Add bounds reasoning comments to AVX2 basemul

jammychiou1 · mkannwischer · commit 7b33a4cf8e4a · 2025-11-10T10:16:16.000+08:00
Improve some existing comments while we're at it.

Signed-off-by: jammychiou1 &lt;jammy.chiou1@gmail.com&gt;
diff --git a/dev/x86_64/src/pointwise.S b/dev/x86_64/src/pointwise.S
@@ -48,6 +48,8 @@ MLD_ASM_FN_SYMBOL(pointwise_avx2)
 
         xor     eax, eax
 _looptop1:
+// Handle 24 = 3*8 coefficients per iteration
+
 // Load
         vmovdqa ymm2, [rsi]
         vmovdqa ymm4, [rsi + 32]
@@ -61,6 +63,12 @@ _looptop1:
         vpsrlq  ymm11, ymm10, 32
         vpsrlq  ymm13, ymm12, 32
         vmovshdup ymm15, ymm14
+        /*
+         * ymm{i} stores a's coefficients for i in 2...7, and b's coefficients
+         * for i in 10...15.
+         *
+         * Bounds: |ymm{i}| < 9q for i in 2...7, 10...15
+         */
 
 // Multiply
         vpmuldq ymm2, ymm2, ymm10
@@ -69,6 +77,10 @@ _looptop1:
         vpmuldq ymm5, ymm5, ymm13
         vpmuldq ymm6, ymm6, ymm14
         vpmuldq ymm7, ymm7, ymm15
+        /*
+         * Bounds: |ymm{i}| < 81q^2 < MONTGOMERY_REDUCE_STRONG_DOMAIN_MAX
+         *             for i in 2...7
+         */
 
 // Reduce
         vpmuldq ymm10, ymm0, ymm2
@@ -89,11 +101,18 @@ _looptop1:
         vpsubq  ymm5, ymm5, ymm13
         vpsubq  ymm6, ymm6, ymm14
         vpsubq  ymm7, ymm7, ymm15
+        /*
+         * All coefficients are Montgomery-reduced, resulting in
+         *
+         * Bounds: |ymm{i}| < q for i in 2...7
+         *
+         * See description of mld_montgomery_reduce() in mldsa/src/reduce.h.
+         */
+
+// Store
         vpsrlq  ymm2, ymm2, 32
         vpsrlq  ymm4, ymm4, 32
         vmovshdup ymm6, ymm6
-
-// Store
         vpblendd ymm2, ymm2, ymm3, 0xAA
         vpblendd ymm4, ymm4, ymm5, 0xAA
         vpblendd ymm6, ymm6, ymm7, 0xAA
@@ -108,6 +127,10 @@ _looptop1:
         cmp     eax, 10
         jb      _looptop1
 
+
+// Handle the last 256 % 24 = 16 = 2*8 coefficients, left over by the loop
+
+// Load
         vmovdqa ymm2, [rsi]
         vmovdqa ymm4, [rsi + 32]
         vmovdqa ymm10, [rdx]
@@ -116,12 +139,22 @@ _looptop1:
         vpsrlq  ymm5, ymm4, 32
         vmovshdup ymm11, ymm10
         vmovshdup ymm13, ymm12
+        /*
+         * ymm{i} stores a's coefficients for i in 2...5, and b's coefficients
+         * for i in 10...13.
+         *
+         * Bounds: |ymm{i}| < 9q for i in 2...5, 10...13
+         */
 
 // Multiply
         vpmuldq ymm2, ymm2, ymm10
         vpmuldq ymm3, ymm3, ymm11
         vpmuldq ymm4, ymm4, ymm12
         vpmuldq ymm5, ymm5, ymm13
+        /*
+         * Bounds: |ymm{i}| < 81q^2 < MONTGOMERY_REDUCE_STRONG_DOMAIN_MAX
+         *             for i in 2...5
+         */
 
 // Reduce
         vpmuldq ymm10, ymm0, ymm2
@@ -136,10 +169,15 @@ _looptop1:
         vpsubq  ymm3, ymm3, ymm11
         vpsubq  ymm4, ymm4, ymm12
         vpsubq  ymm5, ymm5, ymm13
-        vpsrlq  ymm2, ymm2, 32
-        vmovshdup ymm4, ymm4
+        /*
+         * As explained in the loop.
+         *
+         * Bounds: |ymm{i}| < q for i in 2...5
+         */
 
