Implementation notes: amd64, saber214, crypto_kem/ntruhps2048677

Compiler output

poly_s3_inv.c: poly_s3_inv.c:37:17: error: always_inline function '_mm256_unpacklo_epi32' requires target feature 'avx2', but would be inlined into function 'vec256_frombits' that is compiled without support for 'avx2'
poly_s3_inv.c:     vec256 c0 = _mm256_unpacklo_epi32(b0,b1); /* 0 1 2 3 32 33 34 35 4 5 6 7 36 37 38 39 ... 55 */
poly_s3_inv.c:                 ^
poly_s3_inv.c: poly_s3_inv.c:38:17: error: always_inline function '_mm256_unpackhi_epi32' requires target feature 'avx2', but would be inlined into function 'vec256_frombits' that is compiled without support for 'avx2'
poly_s3_inv.c:     vec256 c1 = _mm256_unpackhi_epi32(b0,b1); /* 8 9 10 11 40 41 42 43 ... 63 */
poly_s3_inv.c:                 ^
poly_s3_inv.c: poly_s3_inv.c:39:17: error: always_inline function '_mm256_unpacklo_epi32' requires target feature 'avx2', but would be inlined into function 'vec256_frombits' that is compiled without support for 'avx2'
poly_s3_inv.c:     vec256 c2 = _mm256_unpacklo_epi32(b2,b3);
poly_s3_inv.c:                 ^
poly_s3_inv.c: poly_s3_inv.c:40:17: error: always_inline function '_mm256_unpackhi_epi32' requires target feature 'avx2', but would be inlined into function 'vec256_frombits' that is compiled without support for 'avx2'
poly_s3_inv.c:     vec256 c3 = _mm256_unpackhi_epi32(b2,b3);
poly_s3_inv.c:                 ^
poly_s3_inv.c: poly_s3_inv.c:41:17: error: always_inline function '_mm256_unpacklo_epi32' requires target feature 'avx2', but would be inlined into function 'vec256_frombits' that is compiled without support for 'avx2'
poly_s3_inv.c:     vec256 c4 = _mm256_unpacklo_epi32(b4,b5);
poly_s3_inv.c:                 ^
poly_s3_inv.c: poly_s3_inv.c:42:17: error: always_inline function '_mm256_unpackhi_epi32' requires target feature 'avx2', but would be inlined into function 'vec256_frombits' that is compiled without support for 'avx2'
poly_s3_inv.c:     vec256 c5 = _mm256_unpackhi_epi32(b4,b5);
poly_s3_inv.c:                 ^
poly_s3_inv.c: poly_s3_inv.c:43:17: error: always_inline function '_mm256_unpacklo_epi32' requires target feature 'avx2', but would be inlined into function 'vec256_frombits' that is compiled without support for 'avx2'
poly_s3_inv.c:     vec256 c6 = _mm256_unpacklo_epi32(b6,b7);
poly_s3_inv.c:                 ^
poly_s3_inv.c: poly_s3_inv.c:44:17: error: always_inline function '_mm256_unpackhi_epi32' requires target feature 'avx2', but would be inlined into function 'vec256_frombits' that is compiled without support for 'avx2'
poly_s3_inv.c:     vec256 c7 = _mm256_unpackhi_epi32(b6,b7);
poly_s3_inv.c:                 ^
poly_s3_inv.c: poly_s3_inv.c:46:22: error: always_inline function '_mm256_slli_epi32' requires target feature 'avx2', but would be inlined into function 'vec256_frombits' that is compiled without support for 'avx2'
poly_s3_inv.c: ...

Compiler output

poly_s3_inv.c: poly_s3_inv.c:360:11: error: always_inline function '_mm256_set_epi32' requires target feature 'avx', but would be inlined into function '__poly_S3_inv' that is compiled without support for 'avx'
poly_s3_inv.c:   F0[0] = _mm256_set_epi32(-1,-1,-1,-1,-1,-1,-1,-1);
poly_s3_inv.c:           ^
poly_s3_inv.c: poly_s3_inv.c:360:11: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
poly_s3_inv.c: poly_s3_inv.c:361:11: error: always_inline function '_mm256_set_epi32' requires target feature 'avx', but would be inlined into function '__poly_S3_inv' that is compiled without support for 'avx'
poly_s3_inv.c:   F0[1] = _mm256_set_epi32(-1,-1,-1,-1,-1,-1,-1,-1);
poly_s3_inv.c:           ^
poly_s3_inv.c: poly_s3_inv.c:361:11: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
poly_s3_inv.c: poly_s3_inv.c:362:11: error: always_inline function '_mm256_set_epi32' requires target feature 'avx', but would be inlined into function '__poly_S3_inv' that is compiled without support for 'avx'
poly_s3_inv.c:   F0[2] = _mm256_set_epi32(511,-1,511,-1,511,-1,1023,-1);
poly_s3_inv.c:           ^
poly_s3_inv.c: poly_s3_inv.c:362:11: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
poly_s3_inv.c: poly_s3_inv.c:363:11: error: always_inline function '_mm256_set1_epi32' requires target feature 'avx', but would be inlined into function '__poly_S3_inv' that is compiled without support for 'avx'
poly_s3_inv.c:   F1[0] = _mm256_set1_epi32(0);
poly_s3_inv.c:           ^
poly_s3_inv.c: poly_s3_inv.c:363:11: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
poly_s3_inv.c: poly_s3_inv.c:364:11: error: always_inline function '_mm256_set1_epi32' requires target feature 'avx', but would be inlined into function '__poly_S3_inv' that is compiled without support for 'avx'
poly_s3_inv.c:   F1[1] = _mm256_set1_epi32(0);
poly_s3_inv.c:           ^
poly_s3_inv.c: poly_s3_inv.c:364:11: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
poly_s3_inv.c: poly_s3_inv.c:365:11: error: always_inline function '_mm256_set1_epi32' requires target feature 'avx', but would be inlined into function '__poly_S3_inv' that is compiled without support for 'avx'
poly_s3_inv.c:   F1[2] = _mm256_set1_epi32(0);
poly_s3_inv.c:           ^
poly_s3_inv.c: poly_s3_inv.c:365:11: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
poly_s3_inv.c: poly_s3_inv.c:367:11: error: always_inline function '_mm256_set1_epi32' requires target feature 'avx', but would be inlined into function '__poly_S3_inv' that is compiled without support for 'avx'
poly_s3_inv.c: ...

