[30thElement]

They should do it only in situations where it doesn't change the program behavior. I use memset frequently in C just to be safe, but if it's written to later on before it's ever read from, the compiler can optimize that away. I'm guessing their recommendation here is if you did something like

    char* plain_text = malloc(size);
    ///do stuff with plain_text
    memset(plain_text, 0, size);
    free(plain_text);

For most programs that last memset is unnecessary (and may even be unnecessary according to the standard, but it's probably implementation defined, not undefined behavior) and it makes sense for the compiler to optimize it away. But for crypto purposes you have to be afraid of someone being able to read plain_text later, so the memset is important

[Marat_Dukhan]

I checked 3 compilers: icc 14, gcc 4.8, and clang 3.3. Clang is the only one which optimized the memset away.

[lawnchair_larry]

Did you enable optimization? I know first hand that GCC will optimize something similar out in many cases.

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=8537

[Marat_Dukhan]

Yes, I compiled with -O3.

[timtadh]

Not a windows user so I can't check but given that it is the kernel driver the compiler we would be concerned about is the MS visual c++ compiler.

[Marat_Dukhan]

Visual C++ 2013 doesn't remove memset either.