Implementation notes: amd64, speed2supercop, crypto_aead/romulust

Computer: speed2supercop
Microarchitecture: amd64; Haswell+AES (306c3)
Architecture: amd64
CPU ID: GenuineIntel-000306c3-1fc9cbf5
SUPERCOP version: 20240625
Operation: crypto_aead
Primitive: romulust
TimeObject sizeTest sizeImplementationCompilerBenchmark dateSUPERCOP version
55341614089 0 030998 792 872aadomn/x86clang_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024070320240625
56234014228 0 027158 792 856aadomn/x86clang_-march=native_-O_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024070320240625
56283614841 0 031950 792 872aadomn/x86clang_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024070320240625
56635611876 0 024112 728 896aadomn/x86gcc_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024070320240625
58206014324 0 030021 752 928aadomn/x86gcc_-march=native_-mtune=native_-O3_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024070320240625
58563611730 0 025503 784 920aadomn/x86clang_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024070320240625
58898812428 0 026141 752 928aadomn/x86gcc_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024070320240625
65146012534 0 025964 744 928aadomn/x86gcc_-march=native_-mtune=native_-O_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024070320240625
200477631529 640 048389 1440 872aadomn/opt32clang_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024070320240625
200881235065 640 052125 1536 872aadomn/opt32clang_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024070320240625
209208432704 640 048182 1440 856T!!!aadomn/opt32clang_-mcpu=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024070320240625
280215219443 640 033447 1432 920T!!!aadomn/opt32clang_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024070320240625
284604429864 640 045701 1400 928aadomn/opt32gcc_-march=native_-mtune=native_-O3_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024070320240625
289577624209 640 037678 1440 856T!!!aadomn/opt32clang_-march=native_-O_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024070320240625
298203210443 12 027574 804 872T:refclang_-march=native_-O2_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024070320240625
298438811559 12 028870 804 872T:refclang_-march=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024070320240625
326304423358 640 037205 1400 928aadomn/opt32gcc_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024070320240625
327555219412 640 031768 1376 896T!!!aadomn/opt32gcc_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024070320240625
330283221799 640 035437 1400 928T!!!aadomn/opt32gcc_-march=native_-mtune=native_-O_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024070320240625
404965210385 12 026446 804 856T:refclang_-mcpu=native_-O3_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024070320240625
480494014150 12 029973 764 928T:refgcc_-march=native_-mtune=native_-O3_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024070320240625
93138565451 12 019631 796 920T:refclang_-march=native_-Os_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024070320240625
104530446216 12 020021 764 928T:refgcc_-march=native_-mtune=native_-O2_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024070320240625
122816768537 12 021934 804 856T:refclang_-march=native_-O_-fwrapv_-Qunused-arguments_-fPIC_-fPIE_-gdwarf-4_-Wall2024070320240625
126952284812 12 017104 740 896T:refgcc_-march=native_-mtune=native_-Os_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024070320240625
137349165460 12 018956 756 928T:refgcc_-march=native_-mtune=native_-O_-fwrapv_-fPIC_-fPIE_-gdwarf-4_-Wall2024070320240625

