Re: Strict aliasing, is it OK?

[Victor Porton <porton@narod.ru>]

Niklas Holsti wrote:

> On 17-07-04 21:30 , Victor Porton wrote:
>> Niklas Holsti wrote:
>>
>>> On 17-07-04 20:49 , Victor Porton wrote:
>>>> I've started an ambitious open source project:
>>>>
>> 
https://en.wikiversity.org/wiki/Automatic_transformation_of_XML_namespaces
>>>>
>>>> I am going to implement it in Ada.
>>>>
>>>> Note the file
>>>>
>>>> https://github.com/vporton/redland-bindings/blob/ada2012/ada/src/rdf-raptor-parser.adb
>>>>
>>>> Here is an extract from my code:
>>>>
>>>>    type My_Dummy_Access is access constant RDF.Auxiliary.Dummy_Record;
>>>>
>>>>    function C_Raptor_Parser_Get_Description (Parser: Handle_Type)
>>>>    return My_Dummy_Access
>>>>       with Import, Convention=>C,
>>>>       External_Name=>"raptor_parser_get_description";
>>>>
>>>>    function Get_Description (Parser: Parser_Type) return
>>>>    RDF.Raptor.Syntaxes.Syntax_Description_Type is
>>>>       function Conv is new Ada.Unchecked_Conversion(My_Dummy_Access,
>>>>       RDF.Raptor.Syntaxes.Syntax_Description_Type);
>>>>    begin
>>>>       return Conv( C_Raptor_Parser_Get_Description(Get_Handle(Parser))
>>>>       );
>>>>    end;
>>>>
>>>>
>>>> When I compile this:
>>>>
>>>> $ (cd src && gnatgcc -gnatf -c -fPIC -g -O2 -gnat2012
>>>> rdf-raptor-parser.adb) rdf-raptor-parser.adb:132:07: warning: possible
>>>> aliasing problem for type "Syntax_Description_Type"
>>>> rdf-raptor-parser.adb:132:07: warning: use -fno-strict-aliasing switch
>>>> for references rdf-raptor-parser.adb:132:07: warning: or use "pragma
>>>> No_Strict_Aliasing (Syntax_Description_Type);"
>>>>
>>>> I am not sure if it is OK to insert pragma No_Strict_Aliasing into my
>>>> code.
>>>>
>>>> GNAT Users Guide is cryptic.
>>>
>>> To me the GNAT UG
>>> (https://gcc.gnu.org/onlinedocs/gcc-7.1.0/gnat_ugn.pdf#f3) seems very
>>> clear.
>>>
>>>> The only thing I understood for sure is that sometimes strict
>>>> aliasing may cause a trouble.
>>>
>>> The question is whether your program uses Unchecked_Conversion (or some
>>> other unchecked tricks) to make a variable of type "access SomeType"
>>> point to an object that is not of the type "SomeType".
>>>
>>> Your instances of Unchecked_Conversion make GNAT suspect that your
>>> program might do such things. GNAT is warning you that your program
>>> would then violate the assumptions that underlie some of GNAT's code
>>> optimizations when the "strict aliasing" option is on, which means that
>>> the optimized code might not behave in the way you expect. The User
>>> Guide has an example of such unexpected behaviour.
>>>
>>>> I am not sure if this is a case
>>>> with my code. My code looks quite innocent, so I feel my idea will not
>>>> be broken by the compiler, but I am not sure. Please help.
>>>
>>> Just ask yourself if, in your program, an "access SomeType" always
>>> points to "SomeType". If so, you should be ok. If not, or if you are
>>> unsure, it is safer to use the pragma or compiler option that GNAT
>>> suggests; your program is then more likely to work as you want it to.
>>
>> I posted because I need help.
> 
> I tried to help.
> 
>> Please you answer the question:
>>
>> if, in your program, an "access SomeType" always points to "SomeType"?
> 
> It is impossible to answer based on the code you show, because it
> depends on what your program _does_ with the Unchecked_Conversion
> instances.
> 
> Note that your imported "C" functions that return access values can also
> lead to violation of the strict aliasing assumption, but again depending
> on how they are used.
> 
>> Well, I do understand an example of wrong behavior in UG.
> 
> Good.
> 
>> but I don't know
>> whether my code is also an example of wrong behavior.
> 
> The code you show does not have wrong behaviour, because it is just
> function declarations. Wrong behaviour (with respect to the strict
> aliasing rule) _may_ happen when you use those functions, but it depends
> on _how_ you use them.
> 
> As I said, if you cannot answer the question, just follow GNAT's
> suggestion.

I do unchecked conversions (in both directions) between Handle_Type and 
My_Dummy_Access.

Everytime I refer to Handle_Type, it is real Handle_Type.

But there is several Handle_Type (defined in different packages). Let us 
denote them Handle_Type1, Handle_Type2, Handle_Type3, ...

When I refer to My_Dummy_Access it may be any one of Handle_Type1, 
Handle_Type2, Handle_Type3, ...

But I never convert Handle_TypeN into Handle_TypeM for N/=M.

I also never use My_Dummy_Access to anything except to convert it into 
Handle_TypeX.

Question: Are these restrictions enough for the compiler to the right thing 
(that is not something counterintuitive)?

What is the right fix for the warning? Shall I add pragma 
No_Strict_Aliasing?

-- 
Victor Porton - http://portonvictor.org