digest-blake3 0.22.1 → 1.2.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cc9e904530fd556aa81345371cdcc84ba0f96af0f34ad88e7d5fca03ea334413
-  data.tar.gz: e7eb9d2902ea6b314598a476e36ee3d2ec1253a063283cce93b6bc9dbc33ad15
+  metadata.gz: ec7a77d6875b688e1cb1fbe8470cbf67278f9fe3f2f8e516bafe7abc0bf54bc4
+  data.tar.gz: 74e13b2480eccd5c2fe3fa913a0962217c1f07c95b5db80b8303086488ee5d9f
 SHA512:
-  metadata.gz: 0d1a215201ad7aae6cebca040db27f4336861582be4870d6d57adcf9b345fa3c44fd5dd7443b0417fc9fe407bf52d98d03eb7065d92f699091f6adfb10fa67c2
-  data.tar.gz: 262293d252c00c9aaa00bcf7cbeb066a3be416a4b2314473740627906fbbec466a2b1cf199d1fdfa0aecfa1568bf40fe661ca2c22162243c2cacd49f43aed9dc
+  metadata.gz: de0fb7b5ccce755c313da8e547a430950d181170c64561746890ce8855ce5e09d3232b16316f36d22320ae5d23cf7904e8221a26358e96d9566ba247ef613214
+  data.tar.gz: 33e15e9469128ba227dbe6b57d9c44fe55078b9031975bf9db783a469c93342c7ccbf38b763ddfed7f09c941a42a6df89302cfda0e38b0ad4967a12acac4b18a

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    digest-blake3 (0.22.1)
+    digest-blake3 (1.2.0.0)
 
 GEM
   remote: https://rubygems.org/

data/README.md

@@ -58,7 +58,7 @@ To install this gem onto your local machine, run `bundle exec rake install`. To
 
 ## Contributing
 
-Bug reports and pull requests are welcome on GitHub at https://github.com/[USERNAME]/digest-blake3.
+Bug reports and pull requests are welcome on GitHub at https://github.com/willbryant/digest-blake3.
 
 ## License
 

data/ext/digest/blake3/blake3.c

@@ -5,6 +5,8 @@
 #include "blake3.h"
 #include "blake3_impl.h"
 
+const char *blake3_version(void) { return BLAKE3_VERSION_STRING; }
+
 INLINE void chunk_state_init(blake3_chunk_state *self, const uint32_t key[8],
                              uint8_t flags) {
   memcpy(self->cv, key, BLAKE3_KEY_LEN);
@@ -81,26 +83,29 @@ INLINE void output_chaining_value(const output_t *self, uint8_t cv[32]) {
   memcpy(cv_words, self->input_cv, 32);
   blake3_compress_in_place(cv_words, self->block, self->block_len,
                            self->counter, self->flags);
-  memcpy(cv, cv_words, 32);
+  store_cv_words(cv, cv_words);
 }
 
-INLINE void output_root_bytes(const output_t *self, uint8_t *out,
+INLINE void output_root_bytes(const output_t *self, uint64_t seek, uint8_t *out,
                               size_t out_len) {
-  uint64_t output_block_counter = 0;
+  uint64_t output_block_counter = seek / 64;
+  size_t offset_within_block = seek % 64;
   uint8_t wide_buf[64];
   while (out_len > 0) {
     blake3_compress_xof(self->input_cv, self->block, self->block_len,
                         output_block_counter, self->flags | ROOT, wide_buf);
+    size_t available_bytes = 64 - offset_within_block;
     size_t memcpy_len;
-    if (out_len > 64) {
-      memcpy_len = 64;
+    if (out_len > available_bytes) {
+      memcpy_len = available_bytes;
     } else {
       memcpy_len = out_len;
     }
-    memcpy(out, wide_buf, memcpy_len);
+    memcpy(out, wide_buf + offset_within_block, memcpy_len);
     out += memcpy_len;
     out_len -= memcpy_len;
     output_block_counter += 1;
+    offset_within_block = 0;
   }
 }
 
@@ -256,10 +261,11 @@ INLINE size_t compress_parents_parallel(const uint8_t *child_chaining_values,
 // Why not just have the caller split the input on the first update(), instead
 // of implementing this special rule? Because we don't want to limit SIMD or
 // multi-threading parallelism for that update().
-size_t blake3_compress_subtree_wide(const uint8_t *input, size_t input_len,
-                                    const uint32_t key[8],
-                                    uint64_t chunk_counter, uint8_t flags,
-                                    uint8_t *out) {
+static size_t blake3_compress_subtree_wide(const uint8_t *input,
+                                           size_t input_len,
+                                           const uint32_t key[8],
+                                           uint64_t chunk_counter,
+                                           uint8_t flags, uint8_t *out) {
   // Note that the single chunk case does *not* bump the SIMD degree up to 2
   // when it is 1. If this implementation adds multi-threading in the future,
   // this gives us the option of multi-threading even the 2-chunk case, which
@@ -331,15 +337,21 @@ INLINE void compress_subtree_to_parent_node(
   assert(input_len > BLAKE3_CHUNK_LEN);
 #endif
 
