Version 1.1 of acs/ac-00298.txt

Unformatted version of acs/ac-00298.txt version 1.1
Other versions for file acs/ac-00298.txt

!standard 13.7.2(5)          18-01-11 AC95-00298/00
!class confirmation 18-01-11
!status received no action 18-01-11
!status received 17-10-11
!subject Back and forth conversions between access and address
!summary
!appendix

!topic Back and forth conversions between access and address
!reference Ada 2012 RM13.7.2(5/2)
!from Victor Porton 17-10-12
!keywords address conversion access
!discussion

I propose to clarify and understand "The To_Pointer and To_Address
subprograms convert back and forth between values of types
Object_Pointer and Address." as:

To_Address limited to objects X which allow 'Unchecked_Access of some
(arbitrarily chosen) fixed type T is an injection from the set of
accesses to such objects to the set of values of System.Address.
To_Pointer limited to values of System.Address so produces by
To_Address is its inverse function.

In simpler words, To_Address values is different for different objects
(that allow 'Unchecked_Access) of the same type and
To_Pointer(To_Address(X)) = X for every object X which allows
'Unchecked_Access.

This is useful for instance to implement the package Convert_Void as
defined in
https://groups.google.com/d/msg/comp.lang.ada/-xfDsAOMj5s/voMrKgroBwAJ

***************************************************************

From: Randy Brukardt
Sent: Thursday, January 11, 2018  8:44 PM

I'm writing a brief answer to this so that its disposition is not totally
mysterious to future Ada lawyers.

> !topic Back and forth conversions between access and address 
> !reference Ada 2012 RM13.7.2(5/2) !from Victor Porton 17-10-12 
> !keywords address conversion access !discussion
> 
> I propose to clarify and understand "The To_Pointer and To_Address 
> subprograms convert back and forth between values of types 
> Object_Pointer and Address." as:
> 
> To_Address limited to objects X which allow 'Unchecked_Access of some 
> (arbitrarily chosen) fixed type T is an injection from the set of 
> accesses to such objects to the set of values of System.Address.
> To_Pointer limited to values of System.Address so produces by 
> To_Address is its inverse function.

Generally, a clarification is *easier* to understand. The above is clear as
mud. :-) In particular, "limited to" doesn't make sense in this context. In
the second sentence, "limited to" seems to provide no limit at all (it seems
to limit to any value of System.Address, which is no limit at all). And I'd
have to go get out an old college textbook to remember what an "injection" is.

The current wording says:

The To_Pointer and To_Address subprograms convert back and forth between
values of types Object_Pointer and Address. To_Pointer(X'Address) is equal
to X'Unchecked_Access for any X that allows Unchecked_Access.
To_Pointer(Null_Address) returns null. For other addresses, the behavior is
unspecified. To_Address(null) returns Null_Address. To_Address(Y), where
Y /= null, returns Y.all'Address. 

This clearly states the limitations. Note the equivalence to
X'Unchecked_Access. This means that the requirements on equality of access
values applies (there's no exclusion for values that come from
Address_to_Access_Conversions!). Specifically, 4.5.2(12) states: "Two
access-to-object values are equal if they designate the same object, or if
both are equal to the null value of the access type." This means that
X'Unchecked_Access must not be equal to Y'Unchecked_Access if X and Y are
different (aliased) objects.

Following from that, To_Pointer(X'Address) /= To_Pointer(Y'Address) if X is
a different aliased object from Y. This requires that X'Address /= Y'Address
as well (otherwise, the above couldn't possibly be the case -- how could the
package tell the objects apart?).

The rules also state "To_Address(Y), where Y /= null, returns Y.all'Address".
Replacing Y with X'Unchecked_Access, we get
   To_Address(X'Unchecked_Access) returns X'Unchecked_Access.all'Address
better written (since X'Unchecked_Access.all = X) as
   To_Address(X'Unchecked_Access) returns X'Address

> In simpler words, To_Address values is different for different objects 
> (that allow 'Unchecked_Access) of the same type and
> To_Pointer(To_Address(X)) = X for every object X which allows 
> 'Unchecked_Access.

This is definitely true by the current rules of the language, as proven above.
No clarification (or confusifcation :-) is needed.

A compiler that doesn't do this is clearly wrong, and that should be reported
as a bug to the vendor. OTOH, keep in mind that these rules only apply to
aliased objects (and a handful of other cases). Normal objects aren't covered
(and can't be in general, as they may not be aligned properly for an access
value, and perhaps are not even allocated in normal memory).

> This is useful for instance to implement the package Convert_Void as 
> defined in 
> https://groups.google.com/d/msg/comp.lang.ada/-xfDsAOMj5s/voMrKgroBwAJ

This is a lousy problem statement, as it requires readers to go figure out in
a chunk of source code why you want to use round-trip Address to Access back
to Address conversions. At the very least, you should have provided a summary
here of why you are doing this, and then pointed to the source code for a
practical example. (People don't like following links from those they don't
know. Spammers use links that *look* OK to spread malware, after all.
Including a summary in this request makes it clearer, and reduces the need to
look at the actual code).

If this was a common concern, I suppose we could add an AARM note using the
"simpler words" above. But the lack of a good problem statement, and the lack
of other people questioning this, suggests that it isn't common.

***************************************************************

Questions? Ask the ACAA Technical Agent