/src/gmp/mpn/gcdext_lehmer.c

Source
/* mpn_gcdext -- Extended Greatest Common Divisor.

Copyright 1996, 1998, 2000-2005, 2008, 2009, 2012 Free Software Foundation,
Inc.

This file is part of the GNU MP Library.

The GNU MP Library is free software; you can redistribute it and/or modify
it under the terms of either:

  * the GNU Lesser General Public License as published by the Free
    Software Foundation; either version 3 of the License, or (at your
    option) any later version.

or

  * the GNU General Public License as published by the Free Software
    Foundation; either version 2 of the License, or (at your option) any
    later version.

or both in parallel, as here.

The GNU MP Library is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
for more details.

You should have received copies of the GNU General Public License and the
GNU Lesser General Public License along with the GNU MP Library.  If not,
see https://www.gnu.org/licenses/.  */

#include "gmp-impl.h"
#include "longlong.h"

/* Here, d is the index of the cofactor to update. FIXME: Could use qn
   = 0 for the common case q = 1. */
void
mpn_gcdext_hook (void *p, mp_srcptr gp, mp_size_t gn,
     mp_srcptr qp, mp_size_t qn, int d)
{
  struct gcdext_ctx *ctx = (struct gcdext_ctx *) p;
  mp_size_t un = ctx->un;

  if (gp)
    {
      mp_srcptr up;

      ASSERT (gn > 0);
      ASSERT (gp[gn-1] > 0);

      MPN_COPY (ctx->gp, gp, gn);
      ctx->gn = gn;

      if (d < 0)
  {
    int c;

    /* Must return the smallest cofactor, +u1 or -u0 */
    MPN_CMP (c, ctx->u0, ctx->u1, un);
    ASSERT (c != 0 || (un == 1 && ctx->u0[0] == 1 && ctx->u1[0] == 1));

    d = c < 0;
  }

      up = d ? ctx->u0 : ctx->u1;

      MPN_NORMALIZE (up, un);
      MPN_COPY (ctx->up, up, un);

      *ctx->usize = d ? -un : un;
    }
  else
    {
      mp_limb_t cy;
      mp_ptr u0 = ctx->u0;
      mp_ptr u1 = ctx->u1;

      ASSERT (d >= 0);

      if (d)
  MP_PTR_SWAP (u0, u1);

      qn -= (qp[qn-1] == 0);

      /* Update u0 += q  * u1 */
      if (qn == 1)
  {
    mp_limb_t q = qp[0];

    if (q == 1)
      /* A common case. */
      cy = mpn_add_n (u0, u0, u1, un);
    else
      cy = mpn_addmul_1 (u0, u1, un, q);
  }
      else
  {
    mp_size_t u1n;
    mp_ptr tp;

    u1n = un;
    MPN_NORMALIZE (u1, u1n);

    if (u1n == 0)
      return;

    /* Should always have u1n == un here, and u1 >= u0. The
       reason is that we alternate adding u0 to u1 and u1 to u0
       (corresponding to subtractions a - b and b - a), and we
       can get a large quotient only just after a switch, which
       means that we'll add (a multiple of) the larger u to the
       smaller. */

    tp = ctx->tp;

    if (qn > u1n)
      mpn_mul (tp, qp, qn, u1, u1n);
    else
      mpn_mul (tp, u1, u1n, qp, qn);

    u1n += qn;
    u1n -= tp[u1n-1] == 0;

    if (u1n >= un)
      {
        cy = mpn_add (u0, tp, u1n, u0, un);
        un = u1n;
      }
    else
      /* Note: Unlikely case, maybe never happens? */
      cy = mpn_add (u0, u0, un, tp, u1n);

  }
      u0[un] = cy;
      ctx->un = un + (cy > 0);
    }
}

/* Temporary storage: 3*(n+1) for u. If hgcd2 succeeds, we need n for
   the matrix-vector multiplication adjusting a, b. If hgcd fails, we
   need at most n for the quotient and n+1 for the u update (reusing
   the extra u). In all, 4n + 3. */

mp_size_t
mpn_gcdext_lehmer_n (mp_ptr gp, mp_ptr up, mp_size_t *usize,
         mp_ptr ap, mp_ptr bp, mp_size_t n,
         mp_ptr tp)
{
  mp_size_t ualloc = n + 1;