-  uint8_t cv_array[2 * MAX_SIMD_DEGREE_OR_2 * BLAKE3_OUT_LEN];
+  uint8_t cv_array[MAX_SIMD_DEGREE_OR_2 * BLAKE3_OUT_LEN];
   size_t num_cvs = blake3_compress_subtree_wide(input, input_len, key,
                                                 chunk_counter, flags, cv_array);
+  assert(num_cvs <= MAX_SIMD_DEGREE_OR_2);
 
   // If MAX_SIMD_DEGREE is greater than 2 and there's enough input,
   // compress_subtree_wide() returns more than 2 chaining values. Condense
   // them into 2 by forming parent nodes repeatedly.
   uint8_t out_array[MAX_SIMD_DEGREE_OR_2 * BLAKE3_OUT_LEN / 2];
-  while (num_cvs > 2) {
+  // The second half of this loop condition is always true, and we just
+  // asserted it above. But GCC can't tell that it's always true, and if NDEBUG
+  // is set on platforms where MAX_SIMD_DEGREE_OR_2 == 2, GCC emits spurious
+  // warnings here. GCC 8.5 is particularly sensitive, so if you're changing
+  // this code, test it against that version.
+  while (num_cvs > 2 && num_cvs <= MAX_SIMD_DEGREE_OR_2) {
     num_cvs =
         compress_parents_parallel(cv_array, num_cvs, key, flags, out_array);
     memcpy(cv_array, out_array, num_cvs * BLAKE3_OUT_LEN);
@@ -363,10 +375,11 @@ void blake3_hasher_init_keyed(blake3_hasher *self,
   hasher_init_base(self, key_words, KEYED_HASH);
 }
 
-void blake3_hasher_init_derive_key(blake3_hasher *self, const char *context) {
+void blake3_hasher_init_derive_key_raw(blake3_hasher *self, const void *context,
+                                       size_t context_len) {
   blake3_hasher context_hasher;
   hasher_init_base(&context_hasher, IV, DERIVE_KEY_CONTEXT);
-  blake3_hasher_update(&context_hasher, context, strlen(context));
+  blake3_hasher_update(&context_hasher, context, context_len);
   uint8_t context_key[BLAKE3_KEY_LEN];
   blake3_hasher_finalize(&context_hasher, context_key, BLAKE3_KEY_LEN);
   uint32_t context_key_words[8];
@@ -374,6 +387,10 @@ void blake3_hasher_init_derive_key(blake3_hasher *self, const char *context) {
   hasher_init_base(self, context_key_words, DERIVE_KEY_MATERIAL);
 }
 
+void blake3_hasher_init_derive_key(blake3_hasher *self, const char *context) {
+  blake3_hasher_init_derive_key_raw(self, context, strlen(context));
+}
+
 // As described in hasher_push_cv() below, we do "lazy merging", delaying
 // merges until right before the next CV is about to be added. This is
 // different from the reference implementation. Another difference is that we
@@ -425,8 +442,8 @@ INLINE void hasher_merge_cv_stack(blake3_hasher *self, uint64_t total_len) {
 // compress_subtree_to_parent_node(). That function always returns the top
 // *two* chaining values of the subtree it's compressing. We then do lazy
 // merging with each of them separately, so that the second CV will always
-// remain unmerged. (The compress_subtree_to_parent_node also helps us support
-// extendable output when we're hashing an input all-at-once.)
+// remain unmerged. (That also helps us support extendable output when we're
+// hashing an input all-at-once.)
 INLINE void hasher_push_cv(blake3_hasher *self, uint8_t new_cv[BLAKE3_OUT_LEN],
                            uint64_t chunk_counter) {
   hasher_merge_cv_stack(self, chunk_counter);
@@ -472,8 +489,8 @@ void blake3_hasher_update(blake3_hasher *self, const void *input,
 
   // Now the chunk_state is clear, and we have more input. If there's more than
   // a single chunk (so, definitely not the root chunk), hash the largest whole
-  // subtree we can, with the full benefits of SIMD and multi-threading
-  // parallelism. Two restrictions:
+  // subtree we can, with the full benefits of SIMD (and maybe in the future,
+  // multi-threading) parallelism. Two restrictions:
   // - The subtree has to be a power-of-2 number of chunks. Only subtrees along
   //   the right edge can be incomplete, and we don't know where the right edge
   //   is going to be until we get to finalize().
@@ -546,6 +563,11 @@ void blake3_hasher_update(blake3_hasher *self, const void *input,
 
