On 03/05/2013 06:39 PM, Jeffrey Walton wrote: > On Tue, Mar 5, 2013 at 4:27 AM, David Paterson <dnpaterson@xxxxxxxxx> wrote: >> On 4 March 2013 23:40, Jeffrey Walton <noloader@xxxxxxxxx> wrote: >>> >>> ... >>> I believe GCC's interpretation of the use for 'volatile' is memory >>> mapped hardware. >> >> In addition to Jonathan's answer on the use of "volatile", it's worth adding >> that it's not only used for memory mapped hardware. There are many other >> uses, such as inter-thread communication, or indeed the example you >> show below. > > A good discussion on the subject can be found at > http://gcc.gnu.org/ml/gcc-help/2012-03/msg00239.html. > > The thread includes a discussion of Microsoft's and GCC's > interpretation of the keyword. The interpretations were so different I > wondered if it was 'implementation defined' in the standard. Yes: 6.7.3 Type qualifiers, "What constitutes an access to an object that has volatile-qualified type is implementation-defined." > In the end, I think the C/C++ committee needs to supply another > keyword to ensure program statements are never removed and executed > in-situ with no side effects (perhaps 'pin'). They gave the compiler > writer's 'restrict' so they could optimize. The security minded folks > should get something too to ensure program correctness even when the > optimizer is aggressive. But that'd still be impossible to define in terms of the abstract machine, so it wouldn't help. We now have the C++11 memory model. Are you really saying that you can't figure out how to use atomic_store() to write a secure memory erase function? Andrew.
