Code coverage tests

This page documents the degree to which the PARI/GP source code is tested by our public test suite, distributed with the source distribution in directory src/test/. This is measured by the gcov utility; we then process gcov output using the lcov frond-end.

We test a few variants depending on Configure flags on the pari.math.u-bordeaux.fr machine (x86_64 architecture), and agregate them in the final report:

The target is to exceed 90% coverage for all mathematical modules (given that branches depending on DEBUGLEVEL or DEBUGMEM are not covered). This script is run to produce the results below.

LCOV - code coverage report
Current view: top level - basemath - FlxqE.c (source / functions) Hit Total Coverage
Test: PARI/GP v2.12.0 lcov report (development 23036-b751c0af5) Lines: 909 936 97.1 %
Date: 2018-09-26 05:46:06 Functions: 95 96 99.0 %
Legend: Lines: hit not hit

          Line data    Source code
       1             : /* Copyright (C) 2012  The PARI group.
       2             : 
       3             : This file is part of the PARI/GP package.
       4             : 
       5             : PARI/GP is free software; you can redistribute it and/or modify it under the
       6             : terms of the GNU General Public License as published by the Free Software
       7             : Foundation. It is distributed in the hope that it will be useful, but WITHOUT
       8             : ANY WARRANTY WHATSOEVER.
       9             : 
      10             : Check the License for details. You should have received a copy of it, along
      11             : with the package; see the file 'COPYING'. If not, write to the Free Software
      12             : Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */
      13             : 
      14             : #include "pari.h"
      15             : #include "paripriv.h"
      16             : 
      17             : /* Not so fast arithmetic with points over elliptic curves over Fq,
      18             : small characteristic. */
      19             : 
      20             : /***********************************************************************/
      21             : /**                                                                   **/
      22             : /**                              FlxqE                                **/
      23             : /**                                                                   **/
      24             : /***********************************************************************/
      25             : 
      26             : /* Theses functions deal with point over elliptic curves over Fq defined
      27             :  * by an equation of the form y^2=x^3+a4*x+a6.
      28             :  * Most of the time a6 is omitted since it can be recovered from any point
      29             :  * on the curve.
      30             :  */
      31             : 
      32             : GEN
      33       63938 : RgE_to_FlxqE(GEN x, GEN T, ulong p)
      34             : {
      35       63938 :   if (ell_is_inf(x)) return x;
      36       63938 :   retmkvec2(Rg_to_Flxq(gel(x,1),T,p),Rg_to_Flxq(gel(x,2),T,p));
      37             : }
      38             : 
      39             : GEN
      40      154181 : FlxqE_changepoint(GEN x, GEN ch, GEN T, ulong p)
      41             : {
      42      154181 :   pari_sp av = avma;
      43             :   GEN p1,z,u,r,s,t,v,v2,v3;
      44      154181 :   if (ell_is_inf(x)) return x;
      45       91993 :   u = gel(ch,1); r = gel(ch,2);
      46       91993 :   s = gel(ch,3); t = gel(ch,4);
      47       91993 :   v = Flxq_inv(u, T, p); v2 = Flxq_sqr(v, T, p); v3 = Flxq_mul(v,v2, T, p);
      48       91993 :   p1 = Flx_sub(gel(x,1),r, p);
      49       91993 :   z = cgetg(3,t_VEC);
      50       91993 :   gel(z,1) = Flxq_mul(v2, p1, T, p);
      51       91993 :   gel(z,2) = Flxq_mul(v3, Flx_sub(gel(x,2), Flx_add(Flxq_mul(s, p1, T, p),t, p), p), T, p);
      52       91993 :   return gerepileupto(av, z);
      53             : }
      54             : 
      55             : GEN
      56       63938 : FlxqE_changepointinv(GEN x, GEN ch, GEN T, ulong p)
      57             : {
      58             :   GEN u, r, s, t, X, Y, u2, u3, u2X, z;
      59       63938 :   if (ell_is_inf(x)) return x;
      60       63938 :   X = gel(x,1); Y = gel(x,2);
      61       63938 :   u = gel(ch,1); r = gel(ch,2);
      62       63938 :   s = gel(ch,3); t = gel(ch,4);
      63       63938 :   u2 = Flxq_sqr(u, T, p); u3 = Flxq_mul(u,u2, T, p);
      64       63938 :   u2X = Flxq_mul(u2,X, T, p);
      65       63938 :   z = cgetg(3, t_VEC);
      66       63938 :   gel(z,1) = Flx_add(u2X,r, p);
      67       63938 :   gel(z,2) = Flx_add(Flxq_mul(u3,Y, T, p), Flx_add(Flxq_mul(s,u2X, T, p), t, p), p);
      68       63938 :   return z;
      69             : }
      70             : 
      71             : static GEN
      72       22834 : nonsquare_Flxq(GEN T, ulong p)
      73             : {
      74       22834 :   pari_sp av = avma;
      75       22834 :   long n = degpol(T), vs = T[1];
      76             :   GEN a;
      77       22834 :   if (odd(n))
      78        7686 :     return mkvecsmall2(vs, nonsquare_Fl(p));
      79             :   do
      80             :   {
      81       30016 :     set_avma(av);
      82       30016 :     a = random_Flx(n, vs, p);
      83       30016 :   } while (Flxq_issquare(a, T, p));
      84       15148 :   return a;
      85             : }
      86             : 
      87             : void
      88       22834 : Flxq_elltwist(GEN a, GEN a6, GEN T, ulong p, GEN *pt_a, GEN *pt_a6)
      89             : {
      90       22834 :   GEN d = nonsquare_Flxq(T, p);
      91       22834 :   GEN d2 = Flxq_sqr(d, T, p), d3 = Flxq_mul(d2, d, T, p);
      92       22834 :   if (typ(a)==t_VECSMALL)
      93             :   {
      94       15232 :     *pt_a  = Flxq_mul(a,  d2, T, p);
      95       15232 :     *pt_a6 = Flxq_mul(a6, d3, T, p);
      96             :   } else
      97             :   {
      98        7602 :     *pt_a  = mkvec(Flxq_mul(gel(a,1), d, T, p));
      99        7602 :     *pt_a6 = Flxq_mul(a6, d3, T, p);
     100             :   }
     101       22834 : }
     102             : 
     103             : static GEN
     104     1304132 : FlxqE_dbl_slope(GEN P, GEN a4, GEN T, ulong p, GEN *slope)
     105             : {
     106             :   GEN x, y, Q;
     107     1304132 :   if (ell_is_inf(P) || !lgpol(gel(P,2))) return ellinf();
     108     1203133 :   x = gel(P,1); y = gel(P,2);
     109     1203133 :   if (p==3UL)
     110     1583379 :     *slope = typ(a4)==t_VEC ? Flxq_div(Flxq_mul(x, gel(a4, 1), T, p), y, T, p)
     111     1049398 :                             : Flxq_div(a4, Flx_neg(y, p), T, p);
     112             :   else
     113             :   {
     114      669152 :     GEN sx = Flx_add(Flx_triple(Flxq_sqr(x, T, p), p), a4, p);
     115      669152 :     *slope = Flxq_div(sx, Flx_double(y, p), T, p);
     116             :   }
     117     1203133 :   Q = cgetg(3,t_VEC);
     118     1203133 :   gel(Q, 1) = Flx_sub(Flxq_sqr(*slope, T, p), Flx_double(x, p), p);
     119     1203133 :   if (typ(a4)==t_VEC) gel(Q, 1) = Flx_sub(gel(Q, 1), gel(a4, 1), p);
     120     1203133 :   gel(Q, 2) = Flx_sub(Flxq_mul(*slope, Flx_sub(x, gel(Q, 1), p), T, p), y, p);
     121     1203133 :   return Q;
     122             : }
     123             : 
     124             : GEN
     125     1278462 : FlxqE_dbl(GEN P, GEN a4, GEN T, ulong p)
     126             : {
     127     1278462 :   pari_sp av = avma;
     128             :   GEN slope;
     129     1278462 :   return gerepileupto(av, FlxqE_dbl_slope(P,a4, T, p,&slope));
     130             : }
     131             : 
     132             : static GEN
     133      537613 : FlxqE_add_slope(GEN P, GEN Q, GEN a4, GEN T, ulong p, GEN *slope)
     134             : {
     135             :   GEN Px, Py, Qx, Qy, R;
     136      537613 :   if (ell_is_inf(P)) return Q;
     137      533698 :   if (ell_is_inf(Q)) return P;
     138      533586 :   Px = gel(P,1); Py = gel(P,2);
     139      533586 :   Qx = gel(Q,1); Qy = gel(Q,2);
     140      533586 :   if (Flx_equal(Px, Qx))
     141             :   {
     142       47208 :     if (Flx_equal(Py, Qy))
     143        1240 :       return FlxqE_dbl_slope(P, a4, T, p, slope);
     144             :     else
     145       45968 :       return ellinf();
     146             :   }
     147      486378 :   *slope = Flxq_div(Flx_sub(Py, Qy, p), Flx_sub(Px, Qx, p), T, p);
     148      486378 :   R = cgetg(3,t_VEC);
     149      486378 :   gel(R, 1) = Flx_sub(Flx_sub(Flxq_sqr(*slope, T, p), Px, p), Qx, p);
     150      486378 :   if (typ(a4)==t_VEC) gel(R, 1) = Flx_sub(gel(R, 1),gel(a4, 1), p);
     151      486378 :   gel(R, 2) = Flx_sub(Flxq_mul(*slope, Flx_sub(Px, gel(R, 1), p), T, p), Py, p);
     152      486378 :   return R;
     153             : }
     154             : 
     155             : GEN
     156      534156 : FlxqE_add(GEN P, GEN Q, GEN a4, GEN T, ulong p)
     157             : {
     158      534156 :   pari_sp av = avma;
     159             :   GEN slope;
     160      534156 :   return gerepileupto(av, FlxqE_add_slope(P,Q,a4, T, p,&slope));
     161             : }
     162             : 
     163             : static GEN
     164        1096 : FlxqE_neg_i(GEN P, ulong p)
     165             : {
     166        1096 :   if (ell_is_inf(P)) return P;
     167        1096 :   return mkvec2(gel(P,1), Flx_neg(gel(P,2), p));
     168             : }
     169             : 
     170             : GEN
     171         490 : FlxqE_neg(GEN P, GEN T, ulong p)
     172             : {
     173             :   (void) T;
     174         490 :   if (ell_is_inf(P)) return ellinf();
     175         490 :   return mkvec2(gcopy(gel(P,1)), Flx_neg(gel(P,2), p));
     176             : }
     177             : 
     178             : GEN
     179        1096 : FlxqE_sub(GEN P, GEN Q, GEN a4, GEN T, ulong p)
     180             : {
     181        1096 :   pari_sp av = avma;
     182             :   GEN slope;
     183        1096 :   return gerepileupto(av, FlxqE_add_slope(P, FlxqE_neg_i(Q, p), a4, T, p, &slope));
     184             : }
     185             : 
     186             : struct _FlxqE
     187             : {
     188             :   GEN a4, a6;
     189             :   GEN T;
     190             :   ulong p;
     191             : };
     192             : 
     193             : static GEN
     194     1278462 : _FlxqE_dbl(void *E, GEN P)
     195             : {
     196     1278462 :   struct _FlxqE *ell = (struct _FlxqE *) E;
     197     1278462 :   return FlxqE_dbl(P, ell->a4, ell->T, ell->p);
     198             : }