 void blake3_hasher_finalize(const blake3_hasher *self, uint8_t *out,
                             size_t out_len) {
+  blake3_hasher_finalize_seek(self, 0, out, out_len);
+}
+
+void blake3_hasher_finalize_seek(const blake3_hasher *self, uint64_t seek,
+                                 uint8_t *out, size_t out_len) {
   // Explicitly checking for zero avoids causing UB by passing a null pointer
   // to memcpy. This comes up in practice with things like:
   //   std::vector<uint8_t> v;
@@ -557,7 +579,7 @@ void blake3_hasher_finalize(const blake3_hasher *self, uint8_t *out,
   // If the subtree stack is empty, then the current chunk is the root.
   if (self->cv_stack_len == 0) {
     output_t output = chunk_state_output(&self->chunk);
-    output_root_bytes(&output, out, out_len);
+    output_root_bytes(&output, seek, out, out_len);
     return;
   }
   // If there are any bytes in the chunk state, finalize that chunk and do a
@@ -585,5 +607,5 @@ void blake3_hasher_finalize(const blake3_hasher *self, uint8_t *out,
     output_chaining_value(&output, &parent_block[32]);
     output = parent_output(parent_block, self->key, self->chunk.flags);
   }
-  output_root_bytes(&output, out, out_len);
+  output_root_bytes(&output, seek, out, out_len);
 }

data/ext/digest/blake3/blake3.h

@@ -4,16 +4,16 @@
 #include <stddef.h>
 #include <stdint.h>
 
-#ifdef  __cplusplus
+#ifdef __cplusplus
 extern "C" {
 #endif
 
+#define BLAKE3_VERSION_STRING "1.2.0"
 #define BLAKE3_KEY_LEN 32
 #define BLAKE3_OUT_LEN 32
 #define BLAKE3_BLOCK_LEN 64
 #define BLAKE3_CHUNK_LEN 1024
 #define BLAKE3_MAX_DEPTH 54
-#define BLAKE3_MAX_SIMD_DEGREE 16
 
 // This struct is a private implementation detail. It has to be here because
 // it's part of blake3_hasher below.
@@ -38,16 +38,21 @@ typedef struct {
   uint8_t cv_stack[(BLAKE3_MAX_DEPTH + 1) * BLAKE3_OUT_LEN];
 } blake3_hasher;
 
+const char *blake3_version(void);
 void blake3_hasher_init(blake3_hasher *self);
 void blake3_hasher_init_keyed(blake3_hasher *self,
                               const uint8_t key[BLAKE3_KEY_LEN]);
 void blake3_hasher_init_derive_key(blake3_hasher *self, const char *context);
+void blake3_hasher_init_derive_key_raw(blake3_hasher *self, const void *context,
+                                       size_t context_len);
 void blake3_hasher_update(blake3_hasher *self, const void *input,
                           size_t input_len);
 void blake3_hasher_finalize(const blake3_hasher *self, uint8_t *out,
                             size_t out_len);
+void blake3_hasher_finalize_seek(const blake3_hasher *self, uint64_t seek,
+                                 uint8_t *out, size_t out_len);
 
-#ifdef  __cplusplus
+#ifdef __cplusplus
 }
 #endif
 

data/ext/digest/blake3/blake3_avx2_x86-64_unix.S

@@ -1,3 +1,17 @@
+#if defined(__ELF__) && defined(__linux__)
+.section .note.GNU-stack,"",%progbits
+#endif
+
+#if defined(__ELF__) && defined(__CET__) && defined(__has_include)
+#if __has_include(<cet.h>)
+#include <cet.h>
+#endif
+#endif
+
+#if !defined(_CET_ENDBR)
+#define _CET_ENDBR
+#endif
+
 .intel_syntax noprefix
 .global _blake3_hash_many_avx2
 .global blake3_hash_many_avx2
@@ -9,6 +23,7 @@
         .p2align  6
 _blake3_hash_many_avx2:
 blake3_hash_many_avx2:
+        _CET_ENDBR
         push    r15
         push    r14
         push    r13

data/ext/digest/blake3/blake3_avx512_x86-64_unix.S

@@ -1,5 +1,18 @@
-.intel_syntax noprefix
+#if defined(__ELF__) && defined(__linux__)
+.section .note.GNU-stack,"",%progbits
+#endif
+
+#if defined(__ELF__) && defined(__CET__) && defined(__has_include)
+#if __has_include(<cet.h>)
+#include <cet.h>
+#endif
+#endif
+
+#if !defined(_CET_ENDBR)
+#define _CET_ENDBR
+#endif
 