  /* Keeps track of the second row of the reduction matrix
   *
   *   M = (v0, v1 ; u0, u1)
   *
   * which correspond to the first column of the inverse
   *
   *   M^{-1} = (u1, -v1; -u0, v0)
   *
   * This implies that
   *
   *   a =  u1 A (mod B)
   *   b = -u0 A (mod B)
   *
   * where A, B denotes the input values.
   */

  struct gcdext_ctx ctx;
  mp_size_t un;
  mp_ptr u0;
  mp_ptr u1;
  mp_ptr u2;

  MPN_ZERO (tp, 3*ualloc);
  u0 = tp; tp += ualloc;
  u1 = tp; tp += ualloc;
  u2 = tp; tp += ualloc;

  u1[0] = 1; un = 1;

  ctx.gp = gp;
  ctx.up = up;
  ctx.usize = usize;

  /* FIXME: Handle n == 2 differently, after the loop? */
  while (n >= 2)
    {
      struct hgcd_matrix1 M;
      mp_limb_t ah, al, bh, bl;
      mp_limb_t mask;

      mask = ap[n-1] | bp[n-1];
      ASSERT (mask > 0);

      if (mask & GMP_NUMB_HIGHBIT)
  {
    ah = ap[n-1]; al = ap[n-2];
    bh = bp[n-1]; bl = bp[n-2];
  }
      else if (n == 2)
  {
    /* We use the full inputs without truncation, so we can
       safely shift left. */
    int shift;

    count_leading_zeros (shift, mask);
    ah = MPN_EXTRACT_NUMB (shift, ap[1], ap[0]);
    al = ap[0] << shift;
    bh = MPN_EXTRACT_NUMB (shift, bp[1], bp[0]);
    bl = bp[0] << shift;
  }
      else
  {
    int shift;

    count_leading_zeros (shift, mask);
    ah = MPN_EXTRACT_NUMB (shift, ap[n-1], ap[n-2]);
    al = MPN_EXTRACT_NUMB (shift, ap[n-2], ap[n-3]);
    bh = MPN_EXTRACT_NUMB (shift, bp[n-1], bp[n-2]);
    bl = MPN_EXTRACT_NUMB (shift, bp[n-2], bp[n-3]);
  }

      /* Try an mpn_nhgcd2 step */
      if (mpn_hgcd2 (ah, al, bh, bl, &M))
  {
    n = mpn_matrix22_mul1_inverse_vector (&M, tp, ap, bp, n);
    MP_PTR_SWAP (ap, tp);
    un = mpn_hgcd_mul_matrix1_vector(&M, u2, u0, u1, un);
    MP_PTR_SWAP (u0, u2);
  }
      else
  {
    /* mpn_hgcd2 has failed. Then either one of a or b is very
       small, or the difference is very small. Perform one
       subtraction followed by one division. */
    ctx.u0 = u0;
    ctx.u1 = u1;
    ctx.tp = u2;
    ctx.un = un;

    /* Temporary storage n for the quotient and ualloc for the
       new cofactor. */
    n = mpn_gcd_subdiv_step (ap, bp, n, 0, mpn_gcdext_hook, &ctx, tp);
    if (n == 0)
      return ctx.gn;

    un = ctx.un;
  }
    }
  ASSERT_ALWAYS (ap[0] > 0);
  ASSERT_ALWAYS (bp[0] > 0);

  if (ap[0] == bp[0])
    {
      int c;

      /* Which cofactor to return now? Candidates are +u1 and -u0,
   depending on which of a and b was most recently reduced,
   which we don't keep track of. So compare and get the smallest
   one. */

      gp[0] = ap[0];

      MPN_CMP (c, u0, u1, un);
      ASSERT (c != 0 || (un == 1 && u0[0] == 1 && u1[0] == 1));
      if (c < 0)
  {
    MPN_NORMALIZE (u0, un);
    MPN_COPY (up, u0, un);
    *usize = -un;
  }
      else
  {
    MPN_NORMALIZE_NOT_ZERO (u1, un);
    MPN_COPY (up, u1, un);
    *usize = un;
  }
      return 1;
    }
  else
    {
      mp_limb_t uh, vh;
      mp_limb_signed_t u;
      mp_limb_signed_t v;
      int negate;

      gp[0] = mpn_gcdext_1 (&u, &v, ap[0], bp[0]);

