From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.5-pre1 (2020-06-20) on ip-172-31-74-118.ec2.internal X-Spam-Level: X-Spam-Status: No, score=-0.0 required=3.0 tests=BAYES_40 autolearn=ham autolearn_force=no version=3.4.5-pre1 Date: 2 Jan 92 06:09:16 GMT From: eachus@mitre-bedford.arpa (Robert I. Eachus) Subject: Re: unchecked conversion Message-ID: List-Id: In article <1546@cyclope.enst.fr> rosen@cyclope.enst.fr (Jean-Pierre Rosen) wri tes: [lots of good stuff deleted] In a project, QA should forbid using UNCHECKED_CONVERSION unless a waiver is granted. QA will then just ask the library manager for units that depend on UNCHECKED_CONVERSION to check that only authorized modules make use of it, NO CODE INSPECTION is necessary. This is a great improvement over undisciplined type-cast (like in C/C++) where careful reading of all code is mandatory. While I am not sure that the authority to permit use of UNCHECKED_CONVERSION should rest with QA, instead of the chief architect or a design committee, there should be one hard and fast rule: Use of UNCHECKED_CONVERSION in a library package specification is unchecked perversion. Seriously the only way I have seen programmers get into trouble with UNCHECKED_CONVERSION is to instantiate it in a library package. When there is a later need to change the implementation of the type, it turns out that other code depends on the mapping. Of course there is now no checking either at compile time or run-time to find out where these dependancies are. Might as well program in C. -- Robert I. Eachus "We woke up this morning in the Union of Sovereign States." Russian television announcer Alexander Gurnov told viewers Sunday (December 8, 1991). "We are now in a Commonwealth of Independent States. You never know what country we will wake up in tomorrow."