+.intel_syntax noprefix
 .global _blake3_hash_many_avx512
 .global blake3_hash_many_avx512
 .global blake3_compress_in_place_avx512
@@ -15,6 +28,7 @@
 .p2align  6
 _blake3_hash_many_avx512:
 blake3_hash_many_avx512:
+        _CET_ENDBR
         push    r15
         push    r14
         push    r13
@@ -82,15 +96,15 @@ blake3_hash_many_avx512:
         mov     r14, qword ptr [rdi+0x50]
         mov     r15, qword ptr [rdi+0x58]
         vmovdqu32 ymm16, ymmword ptr [rdx+r8-0x2*0x20]
-        vinserti32x8 zmm16, zmm16, ymmword ptr [rdx+r12-0x2*0x20], 0x01
+        vinserti64x4 zmm16, zmm16, ymmword ptr [rdx+r12-0x2*0x20], 0x01
         vmovdqu32 ymm17, ymmword ptr [rdx+r9-0x2*0x20]
-        vinserti32x8 zmm17, zmm17, ymmword ptr [rdx+r13-0x2*0x20], 0x01
+        vinserti64x4 zmm17, zmm17, ymmword ptr [rdx+r13-0x2*0x20], 0x01
         vpunpcklqdq zmm8, zmm16, zmm17
         vpunpckhqdq zmm9, zmm16, zmm17
         vmovdqu32 ymm18, ymmword ptr [rdx+r10-0x2*0x20]
-        vinserti32x8 zmm18, zmm18, ymmword ptr [rdx+r14-0x2*0x20], 0x01
+        vinserti64x4 zmm18, zmm18, ymmword ptr [rdx+r14-0x2*0x20], 0x01
         vmovdqu32 ymm19, ymmword ptr [rdx+r11-0x2*0x20]
-        vinserti32x8 zmm19, zmm19, ymmword ptr [rdx+r15-0x2*0x20], 0x01
+        vinserti64x4 zmm19, zmm19, ymmword ptr [rdx+r15-0x2*0x20], 0x01
         vpunpcklqdq zmm10, zmm18, zmm19
         vpunpckhqdq zmm11, zmm18, zmm19
         mov     r8, qword ptr [rdi+0x20]
@@ -102,15 +116,15 @@ blake3_hash_many_avx512:
         mov     r14, qword ptr [rdi+0x70]
         mov     r15, qword ptr [rdi+0x78]
         vmovdqu32 ymm16, ymmword ptr [rdx+r8-0x2*0x20]
-        vinserti32x8 zmm16, zmm16, ymmword ptr [rdx+r12-0x2*0x20], 0x01
+        vinserti64x4 zmm16, zmm16, ymmword ptr [rdx+r12-0x2*0x20], 0x01
         vmovdqu32 ymm17, ymmword ptr [rdx+r9-0x2*0x20]
-        vinserti32x8 zmm17, zmm17, ymmword ptr [rdx+r13-0x2*0x20], 0x01
+        vinserti64x4 zmm17, zmm17, ymmword ptr [rdx+r13-0x2*0x20], 0x01
         vpunpcklqdq zmm12, zmm16, zmm17
         vpunpckhqdq zmm13, zmm16, zmm17
         vmovdqu32 ymm18, ymmword ptr [rdx+r10-0x2*0x20]
-        vinserti32x8 zmm18, zmm18, ymmword ptr [rdx+r14-0x2*0x20], 0x01
+        vinserti64x4 zmm18, zmm18, ymmword ptr [rdx+r14-0x2*0x20], 0x01
         vmovdqu32 ymm19, ymmword ptr [rdx+r11-0x2*0x20]
-        vinserti32x8 zmm19, zmm19, ymmword ptr [rdx+r15-0x2*0x20], 0x01
+        vinserti64x4 zmm19, zmm19, ymmword ptr [rdx+r15-0x2*0x20], 0x01
         vpunpcklqdq zmm14, zmm18, zmm19
         vpunpckhqdq zmm15, zmm18, zmm19
         vmovdqa32 zmm27, zmmword ptr [INDEX0+rip]
@@ -144,15 +158,15 @@ blake3_hash_many_avx512:
         mov     r14, qword ptr [rdi+0x50]
         mov     r15, qword ptr [rdi+0x58]
         vmovdqu32 ymm24, ymmword ptr [r8+rdx-0x1*0x20]
-        vinserti32x8 zmm24, zmm24, ymmword ptr [r12+rdx-0x1*0x20], 0x01
