From owner-svn-src-all@FreeBSD.ORG Wed Jun 20 21:24:17 2012 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 169021065672 for ; Wed, 20 Jun 2012 21:24:17 +0000 (UTC) (envelope-from bounces+73574-8822-svn-src-all=freebsd.org@sendgrid.me) Received: from o3.shared.sendgrid.net (o3.shared.sendgrid.net [208.117.48.85]) by mx1.freebsd.org (Postfix) with SMTP id 8D4F08FC19 for ; Wed, 20 Jun 2012 21:24:16 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sendgrid.info; h= message-id:date:from:mime-version:to:cc:subject:references :in-reply-to:content-type:content-transfer-encoding; s=smtpapi; bh=cN88ZNaSC7tESRP+6oeN38JKN9Q=; b=TXTtpRnqrABHUbZ8qscGsHnUs/wY teM24AbRFCKkECUK/zqyrkaljbNmC1xghZA/ECgqG4M5xXJ31W+oc1IVPQhoqZgK VGyHdOWxWiG5FIIxz1To/oNGlc1MdjetXEjNSRWetgc3I8zIdWRiGJOxWDLxoOOR ru/+La3KXo/Hd70= Received: by 10.36.109.177 with SMTP id mf45.22826.4FE23F7F3 Wed, 20 Jun 2012 16:24:15 -0500 (CDT) Received: from mail.tarsnap.com (unknown [10.9.180.5]) by mi2 (SG) with ESMTP id 4fe23f7f.970.bb13a for ; Wed, 20 Jun 2012 16:24:15 -0500 (CST) Received: (qmail 87295 invoked from network); 20 Jun 2012 21:23:50 -0000 Received: from unknown (HELO clamshell.daemonology.net) (127.0.0.1) by ec2-107-20-205-189.compute-1.amazonaws.com with ESMTP; 20 Jun 2012 21:23:50 -0000 Received: (qmail 91838 invoked from network); 20 Jun 2012 21:23:32 -0000 Received: from unknown (HELO clamshell.daemonology.net) (127.0.0.1) by clamshell.daemonology.net with SMTP; 20 Jun 2012 21:23:32 -0000 Message-ID: <4FE23F54.5060409@freebsd.org> Date: Wed, 20 Jun 2012 14:23:32 -0700 From: Colin Percival User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:12.0) Gecko/20120509 Thunderbird/12.0.1 MIME-Version: 1.0 To: Warner Losh References: <201206200638.q5K6cg7u024024@svn.freebsd.org> <20120621015220.J2636@besplex.bde.org> <4FE1FC23.9000904@freebsd.org> <690DF487-F7CB-421E-B6BC-F7CE6BC0F658@bsdimp.com> In-Reply-To: <690DF487-F7CB-421E-B6BC-F7CE6BC0F658@bsdimp.com> X-Enigmail-Version: 1.5pre Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Sendgrid-EID: A6W2xSVPHetogaU8rnzccWwgBYtN+QvIzXyjfe/10PFSOCai/4cXwjQzgimCQL2khnIsJsfm3XEbQ3aayIPjhJM/x7lWOdRWB6V7XDB062z4bwycTIVF1Zf3MOOpCoINCYG5O2xIM2NirbT+3coq0XX5D5Jhvr8qOGROPaMsbb8= Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org, Eitan Adler , Bruce Evans Subject: Re: svn commit: r237286 - head/lib/libc/gen X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Jun 2012 21:24:17 -0000 On 06/20/12 14:15, Warner Losh wrote: > On Jun 20, 2012, at 10:36 AM, Colin Percival wrote: >> On 06/20/12 09:27, Bruce Evans wrote: >>> On Wed, 20 Jun 2012, Eitan Adler wrote: >>>> Log: >>>> Don't close an uninitialized descriptor. [1] >>>> Add a sanity check for the validity of the passed fd. >>> >>> Library functions shouldn't use assert() or abort(). >> >> Why not? > > We've tried to avoid things that make the library dump core... You mean, we avoid it except in the places where we don't? It seems to me that dumping core is exactly the right way to handle a "can't ever happen" situation inside libc -- just like the ~250 instances of assert() in jemalloc. If you mean "passing an invalid parameter to a library function shouldn't result in a core dump", I agree -- but that's not the case here. -- Colin Percival Security Officer Emeritus, FreeBSD | The power to serve Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid