Implementation notes: amd64, speed2supercop, crypto_aead/hs1sivlov2

Computer: speed2supercop
Microarchitecture: amd64; Haswell+AES (306c3)
Architecture: amd64
CPU ID: GenuineIntel-000306c3-1fc9cbf5
SUPERCOP version: 20240425
Operation: crypto_aead
Primitive: hs1sivlov2

Time	Object size	Test size	Implementation	Compiler	Benchmark date	SUPERCOP version
4820	10084 0 0	32509 768 928	`T:faster`	`gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20240426	20240425
5036	8387 0 0	29005 768 928	`T:faster`	`gcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20240426	20240425
5104	12315 0 0	32869 768 928	`T:dolbeau/amd64-avx2`	`gcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20240426	20240425
5172	7542 0 0	25792 744 896	`T:faster`	`gcc_-march=native_-mtune=native_-Os_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20240426	20240425
5176	8149 0 0	28060 760 928	`T:faster`	`gcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20240426	20240425
5196	12247 0 0	32092 760 928	`T:dolbeau/amd64-avx2`	`gcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20240426	20240425
5260	15173 0 0	37565 768 928	`T:dolbeau/amd64-avx2`	`gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20240426	20240425
7368	10395 0 0	30949 768 928	`T:dolbeau/amd64-sse`	`gcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20240426	20240425
7400	17585 0 0	39933 768 928	`T:dolbeau/amd64-sse`	`gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20240426	20240425
7752	9866 0 0	29692 760 928	`T:dolbeau/amd64-sse`	`gcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20240426	20240425
23636	5502 0 0	26093 768 928	`T:ref`	`gcc_-march=native_-mtune=native_-O2_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20240426	20240425
23668	6726 0 0	29141 768 928	`T:ref`	`gcc_-march=native_-mtune=native_-O3_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20240426	20240425
37252	5585 0 0	25533 768 928	`T:ref`	`gcc_-march=native_-mtune=native_-O_-fomit-frame-pointer_-fwrapv_-fPIC_-fPIE`	20240426	20240425

Test failure

Implementation: T:dolbeau/amd64-avx2
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE

error 111
crypto_aead_decrypt returns nonzero

Number of similar (compiler,implementation) pairs: 2, namely:

Compiler	Implementations
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:dolbeau/amd64-avx2 T:dolbeau/amd64-sse

Test failure

Implementation: T:ref
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE

error 111
crypto_aead_decrypt allows trivial forgeries

Number of similar (compiler,implementation) pairs: 1, namely:

Compiler	Implementations
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:ref

Compiler output

Implementation: T:dolbeau/amd64-avx2
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE

Number of similar (compiler,implementation) pairs: 4, namely:

Compiler	Implementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:dolbeau/amd64-avx2
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:dolbeau/amd64-avx2
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:dolbeau/amd64-avx2
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:dolbeau/amd64-avx2

Compiler output

Implementation: T:dolbeau/amd64-avx512
Security model: timingleaks
Compiler: gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE

encrypt.c: encrypt.c:85: warning: "_bswap64" redefined
encrypt.c: 85 | #define _bswap64(a) __builtin_bswap64(a)
encrypt.c: |
encrypt.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/12/include/x86gprintrin.h:33,
encrypt.c: from /usr/lib/gcc/x86_64-linux-gnu/12/include/immintrin.h:27,
encrypt.c: from encrypt.c:54:
encrypt.c: /usr/lib/gcc/x86_64-linux-gnu/12/include/ia32intrin.h:273: note: this is the location of the previous definition
encrypt.c: 273 | #define _bswap64(a) __bswapq(a)
encrypt.c: |
encrypt.c: encrypt.c:86: warning: "_bswap" redefined
encrypt.c: 86 | #define _bswap(a) __builtin_bswap(a)
encrypt.c: |
encrypt.c: /usr/lib/gcc/x86_64-linux-gnu/12/include/ia32intrin.h:307: note: this is the location of the previous definition
encrypt.c: 307 | #define _bswap(a) __bswapd(a)
encrypt.c: |
encrypt.c: encrypt.c:90:2: error: #error "This code requires AVX512F to work"
encrypt.c: 90 | #error "This code requires AVX512F to work"
encrypt.c: | ^~~~~
encrypt.c: encrypt.c:317:20: error: conflicting types for '_mm512_reduce_add_epi64'; have 'long long unsigned int(__m512i)' {aka 'long long unsigned int(__vector(8) long long int)'}
encrypt.c: 317 | unsigned long long _mm512_reduce_add_epi64 (__m512i a) {
encrypt.c: | ^~~~~~~~~~~~~~~~~~~~~~~
encrypt.c: In file included from /usr/lib/gcc/x86_64-linux-gnu/12/include/immintrin.h:49:
encrypt.c: /usr/lib/gcc/x86_64-linux-gnu/12/include/avx512fintrin.h:16251:1: note: previous definition of '_mm512_reduce_add_epi64' with type 'long long int(__m512i)' {aka 'long long int(__vector(8) long long int)'}
encrypt.c: 16251 | _mm512_reduce_add_epi64 (__m512i __A)
encrypt.c: | ^~~~~~~~~~~~~~~~~~~~~~~
encrypt.c: ...

Number of similar (compiler,implementation) pairs: 4, namely:

Compiler	Implementations
gcc -march=native -mtune=native -O2 -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:dolbeau/amd64-avx512
gcc -march=native -mtune=native -O3 -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:dolbeau/amd64-avx512
gcc -march=native -mtune=native -O -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:dolbeau/amd64-avx512
gcc -march=native -mtune=native -Os -fomit-frame-pointer -fwrapv -fPIC -fPIE	T:dolbeau/amd64-avx512