+        vinserti64x4 zmm24, zmm24, ymmword ptr [r12+rdx-0x1*0x20], 0x01
         vmovdqu32 ymm25, ymmword ptr [r9+rdx-0x1*0x20]
-        vinserti32x8 zmm25, zmm25, ymmword ptr [r13+rdx-0x1*0x20], 0x01
+        vinserti64x4 zmm25, zmm25, ymmword ptr [r13+rdx-0x1*0x20], 0x01
         vpunpcklqdq zmm8, zmm24, zmm25
         vpunpckhqdq zmm9, zmm24, zmm25
         vmovdqu32 ymm24, ymmword ptr [r10+rdx-0x1*0x20]
-        vinserti32x8 zmm24, zmm24, ymmword ptr [r14+rdx-0x1*0x20], 0x01
+        vinserti64x4 zmm24, zmm24, ymmword ptr [r14+rdx-0x1*0x20], 0x01
         vmovdqu32 ymm25, ymmword ptr [r11+rdx-0x1*0x20]
-        vinserti32x8 zmm25, zmm25, ymmword ptr [r15+rdx-0x1*0x20], 0x01
+        vinserti64x4 zmm25, zmm25, ymmword ptr [r15+rdx-0x1*0x20], 0x01
         vpunpcklqdq zmm10, zmm24, zmm25
         vpunpckhqdq zmm11, zmm24, zmm25
         prefetcht0 [r8+rdx+0x80]
@@ -172,15 +186,15 @@ blake3_hash_many_avx512:
         mov     r14, qword ptr [rdi+0x70]
         mov     r15, qword ptr [rdi+0x78]
         vmovdqu32 ymm24, ymmword ptr [r8+rdx-0x1*0x20]
-        vinserti32x8 zmm24, zmm24, ymmword ptr [r12+rdx-0x1*0x20], 0x01
+        vinserti64x4 zmm24, zmm24, ymmword ptr [r12+rdx-0x1*0x20], 0x01
         vmovdqu32 ymm25, ymmword ptr [r9+rdx-0x1*0x20]
-        vinserti32x8 zmm25, zmm25, ymmword ptr [r13+rdx-0x1*0x20], 0x01
+        vinserti64x4 zmm25, zmm25, ymmword ptr [r13+rdx-0x1*0x20], 0x01
         vpunpcklqdq zmm12, zmm24, zmm25
         vpunpckhqdq zmm13, zmm24, zmm25
         vmovdqu32 ymm24, ymmword ptr [r10+rdx-0x1*0x20]
-        vinserti32x8 zmm24, zmm24, ymmword ptr [r14+rdx-0x1*0x20], 0x01
+        vinserti64x4 zmm24, zmm24, ymmword ptr [r14+rdx-0x1*0x20], 0x01
         vmovdqu32 ymm25, ymmword ptr [r11+rdx-0x1*0x20]
-        vinserti32x8 zmm25, zmm25, ymmword ptr [r15+rdx-0x1*0x20], 0x01
+        vinserti64x4 zmm25, zmm25, ymmword ptr [r15+rdx-0x1*0x20], 0x01
         vpunpcklqdq zmm14, zmm24, zmm25
         vpunpckhqdq zmm15, zmm24, zmm25
         prefetcht0 [r8+rdx+0x80]
@@ -2039,7 +2053,7 @@ blake3_hash_many_avx512:
         vpermq  ymm14, ymm14, 0xDC
         vpermq  ymm15, ymm15, 0xDC
         vpbroadcastd zmm12, dword ptr [BLAKE3_BLOCK_LEN+rip]
-        vinserti32x8 zmm13, zmm14, ymm15, 0x01
+        vinserti64x4 zmm13, zmm14, ymm15, 0x01
         mov     eax, 17476
         kmovw   k2, eax
         vpblendmd zmm13 {k2}, zmm13, zmm12
@@ -2372,6 +2386,7 @@ blake3_hash_many_avx512:
 .p2align 6
 _blake3_compress_in_place_avx512:
 blake3_compress_in_place_avx512:
+        _CET_ENDBR
         vmovdqu xmm0, xmmword ptr [rdi]
         vmovdqu xmm1, xmmword ptr [rdi+0x10]
         movzx   eax, r8b
@@ -2454,6 +2469,7 @@ blake3_compress_in_place_avx512:
 .p2align 6
 _blake3_compress_xof_avx512:
 blake3_compress_xof_avx512:
+        _CET_ENDBR
         vmovdqu xmm0, xmmword ptr [rdi]
         vmovdqu xmm1, xmmword ptr [rdi+0x10]
         movzx   eax, r8b

