Am Donnerstag, den 30.01.2020, 16:50 +0000 schrieb Michael Matz: > Hi, > > On Thu, 30 Jan 2020, Uecker, Martin wrote: > > > > guarantees face serious implementation difficulties I think > > > so the only alternative to PVNI (which I think is implementable > > > but at a optimization opportunity cost) is one that makes > > > two pointers with the same value always have the same > > > provenance (and otherwise make the behavior undefined). > > > > This would need to come with precise rules about > > when the occurance of two such pointers is UB, > > e.g. comparisons of such pointers, or that > > two such pointers are cast to int in the same > > execution. > > > > The mere existance of such pointers should be > > quite common and should not already be UB. > > > > But I am uncomfortable with the idea that > > comparison of pointers is always allowed except > > for some special case which then is UB. This > > might cause are and very difficult to find bugs. > > As Richi said, the comparison itself wouldn't be UB, all comparisons would > be allowed. But _if_ the pointers compare equal, they must have same (or > overlapping) provenance (i.e. when they have not, then _that_ is UB).
Sorry, I still don't get it. In the following example, int a[1]; int b[1]; it is often the case that &a[1] and &b[0] compare equal because they have the same address but the pointer have different provenance. Or does there need to be an actual evaluation of a comparison operations? In this case, I do not see the difference to what I said. Best, Martin > > > > Others proposed to make the result of the comparison unspecified, > > > > but I think this does not help. > > > > > > Indeed. It's not unspecified, it's known to evaluate to false. I > > > think there's existing wording in the standard that allows it to > > > evaluate to true for pointers one-after-the-object, that would need to > > > be changed of course. > > > > The problem is that if the comparison if not optimized > > and the pointers have the same address, then it would > > evaluate to true at run-time. If I understand correctly, > > you somehow want to make this case be UB, but I haven't > > quite understood how (if it is not the comparison of such > > pointers that invokes UB). > > By saying something like "if two pointers compare equal they must have the > same provenance, otherwise the behaviour is undefined". > (I don't know if this definition would or would not help with the problems > PVNI poses to compilers). > > > Ciao, > Michael.
