Implementation notes: amd64, renoir, crypto_dh/gls254prot

Computer: renoir
Microarchitecture: amd64; Zen 2 (860f01)
Architecture: amd64
CPU ID: AuthenticAMD-00860f01-178bfbff
SUPERCOP version: 20240625
Operation: crypto_dh
Primitive: gls254prot
TimeObject sizeTest sizeImplementationCompilerBenchmark dateSUPERCOP version
17512744390 0 065912 820 1752T:optclang_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
17553344390 0 065752 820 1752T:optclang_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
18629525513 0 044582 812 1720T:optclang_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
19062624077 0 046104 788 1784T:optgcc_-march=native_-mtune=native_-O3_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
19213022701 0 043064 788 1784T:optgcc_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
197317145614 0 0166520 820 1752T:protclang_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
198555142526 0 0163304 820 1752T:protclang_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
21587420330 0 039072 780 1752T:optgcc_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
21744323094 0 042406 812 1720T:optclang_-march=native_-O_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
22119322019 0 041864 788 1784T:optgcc_-march=native_-mtune=native_-O_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
22417432928 98304 055344 99100 1784T:protgcc_-march=native_-mtune=native_-O3_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
228201120529 0 0139382 812 1720T:protclang_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
24237414172 98304 034072 99100 1784T:protgcc_-march=native_-mtune=native_-O_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
24286615675 98304 036416 99100 1784T:protgcc_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
244060112631 0 0132094 812 1720T:protclang_-march=native_-O_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625
24614813129 98304 031968 99092 1752T:protgcc_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024062620240625

Compiler output

Implementation: T:opt
Security model: timingleaks
Compiler: clang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)
dh.c: In file included from dh.c:6:
dh.c: ./ffa.h:273:18: warning: unused variable 'dt1' [-Wunused-variable]
dh.c:     __m128i dt0, dt1;
dh.c:                  ^
dh.c: ./ffa.h:273:13: warning: unused variable 'dt0' [-Wunused-variable]
dh.c:     __m128i dt0, dt1;
dh.c:             ^
dh.c: In file included from dh.c:8:
dh.c: ./smu.h:196:31: warning: unused variable 'one' [-Wunused-variable]
dh.c:     __m128i sig_sse, msk_sse, one;
dh.c:                               ^
dh.c: 3 warnings generated.
Number of similar (implementation,compiler) pairs: 3, namely:
ImplementationCompiler
T:optclang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)
T:optclang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)
T:optclang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)

Compiler output

Implementation: T:opt
Security model: timingleaks
Compiler: clang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)
dh.c: In file included from dh.c:6:
dh.c: ./ffa.h:273:13: warning: unused variable 'dt0' [-Wunused-variable]
dh.c:     __m128i dt0, dt1;
dh.c:             ^
dh.c: ./ffa.h:273:18: warning: unused variable 'dt1' [-Wunused-variable]
dh.c:     __m128i dt0, dt1;
dh.c:                  ^
dh.c: In file included from dh.c:8:
dh.c: ./smu.h:196:31: warning: unused variable 'one' [-Wunused-variable]
dh.c:     __m128i sig_sse, msk_sse, one;
dh.c:                               ^
dh.c: 3 warnings generated.
Number of similar (implementation,compiler) pairs: 1, namely:
ImplementationCompiler
T:optclang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)

Compiler output

Implementation: T:opt
Security model: timingleaks
Compiler: clang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)
dh.c: In file included from dh.c:6:
dh.c: ./ffa.h:94:5: error: '__builtin_ia32_pclmulqdq128' needs target feature pclmul
dh.c:     low_kts_stp(op00,op10,k00,k02,op01,op11,r00,r01,r02,0x00); /* a0xb0 */
dh.c:     ^
dh.c: ./ffa.h:62:11: note: expanded from macro 'low_kts_stp'
dh.c:     re0 = _mm_clmulepi64_si128(op0, op1, ord);\
dh.c:           ^
dh.c: /usr/lib/llvm-11/lib/clang/11.0.1/include/__wmmintrin_pclmul.h:45:13: note: expanded from macro '_mm_clmulepi64_si128'
dh.c:   ((__m128i)__builtin_ia32_pclmulqdq128((__v2di)(__m128i)(X), \
dh.c:             ^
dh.c: In file included from dh.c:6:
dh.c: ./ffa.h:94:5: error: '__builtin_ia32_pclmulqdq128' needs target feature pclmul
dh.c: ./ffa.h:63:11: note: expanded from macro 'low_kts_stp'
dh.c:     re1 = _mm_clmulepi64_si128(op2, op3, ord);\
dh.c:           ^
dh.c: /usr/lib/llvm-11/lib/clang/11.0.1/include/__wmmintrin_pclmul.h:45:13: note: expanded from macro '_mm_clmulepi64_si128'
dh.c:   ((__m128i)__builtin_ia32_pclmulqdq128((__v2di)(__m128i)(X), \
dh.c:             ^
dh.c: In file included from dh.c:6:
dh.c: ./ffa.h:94:5: error: '__builtin_ia32_pclmulqdq128' needs target feature pclmul
dh.c: ./ffa.h:64:11: note: expanded from macro 'low_kts_stp'
dh.c:     re2 = _mm_clmulepi64_si128(op4, op5, ord);\
dh.c:           ^
dh.c: /usr/lib/llvm-11/lib/clang/11.0.1/include/__wmmintrin_pclmul.h:45:13: note: expanded from macro '_mm_clmulepi64_si128'
dh.c:   ((__m128i)__builtin_ia32_pclmulqdq128((__v2di)(__m128i)(X), \
dh.c: ...
Number of similar (implementation,compiler) pairs: 1, namely:
ImplementationCompiler
T:optclang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)