Compiler output

owcpa.c: owcpa.c:67:40: warning: argument 3 of type 'const unsigned char[3211]' with mismatched bound [-Warray-parameter=]
owcpa.c:    67 |                    const unsigned char seed[NTRU_SAMPLE_FG_BYTES])
owcpa.c:       |                    ~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~
owcpa.c: In file included from owcpa.c:1:
owcpa.c: owcpa.h:14:40: note: previously declared as 'const unsigned char[32]'
owcpa.c:    14 |                    const unsigned char seed[NTRU_SEEDBYTES]);
owcpa.c:       |                    ~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~
owcpa.c: owcpa.c: In function 'crypto_kem_ntruhps2048677_avx2_constbranchindex_owcpa_keypair':
owcpa.c: <command-line>: warning: 'crypto_kem_ntruhps2048677_avx2_constbranchindex_sample_fg' reading 3211 bytes from a region of size 32 [-Wstringop-overread]
owcpa.c: <command-line>: note: in definition of macro 'CRYPTO_NAMESPACE'
owcpa.c: owcpa.c:77:3: note: in expansion of macro 'sample_fg'
owcpa.c:    77 |   sample_fg(f,g,seed);
owcpa.c:       |   ^~~~~~~~~
owcpa.c: <command-line>: note: referencing argument 3 of type 'const unsigned char *'
owcpa.c: <command-line>: note: in definition of macro 'CRYPTO_NAMESPACE'
owcpa.c: owcpa.c:77:3: note: in expansion of macro 'sample_fg'
owcpa.c:    77 |   sample_fg(f,g,seed);
owcpa.c:       |   ^~~~~~~~~
owcpa.c: <command-line>: note: in a call to function 'crypto_kem_ntruhps2048677_avx2_constbranchindex_sample_fg'
owcpa.c: <command-line>: note: in definition of macro 'CRYPTO_NAMESPACE'
owcpa.c: sample.h:11:6: note: in expansion of macro 'sample_fg'
owcpa.c:    11 | void sample_fg(poly *f, poly *g, const unsigned char uniformbytes[NTRU_SAMPLE_FG_BYTES]);
owcpa.c:       |      ^~~~~~~~~
pack3.c: pack3.c:3:36: warning: argument 1 of type 'unsigned char[272]' with mismatched bound [-Warray-parameter=]
pack3.c:     3 | void poly_S3_tobytes(unsigned char msg[NTRU_OWCPA_MSGBYTES], const poly *a)
pack3.c:       |                      ~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~
pack3.c: In file included from pack3.c:1:
pack3.c: poly.h:33:36: note: previously declared as 'unsigned char[136]'
pack3.c:    33 | void poly_S3_tobytes(unsigned char msg[NTRU_PACK_TRINARY_BYTES], const poly *a);
pack3.c:       |                      ~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~
pack3.c: pack3.c:25:53: warning: argument 2 of type 'const unsigned char[272]' with mismatched bound [-Warray-parameter=]
pack3.c:    25 | void poly_S3_frombytes(poly *r, const unsigned char msg[NTRU_OWCPA_MSGBYTES])
pack3.c:       |                                 ~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~
pack3.c: In file included from pack3.c:1:
pack3.c: poly.h:34:53: note: previously declared as 'const unsigned char[136]'
pack3.c:    34 | void poly_S3_frombytes(poly *r, const unsigned char msg[NTRU_PACK_TRINARY_BYTES]);
pack3.c:       |                                 ~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~
poly_s3_inv.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/11/include/immintrin.h:47,
poly_s3_inv.c:                  from poly.h:4,
poly_s3_inv.c:                  from poly_s3_inv.c:1:
poly_s3_inv.c: poly_s3_inv.c: In function 'vec256_frombits':
poly_s3_inv.c: /usr/lib/gcc/x86_64-linux-gnu/11/include/avx2intrin.h:597:1: error: inlining failed in call to 'always_inline' '_mm256_shuffle_epi32': target specific option mismatch
poly_s3_inv.c:   597 | _mm256_shuffle_epi32 (__m256i __A, const int __mask)
poly_s3_inv.c:       | ^~~~~~~~~~~~~~~~~~~~
poly_s3_inv.c: poly_s3_inv.c:67:9: note: called from here
poly_s3_inv.c:    67 |     h = _mm256_shuffle_epi32(h,0xd8);
poly_s3_inv.c:       |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
poly_s3_inv.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/11/include/immintrin.h:47,
poly_s3_inv.c:                  from poly.h:4,
poly_s3_inv.c:                  from poly_s3_inv.c:1:
poly_s3_inv.c: /usr/lib/gcc/x86_64-linux-gnu/11/include/avx2intrin.h:1071:1: error: inlining failed in call to 'always_inline' '_mm256_permute4x64_epi64': target specific option mismatch
poly_s3_inv.c:  1071 | _mm256_permute4x64_epi64 (__m256i __X, const int __M)
poly_s3_inv.c:       | ^~~~~~~~~~~~~~~~~~~~~~~~
poly_s3_inv.c: poly_s3_inv.c:66:9: note: called from here
poly_s3_inv.c:    66 |     h = _mm256_permute4x64_epi64(h,0xd8);
poly_s3_inv.c:       |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
poly_s3_inv.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/11/include/immintrin.h:47,
poly_s3_inv.c:                  from poly.h:4,
poly_s3_inv.c:                  from poly_s3_inv.c:1:
poly_s3_inv.c: /usr/lib/gcc/x86_64-linux-gnu/11/include/avx2intrin.h:588:1: error: inlining failed in call to 'always_inline' '_mm256_shuffle_epi8': target specific option mismatch
poly_s3_inv.c:   588 | _mm256_shuffle_epi8 (__m256i __X, __m256i __Y)
poly_s3_inv.c:       | ^~~~~~~~~~~~~~~~~~~
poly_s3_inv.c: ...

