From owner-freebsd-arch@FreeBSD.ORG  Sat May 12 15:24:00 2007
Return-Path: <owner-freebsd-arch@FreeBSD.ORG>
X-Original-To: arch@freebsd.org
Delivered-To: freebsd-arch@FreeBSD.ORG
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 8FD3316A403;
	Sat, 12 May 2007 15:24:00 +0000 (UTC)
	(envelope-from ache@nagual.pp.ru)
Received: from nagual.pp.ru (nagual.pp.ru [194.87.13.69])
	by mx1.freebsd.org (Postfix) with ESMTP id 1055513C448;
	Sat, 12 May 2007 15:23:59 +0000 (UTC)
	(envelope-from ache@nagual.pp.ru)
Received: from nagual.pp.ru (ache@localhost [127.0.0.1])
	by nagual.pp.ru (8.14.1/8.14.1) with ESMTP id l4CFNmS8028911;
	Sat, 12 May 2007 19:23:48 +0400 (MSD)
	(envelope-from ache@nagual.pp.ru)
Received: (from ache@localhost)
	by nagual.pp.ru (8.14.1/8.14.1/Submit) id l4CFNmpQ028910;
	Sat, 12 May 2007 19:23:48 +0400 (MSD) (envelope-from ache)
Date: Sat, 12 May 2007 19:23:48 +0400
From: Andrey Chernov <ache@freebsd.org>
To: Robert Watson <rwatson@freebsd.org>
Message-ID: <20070512152347.GA28834@nagual.pp.ru>
References: <20070505163707.J6670@thor.farley.org>
	<20070505221125.GA50439@nagual.pp.ru>
	<20070506091835.A43775@besplex.bde.org>
	<20070508162458.G6015@baba.farley.org>
	<20070508222521.GA59534@nagual.pp.ru>
	<20070509200000.B56490@besplex.bde.org>
	<20070510184447.H4969@baba.farley.org>
	<20070511003443.GA6422@nagual.pp.ru>
	<20070511182126.U9004@baba.farley.org>
	<20070512160859.T63806@fledge.watson.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20070512160859.T63806@fledge.watson.org>
User-Agent: Mutt/1.5.15 (2007-04-06)
Cc: Daniel Eischen <deischen@freebsd.org>, arch@freebsd.org,
	"Sean C. Farley" <sean-freebsd@farley.org>
Subject: Re: HEADS DOWN
X-BeenThere: freebsd-arch@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Discussion related to FreeBSD architecture <freebsd-arch.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
	<mailto:freebsd-arch-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-arch>
List-Post: <mailto:freebsd-arch@freebsd.org>
List-Help: <mailto:freebsd-arch-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
	<mailto:freebsd-arch-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 12 May 2007 15:24:00 -0000

On Sat, May 12, 2007 at 04:10:44PM +0100, Robert Watson wrote:
>  Actually, I'm not convinced that crashing the program isn't the right 
>  answer. If an application corrupts memory managed by libc or other 
>  libraries, crashing is generally considered an entirely acceptable failure 
>  mode.

It can be corruption, yes, but it can be intentional action too. Many 
programs directly perform environ clearing or modifications. In case it 
will be directly allowed to put anything there, I would insist of removing 
not errx() but even warnx(), but situation is unclear. POSIX forbids 
modifying environ directly, but C99 have getenv() only and allows 
direct modification of environ, so what happens depends on standard and 
common practice.

-- 
http://ache.pp.ru/