     199             : 
     200             : static GEN
     201      527999 : _FlxqE_add(void *E, GEN P, GEN Q)
     202             : {
     203      527999 :   struct _FlxqE *ell=(struct _FlxqE *) E;
     204      527999 :   return FlxqE_add(P, Q, ell->a4, ell->T, ell->p);
     205             : }
     206             : 
     207             : static GEN
     208      218275 : _FlxqE_mul(void *E, GEN P, GEN n)
     209             : {
     210      218275 :   pari_sp av = avma;
     211      218275 :   struct _FlxqE *e=(struct _FlxqE *) E;
     212      218275 :   long s = signe(n);
     213      218275 :   if (!s || ell_is_inf(P)) return ellinf();
     214      218094 :   if (s<0) P = FlxqE_neg(P, e->T, e->p);
     215      218094 :   if (is_pm1(n)) return s>0? gcopy(P): P;
     216      211954 :   return gerepileupto(av, gen_pow(P, n, e, &_FlxqE_dbl, &_FlxqE_add));
     217             : }
     218             : 
     219             : GEN
     220       64467 : FlxqE_mul(GEN P, GEN n, GEN a4, GEN T, ulong p)
     221             : {
     222             :   struct _FlxqE E;
     223       64467 :   E.a4= a4; E.T = T; E.p = p;
     224       64467 :   return _FlxqE_mul(&E, P, n);
     225             : }
     226             : 
     227             : /* 3*x^2+2*a2*x = -a2*x, and a2!=0 */
     228             : 
     229             : /* Finds a random non-singular point on E */
     230             : static GEN
     231       77252 : random_F3xqE(GEN a2, GEN a6, GEN T)
     232             : {
     233       77252 :   pari_sp ltop = avma;
     234             :   GEN x, y, rhs;
     235       77252 :   const ulong p=3;
     236             :   do
     237             :   {
     238      153839 :     avma= ltop;
     239      153839 :     x   = random_Flx(get_Flx_degree(T),get_Flx_var(T),p);
     240      153839 :     rhs = Flx_add(Flxq_mul(Flxq_sqr(x, T, p), Flx_add(x, a2, p), T, p), a6, p);
     241      153839 :   } while ((!lgpol(rhs) && !lgpol(x)) || !Flxq_issquare(rhs, T, p));
     242       77252 :   y = Flxq_sqrt(rhs, T, p);
     243       77252 :   if (!y) pari_err_PRIME("random_F3xqE", T);
     244       77252 :   return gerepilecopy(ltop, mkvec2(x, y));
     245             : }
     246             : 
     247             : /* Finds a random non-singular point on E */
     248             : GEN
     249      144276 : random_FlxqE(GEN a4, GEN a6, GEN T, ulong p)
     250             : {
     251      144276 :   pari_sp ltop = avma;
     252             :   GEN x, x2, y, rhs;
     253      144276 :   if (typ(a4)==t_VEC)
     254       77252 :     return random_F3xqE(gel(a4,1), a6, T);
     255             :   do
     256             :   {
     257      132225 :     avma= ltop;
     258      132225 :     x   = random_Flx(get_Flx_degree(T),get_Flx_var(T),p);
     259      132225 :     x2  = Flxq_sqr(x, T, p); /*  x^3+a4*x+a6 = x*(x^2+a4)+a6  */
     260      132225 :     rhs = Flx_add(Flxq_mul(x, Flx_add(x2, a4, p), T, p), a6, p);
     261      134199 :   } while ((!lgpol(rhs) && !lgpol(Flx_add(Flx_triple(x2, p), a4, p)))
     262      264408 :           || !Flxq_issquare(rhs, T, p));
     263       67024 :   y = Flxq_sqrt(rhs, T, p);
     264       67024 :   if (!y) pari_err_PRIME("random_FlxqE", T);
     265       67024 :   return gerepilecopy(ltop, mkvec2(x, y));
     266             : }
     267             : 
     268             : static GEN
     269       69152 : _FlxqE_rand(void *E)
     270             : {
     271       69152 :   struct _FlxqE *ell=(struct _FlxqE *) E;
     272       69152 :   return random_FlxqE(ell->a4, ell->a6, ell->T, ell->p);
     273             : }
     274             : 
     275             : static const struct bb_group FlxqE_group={_FlxqE_add,_FlxqE_mul,_FlxqE_rand,hash_GEN,zvV_equal,ell_is_inf, NULL};
     276             : 
     277             : const struct bb_group *
     278          34 : get_FlxqE_group(void ** pt_E, GEN a4, GEN a6, GEN T, ulong p)
     279             : {
     280          34 :   struct _FlxqE *e = (struct _FlxqE *) stack_malloc(sizeof(struct _FlxqE));
     281          34 :   e->a4 = a4; e->a6 = a6; e->T = Flx_get_red(T, p); e->p = p;
     282          34 :   *pt_E = (void *) e;
     283          34 :   return &FlxqE_group;
     284             : }
     285             : 
     286             : GEN
     287        2326 : FlxqE_order(GEN z, GEN o, GEN a4, GEN T, ulong p)
     288             : {
     289        2326 :   pari_sp av = avma;
     290             :   struct _FlxqE e;
     291        2326 :   e.a4=a4; e.T=T; e.p=p;
     292        2326 :   return gerepileuptoint(av, gen_order(z, o, (void*)&e, &FlxqE_group));
     293             : }
     294             : 
     295             : GEN
     296          49 : FlxqE_log(GEN a, GEN b, GEN o, GEN a4, GEN T, ulong p)
     297             : {
     298          49 :   pari_sp av = avma;
     299             :   struct _FlxqE e;
     300          49 :   e.a4=a4; e.T=T; e.p=p;
     301          49 :   return gerepileuptoint(av, gen_PH_log(a, b, o, (void*)&e, &FlxqE_group));
     302             : }
     303             : 
     304             : /***********************************************************************/
     305             : /**                                                                   **/
     306             : /**                            Pairings                               **/
     307             : /**                                                                   **/
     308             : /***********************************************************************/
     309             : 
     310             : /* Derived from APIP from and by Jerome Milan, 2012 */
     311             : 
     312             : static GEN
     313       69750 : FlxqE_vert(GEN P, GEN Q, GEN a4, GEN T, ulong p)
     314             : {
     315       69750 :   long vT = get_Flx_var(T);
     316             :   GEN df;
     317       69750 :   if (ell_is_inf(P))
     318       23435 :     return pol1_Flx(vT);
     319       46315 :   if (!Flx_equal(gel(Q, 1), gel(P, 1)))
     320       41082 :     return Flx_sub(gel(Q, 1), gel(P, 1), p);
     321        5233 :   if (lgpol(gel(P,2))!=0) return pol1_Flx(vT);
     322       11420 :   df = typ(a4)==t_VEC ? Flxq_mul(gel(P,1), Flx_mulu(gel(a4, 1), 2, p), T, p)
     323        6970 :                       : a4;
     324        4450 :   return Flxq_inv(Flx_add(Flx_mulu(Flxq_sqr(gel(P,1), T, p), 3, p),
     325             :                           df, p), T, p);
     326             : }
     327             : 
     328             : static GEN
     329       26791 : FlxqE_Miller_line(GEN R, GEN Q, GEN slope, GEN a4, GEN T, ulong p)
     330             : {
     331       26791 :   long vT = get_Flx_var(T);
     332       26791 :   GEN x = gel(Q, 1), y = gel(Q, 2);
     333       26791 :   GEN tmp1 = Flx_sub(x, gel(R, 1), p);
     334       26791 :   GEN tmp2 = Flx_add(Flxq_mul(tmp1, slope, T, p), gel(R, 2), p);
     335       26791 :   if (!Flx_equal(y, tmp2))
     336       24866 :     return Flx_sub(y, tmp2, p);
     337        1925 :   if (lgpol(y) == 0)
     338         657 :     return pol1_Flx(vT);
     339             :   else
     340             :   {
     341        1268 :     GEN s1, s2, a2 = typ(a4)==t_VEC ? gel(a4,1): NULL;
     342        1268 :     GEN y2i = Flxq_inv(Flx_mulu(y, 2, p), T, p);
     343        1268 :     GEN df = a2 ? Flxq_mul(x, Flx_mulu(a2, 2, p), T, p): a4;
     344             :     GEN x3, ddf;
     345        1268 :     s1 = Flxq_mul(Flx_add(Flx_mulu(Flxq_sqr(x, T, p), 3, p), df, p), y2i, T, p);
     346        1268 :     if (!Flx_equal(s1, slope))
     347         343 :       return Flx_sub(s1, slope, p);
     348         925 :     x3 = Flx_mulu(x, 3, p);
     349         925 :     ddf = a2 ? Flx_add(x3, a2, p): x3;
     350         925 :     s2 = Flxq_mul(Flx_sub(ddf, Flxq_sqr(s1, T, p), p), y2i, T, p);
     351         925 :     return lgpol(s2)!=0 ? s2: y2i;
     352             :   }
     353             : }
     354             : 
     355             : /* Computes the equation of the line tangent to R and returns its
     356             :    evaluation at the point Q. Also doubles the point R.
     357             :  */
     358             : 
     359             : static GEN
     360       46451 : FlxqE_tangent_update(GEN R, GEN Q, GEN a4, GEN T, ulong p, GEN *pt_R)
     361             : {
     362       46451 :   if (ell_is_inf(R))
     363             :   {
     364        3979 :     *pt_R = ellinf();
     365        3979 :     return pol1_Flx(get_Flx_var(T));
     366             :   }
     367       42472 :   else if (!lgpol(gel(R,2)))
     368             :   {
     369       18042 :     *pt_R = ellinf();
     370       18042 :     return FlxqE_vert(R, Q, a4, T, p);
     371             :   } else {
     372             :     GEN slope;
     373       24430 :     *pt_R = FlxqE_dbl_slope(R, a4, T, p, &slope);
     374       24430 :     return FlxqE_Miller_line(R, Q, slope, a4, T, p);
     375             :   }
     376             : }
     377             : 
     378             : /* Computes the equation of the line through R and P, and returns its
     379             :    evaluation at the point Q. Also adds P to the point R.
     380             :  */
     381             : 
     382             : static GEN
     383        3816 : FlxqE_chord_update(GEN R, GEN P, GEN Q, GEN a4, GEN T, ulong p, GEN *pt_R)
     384             : {
     385        3816 :   if (ell_is_inf(R))
     386             :   {
     387          34 :     *pt_R = gcopy(P);
     388          34 :     return FlxqE_vert(P, Q, a4, T, p);
     389             :   }
     390        3782 :   else if (ell_is_inf(P))
     391             :   {
     392           0 :     *pt_R = gcopy(R);
     393           0 :     return FlxqE_vert(R, Q, a4, T, p);
     394             :   }
     395        3782 :   else if (Flx_equal(gel(P, 1), gel(R, 1)))
     396             :   {
     397        1421 :     if (Flx_equal(gel(P, 2), gel(R, 2)))
     398           7 :       return FlxqE_tangent_update(R, Q, a4, T, p, pt_R);
     399             :     else
     400             :     {
     401        1414 :       *pt_R = ellinf();
     402        1414 :       return FlxqE_vert(R, Q, a4, T, p);
     403             :     }
     404             :   } else {
     405             :     GEN slope;
     406        2361 :     *pt_R = FlxqE_add_slope(P, R, a4, T, p, &slope);
     407        2361 :     return FlxqE_Miller_line(R, Q, slope, a4, T, p);
     408             :   }
     409             : }
     410             : 
     411             : /* Returns the Miller function f_{m, Q} evaluated at the point P using
     412             :    the standard Miller algorithm.