Compiler output

owcpa.c: owcpa.c:67:40: warning: argument 3 of type 'const unsigned char[3211]' with mismatched bound [-Warray-parameter=]
owcpa.c:    67 |                    const unsigned char seed[NTRU_SAMPLE_FG_BYTES])
owcpa.c:       |                    ~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~
owcpa.c: In file included from owcpa.c:1:
owcpa.c: owcpa.h:14:40: note: previously declared as 'const unsigned char[32]'
owcpa.c:    14 |                    const unsigned char seed[NTRU_SEEDBYTES]);
owcpa.c:       |                    ~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~
owcpa.c: owcpa.c: In function 'crypto_kem_ntruhps2048677_avx2_timingleaks_owcpa_keypair':
owcpa.c: <command-line>: warning: 'crypto_kem_ntruhps2048677_avx2_timingleaks_sample_fg' reading 3211 bytes from a region of size 32 [-Wstringop-overread]
owcpa.c: <command-line>: note: in definition of macro 'CRYPTO_NAMESPACE'
owcpa.c: owcpa.c:77:3: note: in expansion of macro 'sample_fg'
owcpa.c:    77 |   sample_fg(f,g,seed);
owcpa.c:       |   ^~~~~~~~~
owcpa.c: <command-line>: note: referencing argument 3 of type 'const unsigned char *'
owcpa.c: <command-line>: note: in definition of macro 'CRYPTO_NAMESPACE'
owcpa.c: owcpa.c:77:3: note: in expansion of macro 'sample_fg'
owcpa.c:    77 |   sample_fg(f,g,seed);
owcpa.c:       |   ^~~~~~~~~
owcpa.c: <command-line>: note: in a call to function 'crypto_kem_ntruhps2048677_avx2_timingleaks_sample_fg'
owcpa.c: <command-line>: note: in definition of macro 'CRYPTO_NAMESPACE'
owcpa.c: sample.h:11:6: note: in expansion of macro 'sample_fg'
owcpa.c:    11 | void sample_fg(poly *f, poly *g, const unsigned char uniformbytes[NTRU_SAMPLE_FG_BYTES]);
owcpa.c:       |      ^~~~~~~~~
pack3.c: pack3.c:3:36: warning: argument 1 of type 'unsigned char[272]' with mismatched bound [-Warray-parameter=]
pack3.c:     3 | void poly_S3_tobytes(unsigned char msg[NTRU_OWCPA_MSGBYTES], const poly *a)
pack3.c:       |                      ~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~
pack3.c: In file included from pack3.c:1:
pack3.c: poly.h:33:36: note: previously declared as 'unsigned char[136]'
pack3.c:    33 | void poly_S3_tobytes(unsigned char msg[NTRU_PACK_TRINARY_BYTES], const poly *a);
pack3.c:       |                      ~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~
pack3.c: pack3.c:25:53: warning: argument 2 of type 'const unsigned char[272]' with mismatched bound [-Warray-parameter=]
pack3.c:    25 | void poly_S3_frombytes(poly *r, const unsigned char msg[NTRU_OWCPA_MSGBYTES])
pack3.c:       |                                 ~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~
pack3.c: In file included from pack3.c:1:
pack3.c: poly.h:34:53: note: previously declared as 'const unsigned char[136]'
pack3.c:    34 | void poly_S3_frombytes(poly *r, const unsigned char msg[NTRU_PACK_TRINARY_BYTES]);
pack3.c:       |                                 ~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~
poly_s3_inv.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/11/include/immintrin.h:47,
poly_s3_inv.c:                  from poly.h:4,
poly_s3_inv.c:                  from poly_s3_inv.c:1:
poly_s3_inv.c: poly_s3_inv.c: In function 'vec256_frombits':
poly_s3_inv.c: /usr/lib/gcc/x86_64-linux-gnu/11/include/avx2intrin.h:597:1: error: inlining failed in call to 'always_inline' '_mm256_shuffle_epi32': target specific option mismatch
poly_s3_inv.c:   597 | _mm256_shuffle_epi32 (__m256i __A, const int __mask)
poly_s3_inv.c:       | ^~~~~~~~~~~~~~~~~~~~
poly_s3_inv.c: poly_s3_inv.c:67:9: note: called from here
poly_s3_inv.c:    67 |     h = _mm256_shuffle_epi32(h,0xd8);
poly_s3_inv.c:       |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
poly_s3_inv.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/11/include/immintrin.h:47,
poly_s3_inv.c:                  from poly.h:4,
poly_s3_inv.c:                  from poly_s3_inv.c:1:
