Implementation notes: amd64, saber214, crypto_kem/titaniumccasuper

Computer: saber214
Microarchitecture: amd64; Bulldozer (600f20)
Architecture: amd64
CPU ID: AuthenticAMD-00600f20-1789c3f5
SUPERCOP version: 20240425
Operation: crypto_kem
Primitive: titaniumccasuper
TimeObject sizeTest sizeImplementationCompilerBenchmark dateSUPERCOP version
12637516129055 0 36240110 840 1600T:optclang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2024050620240425
12689182105331 0 36214198 840 1600T:optclang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2024050620240425
13055968104557 0 36214590 840 1600T:optclang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2024050620240425
1421400482949 0 36191134 840 1600T:optclang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2024050620240425
1445070483126 0 36190896 832 1600T:optclang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2024050620240425
15281728126444 0 64236668 800 1664T:optgcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2024050620240425
1600811983616 0 64192668 800 1664T:optgcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2024050620240425
1659816183623 0 64192308 800 1664T:optgcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2024050620240425
206466263275089 0 36185542 840 1600T:refclang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2024050620240425
210009886656249 0 36163864 832 1600T:refclang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2024050620240425
2115158795114370 0 36225934 840 1600T:refclang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2024050620240425
212256955268103 0 36177222 840 1600T:refclang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2024050620240425
215974582455711 0 36163822 840 1600T:refclang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2024050620240425
241682788483583 0 64193756 800 1664T:refgcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2024050620240425
247887173256383 0 64165220 800 1664T:refgcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2024050620240425
285482249456585 0 64165076 800 1664T:refgcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2024050620240425

Compiler output

Implementation: T:avx2
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
encrypt.c: encrypt.c:65:8: error: always_inline function '_mm256_mul_epu32' requires target feature 'avx2', but would be inlined into function 'crypto_encrypt_keypair' that is compiled without support for 'avx2'
encrypt.c: t = _mm256_mul_epu32(u, v);
encrypt.c: ^
encrypt.c: encrypt.c:80:8: error: always_inline function '_mm256_add_epi64' requires target feature 'avx2', but would be inlined into function 'crypto_encrypt_keypair' that is compiled without support for 'avx2'
encrypt.c: t = _mm256_add_epi64(u, v);
encrypt.c: ^
encrypt.c: encrypt.c:81:9: error: always_inline function '_mm256_mul_epu32' requires target feature 'avx2', but would be inlined into function 'crypto_encrypt_keypair' that is compiled without support for 'avx2'
encrypt.c: t1 = _mm256_mul_epu32(t, V_B4Q_B4Q_B4Q_B4Q);
encrypt.c: ^
encrypt.c: encrypt.c:82:9: error: always_inline function '_mm256_srli_epi64' requires target feature 'avx2', but would be inlined into function 'crypto_encrypt_keypair' that is compiled without support for 'avx2'
encrypt.c: t1 = _mm256_srli_epi64(t1, BARRETT_BITSHIFT_4Q);
encrypt.c: ^
encrypt.c: encrypt.c:83:9: error: always_inline function '_mm256_mul_epu32' requires target feature 'avx2', but would be inlined into function 'crypto_encrypt_keypair' that is compiled without support for 'avx2'
encrypt.c: t1 = _mm256_mul_epu32(t1, V_Q_Q_Q_Q);
encrypt.c: ^
encrypt.c: encrypt.c:84:8: error: always_inline function '_mm256_sub_epi64' requires target feature 'avx2', but would be inlined into function 'crypto_encrypt_keypair' that is compiled without support for 'avx2'
encrypt.c: t = _mm256_sub_epi64(t, t1);
encrypt.c: ^
encrypt.c: 6 errors generated.

