On Wed, 30 Nov 2022 at 17:40, Jonathan Wakely <jwakely.gcc@xxxxxxxxx> wrote: > > On Wed, 30 Nov 2022 at 16:27, Jonny Grant <jg@xxxxxxxx> wrote: > > > > Hello > > > > Does GCC have a clear way to avoid memset being compiled out by optimiser? > > > > This article came up, so I combined the broken.c with GCC > > gcc -Wall -O2 -o broken broken.c > > > > Note, I've been using gcc for many years, I'm not looking for just tips how to compile code. I only want to discuss this optimiser issue :-) > > > > https://blog.cloudflare.com/the-linux-kernel-key-retention-service-and-why-you-should-use-it-in-your-next-application/ > > > > If I modify to clear the buffer, it gets removed by the compiler > > > > The only way I could get it to not remove the memset is by adding another printf, (propagating a return code after checking memset wasn't enough) > > This is simpler and works for me, but I'm not sure if it's guaranteed > to always work: > > __attribute__((noinline,noipa)) > void wipe(void* p, size_t n) > { > memset(p, 0, n); > } > > static int encrypt(void) Oops, I meant to change that to return void, because you don't need to jump through hoops checking its return value to ensure the side effects aren't optimized out. > { > uint8_t key[] = "hunter2"; > printf("encrypting with super secret key: %s\n", key); > wipe(key, 8); > } > > There is discussion of alternatives in > https://www.open-std.org/jtc1/sc22/wg14/www/docs/n1358.pdf (starting > on page 6). > > The memset_s function was added to C in Annex K, but most > implementations of the C library do not support Annex K.