      /* Set up = u u1 - v u0. Keep track of size, un grows by one or
   two limbs. */

      if (u == 0)
  {
    ASSERT (v == 1);
    MPN_NORMALIZE (u0, un);
    MPN_COPY (up, u0, un);
    *usize = -un;
    return 1;
  }
      else if (v == 0)
  {
    ASSERT (u == 1);
    MPN_NORMALIZE (u1, un);
    MPN_COPY (up, u1, un);
    *usize = un;
    return 1;
  }
      else if (u > 0)
  {
    negate = 0;
    ASSERT (v < 0);
    v = -v;
  }
      else
  {
    negate = 1;
    ASSERT (v > 0);
    u = -u;
  }

      uh = mpn_mul_1 (up, u1, un, u);
      vh = mpn_addmul_1 (up, u0, un, v);

      if ( (uh | vh) > 0)
  {
    uh += vh;
    up[un++] = uh;
    if (uh < vh)
      up[un++] = 1;
  }

      MPN_NORMALIZE_NOT_ZERO (up, un);

      *usize = negate ? -un : un;
      return 1;
    }
}

Coverage Report

Created: 2026-06-08 06:48

Line	Count	Source
1		/* mpn_gcdext -- Extended Greatest Common Divisor.
2
3		Copyright 1996, 1998, 2000-2005, 2008, 2009, 2012 Free Software Foundation,
4		Inc.
5
6		This file is part of the GNU MP Library.
7
8		The GNU MP Library is free software; you can redistribute it and/or modify
9		it under the terms of either:
10
11		* the GNU Lesser General Public License as published by the Free
12		Software Foundation; either version 3 of the License, or (at your
13		option) any later version.
14
15		or
16
17		* the GNU General Public License as published by the Free Software
18		Foundation; either version 2 of the License, or (at your option) any
19		later version.
20
21		or both in parallel, as here.
22
23		The GNU MP Library is distributed in the hope that it will be useful, but
24		WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
25		or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
26		for more details.
27
28		You should have received copies of the GNU General Public License and the
29		GNU Lesser General Public License along with the GNU MP Library. If not,
30		see https://www.gnu.org/licenses/. */
31
32		#include "gmp-impl.h"
33		#include "longlong.h"
34
35		/* Here, d is the index of the cofactor to update. FIXME: Could use qn
36		= 0 for the common case q = 1. */
37		void
38		mpn_gcdext_hook (void *p, mp_srcptr gp, mp_size_t gn,
39		mp_srcptr qp, mp_size_t qn, int d)
40	17.1k	{
41	17.1k	struct gcdext_ctx ctx = (struct gcdext_ctx ) p;
42	17.1k	mp_size_t un = ctx->un;
43
44	17.1k	if (gp)
45	394	{
46	394	mp_srcptr up;
47
48	394	ASSERT (gn > 0);
49	394	ASSERT (gp[gn-1] > 0);
50
51	394	MPN_COPY (ctx->gp, gp, gn);
52	394	ctx->gn = gn;
53
54	394	if (d < 0)
55	208	{
56	208	int c;
57
58		/* Must return the smallest cofactor, +u1 or -u0 */
59	208	MPN_CMP (c, ctx->u0, ctx->u1, un);
60	208	ASSERT (c != 0 \|\| (un == 1 && ctx->u0[0] == 1 && ctx->u1[0] == 1));
61
62	208	d = c < 0;
63	208	}
64
65	394	up = d ? ctx->u0 : ctx->u1;
66
67	394	MPN_NORMALIZE (up, un);
68	394	MPN_COPY (ctx->up, up, un);
69
70	394	*ctx->usize = d ? -un : un;
71	394	}
72	16.7k	else
73	16.7k	{
74	16.7k	mp_limb_t cy;
75	16.7k	mp_ptr u0 = ctx->u0;
76	16.7k	mp_ptr u1 = ctx->u1;
77
78	16.7k	ASSERT (d >= 0);
79
80	16.7k	if (d)
81	7.75k	MP_PTR_SWAP (u0, u1);
82
83	16.7k	qn -= (qp[qn-1] == 0);
84
85		/* Update u0 += q * u1 */
86	16.7k	if (qn == 1)
