13505563	41136 0 0	62088 820 1720	`ref`	`clang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20231230	20231217
13651411	57865 0 0	78360 788 1784	`ref`	`gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20231230	20231217
15174976	26339 0 0	45824 788 1784	`ref`	`gcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20231230	20231217
15349058	25070 0 0	43438 812 1720	`ref`	`clang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE`	20231230	20231217
15989881	23596 0 0	42632 788 1784	`ref`	`gcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20231230	20231217
18319807	22124 0 0	39584 780 1752	`ref`	`gcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20231230	20231217

Compiler output

Implementation: avx2
Security model: constbranchindex
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

poly.c: poly.c:44:21: error: always_inline function '_mm256_load_si256' requires target feature 'avx', but would be inlined into function 'crypto_sign_dilithium5aes_avx2_constbranchindex_poly_reduce' that is compiled without support for 'avx'
poly.c: const __m256i q = _mm256_load_si256(&qdata.vec[_8XQ/8]);
poly.c: ^
poly.c: poly.c:44:21: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
poly.c: poly.c:45:23: error: always_inline function '_mm256_set1_epi32' requires target feature 'avx', but would be inlined into function 'crypto_sign_dilithium5aes_avx2_constbranchindex_poly_reduce' that is compiled without support for 'avx'
poly.c: const __m256i off = _mm256_set1_epi32(1<<22);
poly.c: ^
poly.c: poly.c:45:23: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
poly.c: poly.c:49:9: error: always_inline function '_mm256_load_si256' requires target feature 'avx', but would be inlined into function 'crypto_sign_dilithium5aes_avx2_constbranchindex_poly_reduce' that is compiled without support for 'avx'
poly.c: f = _mm256_load_si256(&a->vec[i]);
poly.c: ^
poly.c: poly.c:49:9: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
poly.c: poly.c:50:9: error: always_inline function '_mm256_add_epi32' requires target feature 'avx2', but would be inlined into function 'crypto_sign_dilithium5aes_avx2_constbranchindex_poly_reduce' that is compiled without support for 'avx2'
poly.c: g = _mm256_add_epi32(f,off);
poly.c: ^
poly.c: poly.c:50:9: error: AVX vector argument of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
poly.c: poly.c:51:9: error: always_inline function '_mm256_srai_epi32' requires target feature 'avx2', but would be inlined into function 'crypto_sign_dilithium5aes_avx2_constbranchindex_poly_reduce' that is compiled without support for 'avx2'
poly.c: g = _mm256_srai_epi32(g,23);
poly.c: ^
poly.c: poly.c:51:9: error: AVX vector argument of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
poly.c: poly.c:52:9: error: always_inline function '_mm256_mullo_epi32' requires target feature 'avx2', but would be inlined into function 'crypto_sign_dilithium5aes_avx2_constbranchindex_poly_reduce' that is compiled without support for 'avx2'
poly.c: g = _mm256_mullo_epi32(g,q);
poly.c: ^
poly.c: poly.c:52:9: error: AVX vector argument of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
poly.c: poly.c:53:9: error: always_inline function '_mm256_sub_epi32' requires target feature 'avx2', but would be inlined into function 'crypto_sign_dilithium5aes_avx2_constbranchindex_poly_reduce' that is compiled without support for 'avx2'
poly.c: ...

Number of similar (compiler,implementation) pairs: 4, namely:

Compiler	Implementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	avx2
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	avx2
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	avx2
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	avx2

Compiler output

Implementation: avx2
Security model: constbranchindex
Compiler: clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE

aes256ctr.c: aes256ctr.c:90:3: error: '__builtin_ia32_aeskeygenassist128' needs target feature aes
aes256ctr.c: BLOCK1(0x01);
aes256ctr.c: ^
aes256ctr.c: aes256ctr.c:71:11: note: expanded from macro 'BLOCK1'
aes256ctr.c: temp1 = _mm_aeskeygenassist_si128(temp2, IMM); \
aes256ctr.c: ^
aes256ctr.c: /usr/lib/llvm-11/lib/clang/11.0.1/include/__wmmintrin_aes.h:136:12: note: expanded from macro '_mm_aeskeygenassist_si128'
aes256ctr.c: (__m128i)__builtin_ia32_aeskeygenassist128((__v2di)(__m128i)(C), (int)(R))
aes256ctr.c: ^
aes256ctr.c: aes256ctr.c:91:3: error: '__builtin_ia32_aeskeygenassist128' needs target feature aes
aes256ctr.c: BLOCK2(0x01);
aes256ctr.c: ^
aes256ctr.c: aes256ctr.c:81:11: note: expanded from macro 'BLOCK2'
aes256ctr.c: temp1 = _mm_aeskeygenassist_si128(temp0, IMM); \
aes256ctr.c: ^
aes256ctr.c: /usr/lib/llvm-11/lib/clang/11.0.1/include/__wmmintrin_aes.h:136:12: note: expanded from macro '_mm_aeskeygenassist_si128'
aes256ctr.c: (__m128i)__builtin_ia32_aeskeygenassist128((__v2di)(__m128i)(C), (int)(R))
aes256ctr.c: ^
aes256ctr.c: aes256ctr.c:93:3: error: '__builtin_ia32_aeskeygenassist128' needs target feature aes
aes256ctr.c: BLOCK1(0x02);
aes256ctr.c: ^
aes256ctr.c: aes256ctr.c:71:11: note: expanded from macro 'BLOCK1'
aes256ctr.c: temp1 = _mm_aeskeygenassist_si128(temp2, IMM); \
aes256ctr.c: ^
aes256ctr.c: /usr/lib/llvm-11/lib/clang/11.0.1/include/__wmmintrin_aes.h:136:12: note: expanded from macro '_mm_aeskeygenassist_si128'
aes256ctr.c: ...

Number of similar (compiler,implementation) pairs: 1, namely:

Compiler	Implementations
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE	avx2

Compiler output

Implementation: avx2
Security model: constbranchindex
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE

poly.c: poly.c: In function 'crypto_sign_dilithium5aes_avx2_constbranchindex_poly_reduce':
poly.c: poly.c:44:17: warning: AVX vector return without AVX enabled changes the ABI [-Wpsabi]
poly.c: 44 | const __m256i q = _mm256_load_si256(&qdata.vec[_8XQ/8]);
poly.c: | ^
poly.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/10/include/immintrin.h:51,
poly.c: from poly.c:2:
poly.c: /usr/lib/gcc/x86_64-linux-gnu/10/include/avxintrin.h:1319:1: error: inlining failed in call to 'always_inline' '_mm256_set1_epi32': target specific option mismatch
poly.c: 1319 | _mm256_set1_epi32 (int __A)
poly.c: | ^~~~~~~~~~~~~~~~~
poly.c: poly.c:45:23: note: called from here
poly.c: 45 | const __m256i off = _mm256_set1_epi32(1<<22);
poly.c: | ^~~~~~~~~~~~~~~~~~~~~~~~
poly.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/10/include/immintrin.h:51,
poly.c: from poly.c:2:
poly.c: /usr/lib/gcc/x86_64-linux-gnu/10/include/avxintrin.h:908:1: error: inlining failed in call to 'always_inline' '_mm256_load_si256': target specific option mismatch
poly.c: 908 | _mm256_load_si256 (__m256i const *__P)
poly.c: | ^~~~~~~~~~~~~~~~~
poly.c: poly.c:44:21: note: called from here
poly.c: 44 | const __m256i q = _mm256_load_si256(&qdata.vec[_8XQ/8]);
poly.c: | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
poly.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/10/include/immintrin.h:51,
poly.c: from poly.c:2:
poly.c: /usr/lib/gcc/x86_64-linux-gnu/10/include/avxintrin.h:914:1: error: inlining failed in call to 'always_inline' '_mm256_store_si256': target specific option mismatch
poly.c: 914 | _mm256_store_si256 (__m256i *__P, __m256i __A)
poly.c: | ^~~~~~~~~~~~~~~~~~
poly.c: ...

Number of similar (compiler,implementation) pairs: 4, namely:

Compiler	Implementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE	avx2
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE	avx2
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE	avx2
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE	avx2