Number of similar (compiler,implementation) pairs: 4, namely:
CompilerImplementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:avx2
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:avx2
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:avx2
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:avx2

Compiler output

Implementation: T:avx2
Security model: timingleaks
Compiler: clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
encrypt.c: encrypt.c:63:8: error: always_inline function '_mm256_loadu_si256' requires target feature 'avx', but would be inlined into function 'crypto_encrypt_keypair' that is compiled without support for 'avx'
encrypt.c: u = _mm256_loadu_si256((__m256i *)(a[i] + j));
encrypt.c: ^
encrypt.c: encrypt.c:63:8: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
encrypt.c: encrypt.c:64:8: error: always_inline function '_mm256_loadu_si256' requires target feature 'avx', but would be inlined into function 'crypto_encrypt_keypair' that is compiled without support for 'avx'
encrypt.c: v = _mm256_loadu_si256((__m256i *)(s + j));
encrypt.c: ^
encrypt.c: encrypt.c:64:8: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
encrypt.c: encrypt.c:65:8: error: always_inline function '_mm256_mul_epu32' requires target feature 'avx2', but would be inlined into function 'crypto_encrypt_keypair' that is compiled without support for 'avx2'
encrypt.c: t = _mm256_mul_epu32(u, v);
encrypt.c: ^
encrypt.c: encrypt.c:65:8: error: AVX vector argument of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
encrypt.c: encrypt.c:66:4: error: always_inline function '_mm256_storeu_si256' requires target feature 'avx', but would be inlined into function 'crypto_encrypt_keypair' that is compiled without support for 'avx'
encrypt.c: _mm256_storeu_si256((__m256i *)(a[i] + j), t);
encrypt.c: ^
encrypt.c: encrypt.c:66:4: error: AVX vector argument of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
encrypt.c: encrypt.c:78:8: error: always_inline function '_mm256_loadu_si256' requires target feature 'avx', but would be inlined into function 'crypto_encrypt_keypair' that is compiled without support for 'avx'
encrypt.c: u = _mm256_loadu_si256((__m256i *)(a[i] + j));
encrypt.c: ^
encrypt.c: encrypt.c:78:8: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
encrypt.c: encrypt.c:79:8: error: always_inline function '_mm256_loadu_si256' requires target feature 'avx', but would be inlined into function 'crypto_encrypt_keypair' that is compiled without support for 'avx'
encrypt.c: v = _mm256_loadu_si256((__m256i *)(e[i] + j));
encrypt.c: ^
encrypt.c: encrypt.c:79:8: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
encrypt.c: encrypt.c:80:8: error: always_inline function '_mm256_add_epi64' requires target feature 'avx2', but would be inlined into function 'crypto_encrypt_keypair' that is compiled without support for 'avx2'
encrypt.c: ...

Number of similar (compiler,implementation) pairs: 1, namely:
CompilerImplementations
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:avx2

Compiler output

Implementation: T:avx2
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE
encrypt.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/11/include/immintrin.h:47,
encrypt.c: from /usr/lib/gcc/x86_64-linux-gnu/11/include/x86intrin.h:32,
encrypt.c: from encrypt.c:18:
encrypt.c: encrypt.c: In function 'crypto_encrypt_keypair':
encrypt.c: /usr/lib/gcc/x86_64-linux-gnu/11/include/avx2intrin.h:567:1: error: inlining failed in call to 'always_inline' '_mm256_mul_epu32': target specific option mismatch
encrypt.c: 567 | _mm256_mul_epu32 (__m256i __A, __m256i __B)
encrypt.c: | ^~~~~~~~~~~~~~~~
encrypt.c: encrypt.c:65:29: note: called from here
encrypt.c: 65 | t = _mm256_mul_epu32(u, v);
encrypt.c: | ^~~~~~~~~~~~~~~~~~~~~~
encrypt.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/11/include/immintrin.h:47,
encrypt.c: from /usr/lib/gcc/x86_64-linux-gnu/11/include/x86intrin.h:32,
encrypt.c: from encrypt.c:18:
encrypt.c: /usr/lib/gcc/x86_64-linux-gnu/11/include/avx2intrin.h:567:1: error: inlining failed in call to 'always_inline' '_mm256_mul_epu32': target specific option mismatch
encrypt.c: 567 | _mm256_mul_epu32 (__m256i __A, __m256i __B)
encrypt.c: | ^~~~~~~~~~~~~~~~
encrypt.c: encrypt.c:65:29: note: called from here
encrypt.c: 65 | t = _mm256_mul_epu32(u, v);
encrypt.c: | ^~~~~~~~~~~~~~~~~~~~~~
encrypt.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/11/include/immintrin.h:47,
encrypt.c: from /usr/lib/gcc/x86_64-linux-gnu/11/include/x86intrin.h:32,
encrypt.c: from encrypt.c:18:
encrypt.c: /usr/lib/gcc/x86_64-linux-gnu/11/include/avx2intrin.h:822:1: error: inlining failed in call to 'always_inline' '_mm256_sub_epi64': target specific option mismatch
encrypt.c: 822 | _mm256_sub_epi64 (__m256i __A, __m256i __B)
encrypt.c: | ^~~~~~~~~~~~~~~~
encrypt.c: ...

