Implementation notes: amd64, shoe, crypto_hash/keccakc256treed2

Computer: shoe
Microarchitecture: amd64; Broadwell+AES (306d4)
Architecture: amd64
CPU ID: GenuineIntel-000306d4-bfebfbff
SUPERCOP version: 20231107
Operation: crypto_hash
Primitive: keccakc256treed2
TimeObject sizeTest sizeImplementationCompilerBenchmark dateSUPERCOP version
1037527629 0 040264 780 952T:sseu4gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2022101020221005
1043027615 0 038472 780 952T:sseu4gcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2022101020221005
1051927079 0 036651 756 920T:sseu4gcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2022101020221005
10538136429 0 0146011 756 920T:sseu24gcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2022101020221005
1055727351 0 037887 772 952T:sseu4gcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2022101020221005
10582137211 0 0147743 772 952T:sseu24gcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2022101020221005
10588136975 0 0147832 780 952T:sseu24gcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2022101020221005
1062528435 0 041776 812 920T:sseu4clang_-march=native_-O3_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2022101020221005
10634137245 0 0149880 780 952T:sseu24gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE2022101020221005
1063628130 0 038478 804 888T:sseu4clang_-march=native_-O_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2022101020221005
1065827736 0 037846 804 888T:sseu4clang_-march=native_-Os_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2022101020221005
1082328435 0 041696 812 920T:sseu4clang_-march=native_-O2_-fomit-frame-pointer_-fwrapv_-Qunused-arguments_-fPIC_-fPIE2022101020221005

Test failure

Implementation: T:sseu24
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
error 111

Number of similar (compiler,implementation) pairs: 4, namely:
CompilerImplementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:sseu24
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:sseu24
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:sseu24
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:sseu24

Compiler output

Implementation: T:sseu24
Security model: timingleaks
Compiler: clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
DoublePermutation.c: DoublePermutation.c:507:5: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'KeccakDoublePermutationOnWords' that is compiled without support for 'ssse3'
DoublePermutation.c: rounds
DoublePermutation.c: ^
DoublePermutation.c: ./KeccakF-1600-unrolling.macros:17:5: note: expanded from macro 'rounds'
DoublePermutation.c: thetaRhoPiChiIotaPrepareTheta( 0, A, E) \
DoublePermutation.c: ^
DoublePermutation.c: DoublePermutation.c:136:11: note: expanded from macro 'thetaRhoPiChiIotaPrepareTheta'
DoublePermutation.c: Bko = ROL64in128_8(A##mu); \
DoublePermutation.c: ^
DoublePermutation.c: DoublePermutation.c:38:37: note: expanded from macro 'ROL64in128_8'
DoublePermutation.c: #define ROL64in128_8(a) _mm_shuffle_epi8(a, CONST128(rho8))
DoublePermutation.c: ^
DoublePermutation.c: DoublePermutation.c:507:5: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'KeccakDoublePermutationOnWords' that is compiled without support for 'ssse3'
DoublePermutation.c: ./KeccakF-1600-unrolling.macros:17:5: note: expanded from macro 'rounds'
DoublePermutation.c: thetaRhoPiChiIotaPrepareTheta( 0, A, E) \
DoublePermutation.c: ^
DoublePermutation.c: DoublePermutation.c:161:11: note: expanded from macro 'thetaRhoPiChiIotaPrepareTheta'
DoublePermutation.c: Bmu = ROL64in128_56(A##so); \
DoublePermutation.c: ^
DoublePermutation.c: DoublePermutation.c:39:37: note: expanded from macro 'ROL64in128_56'
DoublePermutation.c: #define ROL64in128_56(a) _mm_shuffle_epi8(a, CONST128(rho56))
DoublePermutation.c: ^
DoublePermutation.c: DoublePermutation.c:507:5: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'KeccakDoublePermutationOnWords' that is compiled without support for 'ssse3'
DoublePermutation.c: ./KeccakF-1600-unrolling.macros:18:5: note: expanded from macro 'rounds'
DoublePermutation.c: thetaRhoPiChiIotaPrepareTheta( 1, E, A) \
DoublePermutation.c: ...

