On 11/10/14 12:07, Florian Weimer wrote:
On 10/10/2014 11:20 AM, Andrew Haley wrote:
On 09/10/14 21:52, Ángel González wrote:
The compiler would need to know that memset_s is special (either
intrinsically or thorugh eg. function attributes). Either way, IMHO
an advanced knowledge allowing to optimize it out would be a
violation of K.3.7.4.1.
It would be a perverse thing to do and goes against intent, but we
again fall into the problem of defining an access. But this is
irrelevant anyway: even if a key is stored in an array X in the source
code and the array X is later wiped with memset_s(), there is
absolutely nothing to force the compiler to use X during the
computation: it may well store the key somewhere else altogether.
It's not even that hard to come up with an example where calling
memset_s causes the creation of another copy which is the only one
which is being cleared:
Actually it's use_key() what produces the copy by getting struct key by
value. It's just that in the first case gcc is smart enough to notice
key isn't used later and gives its own version to the function. If you
compile with -O0 you get the copy in both without_clear() and with_clear()
