Re: gcc/gnat 4.1.1 bug

["Adam Beneschan" <adam@irvine.com>]

M E Leypold wrote:

> When compiling GtkAda 2.4.0 (vanilla as it came from libre) with a
> vanilla (as it cam from gnu.org) Gcc 4.1.1 (C, Ada enabled, no special
> configuration, just configure/make/make install) I got some
> gtkada-mdi.adb, announcing that at line 4774 the case 'None' would be
> missing. There we find:
>
>   ...
>   4772        for Side in MDI.Docks'Range loop
>   4773           Ref (MDI.Docks (Side));
>   4774           case Side is
>   4775              when Left | Right =>
>   4776                 Widths (Side)  := Get_Allocation_Width (MDI.Docks (Side));
>   4777                 Heights (Side) := 0;
>   4778              when Top | Bottom =>
>   4779                 Widths (Side)  := 0;
>   4780                 Heights (Side) := Get_Allocation_Height (MDI.Docks (Side));
>   4781           end case;
>   ...
>
> Indeed, the case 'None' is missing. MDI has the following type
>
>   4752     procedure Set_Priorities
>   4753       (MDI : access MDI_Window_Record; Prio : Priorities_Array)
>   4754     is
>   ...
>
> where MDI_Window_Record is defined in the Interface as
>
>
>    786     type MDI_Window_Record is new Gtk.Table.Gtk_Table_Record with record
>    ...
>
>    792        Docks : Notebook_Array := (others => null);
>    793        --  The five possible docks (one on each side and one in the middle.
>    ...
>
> Ans Notebook_Array and its index range are defined as follows
>
>     92     type Dock_Side is (Left, Right, Top, Bottom, None);
>    ...
>    772     type Notebook_Array is array (Left .. Bottom) of Gtk.Notebook.Gtk_Notebook;
>
>
> So indeed, one would expect Side in line 4774 to be of subtype Left
> .. Bottom, which it isn't (instead it seems to take the full range
> Left .. None). Somehow the range is lost on the way from type
> Notebook_Array to Side.
>
> To test this, I've patched gtkada-mdi.ads like this
>
>   4772        for Side in Notebook_Array'Range loop
>   4773           Ref (MDI.Docks (Side));
>   4774           case Side is
>
> that is, to refer to Notebook_Array'Range explicitely. And voila --
> everything compiles fine.
>
> Request: Could anybody knowing more about the Ada type system state
> that this is indeed a bug in gcc 4.1.1 or did some subtle point change
> here between Ada 95 and Ada 2005?


I think it was a bug for the compiler to accept the above code (i.e.
the code before you patched it).  It's not legal in either Ada 95 or
Ada 2005 as far as I can tell.  (And you can't assume that Ada code you
get from a public source is legal.  I've found numerous examples of
illegal code that still gets distributed because it's only been tried
on one compiler and that compiler has a bug.)

Here's how I piece things together: 3.6.2(7) says that for an array A,
A'Range is equivalent to A'First..A'Last (except that A is evaluated
only once).  4.9(8) says that a 'First or 'Last attribute reference is
static if its prefix statically denotes a statically constrained array
object.  4.9(14) defines what "statically denotes" means: the prefix
has to refer to a "direct name", "expanded name", or character literal.

However, MDI.Docks is not any of these.  A direct name is a simple
identifier, and an expanded name is just like a direct name except that
it could be qualified with package names or names of subprograms or
blocks that you're inside, or things like that.  MDI is an access
object, however.

This means that the prefix of MDI.Docks'Range does not statically
denote anything, and therefore MDI.Docks'First and 'Last (and therefore
'Range) are not static.  Thus, the subtype of "Side" is *not* a static
subtype.

The rules for a CASE statement say that if the index's type is a static
subtype, the choices must cover just that subtype range; while if it's
not a static subtype, the choices must cover the entire base range.  So
it's correct for the compiler to require that None be one of the
choices, and incorrect for the compiler to accept a CASE statement that
doesn't have that choice (or an "others" clause).  As far as I can
tell, none of the relevant rules have changed between Ada 95 and Ada
2005; therefore, the Ada 95 compiler was incorrect.

This does seem counter-intuitive.  But apparently requiring that the
prefix of 'First *statically* *denotes* the array object was put there
deliberately, and I'm sure there was a good reason, although I don't
know what it is.  In general, if you apply 'First on something that you
have to go through an access value to get to, the compiler has to make
sure the access value is not null, even if the 'First could be
determined at compile time (see the next paragraph).  Considering a
value that requires a null check to be "static" would undoubtedly cause
problems for other parts of the language.

(In Ada 95, MDI is not allowed to be null; in Ada 2005, it is.  Perhaps
that's why the Ada 95 compiler erroneously accepted the program: since
no null check was necessary, the compiler viewed MDI.Docks'First as a
constant, and then erroneously decided that it must be static, while
the Ada 2005 compiler includes a "null check" as part of the logic to
compute the value of 'First.  However, I don't see how whether null is
a legal value or not affects whether the attribute reference is treated
as static by 4.9.  Experiment: Change the definition of MDI from
"access MDI_Window_Record" to "not null access MDI_Window_Record".  If
this causes the program to compile, then the Ada 2005 compiler is wrong
too.)

Hope this helps.

Also, I assume that if I got something wrong, someone more
knowledgeable than I will correct me.

                                    -- Adam