Implementation notes: amd64, saber214, crypto_kem/titaniumccasuper

Computer: saber214
Microarchitecture: amd64; Bulldozer (600f20)
Architecture: amd64
CPU ID: AuthenticAMD-00600f20-1789c3f5
SUPERCOP version: 20240107
Operation: crypto_kem
Primitive: titaniumccasuper
TimeObject sizeTest sizeImplementationCompilerBenchmark dateSUPERCOP version
12691045129055 0 36238646 840 1600T:optclang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023122320231212
12741988105331 0 36212734 840 1600T:optclang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023122320231212
13106993104557 0 36213126 840 1600T:optclang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023122320231212
1427283582949 0 36189670 840 1600T:optclang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023122320231212
1447894883126 0 36189432 832 1600T:optclang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023122320231212
15304609126444 0 64235204 800 1664T:optgcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023122320231212
1608561883616 0 64191204 800 1664T:optgcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023122320231212
1665665183623 0 64190844 800 1664T:optgcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023122320231212
206440258075089 0 36184078 840 1600T:refclang_-mcpu=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023122320231212
210003921556249 0 36162400 832 1600T:refclang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023122320231212
2115092359114370 0 36224470 840 1600T:refclang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023122320231212
212258322968103 0 36175758 840 1600T:refclang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023122320231212
216069910355711 0 36162358 840 1600T:refclang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2023122320231212
241674602783583 0 64192292 800 1664T:refgcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023122320231212
247898801756383 0 64163756 800 1664T:refgcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023122320231212
285519826156585 0 64163612 800 1664T:refgcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2023122320231212

Compiler output

Implementation: T:avx2
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
encrypt.c: encrypt.c:65:8: error: always_inline function '_mm256_mul_epu32' requires target feature 'avx2', but would be inlined into function 'crypto_encrypt_keypair' that is compiled without support for 'avx2'
encrypt.c: t = _mm256_mul_epu32(u, v);
encrypt.c: ^
encrypt.c: encrypt.c:80:8: error: always_inline function '_mm256_add_epi64' requires target feature 'avx2', but would be inlined into function 'crypto_encrypt_keypair' that is compiled without support for 'avx2'
encrypt.c: t = _mm256_add_epi64(u, v);
encrypt.c: ^
encrypt.c: encrypt.c:81:9: error: always_inline function '_mm256_mul_epu32' requires target feature 'avx2', but would be inlined into function 'crypto_encrypt_keypair' that is compiled without support for 'avx2'
encrypt.c: t1 = _mm256_mul_epu32(t, V_B4Q_B4Q_B4Q_B4Q);
encrypt.c: ^
encrypt.c: encrypt.c:82:9: error: always_inline function '_mm256_srli_epi64' requires target feature 'avx2', but would be inlined into function 'crypto_encrypt_keypair' that is compiled without support for 'avx2'
encrypt.c: t1 = _mm256_srli_epi64(t1, BARRETT_BITSHIFT_4Q);
encrypt.c: ^
encrypt.c: encrypt.c:83:9: error: always_inline function '_mm256_mul_epu32' requires target feature 'avx2', but would be inlined into function 'crypto_encrypt_keypair' that is compiled without support for 'avx2'
encrypt.c: t1 = _mm256_mul_epu32(t1, V_Q_Q_Q_Q);
encrypt.c: ^
encrypt.c: encrypt.c:84:8: error: always_inline function '_mm256_sub_epi64' requires target feature 'avx2', but would be inlined into function 'crypto_encrypt_keypair' that is compiled without support for 'avx2'
encrypt.c: t = _mm256_sub_epi64(t, t1);
encrypt.c: ^
encrypt.c: 6 errors generated.

