On Tuesday, 9 September 2014 at 18:59:33 UTC, Walter Bright wrote:
> 1. The compiler has -gx, which will "stomp" the stack upon function return.
>
> 2. A "volatileMemset" should be added to druntime, per 10661
>
> 3. A function, say, "clearRegisters" should be added to druntime that zeros out all scratch registers.
>
> I know the ycombinator article says that is insufficient, but these are still things that people are going to ask for and we should provide.

Just to be clear, I don't disagree that this can be useful for certain applications. I just wanted to point out that what we were discussing something in 10661 is different from what the linked article discusses.

David

On Tuesday, 9 September 2014 at 18:59:33 UTC, Walter Bright wrote:
> 1. The compiler has -gx, which will "stomp" the stack upon function return.
Nice. But this will be set for the whole program.
But if I want to use e.g. a crypto-library, the rest of the program should not be slowed by stomping the stack all the time, only the library-functions that need this.

> 2. A "volatileMemset" should be added to druntime, per 10661
Good.

> 3. A function, say, "clearRegisters" should be added to druntime that zeros out all scratch registers.
Good.

> I know the ycombinator article says that is insufficient, but these are still things that people are going to ask for and we should provide.
I think an attribute to prohibit "copying around"-optimizations would still be usefull in addition - together with the other three additions we should come close to what was intended by that article.
Maybe this can also avoid caches? (would be a mayor slowdown, but some will do what whatever is necessary to calm their paranoia...)

On 9/10/2014 3:34 AM, Dominikus Dittes Scherkl wrote:
> On Tuesday, 9 September 2014 at 18:59:33 UTC, Walter Bright wrote:
>> 1. The compiler has -gx, which will "stomp" the stack upon function return.
> Nice. But this will be set for the whole program.
> But if I want to use e.g. a crypto-library, the rest of the program should not
> be slowed by stomping the stack all the time, only the library-functions that
> need this.

This is incorrect, it would apply only to the module being compiled. If you compile the crypto code with a separate command to dmd, then only that code is affected.

On Wednesday, 10 September 2014 at 19:19:09 UTC, Walter Bright wrote:
> On 9/10/2014 3:34 AM, Dominikus Dittes Scherkl wrote:
>> On Tuesday, 9 September 2014 at 18:59:33 UTC, Walter Bright wrote:
>>> 1. The compiler has -gx, which will "stomp" the stack upon function return.
>> Nice. But this will be set for the whole program.
>> But if I want to use e.g. a crypto-library, the rest of the program should not
>> be slowed by stomping the stack all the time, only the library-functions that
>> need this.
>
> This is incorrect, it would apply only to the module being compiled. If you compile the crypto code with a separate command to dmd, then only that code is affected.

Ah, yes. Ok thats also very cool. So cyptography programmed in D makes it a lot harder for the hackers :-)
But of course not enought for the very paranoid...