From: Ralf Jung Date: Mon, 11 Apr 2022 18:13:36 +0000 (-0400) Subject: clarify assumption X-Git-Url: https://git.ralfj.de/web.git/commitdiff_plain/4094adcf1720574ccc144790de67c48a3988552c?ds=inline clarify assumption --- diff --git a/ralf/_posts/2022-04-11-provenance-exposed.md b/ralf/_posts/2022-04-11-provenance-exposed.md index ae03624..0dcf9e0 100644 --- a/ralf/_posts/2022-04-11-provenance-exposed.md +++ b/ralf/_posts/2022-04-11-provenance-exposed.md @@ -115,9 +115,9 @@ int main() { We started out with a program that always prints `1`, and ended up with a program that always prints `0`. This is bad news. Our optimizations changed program behavior. That must not happen! What went wrong? -Fundamentally, this is the same situation as in the previous blog post: this -example demonstrates that either the original program already had Undefined -Behavior, or (at least) one of the optimizations is wrong. However, the only possibly suspicious part of the original program is a pointer-integer-pointer round-trip -- and if casting integers to pointers is allowed, *surely* that must work. +Fundamentally, this is the same situation as in the previous blog post: this example demonstrates that either the original program already had Undefined Behavior, or (at least) one of the optimizations is wrong. +However, the only possibly suspicious part of the original program is a pointer-integer-pointer round-trip -- and if casting integers to pointers is allowed, *surely* that must work. +I will, for the rest of this post, assume that replacing `x` by `(int*)(uintptr_t)x` is always allowed. So, which of the optimizations is the wrong one? ## The blame game