[libcxx-commits] [PATCH] D116045: [libc++][ABI BREAK] Start using `arc4random()` to implement `std::random_device` on Apple
Louis Dionne via Phabricator via libcxx-commits
libcxx-commits at lists.llvm.org
Tue Jan 4 12:28:04 PST 2022
ldionne added a comment.
In D116045#3206713 <https://reviews.llvm.org/D116045#3206713>, @Mordante wrote:
> I assume software on Mac dynamically links libc++.so and that normally there's only one system version of libc++.so installed. I'm somewhat concerned about this use case:
>
> - A user has bought software that uses `random_device("/dev/not_urandom")`
> - The user update to a new MacOS which has the proposed changes
> - Now the application terminated due to an uncaught exception
>
> When this scenario can happen it's possible to break working software by updating the random device. So I agree that not throwing is a kind of ABI-break, but I consider possibly breaking working code after a system upgrade by the user also an ABI-break and worse than the other.
>
> Should we discuss this further on Discord?
Right -- so I tried explaining this in my commit message here:
> This behavior is preferred to ignoring the custom token in order to avoid surprising changes in behavior when a custom token was expected to result in the corresponding file being used for entropy.
Basically, what I'm suggesting is that it's better to fail fast and loud than to be silently incorrect. One could argue that the behavior if we silently ignore the custom token isn't really incorrect, though. I'll ignore the token instead.
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D116045/new/
https://reviews.llvm.org/D116045
More information about the libcxx-commits
mailing list