Am Donnerstag, den 18.04.2019, 11:45 +0100 schrieb Peter Sewell: > On Thu, 18 Apr 2019 at 10:32, Richard Biener <richard.guent...@gmail.com> > wrote:
> An equality test of two pointers, on the other hand, doesn't necessarily > mean that they are interchangeable. I don't see any good way to > avoid that in a provenance semantics, where a one-past > pointer might sometimes compare equal to a pointer to an > adjacent object but be illegal for accessing it. As I see it, there are essentially four options: 1.) Compilers do not use conditional equivalences for optimizations of pointers (or only when additional conditions apply which make it safe) 2.) We make pointer comparison between a pointer and a one-after pointer of a different object undefined behaviour. 3.) We make comparison have the side effect that afterwards any of the two pointers could have any of the two provenances. (with disambiguitation similar to what we have for casts). 4.) Compilers make sure that exposed objects never are allocated next to each other (as Jens proposed). None of these options is great. Best, Martin
