compute v2 before v1, then we can use mixed jacobi

herumi · May 15, 2024 · b3f5713 · b3f5713
1 parent 350848f
commit b3f5713
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 6 deletions.
diff --git a/include/mcl/ec.hpp b/include/mcl/ec.hpp
@@ -247,8 +247,9 @@ void normalizeVecT(Eout& Q, Ein& P, size_t n, size_t N = 256)
 	split x to (a, b) such that x = a + b L where 0 <= a, b <= L, 0 <= x <= r-1 = L^2+L
 	if adj is true, then 0 <= a < L, 0 <= b <= L+1
 */
-inline void optimizedSplitRawForBLS12_381(Unit a[2], Unit b[2], const Unit x[4], bool adj = true)
+inline void optimizedSplitRawForBLS12_381(Unit a[2], Unit b[2], const Unit x[4])
 {
+	const bool adj = false;
 	assert(sizeof(Unit) == 8);
 	/*
 		z = -0xd201000000010000

diff --git a/src/msm_avx.cpp b/src/msm_avx.cpp
@@ -1144,16 +1144,17 @@ struct EcM {
 				if (!first) for (int k = 0; k < w; k++) EcM::dbl<isProj>(Q, Q);
 				EcM T;
 				Vec idx;
-				idx = vand(vpsrlq(v1, bitLen-w-j*w), g_vmask4);
+				// compute v2 first before v1. see misc/internal.md
+				idx = vand(vpsrlq(v2, bitLen-w-j*w), g_vmask4);
 				if (first) {
-					Q.gather(tbl1, idx);
+					Q.gather(tbl2, idx);
 					first = false;
 				} else {
-					T.gather(tbl1, idx);
+					T.gather(tbl2, idx);
 					add<isProj, mixed>(Q, Q, T);
 				}
-				idx = vand(vpsrlq(v2, bitLen-w-j*w), g_vmask4);
-				T.gather(tbl2, idx);
+				idx = vand(vpsrlq(v1, bitLen-w-j*w), g_vmask4);
+				T.gather(tbl1, idx);
 				add<isProj, mixed>(Q, Q, T);
 			}
 		}