Re: Static assertions

[Christoph Grein <christoph.grein@eurocopter.com>]

Robert A Duff wrote:

> Interesting.  But shouldn't it be Assert'(...)?
>                                         ^ ie a qualified expression

  package Verifier is
    subtype Assert is Boolean range True .. True;

    Assert_1 : constant := Boolean'Pos (Assert (Integer'Size = 16));
    Assert_2 : constant := Boolean'Pos
				  (Assert (Integer'Size = 2 * Character'Size));
  end Verifier;

With a type conversion this compiles on my Apex Ada 95 Compiler 3.0.0b on 
Solaris and produces "0 0", with a qualified expression, it gives me the error 
message:

Boolean'Pos (Assert'(Integer'Size = 16)) is disallowed since it is static and 
will raise Constraint_Error [RM_95 4.9(34)]

It seems like the type conversion is ignored.

ARM 4.6(28)
For the evaluation of a type_conversion that is a value conversion, the operand 
is evaluated, and then the value of the operand is converted to a corresponding 
value of the target type, if any. If there is no value of the target type that 
corresponds to the operand value, Constraint_Error is raised[; this can only 
happen on conversion to a modular type, and only when the operand value is 
outside the base range of the modular type.] Additional rules follow:

ARM 4.6(34) Enumeration Type Conversion

ARM 4.6(35)
The result is the value of the target type with the same position number as that 
of the operand value.

Thus there is nowhere specified that the subtype range is checked.
   Put_Line (Integer'Image (Natural (-2.3)));
compiles just fine and produces -2.

ARM 4.7(4)
The evaluation of a qualified_expression evaluates the operand (and if of a 
universal type, converts it to the type determined by the subtype_mark) and 
checks that its value belongs to the subtype denoted by the subtype_mark. The 
exception Constraint_Error is raised if this check fails. 

So thanx to Robert Duff for hinting.

Christoph Grein