Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Better x86 Assembly Generation with Go (Gopherc...

Michael McLoughlin
July 25, 2019
Programming
3
2.1k

Better x86 Assembly Generation with Go (Gophercon 2019)

In the Go standard library and beyond, assembly language is used to provide access to architecture and OS-specific features, to accelerate hot loops in scientific code, and provide high-performance cryptographic routines. For these applications correctness is paramount, yet assembly functions can be painstaking to write and nearly impossible to review. This talk demonstrates how to leverage code generation tools to make high-performance Go assembly functions safe and easy to write and maintain.

Michael McLoughlin

July 25, 2019
Tweet

More Decks by Michael McLoughlin

See All by Michael McLoughlin
The fuzzy tale of an x/crypto vulnerability
mmcloughlin
1
990
Better x86 Assembly Generation with Go
mmcloughlin
2
6k
Geohash in Golang Assembly
mmcloughlin
3
780

Other Decks in Programming

See All in Programming
MCP調べてみました! / Exploring MCP
uhzz
2
2.2k
List とは何か? / PHPerKaigi 2025
meihei3
0
780
いまさら聞けない生成AI入門: 「生成AIを高速キャッチアップ」
soh9834
16
4.5k
SwiftUI API Design Lessons
niw
1
270
Develop Faster With FrankenPHP
dunglas
2
3.2k
Building Scalable Mobile Projects: Fast Builds, High Reusability and Clear Ownership
cyrilmottier
2
270
Being an ethical software engineer
xgouchet
PRO
0
210
State of Namespace
tagomoris
4
920
「影響が少ない」を自分の目でみてみる
o0h
PRO
2
1k
API for docs
soutaro
2
930
海外のアプリで見かけたかっこいいTransitionを真似てみる
shogotakasaki
1
160
MCP世界への招待: AIエンジニアが創る次世代エージェント連携の世界
gunta
4
890

Featured

See All Featured
Reflections from 52 weeks, 52 projects
jeffersonlam
349
20k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
280
13k
The Illustrated Children's Guide to Kubernetes
chrisshort
48
49k
Measuring & Analyzing Core Web Vitals
bluesmoon
7
390
How to train your dragon (web standard)
notwaldorf
90
6k
Typedesign – Prime Four
hannesfritz
41
2.6k
The Language of Interfaces
destraynor
157
24k
Building a Scalable Design System with Sketch
lauravandoore
462
33k
Writing Fast Ruby
sferik
628
61k
Scaling GitHub
holman
459
140k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
227
22k
Designing for humans not robots
tammielis
252
25k

Transcript

  1. Better x86 Assembly Generation with Go Michael McLoughlin Gophercon 2019

    Uber Advanced Technologies Group

  2. Assembly Language Go provides the ability to write functions in

    assembly language. Assembly language is a general term for low-level languages that allow programming at the architecture instruction level.
  3. None

  4. Should I write Go functions in Assembly?

  5. No

  6. None

  7. Go Proverbs which Might Have Been Cgo Assembly is not

    Go. My Inner Rob Pike With the unsafe package assembly there are no guarantees. Made-up Go Proverb

  8. Go Proverbs which Might Have Been Cgo Assembly is not

    Go. My Inner Rob Pike With the unsafe package assembly there are no guarantees. Made-up Go Proverb
  9. None

  10. We should forget about small efficiencies, say about 97% of

    the time: premature optimization is the root of all evil. Yet we should not pass up our opportunities in that critical 3%. Donald Knuth, 1974

  11. We should forget about small efficiencies, say about 97% of

    the time: premature optimization is the root of all evil. Yet we should not pass up our opportunities in that critical 3%. Donald Knuth, 1974

  12. The Critical 3%? To take advantage of: • Missed optimizations

    by the compiler • Special hardware instructions Common use cases: • Math compute kernels • System Calls • Low-level Runtime Details • Cryptography
  13. None

  14. Outline Go Assembly Primer Problem Statement Code Generation The avo

    Library Examples Dot Product SHA-1 Future

  15. Go Assembly Primer

  16. Hello, World! package add // Add x and y. func

    Add(x, y uint64) uint64 { return x + y }

  17. Go Disassembler The Go disassembler may be used to inspect

    generated machine code. go build -o add.a go tool objdump add.a

  18. TEXT %22%22.Add(SB) gofile../Users/michaelmcloughlin/Dev... add.go:5 0x2e7 488b442410 MOVQ 0x10(SP), AX add.go:5

    0x2ec 488b4c2408 MOVQ 0x8(SP), CX add.go:5 0x2f1 4801c8 ADDQ CX, AX add.go:5 0x2f4 4889442418 MOVQ AX, 0x18(SP) add.go:5 0x2f9 c3 RET

  19. TEXT %22%22.Add(SB) gofile../Users/michaelmcloughlin/Dev... add.go:5 0x2e7 488b442410 MOVQ 0x10(SP), AX add.go:5

    0x2ec 488b4c2408 MOVQ 0x8(SP), CX add.go:5 0x2f1 4801c8 ADDQ CX, AX add.go:5 0x2f4 4889442418 MOVQ AX, 0x18(SP) add.go:5 0x2f9 c3 RET

  20. Function Stubs package add // Add x and y. func

    Add(x, y uint64) uint64 Missing function body will be implemented in assembly.

  21. Implementation provided in add_amd64.s. #include "textflag.h" // func Add(x, y

    uint64) uint64 TEXT ·Add(SB), NOSPLIT, $0-24 MOVQ x+0(FP), AX MOVQ y+8(FP), CX ADDQ CX, AX MOVQ AX, ret+16(FP) RET

  22. Implementation provided in add_amd64.s. #include "textflag.h" // func Add(x, y

    uint64) uint64 TEXT ·Add(SB), NOSPLIT, $0-24 ‹ Declaration MOVQ x+0(FP), AX MOVQ y+8(FP), CX ADDQ CX, AX MOVQ AX, ret+16(FP) RET

  23. Implementation provided in add_amd64.s. #include "textflag.h" // func Add(x, y

    uint64) uint64 TEXT ·Add(SB), NOSPLIT, $0-24 MOVQ x+0(FP), AX ‹ Read x from stack frame MOVQ y+8(FP), CX ‹ Read y ADDQ CX, AX MOVQ AX, ret+16(FP) RET