Number of similar (compiler,implementation) pairs: 1, namely:
CompilerImplementations
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:sseu24

Compiler output

Implementation: T:sseu4
Security model: timingleaks
Compiler: clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
DoublePermutation.c: DoublePermutation.c:507:5: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'KeccakDoublePermutationOnWords' that is compiled without support for 'ssse3'
DoublePermutation.c: rounds
DoublePermutation.c: ^
DoublePermutation.c: ./KeccakF-1600-unrolling.macros:90:9: note: expanded from macro 'rounds'
DoublePermutation.c: thetaRhoPiChiIotaPrepareTheta(i , A, E) \
DoublePermutation.c: ^
DoublePermutation.c: DoublePermutation.c:136:11: note: expanded from macro 'thetaRhoPiChiIotaPrepareTheta'
DoublePermutation.c: Bko = ROL64in128_8(A##mu); \
DoublePermutation.c: ^
DoublePermutation.c: DoublePermutation.c:38:37: note: expanded from macro 'ROL64in128_8'
DoublePermutation.c: #define ROL64in128_8(a) _mm_shuffle_epi8(a, CONST128(rho8))
DoublePermutation.c: ^
DoublePermutation.c: DoublePermutation.c:507:5: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'KeccakDoublePermutationOnWords' that is compiled without support for 'ssse3'
DoublePermutation.c: ./KeccakF-1600-unrolling.macros:90:9: note: expanded from macro 'rounds'
DoublePermutation.c: thetaRhoPiChiIotaPrepareTheta(i , A, E) \
DoublePermutation.c: ^
DoublePermutation.c: DoublePermutation.c:161:11: note: expanded from macro 'thetaRhoPiChiIotaPrepareTheta'
DoublePermutation.c: Bmu = ROL64in128_56(A##so); \
DoublePermutation.c: ^
DoublePermutation.c: DoublePermutation.c:39:37: note: expanded from macro 'ROL64in128_56'
DoublePermutation.c: #define ROL64in128_56(a) _mm_shuffle_epi8(a, CONST128(rho56))
DoublePermutation.c: ^
DoublePermutation.c: DoublePermutation.c:507:5: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'KeccakDoublePermutationOnWords' that is compiled without support for 'ssse3'
DoublePermutation.c: ./KeccakF-1600-unrolling.macros:91:9: note: expanded from macro 'rounds'
DoublePermutation.c: thetaRhoPiChiIotaPrepareTheta(i+1, E, A) \
DoublePermutation.c: ...

Number of similar (compiler,implementation) pairs: 1, namely:
CompilerImplementations
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:sseu4

Compiler output

Implementation: T:xopu24
Security model: timingleaks
Compiler: clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE
DoublePermutation.c: DoublePermutation.c:507:5: error: '__builtin_ia32_vprotqi' needs target feature xop
DoublePermutation.c: rounds
DoublePermutation.c: ^
DoublePermutation.c: ./KeccakF-1600-unrolling.macros:17:5: note: expanded from macro 'rounds'
DoublePermutation.c: thetaRhoPiChiIotaPrepareTheta( 0, A, E) \
DoublePermutation.c: ^
DoublePermutation.c: DoublePermutation.c:78:21: note: expanded from macro 'thetaRhoPiChiIotaPrepareTheta'
DoublePermutation.c: Da = XOR128(Cu, ROL64in128(Ce, 1)); \
DoublePermutation.c: ^
DoublePermutation.c: DoublePermutation.c:33:37: note: expanded from macro 'ROL64in128'
DoublePermutation.c: #define ROL64in128(a, o) _mm_roti_epi64(a, o)
DoublePermutation.c: ^
DoublePermutation.c: /usr/lib/llvm-11/lib/clang/11.0.1/include/xopintrin.h:237:12: note: expanded from macro '_mm_roti_epi64'
DoublePermutation.c: (__m128i)__builtin_ia32_vprotqi((__v2di)(__m128i)(A), (N))
DoublePermutation.c: ^
DoublePermutation.c: DoublePermutation.c:507:5: error: '__builtin_ia32_vprotqi' needs target feature xop
DoublePermutation.c: ./KeccakF-1600-unrolling.macros:17:5: note: expanded from macro 'rounds'
DoublePermutation.c: thetaRhoPiChiIotaPrepareTheta( 0, A, E) \
DoublePermutation.c: ^
DoublePermutation.c: DoublePermutation.c:79:21: note: expanded from macro 'thetaRhoPiChiIotaPrepareTheta'
DoublePermutation.c: De = XOR128(Ca, ROL64in128(Ci, 1)); \
DoublePermutation.c: ^
DoublePermutation.c: DoublePermutation.c:33:37: note: expanded from macro 'ROL64in128'
DoublePermutation.c: #define ROL64in128(a, o) _mm_roti_epi64(a, o)
DoublePermutation.c: ^
DoublePermutation.c: ...