Number of similar (compiler,implementation) pairs: 4, namely:
CompilerImplementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:avx2
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:avx2
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:avx2
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:avx2

Compiler output

Implementation: T:avx2
Security model: timingleaks
Compiler: clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
encrypt.c: encrypt.c:63:8: error: always_inline function '_mm256_loadu_si256' requires target feature 'avx', but would be inlined into function 'crypto_encrypt_keypair' that is compiled without support for 'avx'
encrypt.c: u = _mm256_loadu_si256((__m256i *)(a[i] + j));
encrypt.c: ^
encrypt.c: encrypt.c:63:8: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
encrypt.c: encrypt.c:64:8: error: always_inline function '_mm256_loadu_si256' requires target feature 'avx', but would be inlined into function 'crypto_encrypt_keypair' that is compiled without support for 'avx'
encrypt.c: v = _mm256_loadu_si256((__m256i *)(s + j));
encrypt.c: ^
encrypt.c: encrypt.c:64:8: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
encrypt.c: encrypt.c:65:8: error: always_inline function '_mm256_mul_epu32' requires target feature 'avx2', but would be inlined into function 'crypto_encrypt_keypair' that is compiled without support for 'avx2'
encrypt.c: t = _mm256_mul_epu32(u, v);
encrypt.c: ^
encrypt.c: encrypt.c:65:8: error: AVX vector argument of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
encrypt.c: encrypt.c:66:4: error: always_inline function '_mm256_storeu_si256' requires target feature 'avx', but would be inlined into function 'crypto_encrypt_keypair' that is compiled without support for 'avx'
encrypt.c: _mm256_storeu_si256((__m256i *)(a[i] + j), t);
encrypt.c: ^
encrypt.c: encrypt.c:66:4: error: AVX vector argument of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
encrypt.c: encrypt.c:78:8: error: always_inline function '_mm256_loadu_si256' requires target feature 'avx', but would be inlined into function 'crypto_encrypt_keypair' that is compiled without support for 'avx'
encrypt.c: u = _mm256_loadu_si256((__m256i *)(a[i] + j));
encrypt.c: ^
encrypt.c: encrypt.c:78:8: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
encrypt.c: encrypt.c:79:8: error: always_inline function '_mm256_loadu_si256' requires target feature 'avx', but would be inlined into function 'crypto_encrypt_keypair' that is compiled without support for 'avx'
encrypt.c: v = _mm256_loadu_si256((__m256i *)(e[i] + j));
encrypt.c: ^
encrypt.c: encrypt.c:79:8: error: AVX vector return of type '__m256i' (vector of 4 'long long' values) without 'avx' enabled changes the ABI
encrypt.c: encrypt.c:80:8: error: always_inline function '_mm256_add_epi64' requires target feature 'avx2', but would be inlined into function 'crypto_encrypt_keypair' that is compiled without support for 'avx2'
encrypt.c: ...

Number of similar (compiler,implementation) pairs: 1, namely:
CompilerImplementations
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:avx2

Compiler output

Implementation: T:avx2
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE
encrypt.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/11/include/immintrin.h:47,
encrypt.c: from /usr/lib/gcc/x86_64-linux-gnu/11/include/x86intrin.h:32,
encrypt.c: from encrypt.c:18:
encrypt.c: encrypt.c: In function 'crypto_encrypt_keypair':
encrypt.c: /usr/lib/gcc/x86_64-linux-gnu/11/include/avx2intrin.h:567:1: error: inlining failed in call to 'always_inline' '_mm256_mul_epu32': target specific option mismatch
encrypt.c: 567 | _mm256_mul_epu32 (__m256i __A, __m256i __B)
encrypt.c: | ^~~~~~~~~~~~~~~~
encrypt.c: encrypt.c:65:29: note: called from here
encrypt.c: 65 | t = _mm256_mul_epu32(u, v);
encrypt.c: | ^~~~~~~~~~~~~~~~~~~~~~
encrypt.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/11/include/immintrin.h:47,
encrypt.c: from /usr/lib/gcc/x86_64-linux-gnu/11/include/x86intrin.h:32,
encrypt.c: from encrypt.c:18:
encrypt.c: /usr/lib/gcc/x86_64-linux-gnu/11/include/avx2intrin.h:567:1: error: inlining failed in call to 'always_inline' '_mm256_mul_epu32': target specific option mismatch
encrypt.c: 567 | _mm256_mul_epu32 (__m256i __A, __m256i __B)
encrypt.c: | ^~~~~~~~~~~~~~~~
encrypt.c: encrypt.c:65:29: note: called from here
encrypt.c: 65 | t = _mm256_mul_epu32(u, v);
encrypt.c: | ^~~~~~~~~~~~~~~~~~~~~~
encrypt.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/11/include/immintrin.h:47,
encrypt.c: from /usr/lib/gcc/x86_64-linux-gnu/11/include/x86intrin.h:32,
encrypt.c: from encrypt.c:18:
encrypt.c: /usr/lib/gcc/x86_64-linux-gnu/11/include/avx2intrin.h:822:1: error: inlining failed in call to 'always_inline' '_mm256_sub_epi64': target specific option mismatch
encrypt.c: 822 | _mm256_sub_epi64 (__m256i __A, __m256i __B)
encrypt.c: | ^~~~~~~~~~~~~~~~
encrypt.c: ...

