Warning: accessibility check failure with GNAT GPL 2013

Warning: accessibility check failure with GNAT GPL 2013

[sangomarco]

Hi,

I have the accessibility check failure with GNAT GPL version 2013. When I try to instantiate a task type in a task body (warning line -- Next := New_Thread; -- see my code below), I have the following warning : accessibility check failure, program_Error will be raised at runtime.
However, I don't have any warning when I compile with  the last version GNAT GPL 2012. 

What it's the problem and how I can resolve this.
Thanks in adavance for your help.

Below is my code :

-----------------
with Threads;
Procedure Main is
   package Tasks_Inst is new Threads (Integer,1);
   use Tasks_Inst;
begin
   Tasks_Inst.Run_Threads(3);
end Main;

-----------------
generic
   type Element is private;
   Unit: in Element;
Package Threads is
   procedure Run_Threads (Test_Element : in Element);
end Threads;

-----------------
package body Threads is

   Procedure Run_Threads (Test_Element : in Element) is

      task type Cyclic_Thread;

      function New_Thread return access Cyclic_Thread is
      begin
         return new Cyclic_Thread;
      end New_Thread;

      task body Cyclic_Thread is
         Next : access Cyclic_Thread;
      begin
	 if Next = null then
	    Next := New_Thread; ------ warning line
	 end if;
      end Cyclic_Thread;

      First : access Cyclic_Thread;
      E : Element := unit;
   begin
      First := New Cyclic_Thread;
   end Run_Threads;

end Threads;

Re: Warning: accessibility check failure with GNAT GPL 2013

[Dmitry A. Kazakov]

On Mon, 28 Oct 2013 06:49:30 -0700 (PDT), sangomarco@gmail.com wrote:

>       function New_Thread return access Cyclic_Thread is
>       begin
>          return new Cyclic_Thread;
>       end New_Thread;

The rule of thumb: you never return an anonymous access result allocated by
new.

-- 
Regards,
Dmitry A. Kazakov
http://www.dmitry-kazakov.de

Re: Warning: accessibility check failure with GNAT GPL 2013

[sangomarco]

Le lundi 28 octobre 2013 15:26:33 UTC+1, Dmitry A. Kazakov a écrit :
> On Mon, 28 Oct 2013 06:49:30 -0700 (PDT), sangomarco@gmail.com wrote:
> 
> 
> 
> >       function New_Thread return access Cyclic_Thread is
> 
> >       begin
> 
> >          return new Cyclic_Thread;
> 
> >       end New_Thread;
> 
> 
> 
> The rule of thumb: you never return an anonymous access result allocated by
> 
> new.
>

Thanks for your quick response. I don't have enough experience with Ada, please could you tell me more about the rule? I don't understand why this is not allow. My goal is to create a main task which makes a successor tasks if necessarry. And, since I cannot use the sybtype mak to create a new task in the current execution of a main task body as the following declaration
Next : access Cyclic_Thread;
next : new Cyclick_Thread;
I lazily use the previous function to return the access to the task.

--
Best regards
Marc

Re: Warning: accessibility check failure with GNAT GPL 2013

[Dmitry A. Kazakov]

On Mon, 28 Oct 2013 08:23:40 -0700 (PDT), sangomarco@gmail.com wrote:

> Thanks for your quick response. I don't have enough experience with Ada,
> please could you tell me more about the rule? I don't understand why this
> is not allow.

It is allowed, unfortunately. That is why you have got only warning, not an
error. Unfortunately, because it does not make sense in 90% of cases in
practice.

> My goal is to create a main task which makes a successor
> tasks if necessarry. And, since I cannot use the sybtype mak to create a
> new task in the current execution of a main task body as the following
> declaration

Use a named access type instead. E.g.

   type Cyclic_Thread_Ptr is access all Cyclic_Thread:

Informally, "new" adapts to the expected access type. So does the anonymous
access type from its side. When both meet each other there is no
information available to determine the scope where the allocated object
would live. The language rules use the most conservative estimation of that
scope (the body of the subprogram), which in practice never corresponds to
the programmer's intent. The resulting accessibility check necessarily
fails at run time. Be glad you were warned by the compiler.

-- 
Regards,
Dmitry A. Kazakov
http://www.dmitry-kazakov.de

Re: Warning: accessibility check failure with GNAT GPL 2013

[sangomarco]

