Xref: utzoo comp.bugs.4bsd:1720 comp.lang.c:35771
Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!sun-barr!decwrl!uunet!ora!ora.ora.com!ambar
From: ambar@ora.com (Jean Marie Diaz)
Newsgroups: comp.bugs.4bsd,comp.lang.c
Subject: Re: Complexity of reallocating storage
Message-ID: <1991Feb4.195805.16710@ora.com>
Date: 4 Feb 91 19:58:05 GMT
References: <21548@yunexus.YorkU.CA> <5883:Feb102:05:4991@kramden.acf.nyu.edu>
	<1991Feb2.045119.22199@zoo.toronto.edu>
	<14994:Feb207:10:4791@kramden.acf.nyu.edu>
Sender: news@ora.com
Organization: Redheads Anonymous
Lines: 30
In-Reply-To: brnstnd@kramden.acf.nyu.edu's message of 2 Feb 91 07:10:47 GMT


   From: brnstnd@kramden.acf.nyu.edu (Dan Bernstein)
   Date: 2 Feb 91 07:10:47 GMT

   >    (void) read(fdsess,(char *) &newuid,sizeof(int));

   This is guaranteed to work [...]

   >    (void) chdir("..");

   This is guaranteed to work.

   >      (void) chdir(newsuid);
   >     }

   Cannot fail.

  [and so forth]

I commend to you a paper titled "Can't Happen, or /*NOTREACHED*/, or
Real Programs Dump Core", by Ian Darwin & Geoff Collyer.  It can be
found in the proceedings of the Winter Usenix Conference, Dallas 1985,
pages 136-151.  Or FTP to cs.toronto.edu will get you the Postscript
version under doc/programming/canthappen.PS.

Since "anything that can go wrong will go wrong", it is a programmer's
responsibility to deal with Murphy as gracefully as possible.  Dumping
core is never graceful.

				AMBAR