aboutsummaryrefslogtreecommitdiff
path: root/vendor/gmp-6.3.0/gen-psqr.c
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/gmp-6.3.0/gen-psqr.c')
-rw-r--r--vendor/gmp-6.3.0/gen-psqr.c585
1 files changed, 585 insertions, 0 deletions
diff --git a/vendor/gmp-6.3.0/gen-psqr.c b/vendor/gmp-6.3.0/gen-psqr.c
new file mode 100644
index 0000000..a5054c6
--- /dev/null
+++ b/vendor/gmp-6.3.0/gen-psqr.c
@@ -0,0 +1,585 @@
+/* Generate perfect square testing data.
+
+Copyright 2002-2004, 2012, 2014 Free Software Foundation, Inc.
+
+This file is part of the GNU MP Library.
+
+The GNU MP Library is free software; you can redistribute it and/or modify
+it under the terms of either:
+
+ * the GNU Lesser General Public License as published by the Free
+ Software Foundation; either version 3 of the License, or (at your
+ option) any later version.
+
+or
+
+ * the GNU General Public License as published by the Free Software
+ Foundation; either version 2 of the License, or (at your option) any
+ later version.
+
+or both in parallel, as here.
+
+The GNU MP Library is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+for more details.
+
+You should have received copies of the GNU General Public License and the
+GNU Lesser General Public License along with the GNU MP Library. If not,
+see https://www.gnu.org/licenses/. */
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include "bootstrap.c"
+
+
+/* The aim of this program is to choose either mpn_mod_34lsub1 or mpn_mod_1
+ (plus a PERFSQR_PP modulus), and generate tables indicating quadratic
+ residues and non-residues modulo small factors of that modulus.
+
+ For the usual 32 or 64 bit cases mpn_mod_34lsub1 gets used. That
+ function exists specifically because 2^24-1 and 2^48-1 have nice sets of
+ prime factors. For other limb sizes it's considered, but if it doesn't
+ have good factors then mpn_mod_1 will be used instead.
+
+ When mpn_mod_1 is used, the modulus PERFSQR_PP is created from a
+ selection of small primes, chosen to fill PERFSQR_MOD_BITS of a limb,
+ with that bit count chosen so (2*GMP_LIMB_BITS)*2^PERFSQR_MOD_BITS <=
+ GMP_LIMB_MAX, allowing PERFSQR_MOD_IDX in mpn/generic/perfsqr.c to do its
+ calculation within a single limb.
+
+ In either case primes can be combined to make divisors. The table data
+ then effectively indicates remainders which are quadratic residues mod
+ all the primes. This sort of combining reduces the number of steps
+ needed after mpn_mod_34lsub1 or mpn_mod_1, saving code size and time.
+ Nothing is gained or lost in terms of detections, the same total fraction
+ of non-residues will be identified.
+
+ Nothing particularly sophisticated is attempted for combining factors to
+ make divisors. This is probably a kind of knapsack problem so it'd be
+ too hard to attempt anything completely general. For the usual 32 and 64
+ bit limbs we get a good enough result just pairing the biggest and
+ smallest which fit together, repeatedly.
+
+ Another aim is to get powerful combinations, ie. divisors which identify
+ biggest fraction of non-residues, and have those run first. Again for
+ the usual 32 and 64 bits it seems good enough just to pair for big
+ divisors then sort according to the resulting fraction of non-residues
+ identified.
+
+ Also in this program, a table sq_res_0x100 of residues modulo 256 is
+ generated. This simply fills bits into limbs of the appropriate
+ build-time GMP_LIMB_BITS each.