  24. Implementation provided in add_amd64.s. #include "textflag.h" // func Add(x, y

    uint64) uint64 TEXT ·Add(SB), NOSPLIT, $0-24 MOVQ x+0(FP), AX MOVQ y+8(FP), CX ADDQ CX, AX MOVQ AX, ret+16(FP) RET

  25. Implementation provided in add_amd64.s. #include "textflag.h" // func Add(x, y

    uint64) uint64 TEXT ·Add(SB), NOSPLIT, $0-24 MOVQ x+0(FP), AX MOVQ y+8(FP), CX ADDQ CX, AX MOVQ AX, ret+16(FP) ‹ Write return value RET

  26. Problem Statement

  27. 24,962

  28. Table 1: Assembly Lines by Top-Level Packages Lines Package 8140

    crypto 8069 runtime 5686 internal 1173 math 1005 syscall 574 cmd 279 hash 36 reflect

  29. Table 1: Assembly Lines by Top-Level Packages Lines Package 8140

    crypto 8069 runtime 5686 internal 1173 math 1005 syscall 574 cmd 279 hash 36 reflect

  30. Table 2: Top 10 Assembly Files by Lines Lines File

    2695 internal/x/crypto/.../chacha20poly1305_amd64.s 2348 crypto/elliptic/p256_asm_amd64.s 1632 runtime/asm_amd64.s 1500 crypto/sha1/sha1block_amd64.s 1468 crypto/sha512/sha512block_amd64.s 1377 internal/x/crypto/curve25519/ladderstep_amd64.s 1286 crypto/aes/gcm_amd64.s 1031 crypto/sha256/sha256block_amd64.s 743 runtime/sys_darwin_amd64.s 727 runtime/sys_linux_amd64.s

  31. Table 2: Top 10 Assembly Files by Lines Lines File

    2695 internal/x/crypto/.../chacha20poly1305_amd64.s 2348 crypto/elliptic/p256_asm_amd64.s 1632 runtime/asm_amd64.s 1500 crypto/sha1/sha1block_amd64.s 1468 crypto/sha512/sha512block_amd64.s 1377 internal/x/crypto/curve25519/ladderstep_amd64.s 1286 crypto/aes/gcm_amd64.s 1031 crypto/sha256/sha256block_amd64.s 743 runtime/sys_darwin_amd64.s 727 runtime/sys_linux_amd64.s

  32. openAVX2InternalLoop: // Lets just say this spaghetti loop interleaves 2

    quarter rounds with 3 poly multiplications // Effectively per 512 bytes of stream we hash 480 bytes of ciphertext polyAdd(0*8(inp)(itr1*1)) VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3 polyMulStage1_AVX2 VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3 VPSHUFB ·rol16<>(SB), DD0, DD0; VPSHUFB ·rol16<>(SB), DD1, DD1; VPSHUFB ·rol16<>(SB), DD2, DD2; VPSHUFB ·rol16<>(S polyMulStage2_AVX2 VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3 VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3 polyMulStage3_AVX2 VMOVDQA CC3, tmpStoreAVX2 VPSLLD $12, BB0, CC3; VPSRLD $20, BB0, BB0; VPXOR CC3, BB0, BB0 VPSLLD $12, BB1, CC3; VPSRLD $20, BB1, BB1; VPXOR CC3, BB1, BB1 VPSLLD $12, BB2, CC3; VPSRLD $20, BB2, BB2; VPXOR CC3, BB2, BB2 VPSLLD $12, BB3, CC3; VPSRLD $20, BB3, BB3; VPXOR CC3, BB3, BB3 VMOVDQA tmpStoreAVX2, CC3 polyMulReduceStage VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3 VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3 VPSHUFB ·rol8<>(SB), DD0, DD0; VPSHUFB ·rol8<>(SB), DD1, DD1; VPSHUFB ·rol8<>(SB), DD2, DD2; VPSHUFB ·rol8<>(SB), polyAdd(2*8(inp)(itr1*1)) VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3 internal/x/.../chacha20poly1305_amd64.s lines 856-879 (go1.12)

  33. // Special optimization for buffers smaller than 321 bytes openAVX2320:

    // For up to 320 bytes of ciphertext and 64 bytes for the poly key, we process six blocks VMOVDQA AA0, AA1; VMOVDQA BB0, BB1; VMOVDQA CC0, CC1; VPADDD ·avx2IncMask<>(SB), DD0, DD1 VMOVDQA AA0, AA2; VMOVDQA BB0, BB2; VMOVDQA CC0, CC2; VPADDD ·avx2IncMask<>(SB), DD1, DD2 VMOVDQA BB0, TT1; VMOVDQA CC0, TT2; VMOVDQA DD0, TT3 MOVQ $10, itr2 openAVX2320InnerCipherLoop: chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0); chachaQR_AVX2(AA2, BB2, CC2, DD2, T VPALIGNR $4, BB0, BB0, BB0; VPALIGNR $4, BB1, BB1, BB1; VPALIGNR $4, BB2, BB2, BB2 VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2 VPALIGNR $12, DD0, DD0, DD0; VPALIGNR $12, DD1, DD1, DD1; VPALIGNR $12, DD2, DD2, DD2 chachaQR_AVX2(AA0, BB0, CC0, DD0, TT0); chachaQR_AVX2(AA1, BB1, CC1, DD1, TT0); chachaQR_AVX2(AA2, BB2, CC2, DD2, T VPALIGNR $12, BB0, BB0, BB0; VPALIGNR $12, BB1, BB1, BB1; VPALIGNR $12, BB2, BB2, BB2 VPALIGNR $8, CC0, CC0, CC0; VPALIGNR $8, CC1, CC1, CC1; VPALIGNR $8, CC2, CC2, CC2 VPALIGNR $4, DD0, DD0, DD0; VPALIGNR $4, DD1, DD1, DD1; VPALIGNR $4, DD2, DD2, DD2 DECQ itr2 JNE openAVX2320InnerCipherLoop VMOVDQA ·chacha20Constants<>(SB), TT0 VPADDD TT0, AA0, AA0; VPADDD TT0, AA1, AA1; VPADDD TT0, AA2, AA2 VPADDD TT1, BB0, BB0; VPADDD TT1, BB1, BB1; VPADDD TT1, BB2, BB2 VPADDD TT2, CC0, CC0; VPADDD TT2, CC1, CC1; VPADDD TT2, CC2, CC2 internal/x/.../chacha20poly1305_amd64.s lines 1072-1095 (go1.12)

