[vlc-devel] [RFC v4] vlc_vector: add helpers for vectors

[Romain Vimont]

On Fri, Aug 31, 2018 at 06:46:05PM +0300, Rémi Denis-Courmont wrote:
> Le perjantaina 31. elokuuta 2018, 15.04.52 EEST Romain Vimont a écrit :
> > +#define vlc_vector_realloc_(pv, newsize) \
> > +( \
> > +    vlc_vector_reallocarray_((void **) &(pv)->data, newsize, \
> > +                             sizeof(*(pv)->data)) && \
> 
> I strongly suspect a violation of type aliasing with the cast to void **.

I agree that this looks suspicious regarding the strict aliasing rules:
a pointer to type* (type**) is deferenced via a pointer to void*
(void**).

The standard says:
> An object shall have its stored value accessed only by an lvalue
> expression that has one of the following types:
>  - a type compatible with the effective type of the object,

<https://stackoverflow.com/a/7005988/1987178>

I'm not sure about the definition of "compatible", but I would say that
type* and void* are compatible types.

The warnings reported by gcc in the following samples suggest that this
is the case:

$ cat a.c
#include <stddef.h>
void f(int *p) {
    *((float **)&p) = NULL;
}
$ gcc -c -Wstrict-aliasing -fstrict-aliasing a.c
a.c: In function ‘f’:
a.c:3:7: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
     *((float **)&p) = NULL;
      ~^~~~~~~~~~~~~

$ cat b.c
#include <stddef.h>
void f(int *p) {
    *((void **)&p) = NULL;
}
$ gcc -c -Wstrict-aliasing -fstrict-aliasing b.c
(no output)

(same results with g++ on cpp files)

> > +#define vlc_vector_check_same_ptr_type_(a, b) \
> > +    (void) ((a) == (b)) /* warn on type mismatch */
> 
> In C, you can even fail on type mismatch using _Generic.

Here, both the types of a and b are statically "unknown" from this
macro. Is it still possible?