     413             :  */
     414             : 
     415             : struct _FlxqE_miller
     416             : {
     417             :   ulong p;
     418             :   GEN T, a4, P;
     419             : };
     420             : 
     421             : static GEN
     422       46444 : FlxqE_Miller_dbl(void* E, GEN d)
     423             : {
     424       46444 :   struct _FlxqE_miller *m = (struct _FlxqE_miller *)E;
     425       46444 :   ulong p  = m->p;
     426       46444 :   GEN T = m->T, a4 = m->a4, P = m->P;
     427             :   GEN v, line;
     428       46444 :   GEN num = Flxq_sqr(gel(d,1), T, p);
     429       46444 :   GEN denom = Flxq_sqr(gel(d,2), T, p);
     430       46444 :   GEN point = gel(d,3);
     431       46444 :   line = FlxqE_tangent_update(point, P, a4, T, p, &point);
     432       46444 :   num  = Flxq_mul(num, line, T, p);
     433       46444 :   v = FlxqE_vert(point, P, a4, T, p);
     434       46444 :   denom = Flxq_mul(denom, v, T, p);
     435       46444 :   return mkvec3(num, denom, point);
     436             : }
     437             : 
     438             : static GEN
     439        3816 : FlxqE_Miller_add(void* E, GEN va, GEN vb)
     440             : {
     441        3816 :   struct _FlxqE_miller *m = (struct _FlxqE_miller *)E;
     442        3816 :   ulong p = m->p;
     443        3816 :   GEN T = m->T, a4 = m->a4, P = m->P;
     444             :   GEN v, line, point;
     445        3816 :   GEN na = gel(va,1), da = gel(va,2), pa = gel(va,3);
     446        3816 :   GEN nb = gel(vb,1), db = gel(vb,2), pb = gel(vb,3);
     447        3816 :   GEN num   = Flxq_mul(na, nb, T, p);
     448        3816 :   GEN denom = Flxq_mul(da, db, T, p);
     449        3816 :   line = FlxqE_chord_update(pa, pb, P, a4, T, p, &point);
     450        3816 :   num  = Flxq_mul(num, line, T, p);
     451        3816 :   v = FlxqE_vert(point, P, a4, T, p);
     452        3816 :   denom = Flxq_mul(denom, v, T, p);
     453        3816 :   return mkvec3(num, denom, point);
     454             : }
     455             : 
     456             : static GEN
     457       19422 : FlxqE_Miller(GEN Q, GEN P, GEN m, GEN a4, GEN T, ulong p)
     458             : {
     459       19422 :   pari_sp ltop = avma;
     460             :   struct _FlxqE_miller d;
     461             :   GEN v, num, denom, g1;
     462             : 
     463       19422 :   d.a4 = a4; d.T = T; d.p = p; d.P = P;
     464       19422 :   g1 = pol1_Flx(get_Flx_var(T));
     465       19422 :   v = gen_pow(mkvec3(g1,g1,Q), m, (void*)&d, FlxqE_Miller_dbl, FlxqE_Miller_add);
     466       19422 :   num = gel(v,1); denom = gel(v,2);
     467       19422 :   return gerepileupto(ltop, Flxq_div(num, denom, T, p));
     468             : }
     469             : 
     470             : GEN
     471       12742 : FlxqE_weilpairing(GEN P, GEN Q, GEN m, GEN a4, GEN T, ulong p)
     472             : {
     473       12742 :   pari_sp ltop = avma;
     474             :   GEN num, denom, result;
     475       12742 :   if (ell_is_inf(P) || ell_is_inf(Q) || Flx_equal(P,Q))
     476        3059 :     return pol1_Flx(get_Flx_var(T));
     477        9683 :   num    = FlxqE_Miller(P, Q, m, a4, T, p);
     478        9683 :   denom  = FlxqE_Miller(Q, P, m, a4, T, p);
     479        9683 :   result = Flxq_div(num, denom, T, p);
     480        9683 :   if (mpodd(m))
     481         644 :     result  = Flx_neg(result, p);
     482        9683 :   return gerepileupto(ltop, result);
     483             : }
     484             : 
     485             : GEN
     486          56 : FlxqE_tatepairing(GEN P, GEN Q, GEN m, GEN a4, GEN T, ulong p)
     487             : {
     488          56 :   if (ell_is_inf(P) || ell_is_inf(Q))
     489           0 :     return pol1_Flx(get_Flx_var(T));
     490          56 :   return FlxqE_Miller(P, Q, m, a4, T, p);
     491             : }
     492             : 
     493             : static GEN
     494       12728 : _FlxqE_pairorder(void *E, GEN P, GEN Q, GEN m, GEN F)
     495             : {
     496       12728 :   struct _FlxqE *e = (struct _FlxqE *) E;
     497       12728 :   return  Flxq_order(FlxqE_weilpairing(P,Q,m,e->a4,e->T,e->p), F, e->T, e->p);
     498             : }
     499             : 
     500             : GEN
     501       15609 : Flxq_ellgroup(GEN a4, GEN a6, GEN N, GEN T, ulong p, GEN *pt_m)
     502             : {
     503             :   struct _FlxqE e;
     504       15609 :   GEN q = powuu(p, get_Flx_degree(T));
     505       15609 :   e.a4=a4; e.a6=a6; e.T=T; e.p=p;
     506       15609 :   return gen_ellgroup(N, subiu(q,1), pt_m, (void*)&e, &FlxqE_group, _FlxqE_pairorder);
     507             : }
     508             : 
     509             : GEN
     510       14363 : Flxq_ellgens(GEN a4, GEN a6, GEN ch, GEN D, GEN m, GEN T, ulong p)
     511             : {
     512             :   GEN P;
     513       14363 :   pari_sp av = avma;
     514             :   struct _FlxqE e;
     515       14363 :   e.a4=a4; e.a6=a6; e.T=T; e.p=p;
     516       14363 :   switch(lg(D)-1)
     517             :   {
     518             :   case 0:
     519          63 :     return cgetg(1,t_VEC);
     520             :   case 1:
     521       11787 :     P = gen_gener(gel(D,1), (void*)&e, &FlxqE_group);
     522       11787 :     P = mkvec(FlxqE_changepoint(P, ch, T, p));
     523       11787 :     break;
     524             :   default:
     525        2513 :     P = gen_ellgens(gel(D,1), gel(D,2), m, (void*)&e, &FlxqE_group, _FlxqE_pairorder);
     526        2513 :     gel(P,1) = FlxqE_changepoint(gel(P,1), ch, T, p);
     527        2513 :     gel(P,2) = FlxqE_changepoint(gel(P,2), ch, T, p);
     528        2513 :     break;
     529             :   }
     530       14300 :   return gerepilecopy(av, P);
     531             : }
     532             : /***********************************************************************/
     533             : /**                                                                   **/
     534             : /**                          Point counting                           **/
     535             : /**                                                                   **/
     536             : /***********************************************************************/
     537             : 
     538       11130 : static GEN _can_invl(void *E, GEN V) {(void) E; return V; }
     539             : 
     540        3654 : static GEN _can_lin(void *E, GEN F, GEN V, GEN q)
     541             : {
     542        3654 :   GEN v = RgX_splitting(V, 3);
     543             :   (void) E;
     544        3654 :   return FpX_sub(V,ZXV_dotproduct(v, F), q);
     545             : }
     546             : 
     547             : static GEN
     548        7476 : _can_iter(void *E, GEN f, GEN q)
     549             : {
     550        7476 :   GEN h = RgX_splitting(f,3);
     551        7476 :   GEN h1s = ZX_sqr(gel(h,1)), h2s = ZX_sqr(gel(h,2)), h3s = ZX_sqr(gel(h,3));
     552        7476 :   GEN h12 = ZX_mul(gel(h,1), gel(h,2));
     553        7476 :   GEN h13 = ZX_mul(gel(h,1), gel(h,3));
     554        7476 :   GEN h23 = ZX_mul(gel(h,2), gel(h,3));
     555        7476 :   GEN h1c = ZX_mul(gel(h,1), h1s);
     556        7476 :   GEN h3c = ZX_mul(gel(h,3), h3s);
     557        7476 :   GEN th = ZX_mul(ZX_sub(h2s,ZX_mulu(h13,3)),gel(h,2));
     558        7476 :   GEN y = FpX_sub(f,ZX_add(RgX_shift_shallow(h3c,2),ZX_add(RgX_shift_shallow(th,1),h1c)),q);
     559             :   (void) E;
     560        7476 :   return mkvecn(7,y,h1s,h2s,h3s,h12,h13,h23);
     561             : }
     562             : 
     563             : static GEN
     564        7476 : _can_invd(void *E, GEN V, GEN v, GEN qM, long M)
     565             : {
     566        7476 :   GEN h1s=gel(v,2), h2s=gel(v,3), h3s=gel(v,4);
     567        7476 :   GEN h12=gel(v,5), h13=gel(v,6), h23=gel(v,7);
     568        7476 :   GEN F = mkvec3(ZX_sub(h1s,RgX_shift_shallow(h23,1)),RgX_shift_shallow(ZX_sub(h2s,h13),1),
     569             :                  ZX_sub(RgX_shift_shallow(h3s,2),RgX_shift_shallow(h12,1)));
     570             :   (void)E;
     571        7476 :   return gen_ZpX_Dixon(ZXV_Z_mul(F, utoi(3)), V, qM, utoi(3), M, NULL,
     572             :                                                  _can_lin, _can_invl);
     573             : }
     574             : 
     575             : static GEN
     576        3717 : F3x_canonlift(GEN P, long n)
     577        3717 : { return gen_ZpX_Newton(Flx_to_ZX(P),utoi(3), n, NULL, _can_iter, _can_invd); }
     578             : 
     579       29484 : static GEN _can5_invl(void *E, GEN V) {(void) E; return V; }
     580             : 
     581        8967 : static GEN _can5_lin(void *E, GEN F, GEN V, GEN q)
     582             : {
     583        8967 :   ulong p = *(ulong*)E;
     584        8967 :   GEN v = RgX_splitting(V, p);
     585        8967 :   return FpX_sub(V,ZXV_dotproduct(v, F), q);
     586             : }
     587             : 
     588             : /* P(X,t) -> P(X*t^n,t) mod (t^p-1) */
     589             : static GEN
     590       61810 : _shift(GEN P, long n, ulong p, long v)
     591             : {
     592       61810 :   long i, l=lg(P);
     593       61810 :   GEN r = cgetg(l,t_POL); r[1] = P[1];
     594      481754 :   for(i=2;i<l;i++)
     595             :   {
     596      419944 :     long s = n*(i-2)%p;
     597      419944 :     GEN ci = gel(P,i);
     598      419944 :     if (typ(ci)==t_INT)
     599      104671 :       gel(r,i) = monomial(ci, s, v);
     600             :     else
     601      315273 :       gel(r,i) = RgX_rotate_shallow(ci, s, p);
     602             :   }
     603       61810 :   return FpXX_renormalize(r, l);
     604             : }
     605             : 
     606             : struct _can_mul
     607             : {
     608             :   GEN T, q;
     609             :   ulong p;
     610             : };
     611             : 
     612             : static GEN
     613       41293 : _can5_mul(void *E, GEN A, GEN B)
     614             : {
     615       41293 :   struct _can_mul *d = (struct _can_mul *)E;
     616       41293 :   GEN a = gel(A,1), b = gel(B,1);
     617       41293 :   long n = itos(gel(A,2));
     618       41293 :   GEN bn = _shift(b, n, d->p, get_FpX_var(d->T));
     619       41293 :   GEN c = FpXQX_mul(a, bn, d->T, d->q);
     620       41293 :   return mkvec2(c, addii(gel(A,2), gel(B,2)));
     621             : }
     622             : 
     623             : static GEN
     624       41125 : _can5_sqr(void *E, GEN A)
     625             : {
     626       41125 :   return _can5_mul(E,A,A);
     627             : }
     628             : 
     629             : static GEN
     630       20517 : _can5_iter(void *E, GEN f, GEN q)
