"James A. Donald" <[EMAIL PROTECTED]> writes: >If the optimizer ever optimizes away a write to volatile >memory, device drivers will fail. Most device drivers are >written in C. If anyone ever produces a C compiler in which >"volatile" does not do what we want, not only are they out of >spec, but smoke will start coming out of hardware when the >device drivers are recompiled.
The people who assume that any compiler which compiles their code gets an obscure feature like volatile exactly as per the spec are probably the same ones who assume that fixed-size buffers will never be exceeded. It's my job to be paranoid. I will assume that an arbitrary compiler gets a while() loop right (it'd be obvious if it didn't), but I won't gamble my crypto keys over assumptions about the correct handling of volatile in all compilers. Specifically, I want to keep crypto keys secure in the real world, and the real world may have compilers which optimise away references to volatile storage, whether the spec says so or not. Peter.