+
+*/
+
+
+/* Normally we aren't using const in gen*.c programs, so as not to have to
+ bother figuring out if it works, but using it with f_cmp_divisor and
+ f_cmp_fraction avoids warnings from the qsort calls. */
+
+/* Same tests as gmp.h. */
+#if defined (__STDC__) \
+ || defined (__cplusplus) \
+ || defined (_AIX) \
+ || defined (__DECC) \
+ || (defined (__mips) && defined (_SYSTYPE_SVR4)) \
+ || defined (_MSC_VER) \
+ || defined (_WIN32)
+#define HAVE_CONST 1
+#endif
+
+#if ! HAVE_CONST
+#define const
+#endif
+
+
+mpz_t *sq_res_0x100; /* table of limbs */
+int nsq_res_0x100; /* elements in sq_res_0x100 array */
+int sq_res_0x100_num; /* squares in sq_res_0x100 */
+double sq_res_0x100_fraction; /* sq_res_0x100_num / 256 */
+
+int mod34_bits; /* 3*GMP_NUMB_BITS/4 */
+int mod_bits; /* bits from PERFSQR_MOD_34 or MOD_PP */
+int max_divisor; /* all divisors <= max_divisor */
+int max_divisor_bits; /* ceil(log2(max_divisor)) */
+double total_fraction; /* of squares */
+mpz_t pp; /* product of primes, or 0 if mod_34lsub1 used */
+mpz_t pp_norm; /* pp shifted so NUMB high bit set */
+mpz_t pp_inverted; /* invert_limb style inverse */
+mpz_t mod_mask; /* 2^mod_bits-1 */
+char mod34_excuse[128]; /* why mod_34lsub1 not used (if it's not) */
+
+/* raw list of divisors of 2^mod34_bits-1 or pp, just to show in a comment */
+struct rawfactor_t {
+ int divisor;
+ int multiplicity;
+};
+struct rawfactor_t *rawfactor;
+int nrawfactor;
+
+/* factors of 2^mod34_bits-1 or pp and associated data, after combining etc */
+struct factor_t {
+ int divisor;
+ mpz_t inverse; /* 1/divisor mod 2^mod_bits */
+ mpz_t mask; /* indicating squares mod divisor */
+ double fraction; /* squares/total */
+};
+struct factor_t *factor;
+int nfactor; /* entries in use in factor array */
+int factor_alloc; /* entries allocated to factor array */
+
+
+int
+f_cmp_divisor (const void *parg, const void *qarg)
+{
+ const struct factor_t *p, *q;
+ p = (const struct factor_t *) parg;
+ q = (const struct factor_t *) qarg;
+ if (p->divisor > q->divisor)
+ return 1;
+ else if (p->divisor < q->divisor)
+ return -1;
+ else
+ return 0;
+}
+
+int
+f_cmp_fraction (const void *parg, const void *qarg)
+{
+ const struct factor_t *p, *q;
+ p = (const struct factor_t *) parg;
+ q = (const struct factor_t *) qarg;
+ if (p->fraction > q->fraction)
+ return 1;
+ else if (p->fraction < q->fraction)
+ return -1;
+ else
+ return 0;
+}
+
+/* Remove array[idx] by copying the remainder down, and adjust narray
+ accordingly. */
+#define COLLAPSE_ELEMENT(array, idx, narray) \
+ do { \
+ memmove (&(array)[idx], \
+ &(array)[idx+1], \
+ ((narray)-((idx)+1)) * sizeof (array[0])); \
+ (narray)--; \
+ } while (0)
+
+
+/* return n*2^p mod m */
+int
+mul_2exp_mod (int n, int p, int m)
+{
+ while (--p >= 0)
+ n = (2 * n) % m;
+ return n;
+}
+
+/* return -n mod m */
+int
+neg_mod (int n, int m)
+{
+ assert (n >= 0 && n < m);
+ return (n == 0 ? 0 : m-n);
+}
+
+/* Set "mask" to a value such that "mask & (1<<idx)" is non-zero if
+ "-(idx<<mod_bits)" can be a square modulo m. */
+void
+square_mask (mpz_t mask, int m)
+{
+ int p, i, r, idx;
+
+ p = mul_2exp_mod (1, mod_bits, m);
+ p = neg_mod (p, m);
+
+ mpz_set_ui (mask, 0L);