     631             : {
     632       20517 :   pari_sp av = avma;
     633             :   struct _can_mul D;
     634       20517 :   ulong p = *(ulong*)E;
     635       20517 :   long i, vT = fetch_var();
     636             :   GEN N, P, d, V, fs;
     637       20517 :   D.q = q; D.T = ZX_Z_sub(pol_xn(p,vT),gen_1);
     638       20517 :   D.p = p;
     639       20517 :   fs = mkvec2(_shift(f, 1, p, vT), gen_1);
     640       20517 :   N = gel(gen_powu(fs,p-1,(void*)&D,_can5_sqr,_can5_mul),1);
     641       20517 :   N = simplify_shallow(FpXQX_red(N,polcyclo(p,vT),q));
     642       20517 :   P = FpX_mul(N,f,q);
     643       20517 :   P = RgX_deflate(P, p);
     644       20517 :   d = RgX_splitting(N, p);
     645       20517 :   V = cgetg(p+1,t_VEC);
     646       20517 :   gel(V,1) = ZX_mulu(gel(d,1), p);
     647      103355 :   for(i=2; i<= (long)p; i++)
     648       82838 :     gel(V,i) = ZX_mulu(RgX_shift_shallow(gel(d,p+2-i), 1), p);
     649       20517 :   (void)delete_var(); return gerepilecopy(av, mkvec2(ZX_sub(f,P),V));
     650             : }
     651             : 
     652             : static GEN
     653       20517 : _can5_invd(void *E, GEN H, GEN v, GEN qM, long M)
     654             : {
     655       20517 :   ulong p = *(long*)E;
     656       20517 :   return gen_ZpX_Dixon(gel(v,2), H, qM, utoi(p), M, E, _can5_lin, _can5_invl);
     657             : }
     658             : 
     659             : static GEN
     660       13930 : Flx_canonlift(GEN P, long n, ulong p)
     661             : {
     662       24143 :   return p==3 ? F3x_canonlift(P,n):
     663       10213 :          gen_ZpX_Newton(Flx_to_ZX(P),utoi(p), n, &p, _can5_iter, _can5_invd);
     664             : }
     665             : 
     666             : /* assume a and n  are coprime */
     667             : static GEN
     668       76258 : RgX_circular_shallow(GEN P, long a, long n)
     669             : {
     670       76258 :   long i, l = lgpol(P);
     671       76258 :   GEN Q = cgetg(2+n,t_POL);
     672       76258 :   Q[1] = P[1];
     673      512421 :   for(i=0; i<l; i++)
     674      436163 :     gel(Q,2+(i*a)%n) = gel(P,2+i);
     675      168707 :   for(   ; i<n; i++)
     676       92449 :     gel(Q,2+(i*a)%n) = gen_0;
     677       76258 :   return normalizepol_lg(Q,2+n);
     678             : }
     679             : 
     680             : static GEN
     681       76258 : ZpXQ_frob_cyc(GEN x, GEN T, GEN q, ulong p)
     682             : {
     683       76258 :   long n = get_FpX_degree(T);
     684       76258 :   return FpX_rem(RgX_circular_shallow(x,p,n+1), T, q);
     685             : }
     686             : 
     687             : static GEN
     688      113547 : ZpXQ_frob(GEN x, GEN Xm, GEN T, GEN q, ulong p)
     689             : {
     690      113547 :   if (lg(Xm)==1)
     691       43435 :     return ZpXQ_frob_cyc(x, T, q, p);
     692             :   else
     693             :   {
     694       70112 :     long n = get_FpX_degree(T);
     695       70112 :     GEN V = RgX_blocks(RgX_inflate(x, p), n, p);
     696       70112 :     GEN W = ZXV_dotproduct(V, Xm);
     697       70112 :     return FpX_rem(W, T, q);
     698             :   }
     699             : }
     700             : 
     701             : struct _lift_lin
     702             : {
     703             :   ulong p;
     704             :   GEN sqx, Tp;
     705             :   GEN ai, Xm;
     706             : };
     707             : 
     708       84035 : static GEN _lift_invl(void *E, GEN x)
     709             : {
     710       84035 :   struct _lift_lin *d = (struct _lift_lin *) E;
     711       84035 :   GEN T = d->Tp;
     712       84035 :   ulong p = d->p;
     713       84035 :   GEN xai = Flxq_mul(ZX_to_Flx(x, p), d->ai, T, p);
     714       84035 :   return Flx_to_ZX(Flxq_lroot_fast(xai, d->sqx, T, p));
     715             : }
     716             : 
     717       23744 : static GEN _lift_lin(void *E, GEN F, GEN x2, GEN q)
     718             : {
     719       23744 :   struct _lift_lin *d = (struct _lift_lin *) E;
     720       23744 :   pari_sp av = avma;
     721       23744 :   GEN T = gel(F,3), Xm = gel(F,4);
     722       23744 :   GEN y2  = ZpXQ_frob(x2, Xm, T, q, d->p);
     723       23744 :   GEN lin = FpX_add(ZX_mul(gel(F,1), y2), ZX_mul(gel(F,2), x2), q);
     724       23744 :   return gerepileupto(av, FpX_rem(lin, T, q));
     725             : }
     726             : 
     727             : static GEN
     728      180873 : FpM_FpXV_bilinear(GEN P, GEN X, GEN Y, GEN p)
     729             : {
     730      180873 :    pari_sp av = avma;
     731      180873 :    GEN s =  ZX_mul(FpXV_FpC_mul(X,gel(P,1),p),gel(Y,1));
     732      180873 :    long i, l = lg(P);
     733      849765 :    for(i=2; i<l; i++)
     734      668892 :      s = ZX_add(s, ZX_mul(FpXV_FpC_mul(X,gel(P,i),p),gel(Y,i)));
     735      180873 :    return gerepileupto(av, FpX_red(s, p));
     736             : }
     737             : 
     738             : static GEN
     739      180873 : FpM_FpXQV_bilinear(GEN P, GEN X, GEN Y, GEN T, GEN p)
     740             : {
     741      180873 :   return FpX_rem(FpM_FpXV_bilinear(P,X,Y,p),T,p);
     742             : }
     743             : 
     744             : static GEN
     745      120582 : FpXC_powderiv(GEN M, GEN p)
     746             : {
     747             :   long i, l;
     748      120582 :   long v = varn(gel(M,2));
     749      120582 :   GEN m = cgetg_copy(M, &l);
     750      120582 :   gel(m,1) = pol_0(v);
     751      120582 :   gel(m,2) = pol_1(v);
     752      445928 :   for(i=2; i<l-1; i++)
     753      325346 :     gel(m,i+1) = FpX_Fp_mul(gel(M,i),utoi(i), p);
     754      120582 :   return m;
     755             : }
     756             : 
     757             : struct _lift_iso
     758             : {
     759             :   GEN phi;
     760             :   GEN Xm,T;
     761             :   GEN sqx, Tp;
     762             :   ulong p;
     763             : };
     764             : 
     765             : static GEN
     766       60291 : _lift_iter(void *E, GEN x2, GEN q)
     767             : {
     768       60291 :   struct _lift_iso *d = (struct _lift_iso *) E;
     769       60291 :   ulong p = d->p;
     770       60291 :   long n = lg(d->phi)-2;
     771       60291 :   GEN TN = FpXT_red(d->T, q), XN = FpXV_red(d->Xm, q);
     772       60291 :   GEN y2 = ZpXQ_frob(x2, XN, TN, q, p);
     773       60291 :   GEN xp = FpXQ_powers(x2, n, TN, q);
     774       60291 :   GEN yp = FpXQ_powers(y2, n, TN, q);
     775       60291 :   GEN V  = FpM_FpXQV_bilinear(d->phi,xp,yp,TN,q);
     776       60291 :   return mkvec3(V,xp,yp);
     777             : }
     778             : 
     779             : static GEN
     780       60291 : _lift_invd(void *E, GEN V, GEN v, GEN qM, long M)
     781             : {
     782       60291 :   struct _lift_iso *d = (struct _lift_iso *) E;
     783             :   struct _lift_lin e;
     784       60291 :   ulong p = d->p;
     785       60291 :   GEN TM = FpXT_red(d->T, qM), XM = FpXV_red(d->Xm, qM);
     786       60291 :   GEN xp = FpXV_red(gel(v,2), qM);
     787       60291 :   GEN yp = FpXV_red(gel(v,3), qM);
     788       60291 :   GEN Dx = FpM_FpXQV_bilinear(d->phi, FpXC_powderiv(xp, qM), yp, TM, qM);
     789       60291 :   GEN Dy = FpM_FpXQV_bilinear(d->phi, xp, FpXC_powderiv(yp, qM), TM, qM);
     790       60291 :   GEN F = mkvec4(Dy, Dx, TM, XM);
     791       60291 :   e.ai = Flxq_inv(ZX_to_Flx(Dy,p),d->Tp,p);
     792       60291 :   e.sqx = d->sqx; e.Tp = d->Tp; e.p=p; e.Xm = XM;
     793       60291 :   return gen_ZpX_Dixon(F,V,qM,utoi(p),M,(void*) &e, _lift_lin, _lift_invl);
     794             : }
     795             : 
     796             : static GEN
     797       25032 : lift_isogeny(GEN phi, GEN x0, long n, GEN Xm, GEN T, GEN sqx, GEN Tp, ulong p)
     798             : {
     799             :   struct _lift_iso d;
     800       25032 :   d.phi=phi;
     801       25032 :   d.Xm=Xm; d.T=T;
     802       25032 :   d.sqx=sqx; d.Tp=Tp; d.p=p;
     803       25032 :   return gen_ZpX_Newton(x0, utoi(p), n,(void*)&d, _lift_iter, _lift_invd);
     804             : }
     805             : 
     806             : static GEN
     807       25011 : getc2(GEN act, GEN X, GEN T, GEN q, ulong p, long N)
     808             : {
     809       25011 :   GEN A1 = RgV_to_RgX(gel(act,1),0), A2 =  RgV_to_RgX(gel(act,2),0);
     810       25011 :   long n = brent_kung_optpow(maxss(degpol(A1),degpol(A2)),2,1);
     811       25011 :   GEN xp = FpXQ_powers(X,n,T,q);
     812       25011 :   GEN P  = FpX_FpXQV_eval(A1, xp, T, q);
     813       25011 :   GEN Q  = FpX_FpXQV_eval(A2, xp, T, q);
     814       25011 :   return ZpXQ_div(P, Q, T, q, utoi(p), N);
     815             : }
     816             : 
     817             : struct _ZpXQ_norm
     818             : {
     819             :   long n;
     820             :   GEN T, p;
     821             : };
     822             : 
     823             : static GEN
     824       32823 : ZpXQ_norm_mul(void *E, GEN x, GEN y)
     825             : {
     826       32823 :   struct _ZpXQ_norm *D = (struct _ZpXQ_norm*)E;
     827       32823 :   GEN P = gel(x,1), Q = gel(y,1);
     828       32823 :   long a = mael(x,2,1), b = mael(y,2,1);
     829       32823 :   retmkvec2(FpXQ_mul(P,ZpXQ_frob_cyc(Q, D->T, D->p, a), D->T, D->p),
     830             :             mkvecsmall((a*b)%D->n));
     831             : }
     832             : 
     833             : static GEN
     834       22715 : ZpXQ_norm_sqr(void *E, GEN x)
     835             : {
     836       22715 :   return ZpXQ_norm_mul(E, x, x);
     837             : }
     838             : 
     839             : /* Assume T = Phi_(n) and n prime */
     840             : GEN
     841       11340 : ZpXQ_norm_pcyc(GEN x, GEN T, GEN q, GEN p)
     842             : {
     843             :   GEN z;
     844             :   struct _ZpXQ_norm D;
     845       11340 :   long d = get_FpX_degree(T);
     846       11340 :   D.T = T; D.p = q; D.n = d+1;
     847       11340 :   if (d==1) return ZX_copy(x);
     848       11340 :   z = mkvec2(x,mkvecsmall(p[2]));
     849       11340 :   z = gen_powu(z,d,(void*)&D,ZpXQ_norm_sqr,ZpXQ_norm_mul);
     850       11340 :   return gmael(z,1,2);
     851             : }
     852             : 
     853             : /* Assume T = Phi_(n) and n prime */
     854             : static GEN
     855       11102 : ZpXQ_sqrtnorm_pcyc(GEN x, GEN T, GEN q, GEN p, long e)
     856             : {
     857       11102 :   GEN z = ZpXQ_norm_pcyc(x, T, q, p);
     858       11102 :   return Zp_sqrtlift(z,Fp_sqrt(z,p),p,e);
     859             : }
     860             : 
     861             : /* Assume a = 1 [p], return the square root of the norm */