 // Store
+        vpsrlq  ymm2, ymm2, 32
+        vmovshdup ymm4, ymm4
         vpblendd ymm2, ymm3, ymm2, 0x55
         vpblendd ymm4, ymm5, ymm4, 0x55
         vmovdqa [rdi], ymm2
diff --git a/dev/x86_64/src/pointwise_acc_l4.S b/dev/x86_64/src/pointwise_acc_l4.S
@@ -37,12 +37,20 @@
         vpsrlq  ymm9, ymm8, 32
         vmovshdup ymm11, ymm10
         vmovshdup ymm13, ymm12
+        /*
+         * ymm{i} stores a's coefficients for i in 6...9, and b's coefficients
+         * for i in 10...13.
+         *
+         * Bounds: |ymm{i}| < q  for i in 6...9
+         *                  < 9q for i in 10...13
+         */
 
 // Multiply
         vpmuldq ymm6, ymm6, ymm10
         vpmuldq ymm7, ymm7, ymm11
         vpmuldq ymm8, ymm8, ymm12
         vpmuldq ymm9, ymm9, ymm13
+        /* Bounds: |ymm{i}| < 9q^2 for i in 6...9 */
 .endm
 
 .macro acc
@@ -80,15 +88,19 @@ _looptop2:
         vmovdqa ymm3, ymm7
         vmovdqa ymm4, ymm8
         vmovdqa ymm5, ymm9
+        /* Bounds: |ymm{i}| < 9q^2 */
 
         pointwise 1024
         acc
+        /* Bounds: |ymm{i}| < 18q^2 */
 
         pointwise 2048
         acc
+        /* Bounds: |ymm{i}| < 27q^2 */
 
         pointwise 3072
         acc
+        /* Bounds: |ymm{i}| < 36q^2 < MONTGOMERY_REDUCE_STRONG_DOMAIN_MAX */
 
 // Reduce
         vpmuldq ymm6, ymm0, ymm2
@@ -103,10 +115,17 @@ _looptop2:
         vpsubq  ymm3, ymm3, ymm7
         vpsubq  ymm4, ymm4, ymm8
         vpsubq  ymm5, ymm5, ymm9
-        vpsrlq  ymm2, ymm2, 32
-        vmovshdup ymm4, ymm4
+        /*
+         * All coefficients are Montgomery-reduced, resulting in
+         *
+         * Bounds: |ymm{i}| < q for i in 2...5
+         *
+         * See description of mld_montgomery_reduce() in mldsa/src/reduce.h.
+         */
 
 // Store
+        vpsrlq  ymm2, ymm2, 32
+        vmovshdup ymm4, ymm4
         vpblendd ymm2, ymm2, ymm3, 0xAA
         vpblendd ymm4, ymm4, ymm5, 0xAA
 
diff --git a/dev/x86_64/src/pointwise_acc_l5.S b/dev/x86_64/src/pointwise_acc_l5.S
@@ -37,12 +37,20 @@
         vpsrlq  ymm9, ymm8, 32
         vmovshdup ymm11, ymm10
         vmovshdup ymm13, ymm12
+        /*
+         * ymm{i} stores a's coefficients for i in 6...9, and b's coefficients
+         * for i in 10...13.
+         *
+         * Bounds: |ymm{i}| < q  for i in 6...9
+         *                  < 9q for i in 10...13
+         */
 
 // Multiply
         vpmuldq ymm6, ymm6, ymm10
         vpmuldq ymm7, ymm7, ymm11
         vpmuldq ymm8, ymm8, ymm12
         vpmuldq ymm9, ymm9, ymm13
+        /* Bounds: |ymm{i}| < 9q^2 for i in 6...9 */
 .endm
 