+ for (i = 0; i < m; i++)
+ {
+ r = (i * i) % m;
+ idx = (r * p) % m;
+ mpz_setbit (mask, (unsigned long) idx);
+ }
+}
+
+void
+generate_sq_res_0x100 (int limb_bits)
+{
+ int i, res;
+
+ nsq_res_0x100 = (0x100 + limb_bits - 1) / limb_bits;
+ sq_res_0x100 = (mpz_t *) xmalloc (nsq_res_0x100 * sizeof (*sq_res_0x100));
+
+ for (i = 0; i < nsq_res_0x100; i++)
+ mpz_init_set_ui (sq_res_0x100[i], 0L);
+
+ for (i = 0; i < 0x100; i++)
+ {
+ res = (i * i) % 0x100;
+ mpz_setbit (sq_res_0x100[res / limb_bits],
+ (unsigned long) (res % limb_bits));
+ }
+
+ sq_res_0x100_num = 0;
+ for (i = 0; i < nsq_res_0x100; i++)
+ sq_res_0x100_num += mpz_popcount (sq_res_0x100[i]);
+ sq_res_0x100_fraction = (double) sq_res_0x100_num / 256.0;
+}
+
+void
+generate_mod (int limb_bits, int nail_bits)
+{
+ int numb_bits = limb_bits - nail_bits;
+ int i, divisor;
+
+ mpz_init_set_ui (pp, 0L);
+ mpz_init_set_ui (pp_norm, 0L);
+ mpz_init_set_ui (pp_inverted, 0L);
+
+ /* no more than limb_bits many factors in a one limb modulus (and of
+ course in reality nothing like that many) */
+ factor_alloc = limb_bits;
+ factor = (struct factor_t *) xmalloc (factor_alloc * sizeof (*factor));
+ rawfactor = (struct rawfactor_t *) xmalloc (factor_alloc * sizeof (*rawfactor));
+
+ if (numb_bits % 4 != 0)
+ {
+ strcpy (mod34_excuse, "GMP_NUMB_BITS % 4 != 0");
+ goto use_pp;
+ }
+
+ max_divisor = 2*limb_bits;
+ max_divisor_bits = log2_ceil (max_divisor);
+
+ if (numb_bits / 4 < max_divisor_bits)
+ {
+ /* Wind back to one limb worth of max_divisor, if that will let us use
+ mpn_mod_34lsub1. */
+ max_divisor = limb_bits;
+ max_divisor_bits = log2_ceil (max_divisor);
+
+ if (numb_bits / 4 < max_divisor_bits)
+ {
+ strcpy (mod34_excuse, "GMP_NUMB_BITS / 4 too small");
+ goto use_pp;
+ }
+ }
+
+ {
+ /* Can use mpn_mod_34lsub1, find small factors of 2^mod34_bits-1. */
+ mpz_t m, q, r;
+ int multiplicity;
+
+ mod34_bits = (numb_bits / 4) * 3;
+
+ /* mpn_mod_34lsub1 returns a full limb value, PERFSQR_MOD_34 folds it at
+ the mod34_bits mark, adding the two halves for a remainder of at most
+ mod34_bits+1 many bits */
+ mod_bits = mod34_bits + 1;
+
+ mpz_init_set_ui (m, 1L);
+ mpz_mul_2exp (m, m, mod34_bits);
+ mpz_sub_ui (m, m, 1L);
+
+ mpz_init (q);
+ mpz_init (r);
+
+ for (i = 3; i <= max_divisor; i+=2)
+ {
+ if (! isprime (i))
+ continue;
+
+ mpz_tdiv_qr_ui (q, r, m, (unsigned long) i);
+ if (mpz_sgn (r) != 0)
+ continue;
+
+ /* if a repeated prime is found it's used as an i^n in one factor */
+ divisor = 1;
+ multiplicity = 0;
+ do
+ {
+ if (divisor > max_divisor / i)
+ break;
+ multiplicity++;
+ mpz_set (m, q);
+ mpz_tdiv_qr_ui (q, r, m, (unsigned long) i);
+ }
+ while (mpz_sgn (r) == 0);
+
+ assert (nrawfactor < factor_alloc);
+ rawfactor[nrawfactor].divisor = i;
+ rawfactor[nrawfactor].multiplicity = multiplicity;
+ nrawfactor++;
+ }
+
+ mpz_clear (m);
+ mpz_clear (q);
+ mpz_clear (r);
+ }
+
+ if (nrawfactor <= 2)
+ {
+ mpz_t new_pp;
+
+ sprintf (mod34_excuse, "only %d small factor%s",
+ nrawfactor, nrawfactor == 1 ? "" : "s");
+
+ use_pp:
+ /* reset to two limbs of max_divisor, in case the mpn_mod_34lsub1 code
+ tried with just one */
+ max_divisor = 2*limb_bits;
+ max_divisor_bits = log2_ceil (max_divisor);
+
+ mpz_init (new_pp);
+ nrawfactor = 0;
+ mod_bits = MIN (numb_bits, limb_bits - max_divisor_bits);
+
+ /* one copy of each small prime */
+ mpz_set_ui (pp, 1L);
+ for (i = 3; i <= max_divisor; i+=2)
+ {
+ if (! isprime (i))
+ continue;
+
+ mpz_mul_ui (new_pp, pp, (unsigned long) i);
+ if (mpz_sizeinbase (new_pp, 2) > mod_bits)
+ break;
+ mpz_set (pp, new_pp);
+
+ assert (nrawfactor < factor_alloc);
+ rawfactor[nrawfactor].divisor = i;
+ rawfactor[nrawfactor].multiplicity = 1;
+ nrawfactor++;
+ }
+
+ /* Plus an extra copy of one or more of the primes selected, if that
+ still fits in max_divisor and the total in mod_bits. Usually only
+ 3 or 5 will be candidates */
+ for (i = nrawfactor-1; i >= 0; i--)
+ {
+ if (rawfactor[i].divisor > max_divisor / rawfactor[i].divisor)
+ continue;
+ mpz_mul_ui (new_pp, pp, (unsigned long) rawfactor[i].divisor);
+ if (mpz_sizeinbase (new_pp, 2) > mod_bits)
+ continue;
+ mpz_set (pp, new_pp);
+
+ rawfactor[i].multiplicity++;
+ }
+
+ mod_bits = mpz_sizeinbase (pp, 2);
+
+ mpz_set (pp_norm, pp);
+ while (mpz_sizeinbase (pp_norm, 2) < numb_bits)
+ mpz_add (pp_norm, pp_norm, pp_norm);
+
+ mpz_preinv_invert (pp_inverted, pp_norm, numb_bits);
+
+ mpz_clear (new_pp);
+ }
+
+ /* start the factor array */
+ for (i = 0; i < nrawfactor; i++)
+ {
+ int j;
+ assert (nfactor < factor_alloc);
+ factor[nfactor].divisor = 1;
+ for (j = 0; j < rawfactor[i].multiplicity; j++)
+ factor[nfactor].divisor *= rawfactor[i].divisor;
+ nfactor++;
+ }
+
+ combine:
+ /* Combine entries in the factor array. Combine the smallest entry with
+ the biggest one that will fit with it (ie. under max_divisor), then
+ repeat that with the new smallest entry. */
+ qsort (factor, nfactor, sizeof (factor[0]), f_cmp_divisor);
+ for (i = nfactor-1; i >= 1; i--)
+ {
+ if (factor[i].divisor <= max_divisor / factor[0].divisor)
+ {
+ factor[0].divisor *= factor[i].divisor;
+ COLLAPSE_ELEMENT (factor, i, nfactor);
+ goto combine;
+ }
+ }
+
+ total_fraction = 1.0;
+ for (i = 0; i < nfactor; i++)
+ {
+ mpz_init (factor[i].inverse);
+ mpz_invert_ui_2exp (factor[i].inverse,
+ (unsigned long) factor[i].divisor,
+ (unsigned long) mod_bits);
+
+ mpz_init (factor[i].mask);
+ square_mask (factor[i].mask, factor[i].divisor);
+
+ /* fraction of possible squares */
+ factor[i].fraction = (double) mpz_popcount (factor[i].mask)
+ / factor[i].divisor;
+
+ /* total fraction of possible squares */
+ total_fraction *= factor[i].fraction;
+ }
+
+ /* best tests first (ie. smallest fraction) */
+ qsort (factor, nfactor, sizeof (factor[0]), f_cmp_fraction);
+}
+
+void
+print (int limb_bits, int nail_bits)
+{
+ int i;
+ mpz_t mhi, mlo;
+
+ printf ("/* This file generated by gen-psqr.c - DO NOT EDIT. */\n");
+ printf ("\n");
+
+ printf ("#if GMP_LIMB_BITS != %d || GMP_NAIL_BITS != %d\n",
+ limb_bits, nail_bits);
+ printf ("Error, error, this data is for %d bit limb and %d bit nail\n",
+ limb_bits, nail_bits);
+ printf ("#endif\n");
+ printf ("\n");
+
+ printf ("/* Non-zero bit indicates a quadratic residue mod 0x100.\n");
+ printf (" This test identifies %.2f%% as non-squares (%d/256). */\n",
+ (1.0 - sq_res_0x100_fraction) * 100.0,
+ 0x100 - sq_res_0x100_num);