poly_s3_inv.c: /usr/lib/gcc/x86_64-linux-gnu/11/include/avx2intrin.h:1071:1: error: inlining failed in call to 'always_inline' '_mm256_permute4x64_epi64': target specific option mismatch
poly_s3_inv.c:  1071 | _mm256_permute4x64_epi64 (__m256i __X, const int __M)
poly_s3_inv.c:       | ^~~~~~~~~~~~~~~~~~~~~~~~
poly_s3_inv.c: poly_s3_inv.c:66:9: note: called from here
poly_s3_inv.c:    66 |     h = _mm256_permute4x64_epi64(h,0xd8);
poly_s3_inv.c:       |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
poly_s3_inv.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/11/include/immintrin.h:47,
poly_s3_inv.c:                  from poly.h:4,
poly_s3_inv.c:                  from poly_s3_inv.c:1:
poly_s3_inv.c: /usr/lib/gcc/x86_64-linux-gnu/11/include/avx2intrin.h:588:1: error: inlining failed in call to 'always_inline' '_mm256_shuffle_epi8': target specific option mismatch
poly_s3_inv.c:   588 | _mm256_shuffle_epi8 (__m256i __X, __m256i __Y)
poly_s3_inv.c:       | ^~~~~~~~~~~~~~~~~~~
poly_s3_inv.c: ...

Compiler output

owcpa.c: owcpa.c:67:40: warning: argument 3 of type 'const unsigned char[3211]' with mismatched bound [-Warray-parameter=]
owcpa.c:    67 |                    const unsigned char seed[NTRU_SAMPLE_FG_BYTES])
owcpa.c:       |                    ~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~
owcpa.c: In file included from owcpa.c:1:
owcpa.c: owcpa.h:14:40: note: previously declared as 'const unsigned char[32]'
owcpa.c:    14 |                    const unsigned char seed[NTRU_SEEDBYTES]);
owcpa.c:       |                    ~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~
owcpa.c: owcpa.c: In function 'crypto_kem_ntruhps2048677_ref_constbranchindex_owcpa_keypair':
owcpa.c: <command-line>: warning: 'crypto_kem_ntruhps2048677_ref_constbranchindex_sample_fg' reading 3211 bytes from a region of size 32 [-Wstringop-overread]
owcpa.c: <command-line>: note: in definition of macro 'CRYPTO_NAMESPACE'
owcpa.c: owcpa.c:77:3: note: in expansion of macro 'sample_fg'
owcpa.c:    77 |   sample_fg(f,g,seed);
owcpa.c:       |   ^~~~~~~~~
owcpa.c: <command-line>: note: referencing argument 3 of type 'const unsigned char *'
owcpa.c: <command-line>: note: in definition of macro 'CRYPTO_NAMESPACE'
owcpa.c: owcpa.c:77:3: note: in expansion of macro 'sample_fg'
owcpa.c:    77 |   sample_fg(f,g,seed);
owcpa.c:       |   ^~~~~~~~~
owcpa.c: <command-line>: note: in a call to function 'crypto_kem_ntruhps2048677_ref_constbranchindex_sample_fg'
owcpa.c: <command-line>: note: in definition of macro 'CRYPTO_NAMESPACE'
owcpa.c: sample.h:11:6: note: in expansion of macro 'sample_fg'
owcpa.c:    11 | void sample_fg(poly *f, poly *g, const unsigned char uniformbytes[NTRU_SAMPLE_FG_BYTES]);
owcpa.c:       |      ^~~~~~~~~
pack3.c: pack3.c:3:36: warning: argument 1 of type 'unsigned char[272]' with mismatched bound [-Warray-parameter=]
pack3.c:     3 | void poly_S3_tobytes(unsigned char msg[NTRU_OWCPA_MSGBYTES], const poly *a)
pack3.c:       |                      ~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~
pack3.c: In file included from pack3.c:1:
pack3.c: poly.h:32:36: note: previously declared as 'unsigned char[136]'
pack3.c:    32 | void poly_S3_tobytes(unsigned char msg[NTRU_PACK_TRINARY_BYTES], const poly *a);
pack3.c:       |                      ~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~
pack3.c: pack3.c:25:53: warning: argument 2 of type 'const unsigned char[272]' with mismatched bound [-Warray-parameter=]
pack3.c:    25 | void poly_S3_frombytes(poly *r, const unsigned char msg[NTRU_OWCPA_MSGBYTES])
pack3.c:       |                                 ~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~
pack3.c: In file included from pack3.c:1:
pack3.c: poly.h:33:53: note: previously declared as 'const unsigned char[136]'
pack3.c:    33 | void poly_S3_frombytes(poly *r, const unsigned char msg[NTRU_PACK_TRINARY_BYTES]);
pack3.c:       |                                 ~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~

