Am 11.08.20 um 02:48 schrieb Damien Miller: > > We went with explict_bzero because our only use-case for this was > safe erasure that could not be elided by the compiler. > > I don't see any need for explicit_memset() - if anything depends on > the overwritten value then simple memset() should be sufficient as > the compiler should detect the dependency and refuse to elide the > memset() to begin with.
However, for an explicit_memset-like function, a good C implementation would try to execute it as early as possible, while plain memset could be moved to a later point in the program by optimizations. > Hopefully C2X is taking a more broad approach to this problem than > considering new library calls. Over-eager optimisation (especially when > done at link-time over the whole program) is a major for anyone trying > to write safe C code. I don't think a broader approach could work. In general, the standard is only concerned with state observable in the C abstract machine. Everything else can only be hinted at (e.g. via volatile or something like bzero/memset_explicit, etc). Philipp
