uptream regression: support aliasing in towers of extension fields #147
Labels
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
Nim upstream fixed #146 by making big concept instantiation use normal Nim parameter passing (i.e. over 24 bytes = pass-by-reference) nim-lang/Nim#16897
However, now there is a bug in Fp12 towering due to aliasing output and input here:
constantine/constantine/tower_field_extensions/cubic_extensions.nim
Line 186 in 83dcd98
Workaround is easy, just copy v3 in a temp before calling the function.
However this is likely to also contribute to extra MOV like here #145
In general, all tower functions need to be refactored so that the callee handles aliasing instead of the caller requiring temporaries as in that case that requires the caller to copy a whole 6x384 bits = 288 bytes before a function call.
This would likely also significantly extra overhead on G2 https://github.com/mratsim/constantine/blob/83dcd98/constantine/tower_field_extensions/quadratic_extensions.nim#L341-L365.
Constantine is currently runner up on BLS12-381 G1 in https://hackmd.io/@zkteam/eccbench, faster than BLST and MCL
but somehow falters on G2
and the gap is compounded in pairings/Fp12
The text was updated successfully, but these errors were encountered: