GT-multiexp: Add detailed metering

constantine/math/arithmetic/finite_fields.nim

@@ -362,7 +362,7 @@ func div2*(a: var FF) {.meter.} =
   #   a/2       < M if a is even
   debug: doAssert not carry.bool
 
-func inv*(r: var FF, a: FF) =
+func inv*(r: var FF, a: FF) {.meter.} =
   ## Inversion modulo p
   ##
   ## The inverse of 0 is 0.
@@ -383,7 +383,7 @@ func inv*(a: var FF) =
   ## to affine for elliptic curve
   a.inv(a)
 
-func inv_vartime*(r: var FF, a: FF) {.tags: [VarTime].} =
+func inv_vartime*(r: var FF, a: FF) {.meter, tags: [VarTime].} =
   ## Variable-time Inversion modulo p
   ##
   ## The inverse of 0 is 0.
@@ -412,22 +412,22 @@ func inv_vartime*(a: var FF) {.tags: [VarTime].} =
 #
 # This implements extra primitives for ergonomics.
 
-func `*=`*(a: var FF, b: FF) {.meter.} =
+func `*=`*(a: var FF, b: FF) =
   ## Multiplication modulo p
   a.prod(a, b)
 
-func square*(a: var FF, lazyReduce: static bool = false) {.meter.} =
+func square*(a: var FF, lazyReduce: static bool = false) =
   ## Squaring modulo p
   a.square(a, lazyReduce)
 
-func square_repeated*(a: var FF, num: int, lazyReduce: static bool = false) {.meter.} =
+func square_repeated*(a: var FF, num: int, lazyReduce: static bool = false) =
   ## Repeated squarings
   ## Assumes at least 1 squaring
   for _ in 0 ..< num-1:
     a.square(lazyReduce = true)
   a.square(lazyReduce)
 
-func square_repeated*(r: var FF, a: FF, num: int, lazyReduce: static bool = false) {.meter.} =
+func square_repeated*(r: var FF, a: FF, num: int, lazyReduce: static bool = false) =
   ## Repeated squarings
   r.square(a, lazyReduce = true)
   for _ in 1 ..< num-1:

constantine/math/extension_fields/assembly/fp2_asm_x86_adx_bmi2.nim

@@ -43,7 +43,7 @@ func has1extraBit(F: type Fp): bool =
 
 func sqrx2x_complex_asm_adx*(
         r: var array[2, FpDbl],
-        a: array[2, Fp]) =
+        a: array[2, Fp]) {.meter.} =
   ## Complex squaring on 𝔽p2
   # This specialized proc inlines all calls and avoids many ADX support checks.
   # and push/pop for paramater passing.
@@ -63,7 +63,7 @@ func sqrx2x_complex_asm_adx*(
 
 func sqrx_complex_sparebit_asm_adx*(
         r: var array[2, Fp],
-        a: array[2, Fp]) =
+        a: array[2, Fp]) {.meter.} =
   ## Complex squaring on 𝔽p2
   # This specialized proc inlines all calls and avoids many ADX support checks.
   # and push/pop for paramater passing.
@@ -83,7 +83,7 @@ func sqrx_complex_sparebit_asm_adx*(
 
 func mul2x_fp2_complex_asm_adx*(
         r: var array[2, FpDbl],
-        a, b: array[2, Fp]) =
+        a, b: array[2, Fp]) {.meter.} =
   ## Complex multiplication on 𝔽p2
   var D {.noInit.}: typeof(r.c0)
   var t0 {.noInit.}, t1 {.noInit.}: typeof(a.c0)

constantine/math/extension_fields/towers.nim

@@ -755,7 +755,7 @@ func square2x*(r: var QuadraticExt2x, a: QuadraticExt)
 # Complex squarings
 # ----------------------------------------------------------------------
 
-func square_complex(r: var Fp2, a: Fp2) =
+func square_complex(r: var Fp2, a: Fp2) {.meter.} =
   ## Return a² in 𝔽p2 = 𝔽p[𝑖] in ``r``
   ## ``r`` is initialized/overwritten
   ##
@@ -795,7 +795,7 @@ func square_complex(r: var Fp2, a: Fp2) =
   r.c1.double()          # r.c1 = 2 c0 c1             [1 Mul, 2 Dbl, 1 Sub]
   r.c0.prod(v0, v1)      # r.c0 = (c0 + c1)(c0 - c1)  [2 Mul, 2 Dbl, 1 Sub]
 