87	10.7k	{
88	10.7k	mp_limb_t q = qp[0];
89
90	10.7k	if (q == 1)
91		/* A common case. */
92	8.45k	cy = mpn_add_n (u0, u0, u1, un);
93	2.32k	else
94	2.32k	cy = mpn_addmul_1 (u0, u1, un, q);
95	10.7k	}
96	5.93k	else
97	5.93k	{
98	5.93k	mp_size_t u1n;
99	5.93k	mp_ptr tp;
100
101	5.93k	u1n = un;
102	5.93k	MPN_NORMALIZE (u1, u1n);
103
104	5.93k	if (u1n == 0)
105	0	return;
106
107		/* Should always have u1n == un here, and u1 >= u0. The
108		reason is that we alternate adding u0 to u1 and u1 to u0
109		(corresponding to subtractions a - b and b - a), and we
110		can get a large quotient only just after a switch, which
111		means that we'll add (a multiple of) the larger u to the
112		smaller. */
113
114	5.93k	tp = ctx->tp;
115
116	5.93k	if (qn > u1n)
117	1.68k	mpn_mul (tp, qp, qn, u1, u1n);
118	4.25k	else
119	4.25k	mpn_mul (tp, u1, u1n, qp, qn);
120
121	5.93k	u1n += qn;
122	5.93k	u1n -= tp[u1n-1] == 0;
123
124	5.93k	if (u1n >= un)
125	5.93k	{
126	5.93k	cy = mpn_add (u0, tp, u1n, u0, un);
127	5.93k	un = u1n;
128	5.93k	}
129	0	else
130		/* Note: Unlikely case, maybe never happens? */
131	0	cy = mpn_add (u0, u0, un, tp, u1n);
132
133	5.93k	}
134	16.7k	u0[un] = cy;
135	16.7k	ctx->un = un + (cy > 0);
136	16.7k	}
137	17.1k	}
138
139		/* Temporary storage: 3*(n+1) for u. If hgcd2 succeeds, we need n for
140		the matrix-vector multiplication adjusting a, b. If hgcd fails, we
141		need at most n for the quotient and n+1 for the u update (reusing
142		the extra u). In all, 4n + 3. */
143
144		mp_size_t
145		mpn_gcdext_lehmer_n (mp_ptr gp, mp_ptr up, mp_size_t *usize,
146		mp_ptr ap, mp_ptr bp, mp_size_t n,
147		mp_ptr tp)
148	27.0k	{
149	27.0k	mp_size_t ualloc = n + 1;
150
151		/* Keeps track of the second row of the reduction matrix
152		*
153		* M = (v0, v1 ; u0, u1)
154		*
155		* which correspond to the first column of the inverse
156		*
157		* M^{-1} = (u1, -v1; -u0, v0)
158		*
159		* This implies that
160		*
161		* a = u1 A (mod B)
162		* b = -u0 A (mod B)
163		*
164		* where A, B denotes the input values.
165		*/
166
167	27.0k	struct gcdext_ctx ctx;
168	27.0k	mp_size_t un;
169	27.0k	mp_ptr u0;
170	27.0k	mp_ptr u1;
171	27.0k	mp_ptr u2;
172
173	27.0k	MPN_ZERO (tp, 3*ualloc);
174	27.0k	u0 = tp; tp += ualloc;
175	27.0k	u1 = tp; tp += ualloc;
176	27.0k	u2 = tp; tp += ualloc;
177
178	27.0k	u1[0] = 1; un = 1;
179
180	27.0k	ctx.gp = gp;
181	27.0k	ctx.up = up;
182	27.0k	ctx.usize = usize;
183
184		/* FIXME: Handle n == 2 differently, after the loop? */
185	499k	while (n >= 2)
186	472k	{
187	472k	struct hgcd_matrix1 M;
188	472k	mp_limb_t ah, al, bh, bl;
189	472k	mp_limb_t mask;
190
191	472k	mask = ap[n-1] \| bp[n-1];
192	472k	ASSERT (mask > 0);
193
194	472k	if (mask & GMP_NUMB_HIGHBIT)
195	18.4k	{
196	18.4k	ah = ap[n-1]; al = ap[n-2];
197	18.4k	bh = bp[n-1]; bl = bp[n-2];
198	18.4k	}
199	454k	else if (n == 2)
200	24.2k	{
201		/* We use the full inputs without truncation, so we can
202		safely shift left. */
203	24.2k	int shift;
204
205	24.2k	count_leading_zeros (shift, mask);
206	24.2k	ah = MPN_EXTRACT_NUMB (shift, ap[1], ap[0]);
207	24.2k	al = ap[0] << shift;
208	24.2k	bh = MPN_EXTRACT_NUMB (shift, bp[1], bp[0]);
209	24.2k	bl = bp[0] << shift;