     862             : static GEN
     863       13930 : ZpXQ_sqrtnorm(GEN a, GEN T, GEN q, GEN p, long e)
     864             : {
     865       13930 :   GEN s = Fp_div(FpXQ_trace(ZpXQ_log(a, T, p, e), T, q), gen_2, q);
     866       13930 :   return modii(gel(Qp_exp(cvtop(s, p, e-1)),4), q);
     867             : }
     868             : 
     869             : struct _teich_lin
     870             : {
     871             :   ulong p;
     872             :   GEN sqx, Tp;
     873             :   long m;
     874             : };
     875             : 
     876             : static GEN
     877       29470 : _teich_invl(void *E, GEN x)
     878             : {
     879       29470 :   struct _teich_lin *d = (struct _teich_lin *) E;
     880       29470 :   ulong p = d->p;
     881       29470 :   GEN T = d->Tp;
     882       29470 :   return Flx_to_ZX(Flxq_lroot_fast(ZX_to_Flx(x, p), d->sqx, T, p));
     883             : }
     884             : 
     885             : static GEN
     886        8953 : _teich_lin(void *E, GEN F, GEN x2, GEN q)
     887             : {
     888        8953 :   struct _teich_lin *d = (struct _teich_lin *) E;
     889        8953 :   pari_sp av = avma;
     890        8953 :   GEN T = gel(F,2), Xm = gel(F,3);
     891        8953 :   GEN y2  = ZpXQ_frob(x2, Xm, T, q, d->p);
     892        8953 :   GEN lin = FpX_sub(y2, ZX_mulu(ZX_mul(gel(F,1), x2), d->p), q);
     893        8953 :   return gerepileupto(av, FpX_rem(lin, T, q));
     894             : }
     895             : 
     896             : struct _teich_iso
     897             : {
     898             :   GEN Xm, T;
     899             :   GEN sqx, Tp;
     900             :   ulong p;
     901             : };
     902             : 
     903             : static GEN
     904       20517 : _teich_iter(void *E, GEN x2, GEN q)
     905             : {
     906       20517 :   struct _teich_iso *d = (struct _teich_iso *) E;
     907       20517 :   ulong p = d->p;
     908       20517 :   GEN TN = FpXT_red(d->T, q), XN = FpXV_red(d->Xm, q);
     909       20517 :   GEN y2 = ZpXQ_frob(x2, XN, TN, q, d->p);
     910       20517 :   GEN x1 = FpXQ_powu(x2, p-1, TN, q);
     911       20517 :   GEN xp = FpXQ_mul(x2, x1, TN, q);
     912       20517 :   GEN V = FpX_sub(y2,xp,q);
     913       20517 :   return mkvec2(V,x1);
     914             : }
     915             : 
     916             : static GEN
     917       20517 : _teich_invd(void *E, GEN V, GEN v, GEN qM, long M)
     918             : {
     919       20517 :   struct _teich_iso *d = (struct _teich_iso *) E;
     920             :   struct _teich_lin e;
     921       20517 :   ulong p = d->p;
     922       20517 :   GEN TM = FpXT_red(d->T, qM), XM = FpXV_red(d->Xm, qM);
     923       20517 :   GEN x1 = FpX_red(gel(v,2), qM);
     924       20517 :   GEN F = mkvec3(x1, TM, XM);
     925       20517 :   e.sqx = d->sqx; e.Tp = d->Tp; e.p=p;
     926       20517 :   return gen_ZpX_Dixon(F,V,qM,utoi(p),M,(void*) &e, _teich_lin, _teich_invl);
     927             : }
     928             : 
     929             : static GEN
     930       10213 : Teichmuller_lift(GEN x, GEN Xm, GEN T, GEN sqx, GEN Tp, ulong p, long N)
     931             : {
     932             :   struct _teich_iso d;
     933       10213 :   d.Xm = Xm; d.T = T; d.sqx = sqx; d.Tp = Tp; d.p = p;
     934       10213 :   return gen_ZpX_Newton(x,utoi(p), N,(void*)&d, _teich_iter, _teich_invd);
     935             : }
     936             : 
     937             : static GEN
     938       25032 : get_norm(GEN a4, GEN a6, GEN T, ulong p, long N)
     939             : {
     940       25032 :   long sv=T[1];
     941             :   GEN a;
     942       25032 :   if (p==3) a = gel(a4,1);
     943             :   else
     944             :   {
     945       10227 :     GEN P = mkpoln(4, pol1_Flx(sv), pol0_Flx(sv), a4, a6);
     946       10227 :     a = gel(FlxqX_powu(P,p>>1,T,p),2+p-1);
     947             :   }
     948       25032 :   return Zp_sqrtnlift(gen_1,subss(p,1),utoi(Flxq_norm(a,T,p)),utoi(p), N);
     949             : }
     950             : 
     951             : static GEN
     952       25011 : fill_pols(long n, const long *v, long m, const long *vn,
     953             :           const long *vd, GEN *act)
     954             : {
     955             :   long i, j;
     956       25011 :   long d = upowuu(n,12/(n-1));
     957       25011 :   GEN N, D, M = zeromatcopy(n+1,n+1);
     958       25011 :   gmael(M,1,n+1) = gen_1;
     959      120568 :   for(i=2;i<=n+1;i++)
     960      338373 :     for(j=i-1;j<=n;j++)
     961      242816 :       gmael(M,i,j) = mulis(powuu(d,i-2),v[j-i+1]);
     962       25011 :   N = cgetg(m+1,t_COL);
     963       25011 :   D = cgetg(m+1,t_COL);
     964      135359 :   for(i=1;i<=m;i++)
     965             :   {
     966      110348 :     gel(N,i) = stoi(*vn++);
     967      110348 :     gel(D,i) = stoi(*vd++);
     968             :   }
     969       25011 :   *act = mkmat2(N,D);
     970       25011 :   return M;
     971             : }
     972             : 
     973             : /*
     974             :   These polynomials were extracted from the ECHIDNA databases
     975             :   available at <http://echidna.maths.usyd.edu.au/echidna/>
     976             :   and computed by David R. Kohel.
     977             :   Return the matrix of the modular polynomial, set act to the parametrization,
     978             :   and set dj to the opposite of the supersingular j-invariant.
     979             : */
     980             : static GEN
     981       25011 : get_Kohel_polynomials(ulong p, GEN *act, long *dj)
     982             : {
     983       25011 :   const long mat3[] = {-1,-36,-270};
     984       25011 :   const long num3[] = {1,-483,-21141,-59049};
     985       25011 :   const long den3[] = {1,261, 4347, -6561};
     986       25011 :   const long mat5[] = {-1,-30,-315,-1300,-1575};
     987       25011 :   const long num5[] = {-1,490,20620,158750,78125};
     988       25011 :   const long den5[] = {-1,-254,-4124,-12250,3125};
     989       25011 :   const long mat7[] = {-1,-28,-322,-1904,-5915,-8624,-4018};
     990       25011 :   const long num7[] = {1,-485,-24058,-343833,-2021642,-4353013,-823543};
     991       25011 :   const long den7[] = {1,259,5894,49119,168406,166355,-16807};
     992       25011 :   const long mat13[]= {-1,-26,-325,-2548,-13832,-54340,-157118,-333580,-509366,
     993             :                        -534820,-354536,-124852,-15145};
     994       25011 :   const long num13[]= {1,-487,-24056,-391463,-3396483,-18047328,-61622301,
     995             :                        -133245853,-168395656,-95422301,-4826809};
     996       25011 :   const long den13[]= {1,257,5896,60649,364629,1388256,3396483,5089019,4065464,
     997             :                        1069939,-28561};
     998       25011 :   switch(p)
     999             :   {
    1000             :   case 3:
    1001       14805 :     *dj = 0;
    1002       14805 :     return fill_pols(3,mat3,4,num3,den3,act);
    1003             :   case 5:
    1004       10171 :     *dj = 0;
    1005       10171 :     return fill_pols(5,mat5,5,num5,den5,act);
    1006             :   case 7:
    1007          28 :     *dj = 1;
    1008          28 :     return fill_pols(7,mat7,7,num7,den7,act);
    1009             :   case 13:
    1010           7 :     *dj = 8;
    1011           7 :     return fill_pols(13,mat13,11,num13,den13,act);
    1012             :   }
    1013             :   *dj=0; *act = NULL; return NULL; /* LCOV_EXCL_LINE */
    1014             : }
    1015             : 
    1016             : long
    1017       32260 : zx_is_pcyc(GEN T)
    1018             : {
    1019       32260 :   long i, n = degpol(T);
    1020       32260 :   if (!uisprime(n+1))
    1021       11624 :     return 0;
    1022       99148 :   for (i=0; i<=n; i++)
    1023       87808 :     if (T[i+2]!=1UL)
    1024        9296 :       return 0;
    1025       11340 :   return 1;
    1026             : }
    1027             : 
    1028             : static GEN
    1029       25011 : Flxq_ellcard_Kohel(GEN a4, GEN a6, GEN T, ulong p)
    1030             : {
    1031       25011 :   pari_sp av = avma, av2;
    1032             :   pari_timer ti;
    1033       25011 :   long n = get_Flx_degree(T), N = (n+4)/2, dj;
    1034       25011 :   GEN q = powuu(p, N);
    1035             :   GEN T2, Xm, s1, c2, t, lr;
    1036             :   GEN S1, sqx;
    1037             :   GEN Nc2, Np;
    1038       25011 :   GEN act, phi = get_Kohel_polynomials(p, &act, &dj);
    1039       25011 :   long ispcyc = zx_is_pcyc(get_Flx_mod(T));
    1040       25011 :   timer_start(&ti);
    1041       25011 :   if (!ispcyc)
    1042             :   {
    1043       13916 :     T2 = Flx_canonlift(get_Flx_mod(T),N,p);
    1044       13916 :     if (DEBUGLEVEL) timer_printf(&ti,"Teich");
    1045             :   } else
    1046       11095 :     T2 = Flx_to_ZX(get_Flx_mod(T));
    1047       25011 :   T2 = FpX_get_red(T2, q); T = ZXT_to_FlxT(T2, p);
    1048       25011 :   av2 = avma;
    1049       25011 :   if (DEBUGLEVEL) timer_printf(&ti,"Barrett");
    1050       25011 :   if (!ispcyc)
    1051             :   {
    1052       13916 :     Xm = FpXQ_powers(pol_xn(n,get_FpX_var(T2)),p-1,T2,q);
    1053       13916 :     if (DEBUGLEVEL) timer_printf(&ti,"Xm");
    1054             :   } else
    1055       11095 :     Xm = cgetg(1,t_VEC);
    1056       25011 :   s1 = Flxq_inv(Flx_Fl_add(Flxq_ellj(a4,a6,T,p),dj, p),T,p);
    1057       25011 :   lr = Flxq_lroot(polx_Flx(get_Flx_var(T)), T, p);
    1058       25011 :   sqx = Flxq_powers(lr, p-1, T, p);
    1059       25011 :   S1 = lift_isogeny(phi, Flx_to_ZX(s1), N, Xm, T2, sqx, T ,p);
    1060       25011 :   if (DEBUGLEVEL) timer_printf(&ti,"Lift isogeny");
    1061       25011 :   c2 = getc2(act, S1, T2, q, p, N);
    1062       25011 :   if (DEBUGLEVEL) timer_printf(&ti,"c^2");
    1063       25011 :   if (p>3 && !ispcyc)
    1064             :   {
    1065       10199 :     GEN c2p = Flx_to_ZX(Flxq_inv(ZX_to_Flx(c2,p),T,p));
    1066       10199 :     GEN tc2 = Teichmuller_lift(c2p,Xm, T2,sqx,T,p,N);
    1067       10199 :     if (DEBUGLEVEL) timer_printf(&ti,"Teichmuller/Fq");
    1068       10199 :     c2 = FpX_rem(FpX_mul(tc2,c2,q),T2,q);
    1069             :   }
    1070       25011 :   c2 = gerepileupto(av2, c2);
    1071       25011 :   if (DEBUGLEVEL) timer_printf(&ti,"tc2");
    1072       25011 :   Nc2 = (ispcyc? ZpXQ_sqrtnorm_pcyc: ZpXQ_sqrtnorm)(c2, T2, q, utoi(p), N);
    1073       25011 :   if (DEBUGLEVEL) timer_printf(&ti,"Norm");
    1074       25011 :   Np = get_norm(a4,a6,T,p,N);
    1075       25011 :   if (p>3 && ispcyc)
    1076             :   {
