On Feb 10, 2015 3:25 AM, "Stanislav Malyshev" <smalys...@gmail.com> wrote: > > Hi! > > > constraints. Type check is one of them. There are many people argue "This > > language is secure and robust because it has _static_ types". > > These people are wrong. Languages can't really be secure or robust, only > code implemented in these languages can, and we have witnessed many > examples of vulnerable code written in pretty much any widely used > language. Having strict typing may protect against some very basic > errors, but in well-designed and well-tested software such errors would > be rare, and in badly designed software type strictness would not save you. > > > Here comes DbC, once we have contracts for pre/post conditions. We are > > safe from calling functions with invalid parameters during development, yet > > we have optimum performance for production since there is zero contract > > checks > > with production mode including opcode. > > That assumes perfect test coverage in development, both code-wise and, > more importantly, data-wise. Which is impossible. While having assert > primitives that can be turned on and off looks like a useful concept to > me, I don't think it is some kind of magic solution that will change > everything.
DbC is just an approach that may help to write safer programs. Of course, it's just a tool and can't gurantee anything. It's also possible to write safe code in assembler, but it's more difficult. Thanks. Dmitry. > -- > Stas Malyshev > smalys...@gmail.com > > -- > PHP Internals - PHP Runtime Development Mailing List > To unsubscribe, visit: http://www.php.net/unsub.php >
