(no commit message)

[libreriscv.git] / openpower / sv / biginteger.mdwn

[[!tag standards]]

# Big Integer Arithmetic

**DRAFT STATUS** 19apr2021

BigNum arithmetic is extremely common especially in cryptography,
where for example RSA relies on arithmetic of 2048 or 4096 bits
in length.  The primary operations are add, multiply and divide
(and modulo) with specialisations of subtract and signed multiply.

A reminder that a particular focus of SVP64 is that it is built on
top of Scalar operations, where those scalar operations are useful in
their own right without SVP64. Thus the operstions here are proposed
first as Scalar Extensions to the Power ISA.

A secondary focus is that if Vectorised, implementors may choose
to deploy macro-op fusion targetting back-end 256-bit or greater
Dynamic SIMD ALUs for maximum performance and effectiveness.

# Analysis

Covered in [[biginteger/analysis]] the summary is that standard `adde` is sufficient
for SVP64 Vectorisation of big-integer addition (and subfe for
subtraction) but that big-integer multiply and divide
require two extra 3-in 2-out instructions, similar to Intel's `mulx`,
to be efficient.  Macro-op Fusion and back-end massively-wide SIMD ALUs
may be deployed in a fashion that is hidden from the user, behind a
consistent, stable ISA API.

# Instructions

**DRAFT**

Both `madded` and `msubed` are VA-Form:

|0.....5|6..10|11..15|16..20|21..25|26..31|
|-------|-----|------|------|------|------|
| EXT04 | RT  |  RA  |  RB  |   RC |  XO  |

For the Opcode map (XO Field)
see Power ISA v3.1, Book III, Appendix D, Table 13 (sheet 7 of 8), p1357.
Proposed is the addition of `msubed` (**DRAFT, NOT APPROVED**) which is
in `110110`.  A corresponding `madded` is proposed for `110010`

| 110000 | 110001  | 110010 | 110011 | 110100 | 110101 | 110110 | 110111 |
| ------ | ------- | ------ | ------ | ------ | ------ | ------ | ------ |
| maddhd | maddhdu | madded | maddld | rsvd   | rsvd   | msubed | rsvd   |

For SVP64 EXTRA register extension, the `RM-1P-3S-1D` format is
used with the additional bit set for determining RS.

| Field Name | Field bits | Description                            |
|------------|------------|----------------------------------------|
| Rdest\_EXTRA2 | `10:11` | extends RT (R\*\_EXTRA2 Encoding)   |
| Rsrc1\_EXTRA2 | `12:13` | extends RA (R\*\_EXTRA2 Encoding)   |
| Rsrc2\_EXTRA2 | `14:15` | extends RB (R\*\_EXTRA2 Encoding)   |
| Rsrc3\_EXTRA2 | `16:17` | extends RC (R\*\_EXTRA2 Encoding)   |
| EXTRA2_MODE   | `18`    | used by `msubed` and `madded` for RS   |

When `EXTRA2_MODE` is set to zero, the implicit RS register takes
its Vector/Scalar setting from Rdest_EXTRA2, and takes
the register number from RT, but all numbering
is offset by VL. *Note that element-width overrides influence this
offset* (see SVP64 [[svp64/appendix]] for full details).

When `EXTRA2_MODE` is set to one, the implicit RS register is identical
to RC extended to SVP64 numbering, including whether RC is set Scalar or
Vector.

## msubed

The pseudocode for `msubed RT, RA, RB, RC`` is:

    prod[0:127] = (RA) * (RB)
    sub[0:127] = EXTZ(RC) - prod
    RT <- sub[64:127]
    RS <- sub[0:63] # RS is either RC or RT+VL

Note that RC is not sign-extended to 64-bit.  In a Vector Loop
it contains the top half of the previous multiply-with-subtract,
and the current product must be subtracted from it.

## madded

The pseudocode for `madded RT, RA, RB, RC` is:

    prod[0:127] = (RA) * (RB)
    sum[0:127] = EXTZ(RC) + prod
    RT <- sum[64:127]
    RS <- sum[0:63] # RS is either RC or RT+VL

Again RC is zero-extended (not shifted), the 128-bit product added
to it; the lower half of the result stored in RT and the upper half
in RS.

The differences here to `maddhdu` are that `maddhdu` stores the upper
half in RT, where `madded` stores the upper half in RS. There is no
equivalent to `maddld` because `maddld` performs sign-extension on RC.

# Appendix

see [[appendix]]