About the memset bug, I wonder if this couldn't be solved by some kind of compiler directive in the function signature saying "you can't remove this" (or something to that effect)
You don't need such a _compiler_ directive. The compiler can only optimize the call away because it can assume that std::memset does what the standard proscribes.
Whenever you call an external function that is not in the standard library, the compiler can't know what it does and, hence, can't optimize it away.
The linker, on the other hand, might do across-library optimizations that lead to it removing the call. So, at worst, you need a linker directive.
Also, I am not sure you want this tagged to the function signature. There may be cases where optimizing the call away is perfectly valid.
Well he mentions RtlSecureZeroMemory(), which must be a Windows thing, but clearly all compilers need some methods of dealing with this thats easy to do and can't be optimised away.
About the memset bug, I wonder if this couldn't be solved by some kind of compiler directive in the function signature saying "you can't remove this" (or something to that effect)