210	24.2k	}
211	429k	else
212	429k	{
213	429k	int shift;
214
215	429k	count_leading_zeros (shift, mask);
216	429k	ah = MPN_EXTRACT_NUMB (shift, ap[n-1], ap[n-2]);
217	429k	al = MPN_EXTRACT_NUMB (shift, ap[n-2], ap[n-3]);
218	429k	bh = MPN_EXTRACT_NUMB (shift, bp[n-1], bp[n-2]);
219	429k	bl = MPN_EXTRACT_NUMB (shift, bp[n-2], bp[n-3]);
220	429k	}
221
222		/* Try an mpn_nhgcd2 step */
223	472k	if (mpn_hgcd2 (ah, al, bh, bl, &M))
224	463k	{
225	463k	n = mpn_matrix22_mul1_inverse_vector (&M, tp, ap, bp, n);
226	463k	MP_PTR_SWAP (ap, tp);
227	463k	un = mpn_hgcd_mul_matrix1_vector(&M, u2, u0, u1, un);
228	463k	MP_PTR_SWAP (u0, u2);
229	463k	}
230	8.66k	else
231	8.66k	{
232		/* mpn_hgcd2 has failed. Then either one of a or b is very
233		small, or the difference is very small. Perform one
234		subtraction followed by one division. */
235	8.66k	ctx.u0 = u0;
236	8.66k	ctx.u1 = u1;
237	8.66k	ctx.tp = u2;
238	8.66k	ctx.un = un;
239
240		/* Temporary storage n for the quotient and ualloc for the
241		new cofactor. */
242	8.66k	n = mpn_gcd_subdiv_step (ap, bp, n, 0, mpn_gcdext_hook, &ctx, tp);
243	8.66k	if (n == 0)
244	394	return ctx.gn;
245
246	8.26k	un = ctx.un;
247	8.26k	}
248	472k	}
249	26.6k	ASSERT_ALWAYS (ap[0] > 0);
250	26.6k	ASSERT_ALWAYS (bp[0] > 0);
251
252	26.6k	if (ap[0] == bp[0])
253	986	{
254	986	int c;
255
256		/* Which cofactor to return now? Candidates are +u1 and -u0,
257		depending on which of a and b was most recently reduced,
258		which we don't keep track of. So compare and get the smallest
259		one. */
260
261	986	gp[0] = ap[0];
262
263	986	MPN_CMP (c, u0, u1, un);
264	986	ASSERT (c != 0 \|\| (un == 1 && u0[0] == 1 && u1[0] == 1));
265	986	if (c < 0)
266	511	{
267	511	MPN_NORMALIZE (u0, un);
268	511	MPN_COPY (up, u0, un);
269	511	*usize = -un;
270	511	}
271	475	else
272	475	{
273	475	MPN_NORMALIZE_NOT_ZERO (u1, un);
274	475	MPN_COPY (up, u1, un);
275	475	*usize = un;
276	475	}
277	986	return 1;
278	986	}
279	25.6k	else
280	25.6k	{
281	25.6k	mp_limb_t uh, vh;
282	25.6k	mp_limb_signed_t u;
283	25.6k	mp_limb_signed_t v;
284	25.6k	int negate;
285
286	25.6k	gp[0] = mpn_gcdext_1 (&u, &v, ap[0], bp[0]);
287
288		/* Set up = u u1 - v u0. Keep track of size, un grows by one or
289		two limbs. */
290
291	25.6k	if (u == 0)
292	77	{
293	77	ASSERT (v == 1);
294	77	MPN_NORMALIZE (u0, un);
295	77	MPN_COPY (up, u0, un);
296	77	*usize = -un;
297	77	return 1;
298	77	}
299	25.6k	else if (v == 0)
300	331	{
301	331	ASSERT (u == 1);
302	331	MPN_NORMALIZE (u1, un);
303	331	MPN_COPY (up, u1, un);
304	331	*usize = un;
305	331	return 1;
306	331	}
307	25.2k	else if (u > 0)
308	18.5k	{
309	18.5k	negate = 0;
310	18.5k	ASSERT (v < 0);
311	18.5k	v = -v;
312	18.5k	}
313	6.74k	else
314	6.74k	{
315	6.74k	negate = 1;
316	6.74k	ASSERT (v > 0);
317	6.74k	u = -u;
318	6.74k	}
319
320	25.2k	uh = mpn_mul_1 (up, u1, un, u);
321	25.2k	vh = mpn_addmul_1 (up, u0, un, v);
322
323	25.2k	if ( (uh \| vh) > 0)
324	4.18k	{
325	4.18k	uh += vh;
326	4.18k	up[un++] = uh;
327	4.18k	if (uh < vh)
328	0	up[un++] = 1;
329	4.18k	}
330
331	25.2k	MPN_NORMALIZE_NOT_ZERO (up, un);
332
333	25.2k	*usize = negate ? -un : un;
334	25.2k	return 1;
335	25.6k	}
336	26.6k	}