  34. openAVX2Tail512LoopA: VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD

    BB2, AA2, AA2; VPADDD BB3, AA3, AA3 VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3 VPSHUFB ·rol16<>(SB), DD0, DD0; VPSHUFB ·rol16<>(SB), DD1, DD1; VPSHUFB ·rol16<>(SB), DD2, DD2; VPSHUFB ·rol16<>(S VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3 VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3 VMOVDQA CC3, tmpStoreAVX2 VPSLLD $12, BB0, CC3; VPSRLD $20, BB0, BB0; VPXOR CC3, BB0, BB0 VPSLLD $12, BB1, CC3; VPSRLD $20, BB1, BB1; VPXOR CC3, BB1, BB1 VPSLLD $12, BB2, CC3; VPSRLD $20, BB2, BB2; VPXOR CC3, BB2, BB2 VPSLLD $12, BB3, CC3; VPSRLD $20, BB3, BB3; VPXOR CC3, BB3, BB3 VMOVDQA tmpStoreAVX2, CC3 polyAdd(0*8(itr2)) polyMulAVX2 VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3 VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3 VPSHUFB ·rol8<>(SB), DD0, DD0; VPSHUFB ·rol8<>(SB), DD1, DD1; VPSHUFB ·rol8<>(SB), DD2, DD2; VPSHUFB ·rol8<>(SB), VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3 VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3 VMOVDQA CC3, tmpStoreAVX2 VPSLLD $7, BB0, CC3; VPSRLD $25, BB0, BB0; VPXOR CC3, BB0, BB0 VPSLLD $7, BB1, CC3; VPSRLD $25, BB1, BB1; VPXOR CC3, BB1, BB1 VPSLLD $7, BB2, CC3; VPSRLD $25, BB2, BB2; VPXOR CC3, BB2, BB2 VPSLLD $7, BB3, CC3; VPSRLD $25, BB3, BB3; VPXOR CC3, BB3, BB3 internal/x/.../chacha20poly1305_amd64.s lines 1374-1397 (go1.12)

  35. sealAVX2Tail512LoopB: VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD

    BB2, AA2, AA2; VPADDD BB3, AA3, AA3 VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3 VPSHUFB ·rol16<>(SB), DD0, DD0; VPSHUFB ·rol16<>(SB), DD1, DD1; VPSHUFB ·rol16<>(SB), DD2, DD2; VPSHUFB ·rol16<>(S VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3 VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3 VMOVDQA CC3, tmpStoreAVX2 VPSLLD $12, BB0, CC3; VPSRLD $20, BB0, BB0; VPXOR CC3, BB0, BB0 VPSLLD $12, BB1, CC3; VPSRLD $20, BB1, BB1; VPXOR CC3, BB1, BB1 VPSLLD $12, BB2, CC3; VPSRLD $20, BB2, BB2; VPXOR CC3, BB2, BB2 VPSLLD $12, BB3, CC3; VPSRLD $20, BB3, BB3; VPXOR CC3, BB3, BB3 VMOVDQA tmpStoreAVX2, CC3 polyAdd(0*8(oup)) polyMulAVX2 VPADDD BB0, AA0, AA0; VPADDD BB1, AA1, AA1; VPADDD BB2, AA2, AA2; VPADDD BB3, AA3, AA3 VPXOR AA0, DD0, DD0; VPXOR AA1, DD1, DD1; VPXOR AA2, DD2, DD2; VPXOR AA3, DD3, DD3 VPSHUFB ·rol8<>(SB), DD0, DD0; VPSHUFB ·rol8<>(SB), DD1, DD1; VPSHUFB ·rol8<>(SB), DD2, DD2; VPSHUFB ·rol8<>(SB), VPADDD DD0, CC0, CC0; VPADDD DD1, CC1, CC1; VPADDD DD2, CC2, CC2; VPADDD DD3, CC3, CC3 VPXOR CC0, BB0, BB0; VPXOR CC1, BB1, BB1; VPXOR CC2, BB2, BB2; VPXOR CC3, BB3, BB3 VMOVDQA CC3, tmpStoreAVX2 VPSLLD $7, BB0, CC3; VPSRLD $25, BB0, BB0; VPXOR CC3, BB0, BB0 VPSLLD $7, BB1, CC3; VPSRLD $25, BB1, BB1; VPXOR CC3, BB1, BB1 VPSLLD $7, BB2, CC3; VPSRLD $25, BB2, BB2; VPXOR CC3, BB2, BB2 VPSLLD $7, BB3, CC3; VPSRLD $25, BB3, BB3; VPXOR CC3, BB3, BB3 internal/x/.../chacha20poly1305_amd64.s lines 2593-2616 (go1.12)

  36. Is this fine?

  37. TEXT p256SubInternal(SB),NOSPLIT,$0 XORQ mul0, mul0 SUBQ t0, acc4 SBBQ t1,

    acc5 SBBQ t2, acc6 SBBQ t3, acc7 SBBQ $0, mul0 MOVQ acc4, acc0 MOVQ acc5, acc1 MOVQ acc6, acc2 MOVQ acc7, acc3 ADDQ $-1, acc4 ADCQ p256const0<>(SB), acc5 ADCQ $0, acc6 ADCQ p256const1<>(SB), acc7 ADCQ $0, mul0 CMOVQNE acc0, acc4 CMOVQNE acc1, acc5 CMOVQNE acc2, acc6 CMOVQNE acc3, acc7 RET crypto/elliptic/p256_asm_amd64.s lines 1300-1324 (94e44a9c8e)
  38. None
  39. None
  40. None
  41. None

  42. Go Assembly Policy 1. Prefer Go, not assembly 2. Minimize

    use of assembly 3. Explain root causes 4. Test it well 5. Make assembly easy to review

  43. Make your assembly easy to review; ideally, auto-generate it using

    a simpler Go program. Comment it well. Go Assembly Policy, Rule IV

  44. Code Generation

  45. There’s a reason people use compilers.

  46. Intrinsics __m256d latq = _mm256_loadu_pd(lat); latq = _mm256_mul_pd(latq, _mm256_set1_pd(1 /

    180.0)); latq = _mm256_add_pd(latq, _mm256_set1_pd(1.5)); __m256i lati = _mm256_srli_epi64(_mm256_castpd_si256(latq), __m256d lngq = _mm256_loadu_pd(lng); lngq = _mm256_mul_pd(lngq, _mm256_set1_pd(1 / 360.0)); lngq = _mm256_add_pd(lngq, _mm256_set1_pd(1.5)); __m256i lngi = _mm256_srli_epi64(_mm256_castpd_si256(lngq),

  47. High-level Assembler Assembly language plus high-level language features. Macro assemblers:

    Microsoft Macro Assembler (MASM), Netwide Assembler (NASM), ...

