I noticed tor sometimes exits 0 on error, specifically in monitor_owning_controller_process in src/or/control.c:
if (owning_controller_process_monitor == NULL) { log_err(LD_BUG, "Couldn't create process-termination monitor for " "owning controller: %s. Exiting.", msg); owning_controller_process_spec = NULL; tor_cleanup(); exit(0); }
and in try_locking in main.c:
r = try_locking(options, 0); if (r<0) { log_err(LD_GENERAL, "No, it's still there. Exiting."); exit(0); }
When to exit 0 on error?
On Thu, Jun 22, 2017 at 10:49 PM, f55jwk4f@vfemail.net wrote:
I noticed tor sometimes exits 0 on error, specifically in monitor_owning_controller_process in src/or/control.c:
if (owning_controller_process_monitor == NULL) { log_err(LD_BUG, "Couldn't create process-termination monitor for " "owning controller: %s. Exiting.", msg); owning_controller_process_spec = NULL; tor_cleanup(); exit(0); }
and in try_locking in main.c:
r = try_locking(options, 0); if (r<0) { log_err(LD_GENERAL, "No, it's still there. Exiting."); exit(0); }When to exit 0 on error?
When the error is unrecoverable, and continuing would be worse then exiting.
On Fri, Jun 23, 2017 at 9:29 AM, Nick Mathewson nickm@alum.mit.edu wrote:
On Thu, Jun 22, 2017 at 10:49 PM, f55jwk4f@vfemail.net wrote:
I noticed tor sometimes exits 0 on error [...] When to exit 0 on error?
When the error is unrecoverable, and continuing would be worse then exiting.
I don't think the question was "when is it appropriate to _exit_ on error?" I think it was "when is it appropriate to exit _0_ (i.e. apparently successfully) on error?"
My expectation would be that exit(0) on fatal error is presumptively a minor bug, it should be exit(1), and if there is some compelling reason to exit successfully in a particular error case, there ought to be a comment explaining that reason.
zw
On Fri, Jun 23, 2017 at 10:29:32AM -0400, Zack Weinberg wrote:
On Fri, Jun 23, 2017 at 9:29 AM, Nick Mathewson nickm@alum.mit.edu wrote:
On Thu, Jun 22, 2017 at 10:49 PM, f55jwk4f@vfemail.net wrote:
I noticed tor sometimes exits 0 on error [...] When to exit 0 on error?
When the error is unrecoverable, and continuing would be worse then exiting.
I don't think the question was "when is it appropriate to _exit_ on error?" I think it was "when is it appropriate to exit _0_ (i.e. apparently successfully) on error?"
My expectation would be that exit(0) on fatal error is presumptively a minor bug, it should be exit(1), and if there is some compelling reason to exit successfully in a particular error case, there ought to be a comment explaining that reason.
zw
Yes. I mean why to exit success instead of failure. But I don't know if those cases are typos, because there are 2 such cases, and a typo like that can be easily spotted in a review.
On Sat, Jun 24, 2017 at 12:38 AM, f55jwk4f@vfemail.net wrote:
On Fri, Jun 23, 2017 at 10:29:32AM -0400, Zack Weinberg wrote:
My expectation would be that exit(0) on fatal error is presumptively a minor bug, it should be exit(1), and if there is some compelling reason to exit successfully in a particular error case, there ought to be a comment explaining that reason.
Yes. I mean why to exit success instead of failure. But I don't know if those cases are typos, because there are 2 such cases, and a typo like that can be easily spotted in a review.
Yes, but a typo like that can also be easily *missed* in a review; you read what ought to be there instead of what is.
zw
On Sat, Jun 24, 2017 at 12:38 AM, f55jwk4f@vfemail.net wrote:
On Fri, Jun 23, 2017 at 10:29:32AM -0400, Zack Weinberg wrote:
On Fri, Jun 23, 2017 at 9:29 AM, Nick Mathewson nickm@alum.mit.edu wrote:
On Thu, Jun 22, 2017 at 10:49 PM, f55jwk4f@vfemail.net wrote:
I noticed tor sometimes exits 0 on error [...] When to exit 0 on error?
When the error is unrecoverable, and continuing would be worse then exiting.
I don't think the question was "when is it appropriate to _exit_ on error?" I think it was "when is it appropriate to exit _0_ (i.e. apparently successfully) on error?"
My expectation would be that exit(0) on fatal error is presumptively a minor bug, it should be exit(1), and if there is some compelling reason to exit successfully in a particular error case, there ought to be a comment explaining that reason.
zw
Yes. I mean why to exit success instead of failure. But I don't know if those cases are typos, because there are 2 such cases, and a typo like that can be easily spotted in a review.
Ah, you're right. Those should be exit(1).
I've opened https://trac.torproject.org/projects/tor/ticket/22720 in case anybody wants to fix this. This would be a good task for anybody who's new to the Tor code: see doc/HACKING/GettingStarted.md for information on getting started and writing patches.
-
f55jwk4f@vfemail.net -
Nick Mathewson -
Zack Weinberg