From 4655e63cfb4a8e6cea0e45d6b0a55faa1baab01d Mon Sep 17 00:00:00 2001 From: Ralf Jung Date: Mon, 15 Jul 2019 14:57:00 +0200 Subject: [PATCH 1/1] tweaks --- ralf/_posts/2019-07-14-uninit.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ralf/_posts/2019-07-14-uninit.md b/ralf/_posts/2019-07-14-uninit.md index dd71945..e2089cb 100644 --- a/ralf/_posts/2019-07-14-uninit.md +++ b/ralf/_posts/2019-07-14-uninit.md @@ -121,9 +121,9 @@ But when writing Rust programs, even when writing Rust programs that you only in The Rust abstract machine *does* make a distinction between "relaxed" and "release"/"acquire", and your program will go wrong if you ignore that fact. After all, x86 does not have "uninitialized bytes" either, and still our example program above went wrong. -Of course, desirable optimizations explain *why* the abstract machine is defined the way it is. +Of course, to explain *why* the abstract machine is defined the way it is, we have to look at optimizations and hardware-level concerns. But without an abstract machine, it is very hard to ensure that all the optimizations a compiler performs are consistent---in fact, both [LLVM](https://bugs.llvm.org/show_bug.cgi?id=35229) and [GCC](https://gcc.gnu.org/bugzilla/show_bug.cgi?id=65752) suffer from miscompilations caused by combining optimizations that all seem fine in isolation, but together cause incorrect code generation. -The abstract machine is the ultimate arbiter that shows if all of the optimizations are correct, or if some of them are in conflict with each other. +The abstract machine is needed as an ultimate arbiter that shows if all of the optimizations are correct, or if some of them are in conflict with each other. I also think that when writing unsafe code, it is much easier to keep in your head a fixed abstract machine as opposed to a set of optimizations that might change any time, and might or might not be applied in any order. Unfortunately, in my opinion not enough of the discussion around undefined behavior in Rust/C/C++ is focused on what concretely the "abstract machine" of these languages looks like. -- 2.30.2