In computer programming, a local variable that is assigned a value but is not read by any subsequent instruction is referred to as a dead store. Dead stores waste processor time and memory, and may be detected through the use of static program analysis, and removed by an optimizing compiler.
If the purpose of a store is intentionally to overwrite data, for example when a password is being removed from memory, dead store optimizations can cause the write not to happen, leading to a security issue. Some system libraries have specific functions designed to avoid such dangerous optimizations, e.g. explicit_bzero
on OpenBSD
Examples
Java example of a dead store:
In the above code an ArrayList<String>
object was instantiated but never used. Instead, in the next line the variable which references it is set to point to a different object. The ArrayList
which was created when list
was declared will now need to be de-allocated, for instance by a garbage collector.
JavaScript example of a dead store:
"The code in the loop repeatedly overwrites the same variable, so it can be reduced to only one call."