Date: Thu, 11 Dec 2025 11:09:20 +0100
On 12/11/25 07:21, Shivam Kunwar via Std-Proposals wrote:
> but here is the thing, the C and C++ Standard can't mandate CPU
> Behavior, what it can do is, guarantee the compiler won't introduce
> timing dependencies, it can specify the intent (just like
> memset_explicit does) so implementations know what's needed, and then it
> leaves room for implementations to use hardware features like Intel
> DOIT, ARM DIT
In the current framework of the C++ abstract machine, which underlies
both the core language and the standard library, there is no way to
prevent compilers from messing with your intended constant-time
instruction in undesirable ways.
I've tried that 10 years ago; see N4534.
https://www.open-std.org/jtc1/sc22/wg21/docs/papers/2015/n4534.html
and the paper was rejected by LEWG in Lenexa 2015.
I remember compiler people telling me they have no way to achieve
the intended outcome within e.g. the current LLVM machinery.
> and afaik this is exactly what memset_explicit does, it states the
> intent ("make this data inaccessible") without defining "optimization"
> in the abstract machine, and I am thinking same approach works here.
Similar to memset_explicit, I strongly object to trying to standardize
something like that without changes to the abstract machine.
(We have memset_explicit because it is inherited from C23, not because
C++ has standardized it themselves.)
Jens
> but here is the thing, the C and C++ Standard can't mandate CPU
> Behavior, what it can do is, guarantee the compiler won't introduce
> timing dependencies, it can specify the intent (just like
> memset_explicit does) so implementations know what's needed, and then it
> leaves room for implementations to use hardware features like Intel
> DOIT, ARM DIT
In the current framework of the C++ abstract machine, which underlies
both the core language and the standard library, there is no way to
prevent compilers from messing with your intended constant-time
instruction in undesirable ways.
I've tried that 10 years ago; see N4534.
https://www.open-std.org/jtc1/sc22/wg21/docs/papers/2015/n4534.html
and the paper was rejected by LEWG in Lenexa 2015.
I remember compiler people telling me they have no way to achieve
the intended outcome within e.g. the current LLVM machinery.
> and afaik this is exactly what memset_explicit does, it states the
> intent ("make this data inaccessible") without defining "optimization"
> in the abstract machine, and I am thinking same approach works here.
Similar to memset_explicit, I strongly object to trying to standardize
something like that without changes to the abstract machine.
(We have memset_explicit because it is inherited from C23, not because
C++ has standardized it themselves.)
Jens
Received on 2025-12-11 10:09:23