    1077           7 :     GEN Ncpi =  utoi(Fl_inv(umodiu(Nc2,p), p));
    1078           7 :     GEN tNc2 = Zp_sqrtnlift(gen_1, subss(p,1), Ncpi, utoi(p),N);
    1079           7 :     if (DEBUGLEVEL) timer_printf(&ti,"Teichmuller/Fp");
    1080           7 :     Nc2 = Fp_mul(Nc2,tNc2,q);
    1081             :   }
    1082       25011 :   t = Fp_center_i(Fp_mul(Nc2,Np,q),q,shifti(q,-1));
    1083       25011 :   return gerepileupto(av, subii(addiu(powuu(p,n),1),t));
    1084             : }
    1085             : 
    1086             : static void
    1087          21 : liftcurve(GEN J, GEN T, GEN q, ulong p, long N, GEN *A4, GEN *A6)
    1088             : {
    1089          21 :   pari_sp av = avma;
    1090          21 :   GEN r = ZpXQ_inv(Z_ZX_sub(utoi(1728),J),T,utoi(p),N);
    1091          21 :   GEN g = FpXQ_mul(J,r,T,q);
    1092          21 :   *A4 = FpX_mulu(g,3,q);
    1093          21 :   *A6 = FpX_mulu(g,2,q);
    1094          21 :   gerepileall(av,2,A4,A6);
    1095          21 : }
    1096             : 
    1097             : static GEN
    1098          21 : getc5(GEN H, GEN A40, GEN A60, GEN A41, GEN A61, GEN T, GEN q, ulong p, long N)
    1099             : {
    1100          21 :   long d = lg(H)-1;
    1101          21 :   GEN s1 = gel(H,d-1), s2 = gel(H,d-2), s3 = d<5 ? pol_0(varn(T)): gel(H,d-3);
    1102          21 :   GEN s12 = FpXQ_sqr(s1,T,q);
    1103          21 :   GEN h2 = ZX_sub(ZX_shifti(s2,1),s12); /*2*s2-s1^2*/
    1104          21 :   GEN h3 = ZX_sub(FpXQ_mul(ZX_add(h2,s2),s1,T,q),ZX_mulu(s3,3));
    1105             :                                         /*3*s2*s1-s1^3-3s3*/
    1106          21 :   GEN alpha= ZX_sub(ZX_mulu(h2,30), ZX_mulu(A40,5*p-6)); /* 30*h2+A40*(6-5*p)*/
    1107          21 :   GEN beta = ZX_sub(ZX_sub(ZX_mulu(FpXQ_mul(A40,s1,T,q),42),ZX_mulu(A60,14*p-15)),
    1108             :                     ZX_mulu(h3,70)); /* 42*A40*s1-A60*(14*p-15)-70*h3 */
    1109          21 :   GEN u2 = FpXQ_mul(FpXQ_mul(A41,beta,T,q),
    1110             :                     ZpXQ_inv(FpXQ_mul(A61,alpha,T,q),T,utoi(p),N),T,q);
    1111          21 :   return u2;
    1112             : }
    1113             : 
    1114             : static GEN
    1115          21 : ZpXQX_liftrootmod_vald(GEN f, GEN H, long v, GEN T, GEN p, long e)
    1116             : {
    1117          21 :   pari_sp av = avma, av2;
    1118          21 :   GEN pv = p, q, qv, W, df, Tq, fr, dfr;
    1119             :   ulong mask;
    1120             :   pari_timer ti;
    1121          21 :   if (e <= v+1) return H;
    1122          21 :   df = RgX_deriv(f);
    1123          21 :   if (v) { pv = powiu(p,v); qv = mulii(pv,p); df = ZXX_Z_divexact(df, pv); }
    1124           0 :   else qv = p;
    1125          21 :   mask = quadratic_prec_mask(e-v);
    1126          21 :   Tq = FpXT_red(T, qv); dfr = FpXQX_red(df, Tq, p);
    1127          21 :   if (DEBUGLEVEL) timer_start(&ti);
    1128          21 :   W = FpXQXQ_inv(FpXQX_rem(dfr, H, Tq, p), H, Tq, p); /* 1/f'(a) mod (T,p) */
    1129          21 :   if (DEBUGLEVEL) timer_printf(&ti,"FpXQXQ_inv");
    1130          21 :   q = p; av2 = avma;
    1131             :   for (;;)
    1132          56 :   {
    1133             :     GEN u, fa, qv, q2v, Tq2, fadH;
    1134          77 :     GEN H2 = H, q2 = q;
    1135          77 :     q = sqri(q);
    1136          77 :     if (mask & 1) q = diviiexact(q,p);
    1137          77 :     mask >>= 1;
    1138          77 :     if (v) { qv = mulii(q, pv); q2v = mulii(q2, pv); }
    1139           0 :     else { qv = q; q2v = q2; }
    1140          77 :     Tq2 = FpXT_red(T, q2v); Tq = FpXT_red(T, qv);
    1141          77 :     fr = FpXQX_red(f, Tq, qv);
    1142          77 :     fa = FpXQX_rem(fr, H, Tq, qv);
    1143          77 :     fa = ZXX_Z_divexact(fa, q2v);
    1144          77 :     fadH = FpXQXQ_mul(RgX_deriv(H),fa,H,Tq2,q2);
    1145          77 :     H = FpXX_add(H, gmul(FpXQXQ_mul(W, fadH, H, Tq2, q2v), q2), qv);
    1146          77 :     if (mask == 1) return gerepileupto(av, H);
    1147          56 :     dfr = FpXQX_rem(FpXQX_red(df, Tq, q),H,Tq,q);
    1148          56 :     u = ZXX_Z_divexact(ZXX_Z_add_shallow(FpXQXQ_mul(W,dfr,H,Tq,q),gen_m1),q2);
    1149          56 :     W = gsub(W,gmul(FpXQXQ_mul(u,W,H2,Tq2,q2),q2));
    1150          56 :     if (gc_needed(av2,2))
    1151             :     {
    1152           0 :       if(DEBUGMEM>1) pari_warn(warnmem,"ZpXQX_liftroot, e = %ld", e);
    1153           0 :       gerepileall(av2, 3, &H, &W, &q);
    1154             :     }
    1155             :   }
    1156             : }
    1157             : 
    1158             : static GEN
    1159          21 : get_H1(GEN A41, GEN A61, GEN T2, ulong p)
    1160             : {
    1161          21 :   GEN q = utoi(p), T = FpXT_red(T2,q);
    1162          21 :   GEN pol = FpXQ_elldivpol(FpX_red(A41,q),FpX_red(A61,q),p,T,q);
    1163          21 :   return FpXQX_normalize(RgX_deflate(pol,p),T,q);
    1164             : }
    1165             : 
    1166             : static GEN
    1167          21 : Flxq_ellcard_Harley(GEN a4, GEN a6, GEN T, ulong p)
    1168             : {
    1169          21 :   pari_sp av = avma, av2;
    1170             :   pari_timer ti;
    1171          21 :   long n = get_Flx_degree(T), N = (n+5)/2;
    1172          21 :   GEN q = powuu(p, N);
    1173             :   GEN T2, j, t;
    1174             :   GEN J1,A40,A41,A60,A61, sqx,Xm;
    1175             :   GEN pol, h1, H;
    1176             :   GEN c2, tc2, c2p, Nc2, Np;
    1177          21 :   long ispcyc = zx_is_pcyc(get_Flx_mod(T));
    1178          21 :   timer_start(&ti);
    1179          21 :   if (!ispcyc)
    1180             :   {
    1181          14 :     T2 = Flx_canonlift(get_Flx_mod(T),N,p);
    1182          14 :     if (DEBUGLEVEL) timer_printf(&ti,"Teich");
    1183             :   } else
    1184           7 :     T2 = Flx_to_ZX(get_Flx_mod(T));
    1185          21 :   T2 = FpX_get_red(T2, q); T = ZXT_to_FlxT(T2, p);
    1186          21 :   av2 = avma;
    1187          21 :   if (DEBUGLEVEL) timer_printf(&ti,"Barrett");
    1188          21 :   if (!ispcyc)
    1189             :   {
    1190          14 :     Xm = FpXQ_powers(pol_xn(n,get_FpX_var(T2)),p-1,T2,q);
    1191          14 :     if (DEBUGLEVEL) timer_printf(&ti,"Xm");
    1192             :   } else
    1193           7 :     Xm = cgetg(1,t_VEC);
    1194          21 :   if (DEBUGLEVEL) timer_printf(&ti,"Xm");
    1195          21 :   j = Flxq_ellj(a4,a6,T,p);
    1196          21 :   sqx = Flxq_powers(Flxq_lroot(polx_Flx(T[1]), T, p), p-1, T, p);
    1197          21 :   J1 = lift_isogeny(polmodular_ZM(p, 0), Flx_to_ZX(j), N, Xm, T2,sqx,T,p);
    1198          21 :   if (DEBUGLEVEL) timer_printf(&ti,"Lift isogeny");
    1199          21 :   liftcurve(J1,T2,q,p,N,&A41,&A61);
    1200          21 :   A40 = ZpXQ_frob(A41, Xm, T2, q, p);
    1201          21 :   A60 = ZpXQ_frob(A61, Xm, T2, q, p);
    1202          21 :   if (DEBUGLEVEL) timer_printf(&ti,"liftcurve");
    1203          21 :   pol = FpXQ_elldivpol(A40,A60,p,T2,q);
    1204          21 :   if (DEBUGLEVEL) timer_printf(&ti,"p-division");
    1205          21 :   h1 = get_H1(A41,A61,T2,p);
    1206          21 :   H = ZpXQX_liftrootmod_vald(pol,h1,1,T2,utoi(p),N);
    1207          21 :   q = diviuexact(q,p); N--;
    1208          21 :   if (DEBUGLEVEL) timer_printf(&ti,"kernel");
    1209          21 :   c2 = getc5(H,A40,A60,A41,A61,T2,q,p,N);
    1210          21 :   if (DEBUGLEVEL) timer_printf(&ti,"c^2");
    1211          21 :   if (!ispcyc)
    1212             :   {
    1213          14 :     c2p = Flx_to_ZX(Flxq_inv(ZX_to_Flx(c2,p),T,p));
    1214          14 :     tc2 = Teichmuller_lift(c2p,Xm, T2,sqx,T,p,N);
    1215          14 :     if (DEBUGLEVEL) timer_printf(&ti,"teichmuller");
    1216          14 :     c2 = FpX_rem(FpX_mul(tc2,c2,q),T2,q);
    1217             :   }
    1218          21 :   c2 = gerepileupto(av2, c2);
    1219          21 :   q = powuu(p, N);
    1220          21 :   Nc2 = (ispcyc? ZpXQ_sqrtnorm_pcyc: ZpXQ_sqrtnorm)(c2, T2, q, utoi(p), N);
    1221          21 :   if (DEBUGLEVEL) timer_printf(&ti,"Norm");
    1222          21 :   Np = get_norm(a4,a6,T,p,N);
    1223          21 :   if (ispcyc)
    1224             :   {
    1225           7 :     GEN Ncpi = utoi(Fl_inv(umodiu(Nc2,p), p));
    1226           7 :     GEN tNc2 = Zp_sqrtnlift(gen_1, subss(p,1), Ncpi, utoi(p), N);
    1227           7 :     if (DEBUGLEVEL) timer_printf(&ti,"Teichmuller/Fp");
    1228           7 :     Nc2 = Fp_mul(Nc2,tNc2,q);
    1229             :   }
    1230          21 :   t = Fp_center_i(Fp_mul(Nc2,Np,q),q,shifti(q,-1));
    1231          21 :   return gerepileupto(av, subii(addiu(powuu(p,n),1),t));
    1232             : }
    1233             : 
    1234             : /***************************************************************************/
    1235             : /*                                                                         */
    1236             : /*                          Shanks Mestre                                  */
    1237             : /*                                                                         */
    1238             : /***************************************************************************/
    1239             : 
    1240             : /* Return the lift of a (mod b), which is closest to h */
    1241             : static GEN
    1242        1626 : closest_lift(GEN a, GEN b, GEN h)
    1243             : {
    1244        1626 :   return addii(a, mulii(b, diviiround(subii(h,a), b)));
    1245             : }
    1246             : 
    1247             : static GEN
    1248         870 : FlxqE_find_order(GEN f, GEN h, GEN bound, GEN B, GEN a4, GEN T, ulong p)
    1249             : {
    1250         870 :   pari_sp av = avma, av1;
    1251             :   pari_timer Ti;
    1252         870 :   long s = itos( gceil(gsqrt(gdiv(bound,B),DEFAULTPREC)) ) >> 1;
    1253             :   GEN tx, ti;
    1254         870 :   GEN fh = FlxqE_mul(f, h, a4, T, p);
    1255         870 :   GEN F, P = fh, fg;
    1256             :   long i;
    1257         870 :   if (DEBUGLEVEL >= 6) timer_start(&Ti);
    1258         870 :   if (ell_is_inf(fh)) return h;
    1259         829 :   F = FlxqE_mul(f, B, a4, T, p);
    1260         829 :   if (s < 3)
    1261             :   { /* we're nearly done: naive search */
    1262         192 :     GEN Q = P;
    1263         607 :     for (i=1;; i++)
    1264             :     {
    1265        1022 :       P = FlxqE_add(P, F, a4, T, p); /* h.f + i.F */
    1266         607 :       if (ell_is_inf(P)) return gerepileupto(av, addii(h, mului(i,B)));
    1267         572 :       Q = FlxqE_sub(Q, F, a4, T, p); /* h.f - i.F */
    1268         572 :       if (ell_is_inf(Q)) return gerepileupto(av, subii(h, mului(i,B)));