Compiler output

tk_schedule.c: tk_schedule.c:377:14: warning: argument 1 of type 'uint32_t[64]' {aka 'unsigned int[64]'} with mismatched bound [-Warray-parameter=]
tk_schedule.c:   377 |     uint32_t rtk_1[TKPERMORDER*BLOCKBYTES/4],
tk_schedule.c:       |     ~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
tk_schedule.c: In file included from tk_schedule.c:17:
tk_schedule.c: tk_schedule.h:40:31: note: previously declared as 'uint32_t *' {aka 'unsigned int *'}
tk_schedule.c:    40 | void tk_schedule_13(uint32_t *rtk_1, uint32_t *rtk_3,
tk_schedule.c:       |                     ~~~~~~~~~~^~~~~
tk_schedule.c: tk_schedule.c:378:14: warning: argument 2 of type 'uint32_t[160]' {aka 'unsigned int[160]'} with mismatched bound [-Warray-parameter=]
tk_schedule.c:   378 |     uint32_t rtk_3[SKINNY128_384_ROUNDS*BLOCKBYTES/4],
tk_schedule.c:       |     ~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
tk_schedule.c: tk_schedule.h:40:48: note: previously declared as 'uint32_t *' {aka 'unsigned int *'}
tk_schedule.c:    40 | void tk_schedule_13(uint32_t *rtk_1, uint32_t *rtk_3,
tk_schedule.c:       |                                      ~~~~~~~~~~^~~~~
tk_schedule.c: tk_schedule.c:379:19: warning: argument 3 of type 'const uint8_t[16]' {aka 'const unsigned char[16]'} with mismatched bound [-Warray-parameter=]
tk_schedule.c:   379 |     const uint8_t tk_1[TWEAKEYBYTES],
tk_schedule.c:       |     ~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~
tk_schedule.c: tk_schedule.h:41:20: note: previously declared as 'const uint8_t *' {aka 'const unsigned char *'}
tk_schedule.c:    41 |     const uint8_t *tk_1,
tk_schedule.c:       |     ~~~~~~~~~~~~~~~^~~~
tk_schedule.c: tk_schedule.c:380:19: warning: argument 4 of type 'const uint8_t[16]' {aka 'const unsigned char[16]'} with mismatched bound [-Warray-parameter=]
tk_schedule.c:   380 |     const uint8_t tk_3[TWEAKEYBYTES])
tk_schedule.c:       |     ~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~
tk_schedule.c: tk_schedule.h:42:20: note: previously declared as 'const uint8_t *' {aka 'const unsigned char *'}
tk_schedule.c:    42 |     const uint8_t *tk_3);
tk_schedule.c:       |     ~~~~~~~~~~~~~~~^~~~
tk_schedule.c: ...
Number of similar (implementation,compiler) pairs: 4, namely:
ImplementationCompiler
aadomn/opt32gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0)
aadomn/opt32gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0)
aadomn/opt32gcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0)
aadomn/opt32gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0)

Compiler output

skinny128.c: skinny128.c:95:12: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'skinny128_384_plus' that is compiled without support for 'ssse3'
skinny128.c:     tk_1 = _mm_shuffle_epi8(tk_1, _mm_set_epi32(0x03040602, 0x05000701, 0x0b0c0e0a, 0x0d080f09));
skinny128.c:            ^
skinny128.c: skinny128.c:97:12: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'skinny128_384_plus' that is compiled without support for 'ssse3'
skinny128.c:     tk_1 = _mm_shuffle_epi8(tk_1, perm_tk);
skinny128.c:            ^
skinny128.c: skinny128.c:99:12: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'skinny128_384_plus' that is compiled without support for 'ssse3'
skinny128.c:     tk_1 = _mm_shuffle_epi8(tk_1, perm_tk);
skinny128.c:            ^
skinny128.c: skinny128.c:101:12: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'skinny128_384_plus' that is compiled without support for 'ssse3'
skinny128.c:     tk_1 = _mm_shuffle_epi8(tk_1, perm_tk);
skinny128.c:            ^
skinny128.c: skinny128.c:103:12: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'skinny128_384_plus' that is compiled without support for 'ssse3'
skinny128.c:     tk_1 = _mm_shuffle_epi8(tk_1, perm_tk);
skinny128.c:            ^
skinny128.c: skinny128.c:105:12: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'skinny128_384_plus' that is compiled without support for 'ssse3'
skinny128.c:     tk_1 = _mm_shuffle_epi8(tk_1, perm_tk);
skinny128.c:            ^
skinny128.c: skinny128.c:107:12: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'skinny128_384_plus' that is compiled without support for 'ssse3'
skinny128.c:     tk_1 = _mm_shuffle_epi8(tk_1, perm_tk);
skinny128.c:            ^
skinny128.c: skinny128.c:109:12: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'skinny128_384_plus' that is compiled without support for 'ssse3'
skinny128.c:     tk_1 = _mm_shuffle_epi8(tk_1, perm_tk);
skinny128.c:            ^
skinny128.c: skinny128.c:113:5: error: always_inline function '_mm_shuffle_epi8' requires target feature 'ssse3', but would be inlined into function 'skinny128_384_plus' that is compiled without support for 'ssse3'
skinny128.c: ...
Number of similar (implementation,compiler) pairs: 1, namely:
ImplementationCompiler
aadomn/x86clang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1))