-func square2x_complex(r: var QuadraticExt2x, a: Fp2) =
+func square2x_complex(r: var QuadraticExt2x, a: Fp2) {.meter.} =
   ## Double-precision unreduced complex squaring
   static: doAssert a.fromComplexExtension()
 
@@ -815,7 +815,7 @@ func square2x_complex(r: var QuadraticExt2x, a: Fp2) =
 # Complex multiplications
 # ----------------------------------------------------------------------
 
-func prod_complex(r: var Fp2, a, b: Fp2) {.used.} =
+func prod_complex(r: var Fp2, a, b: Fp2) {.meter, used.} =
   ## Return a * b in 𝔽p2 = 𝔽p[𝑖] in ``r``
   ## ``r`` is initialized/overwritten
   ##
@@ -849,7 +849,7 @@ func prod_complex(r: var Fp2, a, b: Fp2) {.used.} =
   t.c1.sumprod([a.c0, a.c1], [b.c1, b.c0])
   r = t
 
-func prod2x_complex(r: var QuadraticExt2x, a, b: Fp2) =
+func prod2x_complex(r: var QuadraticExt2x, a, b: Fp2) {.meter.} =
   ## Double-precision unreduced complex multiplication
   # r and a or b cannot alias
   static: doAssert a.fromComplexExtension()
@@ -982,7 +982,7 @@ func square2x_disjoint*[Fdbl, F](
 # Multiplications (specializations)
 # -------------------------------------------------------------------
 
-func prodImpl_fp4o2_complex_snr_1pi[Name: static Algebra](r: var Fp4[Name], a, b: Fp4[Name]) =
+func prodImpl_fp4o2_complex_snr_1pi[Name: static Algebra](r: var Fp4[Name], a, b: Fp4[Name]) {.meter.} =
   ## Returns r = a * b
   ## For 𝔽p4/𝔽p2 with the following non-residue (NR) constraints:
   ##   * -1 is a quadratic non-residue in 𝔽p hence 𝔽p2 has coordinates a+𝑖b with i = √-1. This implies p ≡ 3 (mod 4)
@@ -1638,7 +1638,7 @@ func square_Chung_Hasan_SQR3(r: var CubicExt, a: CubicExt) =
 # Multiplications (specializations)
 # -------------------------------------------------------------------
 
-func prodImpl_fp6o2_complex_snr_1pi[Name: static Algebra](r: var Fp6[Name], a, b: Fp6[Name]) =
+func prodImpl_fp6o2_complex_snr_1pi[Name: static Algebra](r: var Fp6[Name], a, b: Fp6[Name]) {.meter.} =
   ## Returns r = a * b
   ## For 𝔽p4/𝔽p2 with the following non-residue (NR) constraints:
   ##   * -1 is a quadratic non-residue in 𝔽p hence 𝔽p2 has coordinates a+𝑖b with i = √-1. This implies p ≡ 3 (mod 4)

constantine/math/pairings/gt_multiexp.nim

@@ -78,31 +78,31 @@ func bestBucketBitSize(inputSize: int, scalarBitwidth: static int, useSignedBuck
     if 13 <= result:
       result -= 1
 
-func `~*=`[Gt: ExtensionField](a: var Gt, b: Gt) {.inline.} =
-  # TODO: Analyze the inputs to see if there is avalue in more complex shortcuts (-1, or partial 0 coordinates)
+func `~*=`[Gt: ExtensionField](a: var Gt, b: Gt) {.meter, inline.} =
+  # TODO: Analyze the inputs to see if there is a value in more complex shortcuts (-1, or partial 0 coordinates)
   if a.isOne().bool():
     a = b
   elif b.isOne().bool():
     discard
   else:
     a *= b
 
-func `~/=`[Gt: ExtensionField](a: var Gt, b: Gt) {.inline.} =
+func `~/=`[Gt: ExtensionField](a: var Gt, b: Gt) {.meter, inline.} =
   ## Cyclotomic division
   var t {.noInit.}: Gt
   t.cyclotomic_inv(b)
   a ~*= t
 
-func setNeutral[Gt: ExtensionField](a: var Gt) {.inline.} =
+func setNeutral[Gt: ExtensionField](a: var Gt) {.meter, inline.} =
   a.setOne()
 
-func `~*=`(a: var T2Prj, b: T2Aff) {.inline.} =
+func `~*=`(a: var T2Prj, b: T2Aff) {.meter, inline.} =
   a.mixedProd_vartime(a, b)
 
-func `~*=`(a: var T2Prj, b: T2Prj) {.inline.} =
+func `~*=`(a: var T2Prj, b: T2Prj) {.meter, inline.} =
   a.prod(a, b)
 
