[libcxx-commits] [PATCH] D116045: [libc++] Use arc4random instead of /dev/urandom on Apple platforms
Louis Dionne via Phabricator via libcxx-commits
libcxx-commits at lists.llvm.org
Tue Dec 21 12:41:52 PST 2021
ldionne marked an inline comment as done.
ldionne added a comment.
In D116045#3205454 <https://reviews.llvm.org/D116045#3205454>, @ldionne wrote:
> I am really ambivalent on this. My understanding is that these `__throw`s are meant to basically say "you should not ever use a non-default-constructed `random_device`". Failing at least ensures that users don't think they are using some other source of randomness -- they will definitely notice the change. Like I said, I would be surprised if anyone ever noticed the change, however if they did, I'm unsure whether it would be better to error out explicitly (so they can notice and fix their stuff), or to swallow the error and just disregard the token. I am currently leaning slightly towards the former, but I can easily be convinced otherwise. For now I'll update with my proposed patch if we do go for the former.
I guess what I should say here to justify my leaning is that I view the act of ignoring a user's custom token as being as much of an ABI break as suddenly starting to throw an exception. One of them is just waaaay more subtle, but I can imagine users being broken by either equally (e.g. if they were specifying a custom file to read entropy from and somehow the entropy provided in that file had important properties). We're kind of stretching it, but that's what's on my mind in preferring to break users explicitly instead of more subtly.
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D116045/new/
https://reviews.llvm.org/D116045
More information about the libcxx-commits
mailing list