Compiler output

owcpa.c: owcpa.c:67:40: warning: argument 3 of type 'const unsigned char[3211]' with mismatched bound [-Warray-parameter=]
owcpa.c:    67 |                    const unsigned char seed[NTRU_SAMPLE_FG_BYTES])
owcpa.c:       |                    ~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~
owcpa.c: In file included from owcpa.c:1:
owcpa.c: owcpa.h:14:40: note: previously declared as 'const unsigned char[32]'
owcpa.c:    14 |                    const unsigned char seed[NTRU_SEEDBYTES]);
owcpa.c:       |                    ~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~
owcpa.c: owcpa.c: In function 'crypto_kem_ntruhps2048677_ref_timingleaks_owcpa_keypair':
owcpa.c: <command-line>: warning: 'crypto_kem_ntruhps2048677_ref_timingleaks_sample_fg' reading 3211 bytes from a region of size 32 [-Wstringop-overread]
owcpa.c: <command-line>: note: in definition of macro 'CRYPTO_NAMESPACE'
owcpa.c: owcpa.c:77:3: note: in expansion of macro 'sample_fg'
owcpa.c:    77 |   sample_fg(f,g,seed);
owcpa.c:       |   ^~~~~~~~~
owcpa.c: <command-line>: note: referencing argument 3 of type 'const unsigned char *'
owcpa.c: <command-line>: note: in definition of macro 'CRYPTO_NAMESPACE'
owcpa.c: owcpa.c:77:3: note: in expansion of macro 'sample_fg'
owcpa.c:    77 |   sample_fg(f,g,seed);
owcpa.c:       |   ^~~~~~~~~
owcpa.c: <command-line>: note: in a call to function 'crypto_kem_ntruhps2048677_ref_timingleaks_sample_fg'
owcpa.c: <command-line>: note: in definition of macro 'CRYPTO_NAMESPACE'
owcpa.c: sample.h:11:6: note: in expansion of macro 'sample_fg'
owcpa.c:    11 | void sample_fg(poly *f, poly *g, const unsigned char uniformbytes[NTRU_SAMPLE_FG_BYTES]);
owcpa.c:       |      ^~~~~~~~~
pack3.c: pack3.c:3:36: warning: argument 1 of type 'unsigned char[272]' with mismatched bound [-Warray-parameter=]
pack3.c:     3 | void poly_S3_tobytes(unsigned char msg[NTRU_OWCPA_MSGBYTES], const poly *a)
pack3.c:       |                      ~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~
pack3.c: In file included from pack3.c:1:
pack3.c: poly.h:32:36: note: previously declared as 'unsigned char[136]'
pack3.c:    32 | void poly_S3_tobytes(unsigned char msg[NTRU_PACK_TRINARY_BYTES], const poly *a);
pack3.c:       |                      ~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~
pack3.c: pack3.c:25:53: warning: argument 2 of type 'const unsigned char[272]' with mismatched bound [-Warray-parameter=]
pack3.c:    25 | void poly_S3_frombytes(poly *r, const unsigned char msg[NTRU_OWCPA_MSGBYTES])
pack3.c:       |                                 ~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~
pack3.c: In file included from pack3.c:1:
pack3.c: poly.h:33:53: note: previously declared as 'const unsigned char[136]'
pack3.c:    33 | void poly_S3_frombytes(poly *r, const unsigned char msg[NTRU_PACK_TRINARY_BYTES]);
pack3.c:       |                                 ~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~

TIMECOP error (can be valgrind bug)