  48. High-level Assembler Assembly language plus high-level language features. Macro assemblers:

    Microsoft Macro Assembler (MASM), Netwide Assembler (NASM), ...
  49. None
  50. None

  51. PeachPy Python-based High-Level Assembler

  52. What about Go?

  53. The avo Library

  54. https://github.com/mmcloughlin/avo

  55. Go framework that presents an assembly-like DSL.

  56. Not a compiler. Not an assembler.

  57. Programmer retains complete control, but without tedium.

  58. Use Go control structures for assembly generation; avo programs are

    Go programs

  59. Register allocation: write functions with virtual registers and avo assigns

    physical registers for you

  60. Automatically load arguments and store return values: ensure memory offsets

    are correct for complex structures

  61. Generation of stub files to interface with your Go package

  62. import . "github.com/mmcloughlin/avo/build" func main() { TEXT("Add", NOSPLIT, "func(x, y

    uint64) uint64") Doc("Add adds x and y.") x := Load(Param("x"), GP64()) y := Load(Param("y"), GP64()) ADDQ(x, y) Store(y, ReturnIndex(0)) RET() Generate() }

  63. import . "github.com/mmcloughlin/avo/build" func main() { TEXT("Add", NOSPLIT, "func(x, y

    uint64) uint64") Doc("Add adds x and y.") x := Load(Param("x"), GP64()) y := Load(Param("y"), GP64()) ADDQ(x, y) Store(y, ReturnIndex(0)) RET() Generate() }

  64. import . "github.com/mmcloughlin/avo/build" func main() { TEXT("Add", NOSPLIT, "func(x, y

    uint64) uint64") Doc("Add adds x and y.") x := Load(Param("x"), GP64()) y := Load(Param("y"), GP64()) ADDQ(x, y) Store(y, ReturnIndex(0)) RET() Generate() }

  65. import . "github.com/mmcloughlin/avo/build" func main() { TEXT("Add", NOSPLIT, "func(x, y

    uint64) uint64") Doc("Add adds x and y.") x := Load(Param("x"), GP64()) ‹ Param references y := Load(Param("y"), GP64()) ‹ Allocates register ADDQ(x, y) Store(y, ReturnIndex(0)) RET() Generate() }

  66. import . "github.com/mmcloughlin/avo/build" func main() { TEXT("Add", NOSPLIT, "func(x, y

    uint64) uint64") Doc("Add adds x and y.") x := Load(Param("x"), GP64()) y := Load(Param("y"), GP64()) ADDQ(x, y) ‹ ADD can take virtual registers Store(y, ReturnIndex(0)) RET() Generate() }

  67. import . "github.com/mmcloughlin/avo/build" func main() { TEXT("Add", NOSPLIT, "func(x, y

    uint64) uint64") Doc("Add adds x and y.") x := Load(Param("x"), GP64()) y := Load(Param("y"), GP64()) ADDQ(x, y) Store(y, ReturnIndex(0)) ‹ Store return value RET() Generate() }

  68. import . "github.com/mmcloughlin/avo/build" func main() { TEXT("Add", NOSPLIT, "func(x, y

    uint64) uint64") Doc("Add adds x and y.") x := Load(Param("x"), GP64()) y := Load(Param("y"), GP64()) ADDQ(x, y) Store(y, ReturnIndex(0)) RET() Generate() ‹ Generate compiles and outputs assembly }

  69. Build go run asm.go -out add.s -stubs stubs.go

  70. Generated Assembly // Code generated by command: go run asm.go

    -out add.s -stubs stu #include "textflag.h" // func Add(x uint64, y uint64) uint64 TEXT ·Add(SB), NOSPLIT, $0-24 MOVQ x+0(FP), AX MOVQ y+8(FP), CX ADDQ AX, CX MOVQ CX, ret+16(FP) RET

  71. Generated Assembly // Code generated by command: go run asm.go

    -out add.s -stubs stu #include "textflag.h" // func Add(x uint64, y uint64) uint64 TEXT ·Add(SB), NOSPLIT, $0-24 ‹ Computed stack sizes MOVQ x+0(FP), AX MOVQ y+8(FP), CX ADDQ AX, CX MOVQ CX, ret+16(FP) RET

  72. Generated Assembly // Code generated by command: go run asm.go

    -out add.s -stubs stu #include "textflag.h" // func Add(x uint64, y uint64) uint64 TEXT ·Add(SB), NOSPLIT, $0-24 MOVQ x+0(FP), AX ‹ Computed offsets MOVQ y+8(FP), CX ADDQ AX, CX MOVQ CX, ret+16(FP) RET

  73. Generated Assembly // Code generated by command: go run asm.go

    -out add.s -stubs stu #include "textflag.h" // func Add(x uint64, y uint64) uint64 TEXT ·Add(SB), NOSPLIT, $0-24 MOVQ x+0(FP), AX ‹ Registers allocated MOVQ y+8(FP), CX ADDQ AX, CX MOVQ CX, ret+16(FP) RET

  74. Auto-generated Stubs // Code generated by command: go run asm.go

    -out add.s -stubs stu package addavo // Add adds x and y. func Add(x uint64, y uint64) uint64

  75. Go Control Structures TEXT("Mul5", NOSPLIT, "func(x uint64) uint64") Doc("Mul5 adds

    x to itself five times.") x := Load(Param("x"), GP64()) p := GP64() MOVQ(x, p) for i := 0; i < 4; i++ { ADDQ(x, p) } Store(p, ReturnIndex(0)) RET()

