> On 21 Oct 2025, at 09:54, Ville Voutilainen <ville.voutilainen_at_[hidden]> wrote:
>
> On Tue, 21 Oct 2025 at 10:36, Timur Doumler <cpp_at_[hidden]> wrote:
>
>>> After all, we seem to have converged on an agreement that
>>> inter-procedural optimizations based on a locally visible definition
>>> of an inline function
>>> are unsound to begin with,
>>
>> I'm glad we agree :) it follows then that the "supply chain attack" scenario/example described in P3829 is not actually something that the P2900 spec allows. Can we agree on that too?
>
> Yes.
>
>>> so their conformance is.. ..perhaps not so relevant.
>> I am not sure I follow. If we agree that they are unsound, why would we still want them to be conforming? If we say that they are *not* conforming, we also say that things like the "supply chain attack" scenario/example described in P3829 is something that should never happen. Wouldn't that be a good thing?
>
> You're jumping into a conjecture a bit there. :) I'm not saying that
> we would want those unsound optimizations to be conforming. But as far
> as I understand,
> they are not conforming anyway. Clang doesn't perform them, and didn't
> need P2900 to avoid them. GCC's optimizer has a bug, with or without
> P2900.
> The GCC contracts implementation performs a dirty hack to work around
> that problem by hoodwinking the optimizer to not see the terminate()
> call,
> by wrapping it in a wrapper function attributed with [[gnu::noipa]],
> because none of the developers of that implementation have the
> expertise
> to fix the optimizer bug.

Understood, thanks Ville for clarifying and it seems like we agree on all of the above points!

Timur