Question on volatile functions and GCC

[Andrew Haley]

On 03/05/2013 06:39 PM, Jeffrey Walton wrote:
> On Tue, Mar 5, 2013 at 4:27 AM, David Paterson <dnpaterson@gmail.com> wrote:
>> On 4 March 2013 23:40, Jeffrey Walton <noloader@gmail.com> wrote:
>>>
>>> ...
>>> I believe GCC's interpretation of the use for 'volatile' is memory
>>> mapped hardware.
>>
>> In addition to Jonathan's answer on the use of "volatile", it's worth adding
>> that it's not only used for memory mapped hardware. There are many other
>> uses, such as inter-thread communication, or indeed the example you
>> show below.
>
> A good discussion on the subject can be found at
> http://gcc.gnu.org/ml/gcc-help/2012-03/msg00239.html.
> 
> The thread includes a discussion of Microsoft's and GCC's
> interpretation of the keyword. The interpretations were so different I
> wondered if it was 'implementation defined' in the standard.

Yes: 6.7.3 Type qualifiers, "What constitutes an access to an object
that has volatile-qualified type is implementation-defined."

> In the end, I think the C/C++ committee needs to supply another
> keyword to ensure program statements are never removed and executed
> in-situ with no side effects (perhaps 'pin'). They gave the compiler
> writer's 'restrict' so they could optimize. The security minded folks
> should get something too to ensure program correctness even when the
> optimizer is aggressive.

But that'd still be impossible to define in terms of the abstract
machine, so it wouldn't help.

We now have the C++11 memory model.  Are you really saying that you
can't figure out how to use atomic_store() to write a secure memory
erase function?

Andrew.