    1269             :     }
    1270             :   }
    1271         637 :   tx = cgetg(s+1,t_VECSMALL);
    1272             :   /* Baby Step/Giant Step */
    1273         637 :   av1 = avma;
    1274        3730 :   for (i=1; i<=s; i++)
    1275             :   { /* baby steps */
    1276        3206 :     tx[i] = hash_GEN(gel(P, 1));
    1277        3206 :     P = FlxqE_add(P, F, a4, T, p); /* h.f + i.F */
    1278        3206 :     if (ell_is_inf(P)) return gerepileupto(av, addii(h, mului(i,B)));
    1279        3093 :     if (gc_needed(av1,3))
    1280             :     {
    1281           0 :       if(DEBUGMEM>1) pari_warn(warnmem,"[Flxq_ellcard] baby steps, i=%ld",i);
    1282           0 :       P = gerepileupto(av1,P);
    1283             :     }
    1284             :   }
    1285         524 :   if (DEBUGLEVEL >= 6) timer_printf(&Ti, "[Flxq_ellcard] baby steps, s = %ld",s);
    1286             :   /* giant steps: fg = s.F */
    1287         524 :   fg = gerepileupto(av1, FlxqE_sub(P, fh, a4, T, p));
    1288         524 :   if (ell_is_inf(fg)) return gerepileupto(av,mului(s,B));
    1289         524 :   ti = vecsmall_indexsort(tx); /* = permutation sorting tx */
    1290         524 :   tx = perm_mul(tx,ti);
    1291         524 :   if (DEBUGLEVEL >= 6) timer_printf(&Ti, "[Flxq_ellcard] sorting");
    1292         524 :   av1 = avma;
    1293        2344 :   for (P=fg, i=1; ; i++)
    1294        1820 :   {
    1295        2344 :     long k = hash_GEN(gel(P,1));
    1296        2344 :     long r = zv_search(tx, k);
    1297        2344 :     if (r)
    1298             :     {
    1299         524 :       while (r && tx[r] == k) r--;
    1300         524 :       for (r++; r <= s && tx[r] == k; r++)
    1301             :       {
    1302         524 :         long j = ti[r]-1;
    1303         524 :         GEN Q = FlxqE_add(FlxqE_mul(F, stoi(j), a4, T, p), fh, a4, T, p);
    1304         524 :         if (DEBUGLEVEL >= 6)
    1305           0 :           timer_printf(&Ti, "[Flxq_ellcard] giant steps, i = %ld",i);
    1306         524 :         if (Flx_equal(gel(P,1), gel(Q,1)))
    1307             :         {
    1308         524 :           if (Flx_equal(gel(P,2), gel(Q,2))) i = -i;
    1309         524 :           return gerepileupto(av,addii(h, mulii(addis(mulss(s,i), j), B)));
    1310             :         }
    1311             :       }
    1312             :     }
    1313        1820 :     P = FlxqE_add(P,fg,a4,T,p);
    1314        1820 :     if (gc_needed(av1,3))
    1315             :     {
    1316           0 :       if(DEBUGMEM>1) pari_warn(warnmem,"[Flxq_ellcard] giants steps, i=%ld",i);
    1317           0 :       P = gerepileupto(av1,P);
    1318             :     }
    1319             :   }
    1320             : }
    1321             : 
    1322             : static void
    1323       31962 : Flx_next(GEN t, ulong p)
    1324             : {
    1325             :   long i;
    1326       39725 :   for(i=2;;i++)
    1327       47488 :     if (uel(t,i)==p-1)
    1328        7763 :       t[i]=0;
    1329             :     else
    1330             :     {
    1331       31962 :       t[i]++;
    1332       31962 :       break;
    1333             :     }
    1334       31962 : }
    1335             : 
    1336             : static void
    1337       31962 : Flx_renormalize_ip(GEN x, long lx)
    1338             : {
    1339             :   long i;
    1340       39725 :   for (i = lx-1; i>=2; i--)
    1341       36813 :     if (x[i]) break;
    1342       31962 :   setlg(x, i+1);
    1343       31962 : }
    1344             : 
    1345             : static ulong
    1346        2240 : F3xq_ellcard_naive(GEN a2, GEN a6, GEN T)
    1347             : {
    1348        2240 :   pari_sp av = avma;
    1349        2240 :   long i, d = get_Flx_degree(T), lx = d+2;
    1350        2240 :   long q = upowuu(3, d), a;
    1351        2240 :   GEN x = zero_zv(lx); x[1] = get_Flx_var(T);
    1352       11186 :   for(a=1, i=0; i<q; i++)
    1353             :   {
    1354             :     GEN rhs;
    1355        8946 :     Flx_renormalize_ip(x, lx);
    1356        8946 :     rhs = Flx_add(Flxq_mul(Flxq_sqr(x, T, 3), Flx_add(x, a2, 3), T, 3), a6, 3);
    1357        8946 :     if (!lgpol(rhs)) a++; else if (Flxq_issquare(rhs, T, 3)) a+=2;
    1358        8946 :     Flx_next(x, 3);
    1359             :   }
    1360        2240 :   set_avma(av);
    1361        2240 :   return a;
    1362             : }
    1363             : 
    1364             : static ulong
    1365         672 : Flxq_ellcard_naive(GEN a4, GEN a6, GEN T, ulong p)
    1366             : {
    1367         672 :   pari_sp av = avma;
    1368         672 :   long i, d = get_Flx_degree(T), lx = d+2;
    1369         672 :   long q = upowuu(p, d), a;
    1370         672 :   GEN x = zero_zv(lx); x[1] = get_Flx_var(T);
    1371       23688 :   for(a=1, i=0; i<q; i++)
    1372             :   {
    1373             :     GEN x2, rhs;
    1374       23016 :     Flx_renormalize_ip(x, lx);
    1375       23016 :     x2  = Flxq_sqr(x, T, p);
    1376       23016 :     rhs = Flx_add(Flxq_mul(x, Flx_add(x2, a4, p), T, p), a6, p);
    1377       23016 :     if (!lgpol(rhs)) a++; else if (Flxq_issquare(rhs,T,p)) a+=2;
    1378       23016 :     Flx_next(x,p);
    1379             :   }
    1380         672 :   set_avma(av);
    1381         672 :   return a;
    1382             : }
    1383             : 
    1384             : /* assume T irreducible mod p, m = (q-1)/(p-1) */
    1385             : static long
    1386        1768 : Flxq_kronecker(GEN x, GEN m, GEN T, ulong p)
    1387             : {
    1388             :   pari_sp av;
    1389             :   ulong z;
    1390        1768 :   if (lgpol(x) == 0) return 0;
    1391        1760 :   av = avma; z = Flxq_pow(x, m, T, p)[2];
    1392        1760 :   return gc_long(av, krouu(z, p));
    1393             : }
    1394             : 
    1395             : /* Find x such that kronecker(u = x^3+a4x+a6, p) is KRO.
    1396             :  * Return point [x*u,u^2] on E (KRO=1) / E^twist (KRO=-1) */
    1397             : static GEN
    1398        1768 : Flxq_ellpoint(long KRO, GEN a4, GEN a6, GEN m, long n, long vn, GEN T, ulong p)
    1399             : {
    1400             :   for(;;)
    1401         898 :   {
    1402        1768 :     GEN x = random_Flx(n,vn,p);
    1403        1768 :     GEN u = Flx_add(a6, Flxq_mul(Flx_add(a4, Flxq_sqr(x,T,p), p), x, T,p), p);
    1404        1768 :     if (Flxq_kronecker(u, m,T,p) == KRO)
    1405        1740 :       return mkvec2(Flxq_mul(u,x, T,p), Flxq_sqr(u, T,p));
    1406             :   }
    1407             : }
    1408             : 
    1409             : static GEN
    1410         756 : Flxq_ellcard_Shanks(GEN a4, GEN a6, GEN q, GEN T, ulong p)
    1411             : {
    1412         756 :   pari_sp av = avma;
    1413         756 :   long vn = get_Flx_var(T), n = get_Flx_degree(T), KRO = -1;
    1414             :   GEN h,f, ta4, A, B, m;
    1415         756 :   GEN q1p = addiu(q,1), q2p = shifti(q1p, 1);
    1416         756 :   GEN bound = addiu(sqrti(gmul2n(q,4)), 1); /* ceil( 4sqrt(q) ) */
    1417             :   /* once #E(Flxq) is know mod B >= bound, it is completely determined */
    1418             :   /* how many 2-torsion points ? */
    1419         756 :   switch(FlxqX_nbroots(mkpoln(4, pol1_Flx(vn), pol0_Flx(vn), a4, a6), T, p))
    1420             :   {
    1421         266 :   case 3:  A = gen_0; B = utoipos(4); break;
    1422         231 :   case 1:  A = gen_0; B = gen_2; break;
    1423         259 :   default: A = gen_1; B = gen_2; break; /* 0 */
    1424             :   }
    1425         756 :   m = diviuexact(subiu(powuu(p,n), 1), p-1);
    1426             :   for(;;)
    1427             :   {
    1428         984 :     h = closest_lift(A, B, q1p);
    1429             :     /* [ux, u^2] is on E_u: y^2 = x^3 + c4 u^2 x + c6 u^3
    1430             :      * E_u isomorphic to E (resp. E') iff KRO = 1 (resp. -1)
    1431             :      * #E(F_p) = p+1 - a_p, #E'(F_p) = p+1 + a_p
    1432             :      *
    1433             :      * #E_u(Flxq) = A (mod B),  h is close to #E_u(Flxq) */
    1434         870 :     KRO = -KRO;
    1435         870 :     f = Flxq_ellpoint(KRO, a4,a6, m,n,vn, T,p);
    1436             : 
    1437         870 :     ta4 = Flxq_mul(a4, gel(f,2), T, p); /* a4 for E_u */
    1438         870 :     h = FlxqE_find_order(f, h, bound, B, ta4,T,p);
    1439         870 :     h = FlxqE_order(f, h, ta4, T, p);
    1440             :     /* h | #E_u(Flxq) = A (mod B) */
    1441         870 :     A = Z_chinese_all(A, gen_0, B, h, &B);
    1442         870 :     if (cmpii(B, bound) >= 0) break;
    1443             :     /* not done, update A mod B for the _next_ curve, isomorphic to
    1444             :      * the quadratic twist of this one */
    1445         114 :     A = remii(subii(q2p,A), B); /* #E(Fq)+#E'(Fq) = 2q+2 */
    1446             :   }
    1447         756 :   h = closest_lift(A, B, q1p);
    1448         756 :   return gerepileuptoint(av, KRO == 1? h: subii(q2p,h));
    1449             : }
    1450             : 
    1451             : static GEN
    1452       17045 : F3xq_ellcard(GEN a2, GEN a6, GEN T)
    1453             : {
    1454       17045 :   long n = get_Flx_degree(T);
    1455       17045 :   if (n <= 2)
    1456        1939 :     return utoi(F3xq_ellcard_naive(a2, a6, T));
    1457             :   else
    1458             :   {
    1459       15106 :     GEN q1 = addiu(powuu(3, get_Flx_degree(T)), 1), t;
    1460       15106 :     GEN a = Flxq_div(a6,Flxq_powu(a2,3,T,3),T,3);
    1461       15106 :     if (Flx_equal1(Flxq_powu(a, 8, T, 3)))
    1462             :     {
    1463         301 :       GEN P = Flxq_minpoly(a,T,3);
    1464         301 :       long dP = degpol(P); /* dP <= 2 */
    1465         301 :       ulong q = upowuu(3,dP);
    1466         301 :       GEN A2 = pol1_Flx(P[1]), A6 = Flx_rem(polx_Flx(P[1]), P, 3);
    1467         301 :       long tP = q + 1 - F3xq_ellcard_naive(A2, A6, P);
    1468         301 :       t = elltrace_extension(stoi(tP), n/dP, utoi(q));
    1469         301 :       if (umodiu(t, 3)!=1) t = negi(t);
    1470         301 :       return Flx_equal1(a2) || Flxq_issquare(a2,T,3) ? subii(q1,t): addii(q1,t);
    1471             :     }
    1472       14805 :     else return Flxq_ellcard_Kohel(mkvec(a2), a6, T, 3);
    1473             :   }
    1474             : }
    1475             : 
    1476             : static GEN
    1477       10899 : Flxq_ellcard_Satoh(GEN a4, GEN a6, GEN j, GEN T, ulong p)
    1478             : {
    1479       10899 :   long n = get_Flx_degree(T);
    1480       10899 :   if (n <= 2)
    1481         392 :     return utoi(Flxq_ellcard_naive(a4, a6, T, p));
    1482             :   else
    1483             :   {
    1484       10507 :     GEN jp = Flxq_powu(j, p, T, p);
    1485       10507 :     GEN s = Flx_add(j, jp, p);
    1486       10507 :     if (degpol(s) <= 0)
    1487             :     { /* it is assumed j not in F_p */
    1488         280 :       GEN m = Flxq_mul(j, jp, T, p);
    1489         280 :       if (degpol(m) <= 0)
    1490             :       {
    1491         280 :         GEN q = sqru(p);
    1492         280 :         GEN q1 = addiu(powuu(p, get_Flx_degree(T)), 1);
    1493         280 :         GEN sk = Flx_Fl_add(Flx_neg(j, p), 1728%p, p);
    1494         280 :         GEN sA4 = Flx_triple(Flxq_mul(sk, j, T, p), p);
    1495         280 :         GEN u = Flxq_div(a4, sA4, T, p);
    1496         280 :         ulong ns = lgpol(s) ? Fl_neg(s[2], p): 0UL;
    1497         280 :         GEN P = mkvecsmall4(T[1], m[2], ns, 1L);
    1498             :         GEN A4, A6, t, tP;
    1499         280 :         Flxq_ellj_to_a4a6(polx_Flx(T[1]), P, p, &A4, &A6);
    1500         280 :         tP = addis(q, 1 - Flxq_ellcard_naive(A4, A6, P, p));
    1501         280 :         t = elltrace_extension(tP, n>>1, q);
    1502         280 :         return Flxq_is2npower(u, 2, T, p) ? subii(q1,t): addii(q1,t);
    1503             :       }
    1504             :     }
    1505       10227 :     if (p<=7 || p==13 ) return Flxq_ellcard_Kohel(a4, a6, T, p);
    1506          21 :     else return Flxq_ellcard_Harley(a4, a6, T, p);
    1507             :   }
    1508             : }
    1509             : 
    1510             : static GEN
    1511           0 : Flxq_ellcard_Kedlaya(GEN a4, GEN a6, GEN T, ulong p)
    1512             : {
    1513           0 :   pari_sp av = avma;
    1514           0 :   GEN H = mkpoln(4, gen_1, gen_0, Flx_to_ZX(a4), Flx_to_ZX(a6));
    1515           0 :   GEN Tp = Flx_to_ZX(get_Flx_mod(T));
    1516           0 :   long n = degpol(Tp), e = ((p < 16 ? n+1: n)>>1)+1;
    1517           0 :   GEN M = ZlXQX_hyperellpadicfrobenius(H, Tp, p, e);
    1518           0 :   GEN N = ZpXQM_prodFrobenius(M, Tp, utoi(p), e);
    1519           0 :   GEN q = powuu(p, e);
    1520           0 :   GEN tp = Fq_add(gcoeff(N,1,1), gcoeff(N,2,2), Tp, q);
    1521           0 :   GEN t = Fp_center_i(typ(tp)==t_INT ? tp: leading_coeff(tp), q, shifti(q,-1));
    1522           0 :   return gerepileupto(av, subii(addiu(powuu(p, n), 1), t));
    1523             : }
    1524             : 
    1525             : GEN
    1526       51421 : Flxq_ellj(GEN a4, GEN a6, GEN T, ulong p)
    1527             : {
    1528       51421 :   pari_sp av=avma;
    1529       51421 :   if (p==3)
    1530             :   {
    1531             :     GEN J;
    1532       14805 :     if (typ(a4)!=t_VEC) return pol0_Flx(get_Flx_var(T));
    1533       14805 :     J = Flxq_div(Flxq_powu(gel(a4,1),3, T, p),Flx_neg(a6,p), T, p);
    1534       14805 :     return gerepileuptoleaf(av, J);
    1535             :   }
    1536             :   else
    1537             :   {
    1538       36616 :     pari_sp av=avma;
    1539       36616 :     GEN a43 = Flxq_mul(a4,Flxq_sqr(a4,T,p),T,p);
    1540       36616 :     GEN a62 = Flxq_sqr(a6,T,p);
    1541       36616 :     GEN num = Flx_mulu(a43,6912,p);
    1542       36616 :     GEN den = Flx_add(Flx_mulu(a43,4,p),Flx_mulu(a62,27,p),p);
    1543       36616 :     return gerepileuptoleaf(av, Flxq_div(num, den, T, p));
    1544             :   }
    1545             : }
    1546             : 
    1547             : void
    1548         280 : Flxq_ellj_to_a4a6(GEN j, GEN T, ulong p, GEN *pt_a4, GEN *pt_a6)
    1549             : {
    1550         280 :   ulong zagier = 1728 % p;
    1551         280 :   if (lgpol(j)==0)
    1552           0 :     { *pt_a4 = pol0_Flx(T[1]); *pt_a6 =pol1_Flx(T[1]); }
    1553         280 :   else if (lgpol(j)==1 && uel(j,2) == zagier)
    1554           0 :     { *pt_a4 = pol1_Flx(T[1]); *pt_a6 =pol0_Flx(T[1]); }
    1555             :   else
    1556             :   {
    1557         280 :     GEN k = Flx_Fl_add(Flx_neg(j, p), zagier, p);
    1558         280 :     GEN kj = Flxq_mul(k, j, T, p);
    1559         280 :     GEN k2j = Flxq_mul(kj, k, T, p);
    1560         280 :     *pt_a4 = Flx_triple(kj, p);
    1561         280 :     *pt_a6 = Flx_double(k2j, p);
    1562             :   }
    1563         280 : }
    1564             : 
    1565             : static GEN
    1566        6426 : F3xq_ellcardj(GEN a4, GEN a6, GEN T, GEN q, long n)
    1567             : {
    1568        6426 :   const ulong p = 3;
    1569             :   ulong t;
    1570        6426 :   GEN q1 = addiu(q,1);
    1571        6426 :   GEN na4 = Flx_neg(a4,p), ra4;
    1572        6426 :   if (!Flxq_issquare(na4,T,p))
    1573        3094 :     return q1;
    1574        3332 :   ra4 = Flxq_sqrt(na4,T,p);
    1575        3332 :   t = Flxq_trace(Flxq_div(a6,Flxq_mul(na4,ra4,T,p),T,p),T,p);
    1576        3332 :   if (n%2==1)
    1577             :   {
    1578             :     GEN q3;
    1579        1176 :     if (t==0) return q1;
    1580         301 :     q3 = powuu(p,(n+1)>>1);
    1581         301 :     return (t==1)^(n%4==1) ? subii(q1,q3): addii(q1,q3);
    1582             :   }
    1583             :   else
    1584             :   {
    1585        2156 :     GEN q22, q2 = powuu(p,n>>1);
    1586        2156 :     GEN W = Flxq_pow(a4,shifti(q,-2),T,p);
    1587        2156 :     long s = (W[2]==1)^(n%4==2);
    1588        2156 :     if (t!=0) return s ? addii(q1,q2): subii(q1, q2);
    1589        2156 :     q22 = shifti(q2,1);
    1590        2156 :     return s ? subii(q1,q22):  addii(q1, q22);
    1591             :   }
    1592             : }
    1593             : 
    1594             : static GEN
    1595       14707 : Flxq_ellcardj(GEN a4, GEN a6, ulong j, GEN T, GEN q, ulong p, long n)
    1596             : {
    1597       14707 :   GEN q1 = addiu(q,1);
    1598       14707 :   if (j==0)
    1599             :   {
    1600             :     ulong w;
    1601             :     GEN W, t, N;
    1602        5600 :     if (umodiu(q,6)!=1) return q1;
    1603        4200 :     N = Fp_ffellcard(gen_0,gen_1,q,n,utoi(p));
    1604        4200 :     t = subii(q1, N);
    1605        4200 :     W = Flxq_pow(a6,diviuexact(shifti(q,-1), 3),T,p);
    1606        4200 :     if (degpol(W)>0) /*p=5 mod 6*/
    1607        1407 :       return Flx_equal1(Flxq_powu(W,3,T,p)) ? addii(q1,shifti(t,-1)):
    1608         469 :                                               subii(q1,shifti(t,-1));
    1609        3262 :     w = W[2];
    1610        3262 :     if (w==1)   return N;
    1611        2590 :     if (w==p-1) return addii(q1,t);
    1612             :     else /*p=1 mod 6*/
    1613             :     {
    1614        1918 :       GEN u = shifti(t,-1), v = sqrtint(diviuexact(subii(q,sqri(u)),3));
    1615        1918 :       GEN a = addii(u,v), b = shifti(v,1);
    1616        1918 :       if (Fl_powu(w,3,p)==1)
    1617             :       {
    1618         959 :         if (Fl_add(umodiu(a,p),Fl_mul(w,umodiu(b,p),p),p)==0)
    1619         455 :           return subii(q1,subii(shifti(b,1),a));
    1620             :         else
    1621         504 :           return addii(q1,addii(a,b));
    1622             :       }
    1623             :       else
    1624             :       {
    1625         959 :         if (Fl_sub(umodiu(a,p),Fl_mul(w,umodiu(b,p),p),p)==0)
    1626         455 :           return subii(q1,subii(a,shifti(b,1)));
    1627             :         else
    1628         504 :           return subii(q1,addii(a,b));
    1629             :       }
    1630             :     }
    1631        9107 :   } else if (j==1728%p)
    1632             :   {
    1633             :     ulong w;
    1634             :     GEN W, N, t;
    1635        5614 :     if (mod4(q)==3) return q1;
    1636        4214 :     W = Flxq_pow(a4,shifti(q,-2),T,p);
    1637        4214 :     if (degpol(W)>0) return q1; /*p=3 mod 4*/
    1638        3542 :     w = W[2];
    1639        3542 :     N = Fp_ffellcard(gen_1,gen_0,q,n,utoi(p));
    1640        3542 :     if(w==1) return N;
    1641        2520 :     t = subii(q1, N);
    1642        2520 :     if(w==p-1) return addii(q1, t);
    1643             :     else /*p=1 mod 4*/
    1644             :     {
    1645        1484 :       GEN u = shifti(t,-1), v = sqrtint(subii(q,sqri(u)));
    1646        1484 :       if (Fl_add(umodiu(u,p),Fl_mul(w,umodiu(v,p),p),p)==0)
    1647         742 :         return subii(q1,shifti(v,1));
    1648             :       else
    1649         742 :         return addii(q1,shifti(v,1));
    1650             :     }
    1651             :   } else
    1652             :   {
    1653        3493 :     ulong g = Fl_div(j, Fl_sub(1728%p, j, p), p);
    1654        3493 :     GEN l = Flxq_div(Flx_triple(a6,p),Flx_double(a4,p),T,p);
    1655        3493 :     GEN N = Fp_ffellcard(utoi(Fl_triple(g,p)),utoi(Fl_double(g,p)),q,n,utoi(p));
    1656        3493 :     if (Flxq_issquare(l,T,p)) return N;
    1657        2072 :     return subii(shifti(q1,1),N);
    1658             :   }
    1659             : }
    1660             : 
    1661             : GEN
    1662       50070 : Flxq_ellcard(GEN a4, GEN a6, GEN T, ulong p)
    1663             : {
    1664       50070 :   pari_sp av = avma;
    1665       50070 :   long n = get_Flx_degree(T);
    1666       50070 :   GEN J, r, q = powuu(p,  n);
    1667       50070 :   if (typ(a4)==t_VEC)
    1668       17045 :     r = F3xq_ellcard(gel(a4,1), a6, T);
    1669       33025 :   else if (p==3)
    1670        6426 :     r = F3xq_ellcardj(a4, a6, T, q, n);
    1671       26599 :   else if (degpol(a4)<=0 && degpol(a6)<=0)
    1672         210 :     r = Fp_ffellcard(utoi(Flx_eval(a4,0,p)),utoi(Flx_eval(a6,0,p)),q,n,utoi(p));
    1673       26389 :   else if (degpol(J=Flxq_ellj(a4,a6,T,p))<=0)
    1674       14707 :     r = Flxq_ellcardj(a4,a6,lgpol(J)?J[2]:0,T,q,p,n);
    1675       11682 :   else if (p <= 7)
    1676       10836 :     r = Flxq_ellcard_Satoh(a4, a6, J, T, p);
    1677         846 :   else if (cmpis(q,100)<0)
    1678           0 :     r = utoi(Flxq_ellcard_naive(a4, a6, T, p));
    1679         846 :   else if (p == 13 || (7*p <= (ulong)10*n && (BITS_IN_LONG==64 || p <= 103)))
    1680          63 :     r = Flxq_ellcard_Satoh(a4, a6, J, T, p);
    1681         783 :   else if (p <= (ulong)2*n)
    1682           0 :     r = Flxq_ellcard_Kedlaya(a4, a6, T, p);
    1683         783 :   else if (expi(q)<=62)
    1684         756 :     r = Flxq_ellcard_Shanks(a4, a6, q, T, p);
    1685             :   else
    1686          27 :     r = Fq_ellcard_SEA(Flx_to_ZX(a4),Flx_to_ZX(a6),q,Flx_to_ZX(T),utoi(p),0);
    1687       50070 :   return gerepileuptoint(av, r);
    1688             : }

Generated by: LCOV version 1.13