Number of similar (compiler,implementation) pairs: 4, namely:
CompilerImplementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:avx2
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:avx2
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE T:avx2
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE T:avx2

Compiler output

Implementation: T:opt
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE
try.c: /usr/bin/ld: libcrypto_kem_titaniumccasuper.a(encrypt.o): in function `crypto_encrypt_keypair':
try.c: encrypt.c:(.text+0x...): undefined reference to `barrett_4q'
try.c: /usr/bin/ld: libcrypto_kem_titaniumccasuper.a(fastrandombytes.o): in function `fastrandombytes':
try.c: fastrandombytes.c:(.text+0x...): undefined reference to `load_32'
try.c: /usr/bin/ld: fastrandombytes.c:(.text+0x...): undefined reference to `store_32'
try.c: /usr/bin/ld: libcrypto_kem_titaniumccasuper.a(ntt.o): in function `ntt_2':
try.c: ntt.c:(.text+0x...): undefined reference to `barrett_4q'
try.c: /usr/bin/ld: ntt.c:(.text+0x...): undefined reference to `barrett_4q'
try.c: /usr/bin/ld: ntt.c:(.text+0x...): undefined reference to `barrett_4q'
try.c: /usr/bin/ld: ntt.c:(.text+0x...): undefined reference to `montgomery'
try.c: /usr/bin/ld: ntt.c:(.text+0x...): undefined reference to `barrett_4q'
try.c: /usr/bin/ld: ntt.c:(.text+0x...): undefined reference to `barrett_4q'
try.c: /usr/bin/ld: ntt.c:(.text+0x...): undefined reference to `barrett_4q'
try.c: /usr/bin/ld: ntt.c:(.text+0x...): undefined reference to `montgomery'
try.c: /usr/bin/ld: ntt.c:(.text+0x...): undefined reference to `barrett_4q'
try.c: /usr/bin/ld: ntt.c:(.text+0x...): undefined reference to `barrett_4q'
try.c: /usr/bin/ld: libcrypto_kem_titaniumccasuper.a(ntt.o): in function `ntt_core':
try.c: ntt.c:(.text+0x...): undefined reference to `montgomery'
try.c: /usr/bin/ld: libcrypto_kem_titaniumccasuper.a(ntt.o): in function `intt_core':
try.c: ntt.c:(.text+0x...): undefined reference to `montgomery'
try.c: /usr/bin/ld: ntt.c:(.text+0x...): undefined reference to `montgomery'
try.c: /usr/bin/ld: libcrypto_kem_titaniumccasuper.a(ntt.o): in function `ntt_butterfly_2048_3328':
try.c: ntt.c:(.text+0x...): undefined reference to `barrett_16q'
try.c: /usr/bin/ld: libcrypto_kem_titaniumccasuper.a(ntt.o): in function `ntt_butterfly_3328_1280':
try.c: ntt.c:(.text+0x...): undefined reference to `barrett_32q'
try.c: ...

Number of similar (compiler,implementation) pairs: 1, namely:
CompilerImplementations
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE T:opt

Compiler output

Implementation: T:ref
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE
try.c: /usr/bin/ld: libcrypto_kem_titaniumccasuper.a(fastrandombytes.o): in function `fastrandombytes':
try.c: fastrandombytes.c:(.text+0x...): undefined reference to `load_32'
try.c: /usr/bin/ld: fastrandombytes.c:(.text+0x...): undefined reference to `store_32'
try.c: /usr/bin/ld: libcrypto_kem_titaniumccasuper.a(sampler.o): in function `sampler_zq':
try.c: sampler.c:(.text+0x...): undefined reference to `load_24'
try.c: collect2: error: ld returned 1 exit status

Number of similar (compiler,implementation) pairs: 1, namely:
CompilerImplementations
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ref