Number of similar (compiler,implementation) pairs: 4, namely:
CompilerImplementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:avx2
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:avx2
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE T:avx2
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE T:avx2

Compiler output

Implementation: T:opt
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE
try.c: /usr/bin/ld: libcrypto_kem_titaniumccasuper.a(encrypt.o): in function `crypto_encrypt_keypair':
try.c: encrypt.c:(.text+0x...): undefined reference to `barrett_4q'
try.c: /usr/bin/ld: libcrypto_kem_titaniumccasuper.a(fastrandombytes.o): in function `fastrandombytes':
try.c: fastrandombytes.c:(.text+0x...): undefined reference to `load_32'
try.c: /usr/bin/ld: fastrandombytes.c:(.text+0x...): undefined reference to `store_32'
try.c: /usr/bin/ld: libcrypto_kem_titaniumccasuper.a(ntt.o): in function `ntt_2':
try.c: ntt.c:(.text+0x...): undefined reference to `barrett_4q'
try.c: /usr/bin/ld: ntt.c:(.text+0x...): undefined reference to `barrett_4q'
try.c: /usr/bin/ld: ntt.c:(.text+0x...): undefined reference to `barrett_4q'
try.c: /usr/bin/ld: ntt.c:(.text+0x...): undefined reference to `montgomery'
try.c: /usr/bin/ld: ntt.c:(.text+0x...): undefined reference to `barrett_4q'
try.c: /usr/bin/ld: ntt.c:(.text+0x...): undefined reference to `barrett_4q'
try.c: /usr/bin/ld: ntt.c:(.text+0x...): undefined reference to `barrett_4q'
try.c: /usr/bin/ld: ntt.c:(.text+0x...): undefined reference to `montgomery'
try.c: /usr/bin/ld: ntt.c:(.text+0x...): undefined reference to `barrett_4q'
try.c: /usr/bin/ld: ntt.c:(.text+0x...): undefined reference to `barrett_4q'
try.c: /usr/bin/ld: libcrypto_kem_titaniumccasuper.a(ntt.o): in function `ntt_core':
try.c: ntt.c:(.text+0x...): undefined reference to `montgomery'
try.c: /usr/bin/ld: libcrypto_kem_titaniumccasuper.a(ntt.o): in function `intt_core':
try.c: ntt.c:(.text+0x...): undefined reference to `montgomery'
try.c: /usr/bin/ld: ntt.c:(.text+0x...): undefined reference to `montgomery'
try.c: /usr/bin/ld: libcrypto_kem_titaniumccasuper.a(ntt.o): in function `ntt_butterfly_2048_3328':
try.c: ntt.c:(.text+0x...): undefined reference to `barrett_16q'
try.c: /usr/bin/ld: libcrypto_kem_titaniumccasuper.a(ntt.o): in function `ntt_butterfly_3328_1280':
try.c: ntt.c:(.text+0x...): undefined reference to `barrett_32q'
try.c: ...

Number of similar (compiler,implementation) pairs: 1, namely:
CompilerImplementations
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE T:opt

Compiler output

Implementation: T:ref
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE
try.c: /usr/bin/ld: libcrypto_kem_titaniumccasuper.a(fastrandombytes.o): in function `fastrandombytes':
try.c: fastrandombytes.c:(.text+0x...): undefined reference to `load_32'
try.c: /usr/bin/ld: fastrandombytes.c:(.text+0x...): undefined reference to `store_32'
try.c: /usr/bin/ld: libcrypto_kem_titaniumccasuper.a(sampler.o): in function `sampler_zq':
try.c: sampler.c:(.text+0x...): undefined reference to `load_24'
try.c: collect2: error: ld returned 1 exit status

Number of similar (compiler,implementation) pairs: 1, namely:
CompilerImplementations
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE T:ref