Compiler output

skinny128.c: skinny128.c:67:20: warning: argument 1 of type 'unsigned char *' declared as a pointer [-Warray-parameter=]
skinny128.c:    67 |     unsigned char *out,
skinny128.c:       |     ~~~~~~~~~~~~~~~^~~
skinny128.c: In file included from skinny128.c:11:
skinny128.c: skinny128.h:13:17: note: previously declared as an array 'uint8_t[16]' {aka 'unsigned char[16]'}
skinny128.c:    13 |         uint8_t in[BLOCKBYTES], const uint8_t out[BLOCKBYTES],
skinny128.c:       |         ~~~~~~~~^~~~~~~~~~~~~~
skinny128.c: skinny128.c:68:26: warning: argument 2 of type 'const unsigned char *' declared as a pointer [-Warray-parameter=]
skinny128.c:    68 |     const unsigned char *in,
skinny128.c:       |     ~~~~~~~~~~~~~~~~~~~~~^~
skinny128.c: skinny128.h:13:47: note: previously declared as an array 'const uint8_t[16]' {aka 'const unsigned char[16]'}
skinny128.c:    13 |         uint8_t in[BLOCKBYTES], const uint8_t out[BLOCKBYTES],
skinny128.c:       |                                 ~~~~~~~~~~~~~~^~~~~~~~~~~~~~~
skinny128.c: skinny128.c:69:26: warning: argument 3 of type 'const unsigned char *' declared as a pointer [-Warray-parameter=]
skinny128.c:    69 |     const unsigned char *tk1,
skinny128.c:       |     ~~~~~~~~~~~~~~~~~~~~~^~~
skinny128.c: skinny128.h:14:23: note: previously declared as an array 'const uint8_t[16]' {aka 'const unsigned char[16]'}
skinny128.c:    14 |         const uint8_t tk1[TWEAKEYBYTES],
skinny128.c:       |         ~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~
skinny128.c: skinny128.c:70:26: warning: argument 4 of type 'const unsigned char *' declared as a pointer [-Warray-parameter=]
skinny128.c:    70 |     const unsigned char *rtk_23)
skinny128.c:       |     ~~~~~~~~~~~~~~~~~~~~~^~~~~~
skinny128.c: skinny128.h:15:23: note: previously declared as an array 'const uint8_t[320]' {aka 'const unsigned char[320]'}
skinny128.c:    15 |         const uint8_t rtk_23[SKINNY128_384_ROUNDS*BLOCKBYTES/2]);
skinny128.c:       |         ~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
skinny128.c: ...
Number of similar (implementation,compiler) pairs: 4, namely:
ImplementationCompiler
aadomn/x86gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0)
aadomn/x86gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0)
aadomn/x86gcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0)
aadomn/x86gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0)

Compiler output

romulus_t_reference.c: romulus_t_reference.c:368:16: warning: variable 'i' set but not used [-Wunused-but-set-variable]
romulus_t_reference.c:   unsigned int i;
romulus_t_reference.c:                ^
romulus_t_reference.c: romulus_t_reference.c:411:24: warning: variable 'C' set but not used [-Wunused-but-set-variable]
romulus_t_reference.c:   const unsigned char* C;
romulus_t_reference.c:                        ^
romulus_t_reference.c: 2 warnings generated.
Number of similar (implementation,compiler) pairs: 5, namely:
ImplementationCompiler
T:refclang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1))
T:refclang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1))
T:refclang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1))
T:refclang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1))
T:refclang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1))

Compiler output

romulus_t_reference.c: romulus_t_reference.c: In function 'romulus_t_encrypt':
romulus_t_reference.c: romulus_t_reference.c:368:16: warning: variable 'i' set but not used [-Wunused-but-set-variable]
romulus_t_reference.c:   368 |   unsigned int i;
romulus_t_reference.c:       |                ^
romulus_t_reference.c: romulus_t_reference.c: In function 'romulus_t_decrypt':
romulus_t_reference.c: romulus_t_reference.c:411:24: warning: variable 'C' set but not used [-Wunused-but-set-variable]
romulus_t_reference.c:   411 |   const unsigned char* C;
romulus_t_reference.c:       |                        ^
Number of similar (implementation,compiler) pairs: 4, namely:
ImplementationCompiler
T:refgcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0)
T:refgcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0)
T:refgcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0)
T:refgcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0)

