Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!usc!apple!bbn.com!nic!kira!emily!wollman
From: wollman@emily.uvm.edu (Garrett Wollman)
Newsgroups: comp.bugs.4bsd
Subject: Re: Safe coding practices
Message-ID: <1991Feb3.021306.14640@uvm.edu>
Date: 3 Feb 91 02:13:06 GMT
References: <22311:Jan2502:34:1191@kramden.acf.nyu.edu> <14970@smoke.brl <1074@mwtech.UUCP>
Sender: news@uvm.edu
Organization: University of Vermont - EMBA Computing Facility
Lines: 22
Raymond-Protection: enabled

In article <1074@mwtech.UUCP> martin@mwtech.UUCP (Martin Weitzel) writes:
>RIGHT! Don't assume anything that *can* fail will *not* fail in your
>particular case. (And don't apply "logic" - there may be reasons you can't
>see right now because they are outside the range of your experiences.)
>-- 
>Martin Weitzel, email: martin@mwtech.UUCP, voice: 49-(0)6151-6 56 83

This reminds me of the origin of the Andrew Message System.  CMU
developed AMS chiefly because, with AFS (then the Andrew File System
and before that VICE), it is now possible for close() to *fail*.
Since most programmers (including the ones responsible for the
standard MUAs and MTAs on their target hosts) operated under the
assumption that it is impossible for a close() to have a soft failure,
they had to develop a message system that was reliable in instances
where close() *could* fail.

-GAWollman

Garrett A. Wollman - wollman@emily.uvm.edu

Disclaimer:  I'm not even sure this represents *my* opinion, never
mind UVM's, EMBA's, EMBA-CF's, or indeed anyone else's.