On 2022/05/16 15:13, Luke Small wrote: > If you’re not running a threaded program, my function wouldn’t be “less > safe.” > > I’d imagine that 99% of programs aren’t multithreaded.
code is reused in different places. non threaded programs are sometimes turned into threaded programs and when that happens, sometimes non-thread-safe calls are missed. so i'd argue that it is still less safe. in some cases there might be benefits that would mean it's worth it, especially if the failure modes would be obvious such that they can be detected. really not seeing that here. (how often are you even calling arc4random_uniform to consider it slow?!) if the consequence is not a crash but instead subtly broken randomness, how long do you think it's going to take to notice and report/fix it? even *very* broken randomness in widespread software distributions has been known to sit around for a long time before it's noticed: - predictable rng in a popular os. *serious* bug. introduced 2006, discovered/reported nearly 2 years later. - non-fork-safe rng in a popular ssl library, introduced sometime before sept 2018, reported may 2019.
