I guess people are just going to keep discovering that you can't really make a C compiler do constant time

@rygorous

well, if the problems are important enough, something like this:

https://discourse.llvm.org/t/rfc-constant-time-coding-support/87781

@regehr all I will say to that is eyup

@rygorous @pervognsen aw, look at all the little nans and infs flying and being free!!!

@kaoudis I've not been paying too much attention to the LLVM effort-- anything interesting going on there? or should I just dig into the discourse?

@regehr @rygorous My first thought was, if this is meant for the far future, assuming they retain our current warning symbol for radiation seems a bit hopeful.

@regehr I think* @wizardengineer landed the first bits of that work!

*I left trail of bits voluntarily (and for reasons unrelated) a bit before this happened though

@rygorous @regehr
Rename to -ffast-bad-math perhaps?

@kaoudis @wizardengineer ah! I don't think I knew that. where are you at right now?

@rygorous @regehr
-flooks-like-math-if-you-squint

@regehr Maybe it's time to write new assemblers that complement NASM*.

* Or MASM; I wish NASM had an invoke keyword, like MASM, to abstract away calling conventions. Rather than writing a macro for it.

@rygorous @regehr We've had a hell of a time with our macos ARM64 ASM. Last ~3 ld64 updates have all had reloc problems

@regehr @wizardengineer Strava! I’m doing appsec over there

@kaoudis @wizardengineer awesome!

@regehr yes you can, unless you care about correct results too.

@regehr "The user types in a password, which gets checked against a database, character by character"

Seriously? That is how they think it works?