POW Reference (Fallback) implementation wrong?

[notgiven688]

Compare [1]

GraftNetwork/src/crypto/slow-hash.c

Line 116 in dfd9b6d

#define VARIANT2_SHUFFLE_ADD_SSE2(base_ptr, offset, reverse) \

and [2]

GraftNetwork/src/crypto/slow-hash.c

Line 127 in dfd9b6d

#define VARIANT2_SHUFFLE_ADD_NEON(base_ptr, offset, reverse) \

with the reference implementation here [3]:

GraftNetwork/src/crypto/slow-hash.c

Line 138 in dfd9b6d

#define VARIANT2_PORTABLE_SHUFFLE_ADD(base_ptr, offset, reverse) \

Looks to me as [3] does not yield the same result as [1] and [2] since the offsets (0x10,0x20,0x30) are not interchanged correctly.

In my opinion the correct reference implementation (for reverse=true) should read:

#define VARIANT2_PORTABLE_SHUFFLE_ADD(base_ptr, offset, reverse) \
  do if (variant >= 2) \
  { \
    uint64_t* chunk1 = U64((base_ptr) + ((offset) ^ 0x30)); \
    uint64_t* chunk2 = U64((base_ptr) + ((offset) ^ 0x20)); \
    uint64_t* chunk3 = U64((base_ptr) + ((offset) ^ 0x10)); \
    \
    const uint64_t chunk1_old[2] = { chunk1[0], chunk1[1] }; \
    \
    uint64_t b1[2]; \
    memcpy(b1, b + 16, 16); \
    chunk3[0] = chunk3[0] + b1[0]; \
    chunk3[1] = chunk3[1] + b1[1]; \
    \
    uint64_t a0[2]; \
    memcpy(a0, a, 16); \
    chunk1[0] = chunk2[0] + a0[0]; \
    chunk1[1] = chunk2[1] + a0[1]; \
    \
    uint64_t b0[2]; \
    memcpy(b0, b, 16); \
    chunk2[0] = chunk1_old[0] + b0[0]; \
    chunk2[1] = chunk1_old[1] + b0[1]; \
  } while (0)