Compiler output

Implementation: T:opt
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110)
dh.c: In file included from dh.c:6:
dh.c: ffa.h: In function 'low_sqr':
dh.c: ffa.h:273:18: warning: unused variable 'dt1' [-Wunused-variable]
dh.c:   273 |     __m128i dt0, dt1;
dh.c:       |                  ^~~
dh.c: ffa.h:273:13: warning: unused variable 'dt0' [-Wunused-variable]
dh.c:   273 |     __m128i dt0, dt1;
dh.c:       |             ^~~
dh.c: In file included from dh.c:8:
dh.c: smu.h: In function 'smu_pre_5nf':
dh.c: smu.h:58:18: warning: variable 'ml00' set but not used [-Wunused-but-set-variable]
dh.c:    58 |     __m128i ONE, ml00;
dh.c:       |                  ^~~~
dh.c: smu.h: In function 'smu_5nf_dna_ltr':
dh.c: smu.h:196:31: warning: unused variable 'one' [-Wunused-variable]
dh.c:   196 |     __m128i sig_sse, msk_sse, one;
dh.c:       |                               ^~~
Number of similar (implementation,compiler) pairs: 4, namely:
ImplementationCompiler
T:optgcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110)
T:optgcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110)
T:optgcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110)
T:optgcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110)

Compiler output

Implementation: T:prot
Security model: timingleaks
Compiler: clang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)
dh.c: In file included from dh.c:7:
dh.c: ./low.incl:65:38: warning: unused variable 't1' [-Wunused-variable]
dh.c:         __m128i m1, m0, m2, m3, m4, m5, t0, t1;
dh.c:                                             ^
dh.c: ./low.incl:153:14: warning: unused variable 't1' [-Wunused-variable]
dh.c:         __m128i t0, t1, sq, mask;
dh.c:                     ^
dh.c: ./low.incl:271:7: warning: unused variable 'uu' [-Wunused-variable]
dh.c:         ui64 uu[2], vv[2];
dh.c:              ^
dh.c: ./low.incl:271:14: warning: unused variable 'vv' [-Wunused-variable]
dh.c:         ui64 uu[2], vv[2];
dh.c:                     ^
dh.c: In file included from dh.c:9:
dh.c: ./scmul.incl:168:38: warning: unused variable 'c' [-Wunused-variable]
dh.c:         ui64 r, carry, shift, mask, *c;
dh.c:                                      ^
dh.c: ./scmul.incl:191:29: warning: unused variable 'zero' [-Wunused-variable]
dh.c:         i64 efe=(ui64)(-1), zero = 0x0, one = 0x1;
dh.c:                             ^
dh.c: ./scmul.incl:189:13: warning: unused variable 't0' [-Wunused-variable]
dh.c:         i64 t0, mask;
dh.c:             ^
dh.c: ./scmul.incl:191:13: warning: unused variable 'efe' [-Wunused-variable]
dh.c:         i64 efe=(ui64)(-1), zero = 0x0, one = 0x1;
dh.c: ...
Number of similar (implementation,compiler) pairs: 1, namely:
ImplementationCompiler
T:protclang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)