Process terminating with default action of signal 4 (SIGILL)
 Illegal opcode at address 0x12C521
   at 0x...: crypto_stream_chacha20_moon_xop_64_constbranchindex_blocks_xop (chacha.S:101)
   by 0x...: ??? (in /home/djb/supercop-data/saber214/amd64/try/c/clang_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall/constbranchindex/crypto_kem/ntruhps2048677/compact/work/try-timecop)
   by 0x...: crypto_stream_chacha20_moon_xop_64_constbranchindex (crypto_stream.c:14)
   by 0x...: crypto_rng_chacha20_ref_constbranchindex (rng.c:23)
   by 0x...: randombytes_internal (knownrandombytes.c:31)
   by 0x...: randombytes (knownrandombytes.c:56)
   by 0x...: crypto_kem_ntruhps2048677_compact_constbranchindex_keypair (kem.c:360)
   by 0x...: test (try.c:126)
   by 0x...: main (try-anything.c:345)

TIMECOP error (can be valgrind bug)

Process terminating with default action of signal 4 (SIGILL)
 Illegal opcode at address 0x134121
   at 0x...: crypto_stream_chacha20_moon_xop_64_constbranchindex_blocks_xop (chacha.S:101)
   by 0x...: ??? (in /home/djb/supercop-data/saber214/amd64/try/c/clang_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall/constbranchindex/crypto_kem/ntruhps2048677/compact/work/try-timecop)
   by 0x...: crypto_stream_chacha20_moon_xop_64_constbranchindex (crypto_stream.c:14)
   by 0x...: crypto_rng_chacha20_ref_constbranchindex (rng.c:23)
   by 0x...: randombytes_internal (knownrandombytes.c:31)
   by 0x...: randombytes (knownrandombytes.c:56)
   by 0x...: crypto_kem_ntruhps2048677_compact_constbranchindex_keypair (kem.c:360)
   by 0x...: test (try.c:126)
   by 0x...: main (try-anything.c:345)

TIMECOP error (can be valgrind bug)

Process terminating with default action of signal 4 (SIGILL)
 Illegal opcode at address 0x11C421
   at 0x...: crypto_stream_chacha20_moon_xop_64_constbranchindex_blocks_xop (chacha.S:101)
   by 0x...: ??? (in /home/djb/supercop-data/saber214/amd64/try/c/clang_-march=native_-O_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall/constbranchindex/crypto_kem/ntruhps2048677/compact/work/try-timecop)
   by 0x...: crypto_stream_chacha20_moon_xop_64_constbranchindex (crypto_stream.c:14)
   by 0x...: crypto_rng_chacha20_ref_constbranchindex (rng.c:23)
   by 0x...: randombytes_internal (knownrandombytes.c:31)
   by 0x...: randombytes (knownrandombytes.c:56)
   by 0x...: crypto_kem_ntruhps2048677_compact_constbranchindex_keypair (kem.c:360)
   by 0x...: test (try.c:126)
   by 0x...: main (try-anything.c:345)

TIMECOP error (can be valgrind bug)

Process terminating with default action of signal 4 (SIGILL)
 Illegal opcode at address 0x11B9E1
   at 0x...: crypto_stream_chacha20_moon_xop_64_constbranchindex_blocks_xop (chacha.S:101)
   by 0x...: ??? (in /home/djb/supercop-data/saber214/amd64/try/c/clang_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall/constbranchindex/crypto_kem/ntruhps2048677/compact/work/try-timecop)
   by 0x...: crypto_stream_chacha20_moon_xop_64_constbranchindex (crypto_stream.c:14)
   by 0x...: crypto_rng_chacha20_ref_constbranchindex (rng.c:23)
   by 0x...: randombytes_internal (knownrandombytes.c:31)
   by 0x...: randombytes (knownrandombytes.c:56)
   by 0x...: crypto_kem_ntruhps2048677_compact_constbranchindex_keypair (kem.c:360)
   by 0x...: test (try.c:126)
   by 0x...: main (try-anything.c:345)

TIMECOP error (can be valgrind bug)

Process terminating with default action of signal 4 (SIGILL)
 Illegal opcode at address 0x124BE1
   at 0x...: crypto_stream_chacha20_moon_xop_64_constbranchindex_blocks_xop (chacha.S:101)
   by 0x...: ??? (in /home/djb/supercop-data/saber214/amd64/try/c/clang_-mcpu=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall/constbranchindex/crypto_kem/ntruhps2048677/compact/work/try-timecop)
   by 0x...: crypto_stream_chacha20_moon_xop_64_constbranchindex (crypto_stream.c:14)
   by 0x...: crypto_rng_chacha20_ref_constbranchindex (rng.c:23)
   by 0x...: randombytes_internal (knownrandombytes.c:31)
   by 0x...: randombytes (knownrandombytes.c:56)
   by 0x...: crypto_kem_ntruhps2048677_compact_constbranchindex_keypair (kem.c:360)
   by 0x...: test (try.c:126)
   by 0x...: main (try-anything.c:345)

TIMECOP error (can be valgrind bug)

