Implementation notes: amd64, speed2supercop, crypto_aead/pi64cipher256v1tworounds
Computer: speed2supercop
Microarchitecture: amd64; Haswell+AES (306c3)
Architecture: amd64
CPU ID: GenuineIntel-000306c3-1fc9cbf5
SUPERCOP version: 20240625
Operation: crypto_aead
Primitive: pi64cipher256v1tworounds
Test failure
error 111
crypto_aead_encrypt returns more than crypto_aead_ABYTES extra bytes
Number of similar (implementation,compiler) pairs: 18, namely:
| Implementation | Compiler |
| T:optimized_nonSSE | clang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
| T:optimized_nonSSE | clang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
| T:optimized_nonSSE | clang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
| T:optimized_nonSSE | clang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
| T:optimized_nonSSE | clang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
| T:optimized_nonSSE | gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0) |
| T:optimized_nonSSE | gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0) |
| T:optimized_nonSSE | gcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0) |
| T:optimized_nonSSE | gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0) |
| T:ref | clang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
| T:ref | clang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
| T:ref | clang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
| T:ref | clang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
| T:ref | clang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
| T:ref | gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0) |
| T:ref | gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0) |
| T:ref | gcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0) |
| T:ref | gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0) |
Compiler output
encrypt.c: encrypt.c:360:41: warning: unused variable 't7' [-Wunused-variable]
encrypt.c: u_int64_t t0, t1, t2, t3, t4, t5, t6, t7, t8, t9, t10, t11, t12, t13;
encrypt.c: ^
encrypt.c: encrypt.c:360:53: warning: unused variable 't10' [-Wunused-variable]
encrypt.c: u_int64_t t0, t1, t2, t3, t4, t5, t6, t7, t8, t9, t10, t11, t12, t13;
encrypt.c: ^
encrypt.c: encrypt.c:360:58: warning: unused variable 't11' [-Wunused-variable]
encrypt.c: u_int64_t t0, t1, t2, t3, t4, t5, t6, t7, t8, t9, t10, t11, t12, t13;
encrypt.c: ^
encrypt.c: encrypt.c:362:13: warning: unused variable 'x0' [-Wunused-variable]
encrypt.c: u_int64_t x0, x1, x2, x3, y0, y1, y2, y3, z0, z1, z2, z3;
encrypt.c: ^
encrypt.c: encrypt.c:362:17: warning: unused variable 'x1' [-Wunused-variable]
encrypt.c: u_int64_t x0, x1, x2, x3, y0, y1, y2, y3, z0, z1, z2, z3;
encrypt.c: ^
encrypt.c: encrypt.c:362:21: warning: unused variable 'x2' [-Wunused-variable]
encrypt.c: u_int64_t x0, x1, x2, x3, y0, y1, y2, y3, z0, z1, z2, z3;
encrypt.c: ^
encrypt.c: encrypt.c:362:25: warning: unused variable 'x3' [-Wunused-variable]
encrypt.c: u_int64_t x0, x1, x2, x3, y0, y1, y2, y3, z0, z1, z2, z3;
encrypt.c: ^
encrypt.c: encrypt.c:362:29: warning: unused variable 'y0' [-Wunused-variable]
encrypt.c: u_int64_t x0, x1, x2, x3, y0, y1, y2, y3, z0, z1, z2, z3;
encrypt.c: ^
encrypt.c: encrypt.c:362:33: warning: unused variable 'y1' [-Wunused-variable]
encrypt.c: ...
