[JSR308] Wrapper types
subanark at gmail.com
Tue Mar 4 11:51:19 EST 2008
If the type system cannot be type-safe certified, then a mechanism must be
provided to allow the developer to ignore these rules where needed.
Otherwise the developer will be tempted to use other mechanisms to get
around these rules when needed, which would be less traceable.
Since some code is safe (and can be checked), a way to certify this would be
nice. In that if 'unsafe' methods within the core classes are identified
that can break the semantics, we can certify that this code is safe, and
limit what code needs a closer look at for conformance.
On Mon, Mar 3, 2008 at 11:59 PM, Michael Ernst <mernst at csail.mit.edu> wrote:
> A type system is a useful verification tool, but like any other tool has
> its limitations. Badly-written code may not pass the type system -- maybe
> because it's not safe!
> When a container is used heterogeneously, there is no way, in general, for
> a static analysis to know the specific type of each element; typically,
> analysis makes conservative assumptions about the contents. Furthermore,
> if you want static guarantees about the code, then you also need to avoid
> constructs like casts and reflection that circumvent the type system; a
> static checker could warn about these.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the JSR308