To me, this use of heap and stack memory seems like a security nightmare and is clear it was designed for performance first and not security especially considering how slow these computers used to run and the invention of .net which many have bought in to.
I’ve never understood why the Auto attribute exists, other than to force the use of the supposedly “faster” stack memory instead of slower “heap” memory, because at some point some data will be placed in it, and whilst its understandable that variables are initialised (read cleaned), if this tiny overhead of clearing the memory takes place with new(), then why not with dispose()? Not even as an optional parameter in the language function? Stack-based memory allocation - Wikipedia
And as the stack seems to be allocating a big block of memory when a procedure is called, is the OS clearing the memory before its allocated to the stack? From what I see in the debugger and this thread I’d say no the OS is not cleaning memory before its assigned to the procedure and the stack.
And when we look at why .net came into existence, which was to tidy up the memory usage, ie making sure Dispose() was called automatically because so many programmers were not disposing of their variables and to enforce higher standards like a new security model called CAS, even CAS has died a death because its too complicated for programmers!
The end of Code Access Security in Microsoft .NET | Tim Anderson’s IT Writing
Sure, memory leaks can crash programs, but security leaks can put companies out of business and if the business disappears so does the program. Darwinism in action with computer software!
However there might be hope, I dont have any DDR5 ram to test this with, but looking at the command encodings DDR5 SDRAM - Wikipedia I see there is a new write pattern.
The “Write Pattern” command is new for DDR5; this is identical to a write command, but the range is filled in with copies of a one-byte mode register (which defaults to all-zero) instead of individual data.
So has anyone with DDR5 in their computer, seen evidence to suggest the OS is now clearing memory beit uninitialized Auto stack variables or initialised heap variables in Clarion?
I cant find any security settings in windows to force cleaning of memory before its given over to an app for use, but maybe its a bios setting?
Anyone know?