Process terminating with default action of signal 4 (SIGILL)
 Illegal opcode at address 0x10A4DD
   at 0x...: salsa20.part.0 (try-anything.c:102)
   by 0x...: salsa20 (try-anything.c:85)
   by 0x...: canary (try-anything.c:148)
   by 0x...: output_prepare (try-anything.c:178)
   by 0x...: test (try.c:125)
   by 0x...: main (try-anything.c:345)

TIMECOP error (can be valgrind bug)

Process terminating with default action of signal 4 (SIGILL)
 Illegal opcode at address 0x10A12A
   at 0x...: core (try-anything.c:53)
   by 0x...: salsa20.part.0 (try-anything.c:89)
   by 0x...: salsa20 (try-anything.c:85)
   by 0x...: canary (try-anything.c:148)
   by 0x...: output_prepare (try-anything.c:178)
   by 0x...: test (try.c:124)
   by 0x...: main (try-anything.c:345)

TIMECOP error (can be valgrind bug)

Process terminating with default action of signal 4 (SIGILL)
 Illegal opcode at address 0x11BB61
   at 0x...: crypto_stream_chacha20_moon_xop_64_constbranchindex_blocks_xop (chacha.S:101)
   by 0x...: ??? (in /home/djb/supercop-data/saber214/amd64/try/c/gcc_-march=native_-mtune=native_-O_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall/constbranchindex/crypto_kem/ntruhps2048677/compact/work/try-timecop)
   by 0x...: crypto_stream_chacha20_moon_xop_64_constbranchindex (crypto_stream.c:14)
   by 0x...: crypto_rng_chacha20_ref_constbranchindex (rng.c:23)
   by 0x...: randombytes_internal (knownrandombytes.c:31)
   by 0x...: randombytes (knownrandombytes.c:56)
   by 0x...: crypto_kem_ntruhps2048677_compact_constbranchindex_keypair (kem.c:360)
   by 0x...: test (try.c:126)
   by 0x...: main (try-anything.c:345)

TIMECOP error (can be valgrind bug)

Process terminating with default action of signal 4 (SIGILL)
 Illegal opcode at address 0x11B4A1
   at 0x...: crypto_stream_chacha20_moon_xop_64_constbranchindex_blocks_xop (chacha.S:101)
   by 0x...: ??? (in /home/djb/supercop-data/saber214/amd64/try/c/gcc_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall/constbranchindex/crypto_kem/ntruhps2048677/compact/work/try-timecop)
   by 0x...: crypto_stream_chacha20_moon_xop_64_constbranchindex (crypto_stream.c:14)
   by 0x...: crypto_rng_chacha20_ref_constbranchindex (rng.c:23)
   by 0x...: randombytes_internal (knownrandombytes.c:31)
   by 0x...: randombytes (knownrandombytes.c:56)
   by 0x...: crypto_kem_ntruhps2048677_compact_constbranchindex_keypair (kem.c:360)
   by 0x...: test (try.c:126)
   by 0x...: main (try-anything.c:345)

TIMECOP error (can be valgrind bug)

Process terminating with default action of signal 4 (SIGILL)
 Illegal opcode at address 0x121361
   at 0x...: crypto_stream_chacha20_moon_xop_64_constbranchindex_blocks_xop (chacha.S:101)
   by 0x...: ??? (in /home/djb/supercop-data/saber214/amd64/try/c/clang_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall/constbranchindex/crypto_kem/ntruhps2048677/ref/work/try-timecop)
   by 0x...: crypto_stream_chacha20_moon_xop_64_constbranchindex (crypto_stream.c:14)
   by 0x...: crypto_rng_chacha20_ref_constbranchindex (rng.c:23)
   by 0x...: randombytes_internal (knownrandombytes.c:31)
   by 0x...: randombytes (knownrandombytes.c:56)
   by 0x...: crypto_kem_ntruhps2048677_ref_constbranchindex_keypair (kem.c:15)
   by 0x...: test (try.c:126)
   by 0x...: main (try-anything.c:345)

TIMECOP error (can be valgrind bug)

Process terminating with default action of signal 4 (SIGILL)
 Illegal opcode at address 0x123C21
   at 0x...: crypto_stream_chacha20_moon_xop_64_constbranchindex_blocks_xop (chacha.S:101)
   by 0x...: ??? (in /home/djb/supercop-data/saber214/amd64/try/c/clang_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall/constbranchindex/crypto_kem/ntruhps2048677/ref/work/try-timecop)
   by 0x...: crypto_stream_chacha20_moon_xop_64_constbranchindex (crypto_stream.c:14)
   by 0x...: crypto_rng_chacha20_ref_constbranchindex (rng.c:23)
   by 0x...: randombytes_internal (knownrandombytes.c:31)
   by 0x...: randombytes (knownrandombytes.c:56)
   by 0x...: crypto_kem_ntruhps2048677_ref_constbranchindex_keypair (kem.c:15)
   by 0x...: test (try.c:126)
   by 0x...: main (try-anything.c:345)

TIMECOP error (can be valgrind bug)

