Can using volatile affect the behavior of simple property checking system?

Question

I'm maintaining a project where someone has suggested that we make some variables volatile.

I'm trying to understand if it's needed at all (or could be needed). After some discussion, it seems like in theory it might, but I'm struggling to come up with a minimal example that would show that using volatile is actually needed.

The code that is being generated by the tool looks like this:

// Globals provided by the user
extern int8_t variable1; 
extern int8_t variable2;

// Handlers implemented by the user
void handler1 ();
void handler2 ();

// Local copies of inputs to system
int8_t copy1 = 0;
int8_t copy2 = 0;

bool property_guard1 () {
  // Some property of copy1. Return true if it holds, false otherwise.
  ...
}

bool property_guard2 () {
  // Some property of copy2. Return true if it holds, false otherwise.
  ...
}

void one_step () {
  copy1 = variable1;
  copy2 = variable2;
  if (property1()) {
     handler1();
  }
  if (property2()) {
     handler2();
  }
}

Users are supposed to provide inputs using globals, and define the handlers. The function one_step is supposed to be called multiple times by the user, providing new values for the input variables. Variables could have other types (including struct and fixed-length arrays), and, internally, the module generated could also use buffers to "remember" old values.

Is there any instance, a minimal example, that would show that the behavior could change depending on whether the variables variable1 and variable2 are marked volatile or not?

Answer 1

Qualifying a variable as volatile indicates that its value might change outside the scope of the C semantics of the program. The canonical example would be an object mapped to a hardware I/O port. For strictly-conforming code, the only such use case is a variable that may be modified via a signal handler.

It might seem like volatile would be useful for objects accessed by multiple threads of the same program, but volatile is not sufficient for that case, and it does not add anything useful on top of what proper use of synchronization objects such as mutexes will do, so in practice, volatile is not useful in such cases.

Is there any instance, a minimal example, that would show that the behavior could change depending on whether the variables variable1 and variable2 are marked volatile or not?

In cases those rare cases where it makes a difference, the behavior is undefined when the variables are not volatile.

One plausible test case would be to register a signal handler that modifies one or both variables, to run a loop (outside the handler) that reads and prints the variables, and to send a stream of signals to the program from a separate, concurrently running program. However, the idea here is to trigger undefined behavior in the non-volatile case, and you cannot rely on that to be discernably different, because "undefined".