 .macro acc
@@ -80,18 +88,23 @@ _looptop2:
         vmovdqa ymm3, ymm7
         vmovdqa ymm4, ymm8
         vmovdqa ymm5, ymm9
+        /* Bounds: |ymm{i}| < 9q^2 */
 
         pointwise 1024
         acc
+        /* Bounds: |ymm{i}| < 18q^2 */
 
         pointwise 2048
         acc
+        /* Bounds: |ymm{i}| < 27q^2 */
 
         pointwise 3072
         acc
+        /* Bounds: |ymm{i}| < 36q^2 */
 
         pointwise 4096
         acc
+        /* Bounds: |ymm{i}| < 45q^2 < MONTGOMERY_REDUCE_STRONG_DOMAIN_MAX */
 
 // Reduce
         vpmuldq ymm6, ymm0, ymm2
@@ -106,10 +119,17 @@ _looptop2:
         vpsubq  ymm3, ymm3, ymm7
         vpsubq  ymm4, ymm4, ymm8
         vpsubq  ymm5, ymm5, ymm9
-        vpsrlq  ymm2, ymm2, 32
-        vmovshdup ymm4, ymm4
+        /*
+         * All coefficients are Montgomery-reduced, resulting in
+         *
+         * Bounds: |ymm{i}| < q for i in 2...5
+         *
+         * See description of mld_montgomery_reduce() in mldsa/src/reduce.h.
+         */
 
 // Store
+        vpsrlq  ymm2, ymm2, 32
+        vmovshdup ymm4, ymm4
         vpblendd ymm2, ymm2, ymm3, 0xAA
         vpblendd ymm4, ymm4, ymm5, 0xAA
 
diff --git a/dev/x86_64/src/pointwise_acc_l7.S b/dev/x86_64/src/pointwise_acc_l7.S
@@ -37,12 +37,20 @@
         vpsrlq  ymm9, ymm8, 32
         vmovshdup ymm11, ymm10
         vmovshdup ymm13, ymm12
+        /*
+         * ymm{i} stores a's coefficients for i in 6...9, and b's coefficients
+         * for i in 10...13.
+         *
+         * Bounds: |ymm{i}| < q  for i in 6...9
+         *                  < 9q for i in 10...13
+         */
 
 // Multiply
         vpmuldq ymm6, ymm6, ymm10
         vpmuldq ymm7, ymm7, ymm11
         vpmuldq ymm8, ymm8, ymm12
         vpmuldq ymm9, ymm9, ymm13
+        /* Bounds: |ymm{i}| < 9q^2 for i in 6...9 */
 .endm
 
 .macro acc
@@ -80,24 +88,31 @@ _looptop2:
         vmovdqa ymm3, ymm7
         vmovdqa ymm4, ymm8
         vmovdqa ymm5, ymm9
+        /* Bounds: |ymm{i}| < 9q^2 */
 
         pointwise 1024
         acc
+        /* Bounds: |ymm{i}| < 18q^2 */
 
         pointwise 2048
         acc
+        /* Bounds: |ymm{i}| < 27q^2 */
 
         pointwise 3072
         acc
+        /* Bounds: |ymm{i}| < 36q^2 */
 
         pointwise 4096
         acc
+        /* Bounds: |ymm{i}| < 45q^2 */
 
         pointwise 5120
         acc
+        /* Bounds: |ymm{i}| < 54q^2 */
 
         pointwise 6144
         acc
+        /* Bounds: |ymm{i}| < 63q^2 < MONTGOMERY_REDUCE_STRONG_DOMAIN_MAX */
 
 // Reduce
         vpmuldq ymm6, ymm0, ymm2
@@ -112,10 +127,17 @@ _looptop2:
         vpsubq  ymm3, ymm3, ymm7
         vpsubq  ymm4, ymm4, ymm8
         vpsubq  ymm5, ymm5, ymm9
-        vpsrlq  ymm2, ymm2, 32
-        vmovshdup ymm4, ymm4
+        /*
+         * All coefficients are Montgomery-reduced, resulting in
+         *
+         * Bounds: |ymm{i}| < q for i in 2...5
+         *
+         * See description of mld_montgomery_reduce() in mldsa/src/reduce.h.
+         */
 
 // Store
+        vpsrlq  ymm2, ymm2, 32
+        vmovshdup ymm4, ymm4
         vpblendd ymm2, ymm2, ymm3, 0xAA
         vpblendd ymm4, ymm4, ymm5, 0xAA
 
