enforce()?

[Ary Borenszweig]

On 06/16/2010 11:44 PM, Walter Bright wrote:
> Ary Borenszweig wrote:
>> On 06/16/2010 04:15 PM, Walter Bright wrote:
>>> The difference is not based on those 3 points, but on what Andrei wrote
>>> here. Contracts and error checking are completely distinct activities
>>> and should not be conflated.
>>
>> Could you please explain them? There are many people here that don't
>> understand the difference between these two concepts (including me).
>> So maybe we are too dumb, maybe those concepts are not generally known
>> or maybe the explanation is not very well clear in the documentation.
>
> It has nothing to do with being dumb, as it is not obvious.
>
> Contracts are for verifying that your program is in a state that it is
> designed to be in. A contract failure is defined as a program bug.
>
> Errors, on the other hand, are things that can go wrong at run time,
> like your disk is full when trying to write a file. These are NOT
> program bugs.
>
> Another way to look at it is your program should continue to operate
> correctly if all the contracts are removed. This is not true of removing
> all error checking and handling.
>
> Furthermore, errors are something a program can recover from and
> continue operating. Contract failures are ALWAYS fatal. A common newbie
> (and some expert) misconception is that contract failures can or even
> must be recovered. This comes from a misunderstanding of the basic
> principles of engineering a safe and reliable system.

Ah, ok, now I understand. Thanks.