Compiler output

Implementation: T:prot
Security model: timingleaks
Compiler: clang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)
dh.c: In file included from dh.c:7:
dh.c: ./low.incl:65:38: warning: unused variable 't1' [-Wunused-variable]
dh.c:         __m128i m1, m0, m2, m3, m4, m5, t0, t1;
dh.c:                                             ^
dh.c: ./low.incl:153:14: warning: unused variable 't1' [-Wunused-variable]
dh.c:         __m128i t0, t1, sq, mask;
dh.c:                     ^
dh.c: ./low.incl:271:7: warning: unused variable 'uu' [-Wunused-variable]
dh.c:         ui64 uu[2], vv[2];
dh.c:              ^
dh.c: ./low.incl:271:14: warning: unused variable 'vv' [-Wunused-variable]
dh.c:         ui64 uu[2], vv[2];
dh.c:                     ^
dh.c: In file included from dh.c:9:
dh.c: ./scmul.incl:168:38: warning: unused variable 'c' [-Wunused-variable]
dh.c:         ui64 r, carry, shift, mask, *c;
dh.c:                                      ^
dh.c: ./scmul.incl:191:13: warning: unused variable 'efe' [-Wunused-variable]
dh.c:         i64 efe=(ui64)(-1), zero = 0x0, one = 0x1;
dh.c:             ^
dh.c: ./scmul.incl:191:41: warning: unused variable 'one' [-Wunused-variable]
dh.c:         i64 efe=(ui64)(-1), zero = 0x0, one = 0x1;
dh.c:                                         ^
dh.c: ./scmul.incl:191:29: warning: unused variable 'zero' [-Wunused-variable]
dh.c:         i64 efe=(ui64)(-1), zero = 0x0, one = 0x1;
dh.c: ...
Number of similar (implementation,compiler) pairs: 1, namely:
ImplementationCompiler
T:protclang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)

Compiler output

Implementation: T:prot
Security model: timingleaks
Compiler: clang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)
dh.c: In file included from dh.c:7:
dh.c: ./low.incl:65:38: warning: unused variable 't1' [-Wunused-variable]
dh.c:         __m128i m1, m0, m2, m3, m4, m5, t0, t1;
dh.c:                                             ^
dh.c: ./low.incl:153:14: warning: unused variable 't1' [-Wunused-variable]
dh.c:         __m128i t0, t1, sq, mask;
dh.c:                     ^
dh.c: ./low.incl:271:14: warning: unused variable 'vv' [-Wunused-variable]
dh.c:         ui64 uu[2], vv[2];
dh.c:                     ^
dh.c: ./low.incl:271:7: warning: unused variable 'uu' [-Wunused-variable]
dh.c:         ui64 uu[2], vv[2];
dh.c:              ^
dh.c: In file included from dh.c:9:
dh.c: ./scmul.incl:168:38: warning: unused variable 'c' [-Wunused-variable]
dh.c:         ui64 r, carry, shift, mask, *c;
dh.c:                                      ^
dh.c: ./scmul.incl:189:13: warning: unused variable 't0' [-Wunused-variable]
dh.c:         i64 t0, mask;
dh.c:             ^
dh.c: ./scmul.incl:191:13: warning: unused variable 'efe' [-Wunused-variable]
dh.c:         i64 efe=(ui64)(-1), zero = 0x0, one = 0x1;
dh.c:             ^
dh.c: ./scmul.incl:191:29: warning: unused variable 'zero' [-Wunused-variable]
dh.c:         i64 efe=(ui64)(-1), zero = 0x0, one = 0x1;
dh.c: ...
Number of similar (implementation,compiler) pairs: 1, namely:
ImplementationCompiler
T:protclang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)

Compiler output

Implementation: T:prot
Security model: timingleaks
Compiler: clang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)
dh.c: In file included from dh.c:7:
dh.c: ./low.incl:65:38: warning: unused variable 't1' [-Wunused-variable]
dh.c:         __m128i m1, m0, m2, m3, m4, m5, t0, t1;
dh.c:                                             ^
dh.c: ./low.incl:153:14: warning: unused variable 't1' [-Wunused-variable]
dh.c:         __m128i t0, t1, sq, mask;
dh.c:                     ^
dh.c: ./low.incl:271:7: warning: unused variable 'uu' [-Wunused-variable]
dh.c:         ui64 uu[2], vv[2];
dh.c:              ^
dh.c: ./low.incl:271:14: warning: unused variable 'vv' [-Wunused-variable]
dh.c:         ui64 uu[2], vv[2];
dh.c:                     ^
dh.c: In file included from dh.c:9:
dh.c: ./scmul.incl:168:38: warning: unused variable 'c' [-Wunused-variable]
dh.c:         ui64 r, carry, shift, mask, *c;
dh.c:                                      ^
dh.c: ./scmul.incl:191:13: warning: unused variable 'efe' [-Wunused-variable]
dh.c:         i64 efe=(ui64)(-1), zero = 0x0, one = 0x1;
dh.c:             ^
dh.c: ./scmul.incl:191:41: warning: unused variable 'one' [-Wunused-variable]
dh.c:         i64 efe=(ui64)(-1), zero = 0x0, one = 0x1;
dh.c:                                         ^
dh.c: ./scmul.incl:189:13: warning: unused variable 't0' [-Wunused-variable]
dh.c:         i64 t0, mask;
dh.c: ...
Number of similar (implementation,compiler) pairs: 1, namely:
ImplementationCompiler
T:protclang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)