  76. Go Control Structures TEXT("Mul5", NOSPLIT, "func(x uint64) uint64") Doc("Mul5 adds

    x to itself five times.") x := Load(Param("x"), GP64()) p := GP64() MOVQ(x, p) for i := 0; i < 4; i++ { ADDQ(x, p) ‹ Generate four ADDQ instructions } Store(p, ReturnIndex(0)) RET()

  77. Generated Assembly // func Mul5(x uint64) uint64 TEXT ·Mul5(SB), NOSPLIT,

    $0-16 MOVQ x+0(FP), AX MOVQ AX, CX ADDQ AX, CX ADDQ AX, CX ADDQ AX, CX ADDQ AX, CX MOVQ CX, ret+8(FP) RET

  78. Generated Assembly // func Mul5(x uint64) uint64 TEXT ·Mul5(SB), NOSPLIT,

    $0-16 MOVQ x+0(FP), AX MOVQ AX, CX ADDQ AX, CX ‹ Look, there's four of them! ADDQ AX, CX ADDQ AX, CX ADDQ AX, CX MOVQ CX, ret+8(FP) RET

  79. Complex Parameter Loading type Struct struct { A byte B

    uint32 Sub [7]complex64 C uint16 }

  80. Complex Parameter Loading Package("github.com/mmcloughlin/params") TEXT("Sub5Imag", NOSPLIT, "func(s Struct) float32") Doc("Returns

    the imaginary part of s.Sub[5]") x := Load(Param("s").Field("Sub").Index(5).Imag(), XMM()) Store(x, ReturnIndex(0)) RET()

  81. Complex Parameter Loading Package("github.com/mmcloughlin/params") ‹ Types TEXT("Sub5Imag", NOSPLIT, "func(s Struct)

    float32") Doc("Returns the imaginary part of s.Sub[5]") x := Load(Param("s").Field("Sub").Index(5).Imag(), XMM()) Store(x, ReturnIndex(0)) RET()

  82. Complex Parameter Loading Package("github.com/mmcloughlin/params") TEXT("Sub5Imag", NOSPLIT, "func(s Struct) float32") Doc("Returns

    the imaginary part of s.Sub[5]") x := Load(Param("s").Field("Sub").Index(5).Imag(), XMM()) Store(x, ReturnIndex(0)) RET()

  83. Generated Assembly // func Sub5Imag(s Struct) float32 TEXT ·Sub5Imag(SB), NOSPLIT,

    $0-76 MOVSS s_Sub_5_imag+52(FP), X0 MOVSS X0, ret+72(FP) RET

  84. Generated Assembly // func Sub5Imag(s Struct) float32 TEXT ·Sub5Imag(SB), NOSPLIT,

    $0-76 MOVSS s_Sub_5_imag+52(FP), X0 ‹ Of course it was 52 bytes MOVSS X0, ret+72(FP) RET

  85. Examples

  86. Vector Dot Product Maps two equal-length vectors x = (xi),

    y = (yi) to a single number. x · y = ∑ i xi × yi

  87. x 0.8 2.0 2.0 3.1 1.9 4.1 1.5 4.7 4.5

    4.5 3.6 3.0 2.4 2.0 1.4 2.4 y 3.0 3.4 3.8 2.0 5.0 2.0 2.4 2.0 2.0 1.6 2.0 3.1 2.0 2.0 4.0 2.0

  88. x 0.8 2.0 2.0 3.1 1.9 4.1 1.5 4.7 4.5

    4.5 3.6 3.0 2.4 2.0 1.4 2.4 y 3.0 3.4 3.8 2.0 5.0 2.0 2.4 2.0 2.0 1.6 2.0 3.1 2.0 2.0 4.0 2.0 × × × × × × × × × × × × × × × × = (xi × yi) 2.4 6.8 7.6 6.2 9.5 8.2 3.6 9.4 9.0 7.2 7.2 9.3 4.8 4.0 5.6 4.8

  89. x 0.8 2.0 2.0 3.1 1.9 4.1 1.5 4.7 4.5

    4.5 3.6 3.0 2.4 2.0 1.4 2.4 y 3.0 3.4 3.8 2.0 5.0 2.0 2.4 2.0 2.0 1.6 2.0 3.1 2.0 2.0 4.0 2.0 × × × × × × × × × × × × × × × × = (xi × yi) 2.4 6.8 7.6 6.2 9.5 8.2 3.6 9.4 9.0 7.2 7.2 9.3 4.8 4.0 5.6 4.8 ∑ = 105.6

  90. Pure Go Implementation package dot // DotGeneric implements vector dot

    product in pure Go. func DotGeneric(x, y []float32) float32 { var d float32 for i := range x { d += x[i] * y[i] } return d }

  91. Pure Go Implementation package dot // DotGeneric implements vector dot

    product in pure Go. func DotGeneric(x, y []float32) float32 { var d float32 for i := range x { d += x[i] * y[i] ‹ Multiply and accumulate } return d }

  92. Pure Go 970 M/s 1.0x (Vector size 4096, Intel Core

    i7-7567U at 3.5GHz)

  93. Preamble TEXT("DotAsm", NOSPLIT, "func(x, y []float32) float32") Doc("DotAsm computes the

    dot product of x and y.") x := Mem{Base: Load(Param("x").Base(), GP64())} y := Mem{Base: Load(Param("y").Base(), GP64())} n := Load(Param("x").Len(), GP64())

  94. Preamble TEXT("DotAsm", NOSPLIT, "func(x, y []float32) float32") Doc("DotAsm computes the

    dot product of x and y.") x := Mem{Base: Load(Param("x").Base(), GP64())} y := Mem{Base: Load(Param("y").Base(), GP64())} n := Load(Param("x").Len(), GP64())

  95. Preamble TEXT("DotAsm", NOSPLIT, "func(x, y []float32) float32") Doc("DotAsm computes the

    dot product of x and y.") x := Mem{Base: Load(Param("x").Base(), GP64())} y := Mem{Base: Load(Param("y").Base(), GP64())} n := Load(Param("x").Len(), GP64()) ‹ Slice length

  96. Initialization Comment("Initialize dot product and index to zero.") d :=

    XMM() XORPS(d, d) idx := GP64() XORQ(idx, idx)

  97. Initialization Comment("Initialize dot product and index to zero.") d :=

    XMM() ‹ Dot product XORPS(d, d) idx := GP64() XORQ(idx, idx)

