Fun with flags: How Compilers Break and Fix Constant-Time Code

TL;DR

This paper analyzes how compiler optimizations can break constant-time code security, identifies specific passes responsible for leaks, and proposes a practical mitigation by disabling certain compiler optimizations to reduce timing side-channel vulnerabilities.

Contribution

It provides a detailed analysis of compiler-induced leaks in constant-time code and introduces a method to mitigate these leaks by selectively disabling optimization passes without source code changes.

Findings

A small set of compiler passes cause most leaks.

Interactions between passes can increase leakage.

Disabling specific passes reduces timing leaks significantly.

Abstract

Developers rely on constant-time programming to prevent timing side-channel attacks. But these efforts can be undone by compilers, whose optimizations may silently reintroduce leaks. While recent works have measured the extent of such leakage, they leave developers without actionable insights: which optimization passes are responsible, and how to disable them without modifying the compiler remains unclear. In this paper, we conduct a qualitative analysis of how compiler optimizations break constant-time code. We construct a dataset of compiler-introduced constant-time violations and analyze the internals of two widely used compilers, GCC and LLVM, to identify the specific optimization passes responsible. Our key insight is that a small set of passes are at the root of most leaks. To the best of our knowledge, we are also the first to characterize how the interactions between these passes contribute to leakage. Based on this analysis, we propose an original and practical mitigation that requires no source code modification or custom compiler: disabling selected optimization passes via compiler flags. We show that this approach significantly reduces leakage with minimal performance overhead, offering an immediately deployable defense for developers.