+ printf ("static const mp_limb_t\n");
+ printf ("sq_res_0x100[%d] = {\n", nsq_res_0x100);
+ for (i = 0; i < nsq_res_0x100; i++)
+ {
+ printf (" CNST_LIMB(0x");
+ mpz_out_str (stdout, 16, sq_res_0x100[i]);
+ printf ("),\n");
+ }
+ printf ("};\n");
+ printf ("\n");
+
+ if (mpz_sgn (pp) != 0)
+ {
+ printf ("/* mpn_mod_34lsub1 not used due to %s */\n", mod34_excuse);
+ printf ("/* PERFSQR_PP = ");
+ }
+ else
+ printf ("/* 2^%d-1 = ", mod34_bits);
+ for (i = 0; i < nrawfactor; i++)
+ {
+ if (i != 0)
+ printf (" * ");
+ printf ("%d", rawfactor[i].divisor);
+ if (rawfactor[i].multiplicity != 1)
+ printf ("^%d", rawfactor[i].multiplicity);
+ }
+ printf (" %s*/\n", mpz_sgn (pp) == 0 ? "... " : "");
+
+ printf ("#define PERFSQR_MOD_BITS %d\n", mod_bits);
+ if (mpz_sgn (pp) != 0)
+ {
+ printf ("#define PERFSQR_PP CNST_LIMB(0x");
+ mpz_out_str (stdout, 16, pp);
+ printf (")\n");
+ printf ("#define PERFSQR_PP_NORM CNST_LIMB(0x");
+ mpz_out_str (stdout, 16, pp_norm);
+ printf (")\n");
+ printf ("#define PERFSQR_PP_INVERTED CNST_LIMB(0x");
+ mpz_out_str (stdout, 16, pp_inverted);
+ printf (")\n");
+ }
+ printf ("\n");
+
+ mpz_init (mhi);
+ mpz_init (mlo);
+
+ printf ("/* This test identifies %.2f%% as non-squares. */\n",
+ (1.0 - total_fraction) * 100.0);
+ printf ("#define PERFSQR_MOD_TEST(up, usize) \\\n");
+ printf (" do { \\\n");
+ printf (" mp_limb_t r; \\\n");
+ if (mpz_sgn (pp) != 0)
+ printf (" PERFSQR_MOD_PP (r, up, usize); \\\n");
+ else
+ printf (" PERFSQR_MOD_34 (r, up, usize); \\\n");
+
+ for (i = 0; i < nfactor; i++)
+ {
+ printf (" \\\n");
+ printf (" /* %5.2f%% */ \\\n",
+ (1.0 - factor[i].fraction) * 100.0);
+
+ printf (" PERFSQR_MOD_%d (r, CNST_LIMB(%2d), CNST_LIMB(0x",
+ factor[i].divisor <= limb_bits ? 1 : 2,
+ factor[i].divisor);
+ mpz_out_str (stdout, 16, factor[i].inverse);
+ printf ("), \\\n");
+ printf (" CNST_LIMB(0x");
+
+ if ( factor[i].divisor <= limb_bits)
+ {
+ mpz_out_str (stdout, 16, factor[i].mask);
+ }
+ else
+ {
+ mpz_tdiv_r_2exp (mlo, factor[i].mask, (unsigned long) limb_bits);
+ mpz_tdiv_q_2exp (mhi, factor[i].mask, (unsigned long) limb_bits);
+ mpz_out_str (stdout, 16, mhi);
+ printf ("), CNST_LIMB(0x");
+ mpz_out_str (stdout, 16, mlo);
+ }
+ printf (")); \\\n");
+ }
+
+ printf (" } while (0)\n");
+ printf ("\n");
+
+ printf ("/* Grand total sq_res_0x100 and PERFSQR_MOD_TEST, %.2f%% non-squares. */\n",
+ (1.0 - (total_fraction * 44.0/256.0)) * 100.0);
+ printf ("\n");
+
+ printf ("/* helper for tests/mpz/t-perfsqr.c */\n");
+ printf ("#define PERFSQR_DIVISORS { 256,");
+ for (i = 0; i < nfactor; i++)
+ printf (" %d,", factor[i].divisor);
+ printf (" }\n");
+
+
+ mpz_clear (mhi);
+ mpz_clear (mlo);
+}
+
+int
+main (int argc, char *argv[])
+{
+ int limb_bits, nail_bits;
+
+ if (argc != 3)
+ {
+ fprintf (stderr, "Usage: gen-psqr <limbbits> <nailbits>\n");
+ exit (1);
+ }
+
+ limb_bits = atoi (argv[1]);
+ nail_bits = atoi (argv[2]);
+
+ if (limb_bits <= 0
+ || nail_bits < 0
+ || nail_bits >= limb_bits)
+ {
+ fprintf (stderr, "Invalid limb/nail bits: %d %d\n",
+ limb_bits, nail_bits);
+ exit (1);
+ }
+
+ generate_sq_res_0x100 (limb_bits);
+ generate_mod (limb_bits, nail_bits);
+
+ print (limb_bits, nail_bits);
+
+ return 0;
+}