data/ext/digest/blake3/blake3_avx512_x86-64_windows_gnu.S

@@ -96,15 +96,15 @@ blake3_hash_many_avx512:
         mov     r14, qword ptr [rdi+0x50]
         mov     r15, qword ptr [rdi+0x58]
         vmovdqu32 ymm16, ymmword ptr [rdx+r8-0x2*0x20]
-        vinserti32x8 zmm16, zmm16, ymmword ptr [rdx+r12-0x2*0x20], 0x01
+        vinserti64x4 zmm16, zmm16, ymmword ptr [rdx+r12-0x2*0x20], 0x01
         vmovdqu32 ymm17, ymmword ptr [rdx+r9-0x2*0x20]
-        vinserti32x8 zmm17, zmm17, ymmword ptr [rdx+r13-0x2*0x20], 0x01
+        vinserti64x4 zmm17, zmm17, ymmword ptr [rdx+r13-0x2*0x20], 0x01
         vpunpcklqdq zmm8, zmm16, zmm17
         vpunpckhqdq zmm9, zmm16, zmm17
         vmovdqu32 ymm18, ymmword ptr [rdx+r10-0x2*0x20]
-        vinserti32x8 zmm18, zmm18, ymmword ptr [rdx+r14-0x2*0x20], 0x01
+        vinserti64x4 zmm18, zmm18, ymmword ptr [rdx+r14-0x2*0x20], 0x01
         vmovdqu32 ymm19, ymmword ptr [rdx+r11-0x2*0x20]
-        vinserti32x8 zmm19, zmm19, ymmword ptr [rdx+r15-0x2*0x20], 0x01
+        vinserti64x4 zmm19, zmm19, ymmword ptr [rdx+r15-0x2*0x20], 0x01
         vpunpcklqdq zmm10, zmm18, zmm19
         vpunpckhqdq zmm11, zmm18, zmm19
         mov     r8, qword ptr [rdi+0x20]
@@ -116,15 +116,15 @@ blake3_hash_many_avx512:
         mov     r14, qword ptr [rdi+0x70]
         mov     r15, qword ptr [rdi+0x78]
         vmovdqu32 ymm16, ymmword ptr [rdx+r8-0x2*0x20]
-        vinserti32x8 zmm16, zmm16, ymmword ptr [rdx+r12-0x2*0x20], 0x01
+        vinserti64x4 zmm16, zmm16, ymmword ptr [rdx+r12-0x2*0x20], 0x01
         vmovdqu32 ymm17, ymmword ptr [rdx+r9-0x2*0x20]
-        vinserti32x8 zmm17, zmm17, ymmword ptr [rdx+r13-0x2*0x20], 0x01
+        vinserti64x4 zmm17, zmm17, ymmword ptr [rdx+r13-0x2*0x20], 0x01
         vpunpcklqdq zmm12, zmm16, zmm17
         vpunpckhqdq zmm13, zmm16, zmm17
         vmovdqu32 ymm18, ymmword ptr [rdx+r10-0x2*0x20]
-        vinserti32x8 zmm18, zmm18, ymmword ptr [rdx+r14-0x2*0x20], 0x01
+        vinserti64x4 zmm18, zmm18, ymmword ptr [rdx+r14-0x2*0x20], 0x01
         vmovdqu32 ymm19, ymmword ptr [rdx+r11-0x2*0x20]
-        vinserti32x8 zmm19, zmm19, ymmword ptr [rdx+r15-0x2*0x20], 0x01
+        vinserti64x4 zmm19, zmm19, ymmword ptr [rdx+r15-0x2*0x20], 0x01
         vpunpcklqdq zmm14, zmm18, zmm19
         vpunpckhqdq zmm15, zmm18, zmm19
         vmovdqa32 zmm27, zmmword ptr [INDEX0+rip]
@@ -158,15 +158,15 @@ blake3_hash_many_avx512:
         mov     r14, qword ptr [rdi+0x50]
         mov     r15, qword ptr [rdi+0x58]
