Philipp Klaus Krause <p...@spth.de> wrote: > Am 11.08.20 um 02:48 schrieb Damien Miller: > > > > We went with explict_bzero because our only use-case for this was > > safe erasure that could not be elided by the compiler. > > > > I don't see any need for explicit_memset() - if anything depends on > > the overwritten value then simple memset() should be sufficient as > > the compiler should detect the dependency and refuse to elide the > > memset() to begin with. > > However, for an explicit_memset-like function, a good C implementation > would try to execute it as early as possible, while plain memset could > be moved to a later point in the program by optimizations.
The goal is to to clear a transient object after last use, not ensure the transient space is filled with a specific value. Often times we need the object initialized also, I can assure you zeroes are always the correct value for initialization. A memset with a special value is no different than post-zeroing handling of the object. I have never seen a benefit to what you propose. > > Hopefully C2X is taking a more broad approach to this problem than > > considering new library calls. Over-eager optimisation (especially when > > done at link-time over the whole program) is a major for anyone trying > > to write safe C code. > > I don't think a broader approach could work. We need a broad approach to keep transport equipment not jumping off the rails or falling from the sky. It is likely people have or will eventually die as a result of C's hand-wavy reduction in accurate translation, and the continued justification of the error is astounding. Changing the rules of execution of pre-existing code and willfully dismissing and disclaiming all consequences is ethically wrong. > In general, the standard is > only concerned with state observable in the C abstract machine. > Everything else can only be hinted at (e.g. via volatile or something > like bzero/memset_explicit, etc). Again, wow. volatile was gutted by the standard and didn't work. bzero calls started being elided.
