What you get is what you C: Controlling side effects in mainstream C compilers
http://www.cl.cam.ac.uk/~rja14/Papers/whatyouc.pdf [www.cl.cam.ac.uk]
2018-05-17 18:29
Our work explores what is actually involved in controlling side effects on modern CPUs with a standard toolchain. Similar techniques can and should be applied to other security properties; achieving intentions by compiler commands or annotations makes them explicit, so we can reason about them. It is already understood that explicitness is essential for cryptographic protocol security and for compiler performance; it is essential for language security too. We therefore argue that this should be only the first step in a sustained engineering effort.