-func `~/=`(a: var T2Prj, b: T2Aff) {.inline.} =
+func `~/=`(a: var T2Prj, b: T2Aff) {.meter, inline.} =
   ## Cyclotomic division
   var t {.noInit.}: T2Aff
   t.inv(b)

constantine/math/pairings/gt_prj.nim

@@ -424,7 +424,7 @@ proc prod*[F](r: var T2Prj[F], a, b: T2Prj[F]) {.inline.} =
   type QF = QuadraticExt[F]
   QF(r).prod(QF a, QF b)
 
-proc square*[F](r: var T2Prj[F], a: T2Prj[F]) {.inline.} =
+proc square*[F](r: var T2Prj[F], a: T2Prj[F]) {.meter, inline.} =
   type QF = QuadraticExt[F]
   QF(r).square(QF a)
 

constantine/platforms/metering/tracer.nim

@@ -72,7 +72,11 @@ when CTT_METER or CTT_TRACE:
 
   template fnEntry(name: string, id: int, startTime, startCycle: untyped): untyped =
     ## Bench tracing to insert on function entry
-    {.noSideEffect, gcsafe.}:
+
+    # Timing procedures adds the TimeEffect tag, which interferes with {.tags:[VarTime].}
+    # as TimeEffect is not listed.
+    # cast(tags: []) drops the `TimeEffect` for metering
+    {.noSideEffect, gcsafe, cast(tags: []).}:
       discard Metrics[id].numCalls.atomicInc()
       let startTime = getMonoTime()
       when SupportsGetTicks:
@@ -82,7 +86,11 @@ when CTT_METER or CTT_TRACE:
 
   template fnExit(name: string, id: int, startTime, startCycle: untyped): untyped =
     ## Bench tracing to insert before each function exit
-    {.noSideEffect, gcsafe.}:
+
+    # Timing procedures adds the TimeEffect tag, which interferes with {.tags:[VarTime].}
+    # as TimeEffect is not listed.
+    # cast(tags: []) drops the `TimeEffect` for metering
+    {.noSideEffect, gcsafe, cast(tags: []).}:
       when SupportsGetTicks:
         let stopCycle = getTicks()
       let stopTime = getMonoTime()
@@ -121,24 +129,6 @@ when CTT_METER or CTT_TRACE:
     newbody.add nnkDefer.newTree(getAst(fnExit(name, id, startTime, startCycle)))
     newBody.add procAst.body
 
-    if procAst[4].kind != nnkEmpty:
-      # Timing procedures adds the TimeEffect tag, which interferes with {.tags:[VarTime].}
-      # as TimeEffect is not listed. We drop the `tags` for metering
-      var pragmas: NimNode
-      if procAst[4].len == 1:
-        if procAst[4][0].kind == nnkExprColonExpr and procAst[4][0][0].eqIdent"tags":
-          pragmas = newEmptyNode()
-        else:
-          pragmas = procAst[4]
-      else:
-        pragmas = nnkPragma.newTree()
-        for i in 0 ..< procAst[4].len:
-          if procAst[4][0].kind == nnkExprColonExpr and procAst[4][0][0].eqIdent"tags":
-            continue
-          else:
-            pragmas.add procAst[4][0]
-      procAst[4] = pragmas
-
     procAst.body = newBody
     result = procAst
 

metering/eip2537.md → metering/m_eip2537.md

@@ -2,7 +2,7 @@
 
 > CC=clang nimble bench_summary_bls12_381
 
-![eip2537_bench_ryzen_7840U.png](eip2537_bench_ryzen_7840U.png)
+![eip2537_bench_ryzen_7840U.png](m_eip2537_bench_ryzen_7840U.png)
 
 |                                      |                                          |                                 |                        |                                |
 | ------------------------------------ | ---------------------------------------- | ------------------------------- | ---------------------- | ------------------------------ |

metering/m_eip2537.nim

@@ -29,7 +29,7 @@ import
 var rng*: RngState
 let seed = uint32(getTime().toUnix() and (1'i64 shl 32 - 1)) # unixTime mod 2^32
 rng.seed(seed)
-echo "bench xoshiro512** seed: ", seed
+echo "metering xoshiro512** seed: ", seed
 
 func random_point*(rng: var RngState, EC: typedesc[EC_ShortW_Aff]): EC {.noInit.} =
   var jac = rng.random_unsafe(EC_ShortW_Jac[EC.F, EC.G])