Tucker Taft wrote:
>
Thank you for this answer.

...
> Sometimes rather than building something in to
> the language, we concluded it was a "programming problem" and it
> was better to provide the "building blocks" to allow the programmer
> to solve it, rather than trying to provide the end-all and be-all
> builtin feature.
I obviously agree with this. This is one of of Ada elegance keys.

>
> In this case, it might have been better to provide some kind of
> composable 'Valid, though I am not sure.  In any case, presuming
> your program is not rife with Unchecked_Conversions, you can probably
> do what needs to be done yourself, albeit with more effort during
> development and maintenance.

My program use a lot of Unchecked_Conversion : it exchange lots of
messages with external devices. Those messages are read on streams and
converted to records (with embedded records, etc.). Some of the
elementary component are enum with representation holes, or integer
with, for example, range 1 .. 15 stored on 4 bits.
This is a common case for communication programs, i think. In this case,
and even with a lot of limitations, a composable 'Valid could be
useful.

To check those message, programmers manualy insert validity checking on
the subcomponent where it make sense. But i don't fiel confortable in
relying on humans! I had really prefered a systematic, langage provided,
way to do this.

Anyway, as there is curently no such a mechanism. My idea is to build an
ASIS tools to check the points where invalid value enter in the program
("Unchecked_Conversion", 'read, 'input, ...) and to warn the programmer
if some of the dangerous fields are used without a 'Valid check.
Not so easy to do... Does-it exist?

Lionel Draghi.