D. Unchecked type Conversion - JulTob/Ada GitHub Wiki

Unchecked conversions

This Ada program demonstrates the use of unchecked conversions, a potentially dangerous feature in Ada that allows for direct conversion between incompatible types without type checking. This technique can be used to reinterpret the bit-level representation of one type as another.

with Ada.Unchecked_Conversion; use Ada;
procedure Unchecked_Example is 
   
   -- Define a vector (array) of 4 integers
   type Vector is array (1 .. 4) of Integer; 
   
   -- Explicitly set the size of the vector in bits (4 * the size of an Integer)
   for Vector'Size use 4 * Integer'Size;             

   -- Define a record with 4 integer components
   type Data is                                     
      record
         V1 : Integer;
         V2 : Integer;
         V3 : Integer;
         V4 : Integer;
        end record;                                 

   -- Set the size of the record to match that of the array
   for Data'Size use 4 * Integer'Size;               

   -- Create an unchecked conversion function to convert from Vector to Data
   function Convert is new Unchecked_Conversion(Source => Vector, Target => Data);

   -- Initialize a vector and a record
   The_Vector : Vector := (2, 4, 6, 8);              
   The_Data   : Data   := (1, 3, 5, 7);              

   begin
      -- Perform unchecked conversion from the vector to the record
      The_Data := Convert(The_Vector);                  

      end Unchecked_Example;

The core feature of this program is the use of Unchecked_Conversion, which allows for type conversion without type safety checks. This is often used to reinterpret the data stored in one type as another.

Here, Convert is a function that takes a Vector as input and returns a Data record by reinterpreting the bits in memory.

Both types are designed to be equivalent in size so that Unchecked_Conversion can "safely" reinterpret one as the other.

To ensure the two types are the same size, both the Vector and the Data types explicitly define their sizes using the 'Size attribute

Why is This Dangerous?

Unchecked conversion bypasses Ada’s strong typing system, which can lead to undefined behavior if the sizes or structures of the types involved do not match. Although this example carefully matches the sizes of Vector and Data, misuse of Unchecked_Conversion can result in runtime errors or corrupted data if, for example:

  • The two types had different sizes or layouts.
  • The memory representations of the types weren’t compatible.

What is This Good For?

  • Low-Level Programming
    • This technique is sometimes necessary in low-level system programming, where direct memory manipulation or reinterpretation of data is required.
  • Performance Optimization:
    • In specific scenarios, unchecked conversion can be used to optimize performance by avoiding type checks. However, it must be used carefully to avoid introducing bugs.