Ada Conformity Assessment Authority      Home Conformity Assessment   Test Suite ARGAda Standard
Annotated Ada Reference Manual (Ada 2022)Legal Information
Contents   Index   References   Search   Previous   Next 

13.9 Unchecked Type Conversions

[ An unchecked type conversion can be achieved by a call to an instance of the generic function Unchecked_Conversion.] 

Static Semantics

The following language-defined generic library function exists: 
{AI05-0229-1} {AI12-0241-1} generic
   type Source(<>) is limited private;
   type Target(<>) is limited private;
function Ada.Unchecked_Conversion(S : Source) return Target
   with Pure, Nonblocking, Convention => Intrinsic;
pragma Pure(Ada.Unchecked_Conversion);
Reason: {AI05-0229-1} The aspect Convention implies that the attribute Access is not allowed for instances of Unchecked_Conversion. 

Dynamic Semantics

The size of the formal parameter S in an instance of Unchecked_Conversion is that of its subtype. [This is the actual subtype passed to Source, except when the actual is an unconstrained composite subtype, in which case the subtype is constrained by the bounds or discriminants of the value of the actual expression passed to S.]
If all of the following are true, the effect of an unchecked conversion is to return the value of an object of the target subtype whose representation is the same as that of the source object S: 
S'Size = Target'Size. 
Ramification: Note that there is no requirement that the Sizes be known at compile time. 
{AI05-0078-1} S'Alignment is a multiple of Target'Alignment or Target'Alignment is zero.
The target subtype is not an unconstrained composite subtype.
S and the target subtype both have a contiguous representation.
The representation of S is a representation of an object of the target subtype. 
{AI95-00426-01} Otherwise, if the result type is scalar, the result of the function is implementation defined, and can have an invalid representation (see 13.9.1). If the result type is nonscalar, the effect is implementation defined; in particular, the result can be abnormal (see 13.9.1).
Implementation defined: The result of unchecked conversion for instances with scalar result types whose result is not defined by the language.
Implementation defined: The effect of unchecked conversion for instances with nonscalar result types whose effect is not defined by the language.
Reason: {AI95-00426-01} Note the difference between these sentences; the first only says that the bits returned are implementation defined, while the latter allows any effect. The difference is because scalar objects should never be abnormal unless their assignment was disrupted or if they are a subcomponent of an abnormal composite object. Neither exception applies to instances of Unchecked_Conversion. 
Ramification: {AI95-00426-01} Whenever unchecked conversions are used, it is the programmer's responsibility to ensure that these conversions maintain the properties that are guaranteed by the language for objects of the target type. For nonscalar types, this requires the user to understand the underlying run-time model of the implementation. The execution of a program that violates these properties by means of unchecked conversions returning a nonscalar type is erroneous. Properties of scalar types can be checked by using the Valid attribute (see 13.9.2); programs can avoid violating properties of the type (and erroneous execution) by careful use of this attribute.
An instance of Unchecked_Conversion can be applied to an object of a private type, assuming the implementation allows it.

Implementation Permissions

An implementation may return the result of an unchecked conversion by reference, if the Source type is not a by-copy type. [In this case, the result of the unchecked conversion represents simply a different (read-only) view of the operand of the conversion.] 
Ramification: In other words, the result object of a call on an instance of Unchecked_Conversion can occupy the same storage as the formal parameter S. 
An implementation may place restrictions on Unchecked_Conversion.
Ramification: For example, an instantiation of Unchecked_Conversion for types for which unchecked conversion doesn't make sense may be disallowed. 

Implementation Advice

{AI95-00051-02} Since the Size of an array object generally does not include its bounds, the bounds should not be part of the converted data. 
Implementation Advice: Since the Size of an array object generally does not include its bounds, the bounds should not be part of the converted data in an instance of Unchecked_Conversion.
Ramification: On the other hand, we have no advice to offer about discriminants and tag fields. 
The implementation should not generate unnecessary runtime checks to ensure that the representation of S is a representation of the target type. It should take advantage of the permission to return by reference when possible. Restrictions on unchecked conversions should be avoided unless required by the target environment. 
Implementation Advice: There should not be unnecessary runtime checks on the result of an Unchecked_Conversion; the result should be returned by reference when possible. Restrictions on Unchecked_Conversions should be avoided.
Implementation Note: As an example of an unnecessary runtime check, consider a record type with gaps between components. The compiler might assume that such gaps are always zero bits. If a value is produced that does not obey that assumption, then the program might misbehave. The implementation should not generate extra code to check for zero bits (except, perhaps, in a special error-checking mode). 
The recommended level of support for unchecked conversions is: 
{AI05-0299-1} Unchecked conversions should be supported and should be reversible in the cases where this subclause defines the result. To enable meaningful use of unchecked conversion, a contiguous representation should be used for elementary subtypes, for statically constrained array subtypes whose component subtype is one of the subtypes described in this paragraph, and for record subtypes without discriminants whose component subtypes are described in this paragraph. 
Implementation Advice: The recommended level of support for Unchecked_Conversion should be followed.

Wording Changes from Ada 95

{AI95-00051-02} The implementation advice about the size of array objects was moved to 13.3 so that all of the advice about Size is in one place.
{AI95-00426-01} Clarified that the result of Unchecked_Conversion for scalar types can be invalid, but not abnormal. 

Wording Changes from Ada 2005

{AI05-0078-1} Correction: Relaxed the alignment requirement slightly, giving a defined result in more cases. 

Contents   Index   References   Search   Previous   Next 
Ada-Europe Ada 2005 and 2012 Editions sponsored in part by Ada-Europe