         vmovdqu32 ymm24, ymmword ptr [r8+rdx-0x1*0x20]
-        vinserti32x8 zmm24, zmm24, ymmword ptr [r12+rdx-0x1*0x20], 0x01
+        vinserti64x4 zmm24, zmm24, ymmword ptr [r12+rdx-0x1*0x20], 0x01
         vmovdqu32 ymm25, ymmword ptr [r9+rdx-0x1*0x20]
-        vinserti32x8 zmm25, zmm25, ymmword ptr [r13+rdx-0x1*0x20], 0x01
+        vinserti64x4 zmm25, zmm25, ymmword ptr [r13+rdx-0x1*0x20], 0x01
         vpunpcklqdq zmm8, zmm24, zmm25
         vpunpckhqdq zmm9, zmm24, zmm25
         vmovdqu32 ymm24, ymmword ptr [r10+rdx-0x1*0x20]
-        vinserti32x8 zmm24, zmm24, ymmword ptr [r14+rdx-0x1*0x20], 0x01
+        vinserti64x4 zmm24, zmm24, ymmword ptr [r14+rdx-0x1*0x20], 0x01
         vmovdqu32 ymm25, ymmword ptr [r11+rdx-0x1*0x20]
-        vinserti32x8 zmm25, zmm25, ymmword ptr [r15+rdx-0x1*0x20], 0x01
+        vinserti64x4 zmm25, zmm25, ymmword ptr [r15+rdx-0x1*0x20], 0x01
         vpunpcklqdq zmm10, zmm24, zmm25
         vpunpckhqdq zmm11, zmm24, zmm25
         prefetcht0 [r8+rdx+0x80]
@@ -186,15 +186,15 @@ blake3_hash_many_avx512:
         mov     r14, qword ptr [rdi+0x70]
         mov     r15, qword ptr [rdi+0x78]
         vmovdqu32 ymm24, ymmword ptr [r8+rdx-0x1*0x20]
-        vinserti32x8 zmm24, zmm24, ymmword ptr [r12+rdx-0x1*0x20], 0x01
+        vinserti64x4 zmm24, zmm24, ymmword ptr [r12+rdx-0x1*0x20], 0x01
         vmovdqu32 ymm25, ymmword ptr [r9+rdx-0x1*0x20]
-        vinserti32x8 zmm25, zmm25, ymmword ptr [r13+rdx-0x1*0x20], 0x01
+        vinserti64x4 zmm25, zmm25, ymmword ptr [r13+rdx-0x1*0x20], 0x01
         vpunpcklqdq zmm12, zmm24, zmm25
         vpunpckhqdq zmm13, zmm24, zmm25
         vmovdqu32 ymm24, ymmword ptr [r10+rdx-0x1*0x20]
-        vinserti32x8 zmm24, zmm24, ymmword ptr [r14+rdx-0x1*0x20], 0x01
+        vinserti64x4 zmm24, zmm24, ymmword ptr [r14+rdx-0x1*0x20], 0x01
         vmovdqu32 ymm25, ymmword ptr [r11+rdx-0x1*0x20]
-        vinserti32x8 zmm25, zmm25, ymmword ptr [r15+rdx-0x1*0x20], 0x01
+        vinserti64x4 zmm25, zmm25, ymmword ptr [r15+rdx-0x1*0x20], 0x01
         vpunpcklqdq zmm14, zmm24, zmm25
         vpunpckhqdq zmm15, zmm24, zmm25
         prefetcht0 [r8+rdx+0x80]
@@ -2065,7 +2065,7 @@ blake3_hash_many_avx512:
         vpermq  ymm14, ymm14, 0xDC
         vpermq  ymm15, ymm15, 0xDC
         vpbroadcastd zmm12, dword ptr [BLAKE3_BLOCK_LEN+rip]
-        vinserti32x8 zmm13, zmm14, ymm15, 0x01
+        vinserti64x4 zmm13, zmm14, ymm15, 0x01
         mov     eax, 17476
         kmovw   k2, eax
         vpblendmd zmm13 {k2}, zmm13, zmm12