Le lundi 28 octobre 2013 16:49:28 UTC+1, Dmitry A. Kazakov a écrit :
> On Mon, 28 Oct 2013 08:23:40 -0700 (PDT), sangomarco@gmail.com wrote:
> 
> 
> 
> > Thanks for your quick response. I don't have enough experience with Ada,
> 
> > please could you tell me more about the rule? I don't understand why this
> 
> > is not allow.
> 
> 
> 
> It is allowed, unfortunately. That is why you have got only warning, not an
> 
> error. Unfortunately, because it does not make sense in 90% of cases in
> 
> practice.
> 
> 
> 
> > My goal is to create a main task which makes a successor
> 
> > tasks if necessarry. And, since I cannot use the sybtype mak to create a
> 
> > new task in the current execution of a main task body as the following
> 
> > declaration
> 
> 
> 
> Use a named access type instead. E.g.
> 
> 
> 
>    type Cyclic_Thread_Ptr is access all Cyclic_Thread:
> 
> 
> 
> Informally, "new" adapts to the expected access type. So does the anonymous
> 
> access type from its side. When both meet each other there is no
> 
> information available to determine the scope where the allocated object
> 
> would live. The language rules use the most conservative estimation of that
> 
> scope (the body of the subprogram), which in practice never corresponds to
> 
> the programmer's intent. The resulting accessibility check necessarily
> 
> fails at run time. Be glad you were warned by the compiler.
>


Thanks, I get it.

--
best regards,
Marc

Re: Warning: accessibility check failure with GNAT GPL 2013

[Georg Bauhaus]

On 28.10.13 16:49, Dmitry A. Kazakov wrote:
> Use a named access type instead. E.g.
> 
>    type Cyclic_Thread_Ptr is access all Cyclic_Thread:

2nd. And consider dropping "all" from the above type
declaration, if possible. In your example, all pointers
point to tasks of type Cyclic_Thread that were created
by an allocator, so "all" is not needed. (Because you
do not store the 'Access of some "non-heap" task object
in some pointer variable.)

(In general, it is best to avoid anonymous types,
as they are  a source of trouble, as they hide information,
leaving the compiler in the dark about the scope of the
anonymous type, and as they may also require additional
run-time checks, like Dmitry explains.)

Re: Warning: accessibility check failure with GNAT GPL 2013

[Adam Beneschan]

On Monday, October 28, 2013 9:13:41 AM UTC-7, Georg Bauhaus wrote:
> On 28.10.13 16:49, Dmitry A. Kazakov wrote:
> 
> > Use a named access type instead. E.g.
> 
> >    type Cyclic_Thread_Ptr is access all Cyclic_Thread:
 
> 2nd. And consider dropping "all" from the above type
> declaration, if possible. In your example, all pointers
> point to tasks of type Cyclic_Thread that were created
> by an allocator, so "all" is not needed. (Because you
> do not store the 'Access of some "non-heap" task object
> in some pointer variable.)

Although the example may not use any objects that aren't created by an allocator, the question is whether there's any possibility that a programmer *might* want to use the access type to refer to aliased variables or other non-allocated objects later.  If we know that, by the *nature* of the access type and what it's supposed to represent, that having it refer to aliased variables would be unacceptable or cause problems, then don't include "all".  But otherwise I think it's best to include "all".  I include "all" routinely since I haven't written an access type definition where I thought that those access objects *must* refer to heap-allocated objects in all cases.  (If Ada 95 had been designed from scratch, it would have been better to provide an additional keyword to designate access types that must be heap-allocated, if a distinction had to be made at all.  But they were considering the possibility that a pool-specific access type would be represented as a pool-relative offset rather than as an address, and that there could be Ada 83 compilers already doing that.)

                                -- Adam

Re: Warning: accessibility check failure with GNAT GPL 2013

[Randy Brukardt]

"Dmitry A. Kazakov" <mailbox@dmitry-kazakov.de> wrote in message 
news:m8uj6pxbsxrh$.1jwxgyor2dhw8$.dlg@40tude.net...
> On Mon, 28 Oct 2013 08:23:40 -0700 (PDT), sangomarco@gmail.com wrote:
>
>> Thanks for your quick response. I don't have enough experience with Ada,
>> please could you tell me more about the rule? I don't understand why this
>> is not allow.
>
> It is allowed, unfortunately. That is why you have got only warning, not 
> an
> error. Unfortunately, because it does not make sense in 90% of cases in
> practice.
>
>> My goal is to create a main task which makes a successor
>> tasks if necessarry. And, since I cannot use the sybtype mak to create a
>> new task in the current execution of a main task body as the following
>> declaration
>
> Use a named access type instead. E.g.
>
>   type Cyclic_Thread_Ptr is access all Cyclic_Thread:
>
> Informally, "new" adapts to the expected access type. So does the 
> anonymous
> access type from its side. When both meet each other there is no
> information available to determine the scope where the allocated object
> would live. The language rules use the most conservative estimation of 
> that
> scope (the body of the subprogram), which in practice never corresponds to
> the programmer's intent. The resulting accessibility check necessarily
> fails at run time. Be glad you were warned by the compiler.

This is true in Ada 2005, but those rules were completely redone for Ada 
2012, and those make it more likely that this will in fact work as expected. 
(Most of the static checks were removed.) OTOH, I still think your advice is 
a good idea, because no human can actually figure out what the accessibility 
of an anonymous access return will be. :-) So you can drive yourself nuts if 
it doesn't work for some reason.

                           Randy.