  98. Initialization Comment("Initialize dot product and index to zero.") d :=

    XMM() XORPS(d, d) idx := GP64() ‹ Index register XORQ(idx, idx)

  99. Main Loop Label("loop") CMPQ(idx, n) JGE(LabelRef("done")) xy := XMM() MOVSS(x.Idx(idx,

    4), xy) MULSS(y.Idx(idx, 4), xy) ADDSS(xy, d) INCQ(idx) JMP(LabelRef("loop"))

  100. Main Loop Label("loop") CMPQ(idx, n) JGE(LabelRef("done")) xy := XMM() MOVSS(x.Idx(idx,

    4), xy) MULSS(y.Idx(idx, 4), xy) ADDSS(xy, d) INCQ(idx) JMP(LabelRef("loop"))

  101. Main Loop Label("loop") CMPQ(idx, n) ‹ if idx < n

    JGE(LabelRef("done")) ‹ goto done xy := XMM() MOVSS(x.Idx(idx, 4), xy) MULSS(y.Idx(idx, 4), xy) ADDSS(xy, d) INCQ(idx) JMP(LabelRef("loop"))

  102. Main Loop Label("loop") CMPQ(idx, n) JGE(LabelRef("done")) xy := XMM() ‹

    Temporary register for product MOVSS(x.Idx(idx, 4), xy) ‹ Load x MULSS(y.Idx(idx, 4), xy) ‹ Multiply by y ADDSS(xy, d) ‹ Add into result INCQ(idx) JMP(LabelRef("loop"))

  103. Main Loop Label("loop") CMPQ(idx, n) JGE(LabelRef("done")) xy := XMM() MOVSS(x.Idx(idx,

    4), xy) MULSS(y.Idx(idx, 4), xy) ADDSS(xy, d) INCQ(idx) ‹ idx++ JMP(LabelRef("loop"))

  104. Return Label("done") Comment("Store dot product to return value.") Store(d, ReturnIndex(0))

    RET() Generate()

  105. Assembly 976 M/s 1.0x (Vector size 4096, Intel Core i7-7567U

    at 3.5GHz)
  106. None

  107. Special Fused-Multiply-Add (FMA) instructions combine the multiply and accumulate.

  108. Vectorized VFMADD231PS instruction does 8 single-precision FMAs.

  109. None

  110. 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 × ×

    × × × × × × × × × × × × × × × × × × × × × × 0.8 2.0 2.0 3.1 1.9 4.1 1.5 4.7 4.5 4.5 3.6 3.0 2.4 2.0 1.4 2.4 3.2 2.0 1.9 2.9 2.0 2.0 0.6 3.4 · · · 3.0 3.4 3.8 2.0 5.0 2.0 2.4 2.0 2.0 1.6 2.0 3.1 2.0 2.0 4.0 2.0 3.0 2.6 4.0 2.0 3.1 4.0 3.0 2.5 · · ·

  111. × × × × × × × × += 2.4

    6.8 7.6 6.2 9.5 8.2 3.6 9.4 × × × × × × × × × × × × × × × × 0.8 2.0 2.0 3.1 1.9 4.1 1.5 4.7 4.5 4.5 3.6 3.0 2.4 2.0 1.4 2.4 3.2 2.0 1.9 2.9 2.0 2.0 0.6 3.4 · · · 3.0 3.4 3.8 2.0 5.0 2.0 2.4 2.0 2.0 1.6 2.0 3.1 2.0 2.0 4.0 2.0 3.0 2.6 4.0 2.0 3.1 4.0 3.0 2.5 · · ·

  112. × × × × × × × × × ×

    × × × × × × += 11.4 14.0 14.8 15.5 14.3 12.2 9.2 14.2 × × × × × × × × 0.8 2.0 2.0 3.1 1.9 4.1 1.5 4.7 4.5 4.5 3.6 3.0 2.4 2.0 1.4 2.4 3.2 2.0 1.9 2.9 2.0 2.0 0.6 3.4 · · · 3.0 3.4 3.8 2.0 5.0 2.0 2.4 2.0 2.0 1.6 2.0 3.1 2.0 2.0 4.0 2.0 3.0 2.6 4.0 2.0 3.1 4.0 3.0 2.5 · · ·

  113. × × × × × × × × × ×

    × × × × × × × × × × × × × × += 21.0 19.2 22.4 21.3 20.5 20.2 11.0 22.7 0.8 2.0 2.0 3.1 1.9 4.1 1.5 4.7 4.5 4.5 3.6 3.0 2.4 2.0 1.4 2.4 3.2 2.0 1.9 2.9 2.0 2.0 0.6 3.4 · · · 3.0 3.4 3.8 2.0 5.0 2.0 2.4 2.0 2.0 1.6 2.0 3.1 2.0 2.0 4.0 2.0 3.0 2.6 4.0 2.0 3.1 4.0 3.0 2.5 · · ·

  114. Loop unrolling and pipelining.

  115. 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0 0.0

    0.0 0.0 0.0 0.0 0.0 0.0 × × × × × × × × × × × × × × × × × × × × × × × × × × × × × × × × × × × × × × × × × × × × × × × × 0.8 2.0 2.0 3.1 1.9 4.1 1.5 4.7 4.5 4.5 3.6 3.0 2.4 2.0 1.4 2.4 3.2 2.0 1.9 2.9 2.0 2.0 0.6 3.4 9.5 3.4 2.0 1.4 5.0 1.5 2.1 4.0 5.0 7.0 1.5 5.0 4.3 2.5 2.8 5.0 2.6 5.8 2.0 6.5 1.1 1.4 0.8 3.0 · · · 3.0 3.4 3.8 2.0 5.0 2.0 2.4 2.0 2.0 1.6 2.0 3.1 2.0 2.0 4.0 2.0 3.0 2.6 4.0 2.0 3.1 4.0 3.0 2.5 0.6 2.5 4.0 7.0 1.3 3.0 4.0 2.4 1.4 1.2 1.2 1.7 2.0 3.0 3.5 1.7 0.5 0.5 1.1 1.4 5.0 2.0 0.5 3.3 · · ·

