C++ Logo


Advanced search

Re: [SG12] p1315 secure_clear

From: Herring, Davis <herring_at_[hidden]>
Date: Mon, 27 Apr 2020 22:32:20 +0000
>> The idea behind my ensure_stores() proposal was a bit of a hack: it is
>> an intrinsic to tell the compiler "assume stores to this region have
>> escaped". All compilers already implement this intrinsic, it is better
>> known as "calling an extern function", so implementation is trivially
>> easy, and the reference implementation library for ensure_stores() is
>> literally calling an extern function which the compiler can never Link
>> Time Optimise. ensure_stores() is effectively a "fsync()" for the
>> compiler, forcing it to write out the current bit representation to the
>> escaped region now. The big advantage of this is that the compiler is
>> free to optimise maximally before ensure_stores(), so performance is
>> way, way better than volatile.
> @Herring, Davis<mailto:herring_at_[hidden]>, I thought you had tried to
> do work in this area in relation to contracts. If I recall correctly,
> this was around the San Diego meeting.

You're thinking of my std::observable proposal (P1494), which was in fact discussed informally in San Diego but was published only after the subsequent (Kona) meeting. However, that concerns, well, observable behavior ("outside the abstract machine"), limiting the effects of time-travel optimization. It has some overlap, though: both can be represented as a call to a function with certain kinds of unknown behavior (for std::observable, it's termination), and both could be relevant to shared memory (if we were to define operations on shared memory as observable).

> [off-topic note] Someone recently said that our naming of Wikis by
> venue is unhelpful. Yet, I find that it tends to be easier to recall
> conversations from meetings based on the scenery outside the window,
> the weather, or the cuisine...

That doesn't help much for Kona...


Received on 2020-04-27 17:35:24