Failed TIMECOP

Conditional jump or move depends on uninitialised value(s)
   at 0x...: crypto_aead_romulust_aadomn_opt32_constbranchindex_decrypt (encrypt.c:52)
   by 0x...: test (try.c:300)
   by 0x...: main (try-anything.c:345)
 Uninitialised value was created by a client request
   at 0x...: poison (try-anything.c:281)
   by 0x...: test (try.c:299)
   by 0x...: main (try-anything.c:345)

Conditional jump or move depends on uninitialised value(s)
   at 0x...: crypto_aead_romulust_aadomn_opt32_constbranchindex_decrypt (encrypt.c:52)
   by 0x...: test (try.c:331)
   by 0x...: main (try-anything.c:345)
 Uninitialised value was created by a client request
   at 0x...: poison (try-anything.c:281)
   by 0x...: test (try.c:330)
   by 0x...: main (try-anything.c:345)
Number of similar (implementation,compiler) pairs: 4, namely:
ImplementationCompiler
aadomn/opt32clang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1))
aadomn/opt32clang -mcpu=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1))
aadomn/opt32gcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0)
aadomn/opt32gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0)

Failed TIMECOP

Conditional jump or move depends on uninitialised value(s)
   at 0x...: crypto_aead_romulust_aadomn_opt32_constbranchindex_decrypt (encrypt.c:52)
   by 0x...: test (try.c:300)
   by 0x...: main (try-anything.c:345)
 Uninitialised value was created by a client request
   at 0x...: poison (try-anything.c:281)
   by 0x...: test (try.c:298)
   by 0x...: main (try-anything.c:345)

Conditional jump or move depends on uninitialised value(s)
   at 0x...: crypto_aead_romulust_aadomn_opt32_constbranchindex_decrypt (encrypt.c:52)
   by 0x...: test (try.c:331)
   by 0x...: main (try-anything.c:345)
 Uninitialised value was created by a client request
   at 0x...: poison (try-anything.c:281)
   by 0x...: test (try.c:329)
   by 0x...: main (try-anything.c:345)
Number of similar (implementation,compiler) pairs: 1, namely:
ImplementationCompiler
aadomn/opt32clang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1))

TIMECOP error (can be valgrind bug)

Conditional jump or move depends on uninitialised value(s)
   at 0x...: crypto_aead_romulust_aadomn_opt32_constbranchindex_decrypt (encrypt.c:52)
   by 0x...: test (try.c:300)
   by 0x...: main (try-anything.c:345)

Conditional jump or move depends on uninitialised value(s)
   at 0x...: crypto_aead_romulust_aadomn_opt32_constbranchindex_decrypt (encrypt.c:52)
   by 0x...: test (try.c:331)
   by 0x...: main (try-anything.c:345)
Number of similar (implementation,compiler) pairs: 4, namely:
ImplementationCompiler
aadomn/opt32clang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1))
aadomn/opt32clang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1))
aadomn/opt32gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0)
aadomn/opt32gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0)

TIMECOP error (can be valgrind bug)

Conditional jump or move depends on uninitialised value(s)
   at 0x...: crypto_aead_romulust_aadomn_x86_constbranchindex_decrypt (encrypt.c:52)
   by 0x...: test (try.c:300)
   by 0x...: main (try-anything.c:345)

Conditional jump or move depends on uninitialised value(s)
   at 0x...: crypto_aead_romulust_aadomn_x86_constbranchindex_decrypt (encrypt.c:52)
   by 0x...: test (try.c:331)
   by 0x...: main (try-anything.c:345)
Number of similar (implementation,compiler) pairs: 8, namely:
ImplementationCompiler
aadomn/x86clang -march=native -O2 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1))
aadomn/x86clang -march=native -O3 -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1))
aadomn/x86clang -march=native -O -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1))
aadomn/x86clang -march=native -Os -fwrapv -Qunused-arguments -fPIC -fPIE -gdwarf-4 -Wall (Debian_Clang_16.0.6_(27+b1))
aadomn/x86gcc -march=native -mtune=native -O2 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0)
aadomn/x86gcc -march=native -mtune=native -O3 -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0)
aadomn/x86gcc -march=native -mtune=native -O -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0)
aadomn/x86gcc -march=native -mtune=native -Os -fwrapv -fPIC -fPIE -gdwarf-4 -Wall (13.3.0)