  116. × × × × × × × × += 2.4

    6.8 7.6 6.2 9.5 8.2 3.6 9.4 × × × × × × × × += 9.0 7.2 7.2 9.3 4.8 4.0 5.6 4.8 × × × × × × × × × × × × × × × × × × × × × × × × × × × × × × × × 0.8 2.0 2.0 3.1 1.9 4.1 1.5 4.7 4.5 4.5 3.6 3.0 2.4 2.0 1.4 2.4 3.2 2.0 1.9 2.9 2.0 2.0 0.6 3.4 9.5 3.4 2.0 1.4 5.0 1.5 2.1 4.0 5.0 7.0 1.5 5.0 4.3 2.5 2.8 5.0 2.6 5.8 2.0 6.5 1.1 1.4 0.8 3.0 · · · 3.0 3.4 3.8 2.0 5.0 2.0 2.4 2.0 2.0 1.6 2.0 3.1 2.0 2.0 4.0 2.0 3.0 2.6 4.0 2.0 3.1 4.0 3.0 2.5 0.6 2.5 4.0 7.0 1.3 3.0 4.0 2.4 1.4 1.2 1.2 1.7 2.0 3.0 3.5 1.7 0.5 0.5 1.1 1.4 5.0 2.0 0.5 3.3 · · ·

  117. × × × × × × × × × ×

    × × × × × × × × × × × × × × += 12.0 12.0 15.2 12.0 15.7 16.2 5.4 17.9 × × × × × × × × += 14.7 15.7 15.2 19.1 11.3 8.5 14.0 14.4 × × × × × × × × × × × × × × × × 0.8 2.0 2.0 3.1 1.9 4.1 1.5 4.7 4.5 4.5 3.6 3.0 2.4 2.0 1.4 2.4 3.2 2.0 1.9 2.9 2.0 2.0 0.6 3.4 9.5 3.4 2.0 1.4 5.0 1.5 2.1 4.0 5.0 7.0 1.5 5.0 4.3 2.5 2.8 5.0 2.6 5.8 2.0 6.5 1.1 1.4 0.8 3.0 · · · 3.0 3.4 3.8 2.0 5.0 2.0 2.4 2.0 2.0 1.6 2.0 3.1 2.0 2.0 4.0 2.0 3.0 2.6 4.0 2.0 3.1 4.0 3.0 2.5 0.6 2.5 4.0 7.0 1.3 3.0 4.0 2.4 1.4 1.2 1.2 1.7 2.0 3.0 3.5 1.7 0.5 0.5 1.1 1.4 5.0 2.0 0.5 3.3 · · ·

  118. × × × × × × × × × ×

    × × × × × × × × × × × × × × × × × × × × × × × × × × × × × × += 19.0 20.4 17.0 20.5 24.3 23.7 15.2 26.4 × × × × × × × × += 16.0 18.6 17.4 28.2 16.8 11.3 14.4 24.3 + + 0.8 2.0 2.0 3.1 1.9 4.1 1.5 4.7 4.5 4.5 3.6 3.0 2.4 2.0 1.4 2.4 3.2 2.0 1.9 2.9 2.0 2.0 0.6 3.4 9.5 3.4 2.0 1.4 5.0 1.5 2.1 4.0 5.0 7.0 1.5 5.0 4.3 2.5 2.8 5.0 2.6 5.8 2.0 6.5 1.1 1.4 0.8 3.0 · · · 3.0 3.4 3.8 2.0 5.0 2.0 2.4 2.0 2.0 1.6 2.0 3.1 2.0 2.0 4.0 2.0 3.0 2.6 4.0 2.0 3.1 4.0 3.0 2.5 0.6 2.5 4.0 7.0 1.3 3.0 4.0 2.4 1.4 1.2 1.2 1.7 2.0 3.0 3.5 1.7 0.5 0.5 1.1 1.4 5.0 2.0 0.5 3.3 · · ·

  119. Preamble func dot(unroll int) { name := fmt.Sprintf("DotVecUnroll%d", unroll) TEXT(name,

    NOSPLIT, "func(x, y []float32) float32") x := Mem{Base: Load(Param("x").Base(), GP64())} y := Mem{Base: Load(Param("y").Base(), GP64())} n := Load(Param("x").Len(), GP64())

  120. Preamble func dot(unroll int) { ‹ Parameterized code generation name

    := fmt.Sprintf("DotVecUnroll%d", unroll) TEXT(name, NOSPLIT, "func(x, y []float32) float32") x := Mem{Base: Load(Param("x").Base(), GP64())} y := Mem{Base: Load(Param("y").Base(), GP64())} n := Load(Param("x").Len(), GP64())

  121. Preamble func dot(unroll int) { name := fmt.Sprintf("DotVecUnroll%d", unroll) TEXT(name,

    NOSPLIT, "func(x, y []float32) float32") x := Mem{Base: Load(Param("x").Base(), GP64())} y := Mem{Base: Load(Param("y").Base(), GP64())} n := Load(Param("x").Len(), GP64())

  122. Preamble func dot(unroll int) { name := fmt.Sprintf("DotVecUnroll%d", unroll) TEXT(name,

    NOSPLIT, "func(x, y []float32) float32") x := Mem{Base: Load(Param("x").Base(), GP64())} y := Mem{Base: Load(Param("y").Base(), GP64())} n := Load(Param("x").Len(), GP64())

  123. Initialization // Allocate and zero accumulation registers. acc := make([]VecVirtual,

    unroll) for i := 0; i < unroll; i++ { acc[i] = YMM() VXORPS(acc[i], acc[i], acc[i]) }

  124. Initialization // Allocate and zero accumulation registers. acc := make([]VecVirtual,

    unroll) for i := 0; i < unroll; i++ { acc[i] = YMM() ‹ 256-bit registers VXORPS(acc[i], acc[i], acc[i]) ‹ XOR to zero }

  125. Loop Check blockitems := 8 * unroll blocksize := 4

    * blockitems Label("blockloop") CMPQ(n, U32(blockitems)) JL(LabelRef("tail"))

  126. Loop Check blockitems := 8 * unroll blocksize := 4

    * blockitems Label("blockloop") ‹ start loop over blocks CMPQ(n, U32(blockitems)) ‹ if have full block JL(LabelRef("tail"))

  127. Loop Body // Load x. xs := make([]VecVirtual, unroll) for

    i := 0; i < unroll; i++ { xs[i] = YMM() VMOVUPS(x.Offset(32*i), xs[i]) } // The actual FMA. for i := 0; i < unroll; i++ { VFMADD231PS(y.Offset(32*i), xs[i], acc[i]) }