Number of similar (implementation,compiler) pairs: 5, namely:
| Implementation | Compiler |
| T:optimized_nonSSE | clang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
| T:optimized_nonSSE | clang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
| T:optimized_nonSSE | clang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
| T:optimized_nonSSE | clang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
| T:optimized_nonSSE | clang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
Compiler output
encrypt.c: encrypt.c: In function 'crypto_aead_pi64cipher256v1tworounds_optimized_nonSSE_timingleaks_encrypt':
encrypt.c: encrypt.c:383:74: warning: unused variable 'ii2' [-Wunused-variable]
encrypt.c: 383 | unsigned long long i, j, jj, ii, b, i1, j1, a, mblocks, b1, ii1, ii2;
encrypt.c: | ^~~
encrypt.c: encrypt.c:383:69: warning: unused variable 'ii1' [-Wunused-variable]
encrypt.c: 383 | unsigned long long i, j, jj, ii, b, i1, j1, a, mblocks, b1, ii1, ii2;
encrypt.c: | ^~~
encrypt.c: encrypt.c:383:49: warning: unused variable 'j1' [-Wunused-variable]
encrypt.c: 383 | unsigned long long i, j, jj, ii, b, i1, j1, a, mblocks, b1, ii1, ii2;
encrypt.c: | ^~
encrypt.c: encrypt.c:383:38: warning: unused variable 'ii' [-Wunused-variable]
encrypt.c: 383 | unsigned long long i, j, jj, ii, b, i1, j1, a, mblocks, b1, ii1, ii2;
encrypt.c: | ^~
encrypt.c: encrypt.c:379:38: warning: variable 'CommonInternalState8' set but not used [-Wunused-but-set-variable]
encrypt.c: 379 | u_int8_t *InternalState8, *CommonInternalState8, *tempTag8;
encrypt.c: | ^~~~~~~~~~~~~~~~~~~~
encrypt.c: encrypt.c:366:99: warning: unused variable 'IS15' [-Wunused-variable]
encrypt.c: 366 | u_int64_t IS0, IS1, IS2, IS3, IS4, IS5, IS6, IS7, IS8, IS9, IS10, IS11, IS12, IS13, IS14, IS15;
encrypt.c: | ^~~~
encrypt.c: encrypt.c:366:93: warning: unused variable 'IS14' [-Wunused-variable]
encrypt.c: 366 | u_int64_t IS0, IS1, IS2, IS3, IS4, IS5, IS6, IS7, IS8, IS9, IS10, IS11, IS12, IS13, IS14, IS15;
encrypt.c: | ^~~~
encrypt.c: encrypt.c:366:87: warning: unused variable 'IS13' [-Wunused-variable]
encrypt.c: 366 | u_int64_t IS0, IS1, IS2, IS3, IS4, IS5, IS6, IS7, IS8, IS9, IS10, IS11, IS12, IS13, IS14, IS15;
encrypt.c: | ^~~~
encrypt.c: ...
Number of similar (implementation,compiler) pairs: 4, namely:
| Implementation | Compiler |
| T:optimized_nonSSE | gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0) |
| T:optimized_nonSSE | gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0) |
| T:optimized_nonSSE | gcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0) |
| T:optimized_nonSSE | gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0) |
Compiler output
encrypt.c: encrypt.c:196:13: warning: unused variable 'x0' [-Wunused-variable]
encrypt.c: u_int64_t x0, x1, x2, x3, y0, y1, y2, y3, z0, z1, z2, z3;
encrypt.c: ^
encrypt.c: encrypt.c:196:17: warning: unused variable 'x1' [-Wunused-variable]
encrypt.c: u_int64_t x0, x1, x2, x3, y0, y1, y2, y3, z0, z1, z2, z3;
encrypt.c: ^
encrypt.c: encrypt.c:196:21: warning: unused variable 'x2' [-Wunused-variable]
encrypt.c: u_int64_t x0, x1, x2, x3, y0, y1, y2, y3, z0, z1, z2, z3;
encrypt.c: ^
encrypt.c: encrypt.c:196:25: warning: unused variable 'x3' [-Wunused-variable]
encrypt.c: u_int64_t x0, x1, x2, x3, y0, y1, y2, y3, z0, z1, z2, z3;
encrypt.c: ^
encrypt.c: encrypt.c:196:29: warning: unused variable 'y0' [-Wunused-variable]
encrypt.c: u_int64_t x0, x1, x2, x3, y0, y1, y2, y3, z0, z1, z2, z3;
encrypt.c: ^
encrypt.c: encrypt.c:196:33: warning: unused variable 'y1' [-Wunused-variable]
encrypt.c: u_int64_t x0, x1, x2, x3, y0, y1, y2, y3, z0, z1, z2, z3;
encrypt.c: ^
encrypt.c: encrypt.c:196:37: warning: unused variable 'y2' [-Wunused-variable]
encrypt.c: u_int64_t x0, x1, x2, x3, y0, y1, y2, y3, z0, z1, z2, z3;
encrypt.c: ^
encrypt.c: encrypt.c:196:41: warning: unused variable 'y3' [-Wunused-variable]
encrypt.c: u_int64_t x0, x1, x2, x3, y0, y1, y2, y3, z0, z1, z2, z3;
encrypt.c: ^
encrypt.c: encrypt.c:196:45: warning: unused variable 'z0' [-Wunused-variable]
encrypt.c: ...