Process terminating with default action of signal 4 (SIGILL)
 Illegal opcode at address 0x11BD61
   at 0x...: crypto_stream_chacha20_moon_xop_64_constbranchindex_blocks_xop (chacha.S:101)
   by 0x...: ??? (in /home/djb/supercop-data/saber214/amd64/try/c/clang_-march=native_-O_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall/constbranchindex/crypto_kem/ntruhps2048677/ref/work/try-timecop)
   by 0x...: crypto_stream_chacha20_moon_xop_64_constbranchindex (crypto_stream.c:14)
   by 0x...: crypto_rng_chacha20_ref_constbranchindex (rng.c:23)
   by 0x...: randombytes_internal (knownrandombytes.c:31)
   by 0x...: randombytes (knownrandombytes.c:56)
   by 0x...: crypto_kem_ntruhps2048677_ref_constbranchindex_keypair (kem.c:15)
   by 0x...: test (try.c:126)
   by 0x...: main (try-anything.c:345)

TIMECOP error (can be valgrind bug)

Process terminating with default action of signal 4 (SIGILL)
 Illegal opcode at address 0x11BBE1
   at 0x...: crypto_stream_chacha20_moon_xop_64_constbranchindex_blocks_xop (chacha.S:101)
   by 0x...: ??? (in /home/djb/supercop-data/saber214/amd64/try/c/clang_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall/constbranchindex/crypto_kem/ntruhps2048677/ref/work/try-timecop)
   by 0x...: crypto_stream_chacha20_moon_xop_64_constbranchindex (crypto_stream.c:14)
   by 0x...: crypto_rng_chacha20_ref_constbranchindex (rng.c:23)
   by 0x...: randombytes_internal (knownrandombytes.c:31)
   by 0x...: randombytes (knownrandombytes.c:56)
   by 0x...: crypto_kem_ntruhps2048677_ref_constbranchindex_keypair (kem.c:15)
   by 0x...: test (try.c:126)
   by 0x...: main (try-anything.c:345)

TIMECOP error (can be valgrind bug)

Process terminating with default action of signal 4 (SIGILL)
 Illegal opcode at address 0x11FA61
   at 0x...: crypto_stream_chacha20_moon_xop_64_constbranchindex_blocks_xop (chacha.S:101)
   by 0x...: ??? (in /home/djb/supercop-data/saber214/amd64/try/c/clang_-mcpu=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall/constbranchindex/crypto_kem/ntruhps2048677/ref/work/try-timecop)
   by 0x...: crypto_stream_chacha20_moon_xop_64_constbranchindex (crypto_stream.c:14)
   by 0x...: crypto_rng_chacha20_ref_constbranchindex (rng.c:23)
   by 0x...: randombytes_internal (knownrandombytes.c:31)
   by 0x...: randombytes (knownrandombytes.c:56)
   by 0x...: crypto_kem_ntruhps2048677_ref_constbranchindex_keypair (kem.c:15)
   by 0x...: test (try.c:126)
   by 0x...: main (try-anything.c:345)

TIMECOP error (can be valgrind bug)

Process terminating with default action of signal 4 (SIGILL)
 Illegal opcode at address 0x11C1A1
   at 0x...: crypto_stream_chacha20_moon_xop_64_constbranchindex_blocks_xop (chacha.S:101)
   by 0x...: ??? (in /home/djb/supercop-data/saber214/amd64/try/c/gcc_-march=native_-mtune=native_-O_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall/constbranchindex/crypto_kem/ntruhps2048677/ref/work/try-timecop)
   by 0x...: crypto_stream_chacha20_moon_xop_64_constbranchindex (crypto_stream.c:14)
   by 0x...: crypto_rng_chacha20_ref_constbranchindex (rng.c:23)
   by 0x...: randombytes_internal (knownrandombytes.c:31)
   by 0x...: randombytes (knownrandombytes.c:56)
   by 0x...: crypto_kem_ntruhps2048677_ref_constbranchindex_keypair (kem.c:15)
   by 0x...: test (try.c:126)
   by 0x...: main (try-anything.c:345)

TIMECOP error (can be valgrind bug)

Process terminating with default action of signal 4 (SIGILL)
 Illegal opcode at address 0x11BB61
   at 0x...: crypto_stream_chacha20_moon_xop_64_constbranchindex_blocks_xop (chacha.S:101)
   by 0x...: ??? (in /home/djb/supercop-data/saber214/amd64/try/c/gcc_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall/constbranchindex/crypto_kem/ntruhps2048677/ref/work/try-timecop)
   by 0x...: crypto_stream_chacha20_moon_xop_64_constbranchindex (crypto_stream.c:14)
   by 0x...: crypto_rng_chacha20_ref_constbranchindex (rng.c:23)
   by 0x...: randombytes_internal (knownrandombytes.c:31)
   by 0x...: randombytes (knownrandombytes.c:56)
   by 0x...: crypto_kem_ntruhps2048677_ref_constbranchindex_keypair (kem.c:15)
   by 0x...: test (try.c:126)
   by 0x...: main (try-anything.c:345)