data/ext/digest/blake3/blake3_avx512_x86-64_windows_msvc.asm

@@ -99,15 +99,15 @@ innerloop16:
         mov     r14, qword ptr [rdi+50H]
         mov     r15, qword ptr [rdi+58H]
         vmovdqu32 ymm16, ymmword ptr [rdx+r8-2H*20H]
-        vinserti32x8 zmm16, zmm16, ymmword ptr [rdx+r12-2H*20H], 01H
+        vinserti64x4 zmm16, zmm16, ymmword ptr [rdx+r12-2H*20H], 01H
         vmovdqu32 ymm17, ymmword ptr [rdx+r9-2H*20H]
-        vinserti32x8 zmm17, zmm17, ymmword ptr [rdx+r13-2H*20H], 01H
+        vinserti64x4 zmm17, zmm17, ymmword ptr [rdx+r13-2H*20H], 01H
         vpunpcklqdq zmm8, zmm16, zmm17
         vpunpckhqdq zmm9, zmm16, zmm17
         vmovdqu32 ymm18, ymmword ptr [rdx+r10-2H*20H]
-        vinserti32x8 zmm18, zmm18, ymmword ptr [rdx+r14-2H*20H], 01H
+        vinserti64x4 zmm18, zmm18, ymmword ptr [rdx+r14-2H*20H], 01H
         vmovdqu32 ymm19, ymmword ptr [rdx+r11-2H*20H]
-        vinserti32x8 zmm19, zmm19, ymmword ptr [rdx+r15-2H*20H], 01H
+        vinserti64x4 zmm19, zmm19, ymmword ptr [rdx+r15-2H*20H], 01H
         vpunpcklqdq zmm10, zmm18, zmm19
         vpunpckhqdq zmm11, zmm18, zmm19
         mov     r8, qword ptr [rdi+20H]
@@ -119,15 +119,15 @@ innerloop16:
         mov     r14, qword ptr [rdi+70H]
         mov     r15, qword ptr [rdi+78H]
         vmovdqu32 ymm16, ymmword ptr [rdx+r8-2H*20H]
-        vinserti32x8 zmm16, zmm16, ymmword ptr [rdx+r12-2H*20H], 01H
+        vinserti64x4 zmm16, zmm16, ymmword ptr [rdx+r12-2H*20H], 01H
         vmovdqu32 ymm17, ymmword ptr [rdx+r9-2H*20H]
-        vinserti32x8 zmm17, zmm17, ymmword ptr [rdx+r13-2H*20H], 01H
+        vinserti64x4 zmm17, zmm17, ymmword ptr [rdx+r13-2H*20H], 01H
         vpunpcklqdq zmm12, zmm16, zmm17
         vpunpckhqdq zmm13, zmm16, zmm17
         vmovdqu32 ymm18, ymmword ptr [rdx+r10-2H*20H]
-        vinserti32x8 zmm18, zmm18, ymmword ptr [rdx+r14-2H*20H], 01H
+        vinserti64x4 zmm18, zmm18, ymmword ptr [rdx+r14-2H*20H], 01H
         vmovdqu32 ymm19, ymmword ptr [rdx+r11-2H*20H]
-        vinserti32x8 zmm19, zmm19, ymmword ptr [rdx+r15-2H*20H], 01H
+        vinserti64x4 zmm19, zmm19, ymmword ptr [rdx+r15-2H*20H], 01H
         vpunpcklqdq zmm14, zmm18, zmm19
         vpunpckhqdq zmm15, zmm18, zmm19
         vmovdqa32 zmm27, zmmword ptr [INDEX0]
@@ -161,15 +161,15 @@ innerloop16:
         mov     r14, qword ptr [rdi+50H]
         mov     r15, qword ptr [rdi+58H]
         vmovdqu32 ymm24, ymmword ptr [r8+rdx-1H*20H]
-        vinserti32x8 zmm24, zmm24, ymmword ptr [r12+rdx-1H*20H], 01H
+        vinserti64x4 zmm24, zmm24, ymmword ptr [r12+rdx-1H*20H], 01H
         vmovdqu32 ymm25, ymmword ptr [r9+rdx-1H*20H]
-        vinserti32x8 zmm25, zmm25, ymmword ptr [r13+rdx-1H*20H], 01H
+        vinserti64x4 zmm25, zmm25, ymmword ptr [r13+rdx-1H*20H], 01H
         vpunpcklqdq zmm8, zmm24, zmm25
         vpunpckhqdq zmm9, zmm24, zmm25
         vmovdqu32 ymm24, ymmword ptr [r10+rdx-1H*20H]
-        vinserti32x8 zmm24, zmm24, ymmword ptr [r14+rdx-1H*20H], 01H
+        vinserti64x4 zmm24, zmm24, ymmword ptr [r14+rdx-1H*20H], 01H
         vmovdqu32 ymm25, ymmword ptr [r11+rdx-1H*20H]
-        vinserti32x8 zmm25, zmm25, ymmword ptr [r15+rdx-1H*20H], 01H
+        vinserti64x4 zmm25, zmm25, ymmword ptr [r15+rdx-1H*20H], 01H
         vpunpcklqdq zmm10, zmm24, zmm25
         vpunpckhqdq zmm11, zmm24, zmm25
         prefetcht0 byte ptr [r8+rdx+80H]
@@ -189,15 +189,15 @@ innerloop16:
         mov     r14, qword ptr [rdi+70H]
         mov     r15, qword ptr [rdi+78H]
         vmovdqu32 ymm24, ymmword ptr [r8+rdx-1H*20H]
-        vinserti32x8 zmm24, zmm24, ymmword ptr [r12+rdx-1H*20H], 01H
+        vinserti64x4 zmm24, zmm24, ymmword ptr [r12+rdx-1H*20H], 01H
         vmovdqu32 ymm25, ymmword ptr [r9+rdx-1H*20H]
-        vinserti32x8 zmm25, zmm25, ymmword ptr [r13+rdx-1H*20H], 01H
+        vinserti64x4 zmm25, zmm25, ymmword ptr [r13+rdx-1H*20H], 01H
         vpunpcklqdq zmm12, zmm24, zmm25
         vpunpckhqdq zmm13, zmm24, zmm25
         vmovdqu32 ymm24, ymmword ptr [r10+rdx-1H*20H]
-        vinserti32x8 zmm24, zmm24, ymmword ptr [r14+rdx-1H*20H], 01H
+        vinserti64x4 zmm24, zmm24, ymmword ptr [r14+rdx-1H*20H], 01H
         vmovdqu32 ymm25, ymmword ptr [r11+rdx-1H*20H]
-        vinserti32x8 zmm25, zmm25, ymmword ptr [r15+rdx-1H*20H], 01H
+        vinserti64x4 zmm25, zmm25, ymmword ptr [r15+rdx-1H*20H], 01H
         vpunpcklqdq zmm14, zmm24, zmm25
         vpunpckhqdq zmm15, zmm24, zmm25
         prefetcht0 byte  ptr [r8+rdx+80H]
@@ -2073,7 +2073,7 @@ final7blocks:
         vpermq  ymm14, ymm14, 0DCH
         vpermq  ymm15, ymm15, 0DCH
         vpbroadcastd zmm12, dword ptr [BLAKE3_BLOCK_LEN]
-        vinserti32x8 zmm13, zmm14, ymm15, 01H
+        vinserti64x4 zmm13, zmm14, ymm15, 01H
         mov     eax, 17476
         kmovw   k2, eax
         vpblendmd zmm13 {k2}, zmm13, zmm12