Compiler output

Implementation: T:prot
Security model: timingleaks
Compiler: clang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)
dh.c: In file included from dh.c:7:
dh.c: ./low.incl:26:2: error: '__builtin_ia32_pclmulqdq128' needs target feature pclmul
dh.c:         MUL4(m1, m0, ma, mb);
dh.c:         ^
dh.c: ./gls254.h:155:7: note: expanded from macro 'MUL4'
dh.c:         r0 = _mm_clmulepi64_si128(ma, mb, 0x00);\
dh.c:              ^
dh.c: /usr/lib/llvm-11/lib/clang/11.0.1/include/__wmmintrin_pclmul.h:45:13: note: expanded from macro '_mm_clmulepi64_si128'
dh.c:   ((__m128i)__builtin_ia32_pclmulqdq128((__v2di)(__m128i)(X), \
dh.c:             ^
dh.c: In file included from dh.c:7:
dh.c: ./low.incl:26:2: error: '__builtin_ia32_pclmulqdq128' needs target feature pclmul
dh.c: ./gls254.h:156:7: note: expanded from macro 'MUL4'
dh.c:         r1 = _mm_clmulepi64_si128(ma, mb, 0x11);\
dh.c:              ^
dh.c: /usr/lib/llvm-11/lib/clang/11.0.1/include/__wmmintrin_pclmul.h:45:13: note: expanded from macro '_mm_clmulepi64_si128'
dh.c:   ((__m128i)__builtin_ia32_pclmulqdq128((__v2di)(__m128i)(X), \
dh.c:             ^
dh.c: In file included from dh.c:7:
dh.c: ./low.incl:26:2: error: '__builtin_ia32_pclmulqdq128' needs target feature pclmul
dh.c: ./gls254.h:157:7: note: expanded from macro 'MUL4'
dh.c:         t0 = _mm_clmulepi64_si128(t0, t0, 0x10);\
dh.c:              ^
dh.c: /usr/lib/llvm-11/lib/clang/11.0.1/include/__wmmintrin_pclmul.h:45:13: note: expanded from macro '_mm_clmulepi64_si128'
dh.c:   ((__m128i)__builtin_ia32_pclmulqdq128((__v2di)(__m128i)(X), \
dh.c: ...
Number of similar (implementation,compiler) pairs: 1, namely:
ImplementationCompiler
T:protclang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_11.0.1)

Compiler output

Implementation: T:prot
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110)
dh.c: In file included from dh.c:7:
dh.c: low.incl: In function 'low_mul_nr254':
dh.c: low.incl:65:38: warning: unused variable 't1' [-Wunused-variable]
dh.c:    65 |  __m128i m1, m0, m2, m3, m4, m5, t0, t1;
dh.c:       |                                      ^~
dh.c: low.incl: In function 'low_sq_nr254':
dh.c: low.incl:153:14: warning: unused variable 't1' [-Wunused-variable]
dh.c:   153 |  __m128i t0, t1, sq, mask;
dh.c:       |              ^~
dh.c: low.incl: In function 'low_sqrt254':
dh.c: low.incl:271:14: warning: unused variable 'vv' [-Wunused-variable]
dh.c:   271 |  ui64 uu[2], vv[2];
dh.c:       |              ^~
dh.c: low.incl:271:7: warning: unused variable 'uu' [-Wunused-variable]
dh.c:   271 |  ui64 uu[2], vv[2];
dh.c:       |       ^~
dh.c: In file included from dh.c:9:
dh.c: scmul.incl: In function 'bn_rsh':
dh.c: scmul.incl:168:38: warning: unused variable 'c' [-Wunused-variable]
dh.c:   168 |         ui64 r, carry, shift, mask, *c;
dh.c:       |                                      ^
dh.c: scmul.incl: In function 'scmul_wreg':
dh.c: scmul.incl:191:41: warning: unused variable 'one' [-Wunused-variable]
dh.c:   191 |         i64 efe=(ui64)(-1), zero = 0x0, one = 0x1;
dh.c:       |                                         ^~~
dh.c: ...
Number of similar (implementation,compiler) pairs: 4, namely:
ImplementationCompiler
T:protgcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110)
T:protgcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110)
T:protgcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110)
T:protgcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (10.2.1_20210110)