From owner-freebsd-hackers  Sat Jan 10 01:14:03 1998
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id BAA11050
          for hackers-outgoing; Sat, 10 Jan 1998 01:14:03 -0800 (PST)
          (envelope-from owner-freebsd-hackers@FreeBSD.ORG)
Received: from parkplace.cet.co.jp (parkplace.cet.co.jp [202.32.64.1])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id BAA11004
          for <hackers@FreeBSD.ORG>; Sat, 10 Jan 1998 01:13:50 -0800 (PST)
          (envelope-from michaelh@cet.co.jp)
Received: from localhost (michaelh@localhost) by parkplace.cet.co.jp (8.8.8/CET-v2.2) with SMTP id JAA18048; Sat, 10 Jan 1998 09:13:07 GMT
Date: Sat, 10 Jan 1998 18:13:07 +0900 (JST)
From: Michael Hancock <michaelh@cet.co.jp>
To: Jamie Bowden <jamie@itribe.net>
cc: John Peter DeVale <jdevale@ece.cmu.edu>, hackers@FreeBSD.ORG
Subject: Re: FreeBSD Netcards
In-Reply-To: <199801091427.JAA07552@gatekeeper.itribe.net>
Message-ID: <Pine.SV4.3.95.980110180117.17965B-100000@parkplace.cet.co.jp>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk

I'm firmly in the camp that correctness is a higher priority than
robustness.

A user process should be terminated quickly when it does something wrong. 
This ends up giving us far higher quality code than having the kernel
sweeping possibly insidious bugs under the carpet.  These include NULL
value errors and double FREEs.

I agree with your later statements that the kernel should be protected
from crashing from junk values going into system calls.

Regards,


Mike Hancock

--
michaelh@cet.co.jp                                http://www.cet.co.jp
CET Inc., Daiichi Kasuya BLDG 8F 2-5-12, Higashi Shinbashi, Minato-ku,
Tokyo 105 Japan              Tel: +81-3-3437-1761 Fax: +81-3-3437-1766