compiler people: how likely is it that timing-safe C code is future-proof? as in, how likely is it that future compilers will e.g. take "uint8_t diff = 0; for (size_t i=0; i<len; i++) diff |= a[i]^b[i]; return diff != 0" and put a conditional bailout jump in the loop?
and both GCC and clang don't seem to optimize out volatile loads at -O3 even when it's completely obvious that the result is unused
-
-
Yeah, you have to do the reads, but it could switch to an "optimized" loop that does the reads and doesn't update `diff`. That's relatively unlikely for such a simple case, but if the computation were more expensive ...
-
(It's still pretty unlikely, mind you)
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.