Dead store
In computer programming, a local variable that is assigned a value but is not read by any subsequent instruction is referred to as a dead store. Dead stores waste processor time and memory, and may be detected through the use of static program analysis, and removed by an optimizing compiler.
If the purpose of a store is intentionally to overwrite data, for example when a password is being removed from memory, dead store optimizations can cause the write not to happen, leading to a security issue.[1] Some system libraries have specific functions designed to avoid such dangerous optimizations, e.g. explicit_bzero
on OpenBSD.[2]
Examples
Java example of a dead store:
// DeadStoreExample.java
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
public class DeadStoreExample {
public static void main(String[] args) {
List<String> list = new ArrayList<String>(); // This is a Dead Store, as the ArrayList is never read.
list = getList();
System.out.println(list);
}
private static List<String> getList() {
return new ArrayList<String>(Arrays.asList("Hello"));
}
}
In the above code an ArrayList<String>
object was instantiated but never used. Instead, in the next line the variable which references it is set to point to a different object. The ArrayList
which was created when list
was declared will now need to be de-allocated, for instance by a garbage collector.
JavaScript example of a dead store:
function func(a, b) {
var x;
var i = 300;
while (i--) {
x = a + b; // dead store
}
}
The code in the loop repeatedly overwrites the same variable, so it can be reduced to only one call.[3]
See also
References
- "Insecure Compiler Optimization | OWASP".
- "OpenBSD manual pages". man.openbsd.org. Retrieved 2016-05-14.
- "HTML5, and Real World Site Performance: Seventh IE9 Platform Preview Available for Developers".