Re: unchecked conversion

[eachus@mitre-bedford.arpa (Robert I. Eachus)]

In article <1546@cyclope.enst.fr> rosen@cyclope.enst.fr (Jean-Pierre Rosen) wri
tes:

   [lots of good stuff deleted]
   In a project, QA should forbid using UNCHECKED_CONVERSION unless a
   waiver is granted. QA will then just ask the library manager for
   units that depend on UNCHECKED_CONVERSION to check that only
   authorized modules make use of it, NO CODE INSPECTION is necessary.
   This is a great improvement over undisciplined type-cast (like in
   C/C++) where careful reading of all code is mandatory.

   While I am not sure that the authority to permit use of
UNCHECKED_CONVERSION should rest with QA, instead of the chief
architect or a design committee, there should be one hard and fast
rule:  Use of UNCHECKED_CONVERSION in a library package specification
is unchecked perversion.

   Seriously the only way I have seen programmers get into trouble
with UNCHECKED_CONVERSION is to instantiate it in a library package.
When there is a later need to change the implementation of the type,
it turns out that other code depends on the mapping.  Of course there
is now no checking either at compile time or run-time to find out
where these dependancies are.  Might as well program in C.


--

					Robert I. Eachus

"We woke up this morning in the Union of Sovereign States."  Russian
television announcer Alexander Gurnov told viewers Sunday (December 8,
1991).  "We are now in a Commonwealth of Independent States.  You
never know what country we will wake up in tomorrow."