  128. Loop Body // Load x. xs := make([]VecVirtual, unroll) for

    i := 0; i < unroll; i++ { xs[i] = YMM() VMOVUPS(x.Offset(32*i), xs[i]) ‹ Move x to registers } // The actual FMA. for i := 0; i < unroll; i++ { VFMADD231PS(y.Offset(32*i), xs[i], acc[i]) }

  129. Loop Body // Load x. xs := make([]VecVirtual, unroll) for

    i := 0; i < unroll; i++ { xs[i] = YMM() VMOVUPS(x.Offset(32*i), xs[i]) } // The actual FMA. for i := 0; i < unroll; i++ { VFMADD231PS(y.Offset(32*i), xs[i], acc[i]) ‹ += x*y }

  130. Tail Loop Process last non-full block. Label("tail") tail := XMM()

    VXORPS(tail, tail, tail) Label("tailloop") CMPQ(n, U32(0)) JE(LabelRef("reduce")) xt := XMM() VMOVSS(x, xt) VFMADD231SS(y, xt, tail) ADDQ(U32(4), x.Base) ADDQ(U32(4), y.Base) DECQ(n) JMP(LabelRef("tailloop"))

  131. Final Reduce Label("reduce") for i := 1; i < unroll;

    i++ { VADDPS(acc[0], acc[i], acc[0]) } result := acc[0].AsX() top := XMM() VEXTRACTF128(U8(1), acc[0], top) VADDPS(result, top, result) VADDPS(result, tail, result) VHADDPS(result, result, result) VHADDPS(result, result, result)

  132. main() var unrolls = flag.String("unroll", "4", "unroll factors") func main()

    { flag.Parse() for _, s := range strings.Split(*unrolls, ",") { unroll, _ := strconv.Atoi(s) dot(unroll) } Generate() }

  133. Unrolled ×2 15,193 M/s 15.7x (Vector size 4096, Intel Core

    i7-7567U at 3.5GHz)

  134. Unrolled ×4 25,786 M/s 26.6x (Vector size 4096, Intel Core

    i7-7567U at 3.5GHz)

  135. Unrolled ×6 24,456 M/s 25.2x (Vector size 4096, Intel Core

    i7-7567U at 3.5GHz)

  136. SHA-1 Cryptographic hash function. • 80 rounds • Constants and

    bitwise functions vary • Message update rule • State update rule avo can be used to create a completely unrolled implementation.

  137. SHA-1 Subroutines func majority(b, c, d Register) Register { t,

    r := GP32(), GP32() MOVL(b, t) ORL(c, t) ANDL(d, t) MOVL(b, r) ANDL(c, r) ORL(t, r) return r }

  138. SHA-1 Subroutines func xor(b, c, d Register) Register { r

    := GP32() MOVL(b, r) XORL(c, r) XORL(d, r) return r }

  139. SHA-1 Loops Comment("Load initial hash.") hash := [5]Register{GP32(), GP32(), GP32(),

    GP32(), GP32()} for i, r := range hash { MOVL(h.Offset(4*i), r) } Comment("Initialize registers.") a, b, c, d, e := GP32(), GP32(), GP32(), GP32(), GP32() for i, r := range []Register{a, b, c, d, e} { MOVL(hash[i], r) }

  140. for r := 0; r < 80; r++ { Commentf("Round

    %d.", r) ... q := quarter[r/20] t := GP32() MOVL(a, t) ROLL(U8(5), t) ADDL(q.F(b, c, d), t) ADDL(e, t) ADDL(U32(q.K), t) ADDL(u, t) ROLL(Imm(30), b) a, b, c, d, e = t, a, b, c, d }

  141. for r := 0; r < 80; r++ { ‹

    Loop over rounds Commentf("Round %d.", r) ... q := quarter[r/20] t := GP32() MOVL(a, t) ROLL(U8(5), t) ADDL(q.F(b, c, d), t) ADDL(e, t) ADDL(U32(q.K), t) ADDL(u, t) ROLL(Imm(30), b) a, b, c, d, e = t, a, b, c, d }

  142. for r := 0; r < 80; r++ { Commentf("Round

    %d.", r) ... q := quarter[r/20] t := GP32() ‹ State update MOVL(a, t) ROLL(U8(5), t) ADDL(q.F(b, c, d), t) ADDL(e, t) ADDL(U32(q.K), t) ADDL(u, t) ROLL(Imm(30), b) a, b, c, d, e = t, a, b, c, d }

  143. SHA-1 Conditionals u := GP32() if r < 16 {

    MOVL(m.Offset(4*r), u) BSWAPL(u) } else { MOVL(W(r-3), u) XORL(W(r-8), u) XORL(W(r-14), u) XORL(W(r-16), u) ROLL(U8(1), u) }

  144. SHA-1 Conditionals u := GP32() if r < 16 {

    ‹ Early rounds MOVL(m.Offset(4*r), u) ‹ Read from memory BSWAPL(u) } else { MOVL(W(r-3), u) XORL(W(r-8), u) XORL(W(r-14), u) XORL(W(r-16), u) ROLL(U8(1), u) }

  145. SHA-1 Conditionals u := GP32() if r < 16 {

    MOVL(m.Offset(4*r), u) BSWAPL(u) } else { MOVL(W(r-3), u) ‹ Formula in later rounds XORL(W(r-8), u) XORL(W(r-14), u) XORL(W(r-16), u) ROLL(U8(1), u) }

  146. 116 avo lines to 1507 assembly lines

  147. Future

  148. Use avo!

  149. Real avo Examples • Farmhash32/64 • BLS12-381 Curve • Bitmap

    Indexes • Bloom Index • Marvin32 • Sip13 • SPECK • Chaskey MAC • SHA-1 • FNV-1a • Vector Dot Product With thanks to Damian Gryski, Marko Kevac and Julian Meyer (Phore Project).

  150. More architectures

  151. Make avo an assembler? JIT compilation?

  152. avo-based libraries? avo/std/math/big avo/std/crypto avo/std/hash …

  153. None

  154. Optimal code generation based on parameter sweeps.

  155. Thank You https://github.com/mmcloughlin/avo @mbmcloughlin