Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:83530 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 28972 invoked from network); 23 Feb 2015 02:06:08 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 23 Feb 2015 02:06:08 -0000 Authentication-Results: pb1.pair.com header.from=zeev@zend.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=zeev@zend.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain zend.com designates 209.85.223.180 as permitted sender) X-PHP-List-Original-Sender: zeev@zend.com X-Host-Fingerprint: 209.85.223.180 mail-ie0-f180.google.com Received: from [209.85.223.180] ([209.85.223.180:34889] helo=mail-ie0-f180.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id E2/36-33016-D0B8AE45 for ; Sun, 22 Feb 2015 21:06:08 -0500 Received: by iecrl12 with SMTP id rl12so20174667iec.2 for ; Sun, 22 Feb 2015 18:06:03 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:references:in-reply-to:mime-version :thread-index:date:message-id:subject:to:cc:content-type; bh=9x2TsxWdwdFh9uRe1OWSHLjhzb9royzIe2PXQ3Uq1nM=; b=Vf1vXTK3euTmGBg935ZuYLUVTZlsiUzufiIYad12llRuBipKT3jdOvgx3/A/vJrWM8 EUToRDM+EzWtfsom6EqXhKwoqlK8fTVhb31sChh2hQmLeP7p5aOCicfuuhqjt+yC3wAV OH2phzlzyK6VDaY+lsJspPO83FIRqIlWqjwABgqrJABk4Xbh2K2c0bjx6jcfioSF2ltg JKAbtG19kSUVtdrJny4xaq8GEzL81A8cjs25j8aXaRz2al5zITMuA4XdhR9kVKZuUkmU mGTEia9/wu4EcHZw6NScONPGIyW6+UaHcd11CTsmGh0IhH/sDx8KM1SWKypK9tDuxWZn vIWg== X-Gm-Message-State: ALoCoQlrpTy2yi5PRCuxOk5c1bxlsUS84daZyfiRVKxW5W38VVpLToRYFrzJuilxiD/53ufaY/H4UzTdKfrxtlDXi5IqLD7YrLOZMeSaOGERiruvJkJEqJmZlNkl0oio0a4DKu0AHgPFbc+2gBhX2xZFK66g8ZGsbw== X-Received: by 10.50.32.70 with SMTP id g6mr10032401igi.35.1424657163363; Sun, 22 Feb 2015 18:06:03 -0800 (PST) References: <2e4694f9805ee81ea0b2c79eab06c2d6@mail.gmail.com> <54EA5EDA.8010605@gmail.com> <54EA6A99.5010609@gmail.com> <54EA7F15.9030606@gmail.com> <54EA891B.6030405@gmail.com> In-Reply-To: <54EA891B.6030405@gmail.com> MIME-Version: 1.0 X-Mailer: Microsoft Outlook 14.0 Thread-Index: AQIDXD7ehmaYKzbAddTs7O1sB4MzmgIw+OLdAe4e2iYCibfnDQEmdWqtAiDZcfAB4cR2SQJXxpD6nCYS8QA= Date: Mon, 23 Feb 2015 04:06:02 +0200 Message-ID: <09b9ee836c04b1750614a91bd39a5bed@mail.gmail.com> To: Jefferson Gonzalez Cc: PHP internals Content-Type: text/plain; charset=UTF-8 Subject: RE: [PHP-DEV] JIT (was RE: [PHP-DEV] Coercive Scalar Type Hints RFC) From: zeev@zend.com (Zeev Suraski) > -----Original Message----- > From: Jefferson Gonzalez [mailto:jgmdev@gmail.com] > Sent: Monday, February 23, 2015 3:58 AM > To: Stanislav Malyshev; Anthony Ferrara > Cc: Zeev Suraski; Jefferson Gonzalez; PHP internals > Subject: Re: [PHP-DEV] JIT (was RE: [PHP-DEV] Coercive Scalar Type Hints > RFC) > > How casting (int) could be such dangerous thing? Lets take for example > this > code: > > echo (int) "whats cooking!"; > echo intval("whats cooking"); > > Both statements print 0, so how is casting unsafe??? One key premise behind both strict type hinting and coercive type hinting is that conversions that lose data, or that 'invent' data, are typically indicators of a bug in the code. You're right that there's no risk of a segfault or buffer overflow from the snippets you listed. But there are fair chances that if you fed $x into round() and it contains "whats cooking" (string), your code contains a bug. Coercive typing allows 'sensible' conversions to take place, so that if you pass "35.7" (string) to round() it will be accepted without a problem. Strict typing will disallow any input that is not of the exact type that the function expects, so in strict mode, round() will reject it. The point that was raised by Stas and others is that this is likely to push the user to explicitly cast the string to float; Which from that point onwards, happily accept "whats cooking", keeping the likely bug undetected. Zeev