Number of similar (implementation,compiler) pairs: 5, namely:
| Implementation | Compiler |
| T:ref | clang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
| T:ref | clang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
| T:ref | clang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
| T:ref | clang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
| T:ref | clang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1)) |
Compiler output
encrypt.c: encrypt.c: In function 'crypto_aead_pi64cipher256v1tworounds_ref_timingleaks_encrypt':
encrypt.c: encrypt.c:291:56: warning: operation on 'i1' may be undefined [-Wsequence-point]
encrypt.c: 291 | InternalState8[i1] = InternalState8[i1++] ^ ad[b+i];
encrypt.c: | ~~^~
encrypt.c: encrypt.c:393:82: warning: operation on 'i1' may be undefined [-Wsequence-point]
encrypt.c: 393 | c[CRYPTO_NSECBYTES+b+i] = InternalState8[i1] = InternalState8[i1++] ^ m[b+i];
encrypt.c: | ~~^~
encrypt.c: encrypt.c:210:42: warning: unused variable 'j1' [-Wunused-variable]
encrypt.c: 210 | unsigned long long i, j, jj, ii, b, i1, j1, a;
encrypt.c: | ^~
encrypt.c: encrypt.c:210:31: warning: unused variable 'ii' [-Wunused-variable]
encrypt.c: 210 | unsigned long long i, j, jj, ii, b, i1, j1, a;
encrypt.c: | ^~
encrypt.c: encrypt.c:206:31: warning: variable 'CommonInternalState8' set but not used [-Wunused-but-set-variable]
encrypt.c: 206 | u_int8_t *InternalState8, *CommonInternalState8, *tempTag8;
encrypt.c: | ^~~~~~~~~~~~~~~~~~~~
encrypt.c: encrypt.c:198:51: warning: variable 'k64' set but not used [-Wunused-but-set-variable]
encrypt.c: 198 | u_int64_t *c64, *m64, *ad64, *nsec64, *npub64, *k64;
encrypt.c: | ^~~
encrypt.c: encrypt.c:198:42: warning: variable 'npub64' set but not used [-Wunused-but-set-variable]
encrypt.c: 198 | u_int64_t *c64, *m64, *ad64, *nsec64, *npub64, *k64;
encrypt.c: | ^~~~~~
encrypt.c: encrypt.c:196:57: warning: unused variable 'z3' [-Wunused-variable]
encrypt.c: 196 | u_int64_t x0, x1, x2, x3, y0, y1, y2, y3, z0, z1, z2, z3;
encrypt.c: | ^~
encrypt.c: ...
Number of similar (implementation,compiler) pairs: 4, namely:
| Implementation | Compiler |
| T:ref | gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0) |
| T:ref | gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0) |
| T:ref | gcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0) |
| T:ref | gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0) |