Number of similar (compiler,implementation) pairs: 5, namely:
CompilerImplementations
clang -march=native -O2 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:xopu24
clang -march=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:xopu24
clang -march=native -O -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:xopu24
clang -march=native -Os -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:xopu24
clang -mcpu=native -O3 -fomit-frame-pointer -fwrapv -Qunused-arguments -fPIC -fPIE T:xopu24

Compiler output

Implementation: T:xopu24
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE
DoublePermutation.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/10/include/x86intrin.h:38,
DoublePermutation.c: from DoublePermutation.c:17:
DoublePermutation.c: DoublePermutation.c: In function 'KeccakDoublePermutationOnWords':
DoublePermutation.c: /usr/lib/gcc/x86_64-linux-gnu/10/include/xopintrin.h:272:1: error: inlining failed in call to 'always_inline' '_mm_roti_epi64': target specific option mismatch
DoublePermutation.c: 272 | _mm_roti_epi64(__m128i __A, const int __B)
DoublePermutation.c: | ^~~~~~~~~~~~~~
DoublePermutation.c: DoublePermutation.c:33:37: note: called from here
DoublePermutation.c: 33 | #define ROL64in128(a, o) _mm_roti_epi64(a, o)
DoublePermutation.c: | ^~~~~~~~~~~~~~~~~~~~
DoublePermutation.c: DoublePermutation.c:276:11: note: in expansion of macro 'ROL64in128'
DoublePermutation.c: 276 | Bsu = ROL64in128(A##se, 2); \
DoublePermutation.c: | ^~~~~~~~~~
DoublePermutation.c: KeccakF-1600-unrolling.macros:40:5: note: in expansion of macro 'thetaRhoPiChiIota'
DoublePermutation.c: 40 | thetaRhoPiChiIota(23, E, A) \
DoublePermutation.c: | ^~~~~~~~~~~~~~~~~
DoublePermutation.c: DoublePermutation.c:507:5: note: in expansion of macro 'rounds'
DoublePermutation.c: 507 | rounds
DoublePermutation.c: | ^~~~~~
DoublePermutation.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/10/include/x86intrin.h:38,
DoublePermutation.c: from DoublePermutation.c:17:
DoublePermutation.c: /usr/lib/gcc/x86_64-linux-gnu/10/include/xopintrin.h:272:1: error: inlining failed in call to 'always_inline' '_mm_roti_epi64': target specific option mismatch
DoublePermutation.c: 272 | _mm_roti_epi64(__m128i __A, const int __B)
DoublePermutation.c: | ^~~~~~~~~~~~~~
DoublePermutation.c: DoublePermutation.c:33:37: note: called from here
DoublePermutation.c: 33 | #define ROL64in128(a, o) _mm_roti_epi64(a, o)
DoublePermutation.c: ...

Number of similar (compiler,implementation) pairs: 4, namely:
CompilerImplementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:xopu24
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE T:xopu24
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE T:xopu24
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE T:xopu24