This is the mail archive of the
glibc-cvs@sourceware.org
mailing list for the glibc project.
GNU C Library master sources branch lxoliva/thread-safety-docs updated. glibc-2.17-469-gf4594e3
- From: aoliva at sourceware dot org
- To: glibc-cvs at sourceware dot org
- Date: 23 Apr 2013 19:09:54 -0000
- Subject: GNU C Library master sources branch lxoliva/thread-safety-docs updated. glibc-2.17-469-gf4594e3
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, lxoliva/thread-safety-docs has been updated
via f4594e30a7e93e77dd6c59c1301ff89f6a8f471d (commit)
from 67da98bec888ac30771cae0be33c8975103f67a5 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=f4594e30a7e93e77dd6c59c1301ff89f6a8f471d
commit f4594e30a7e93e77dd6c59c1301ff89f6a8f471d
Author: Alexandre Oliva <aoliva@redhat.com>
Date: Wed Mar 27 09:06:04 2013 -0300
Revisit functions marked with glocale-revisit.
diff --git a/manual/arith.texi b/manual/arith.texi
index 8b31b79..1d59d0b 100644
--- a/manual/arith.texi
+++ b/manual/arith.texi
@@ -1696,10 +1696,8 @@ double}.
@comment math.h
@comment ISO
@deftypefunx {long double} nanl (const char *@var{tagp})
-@safety{@mtunsafe{glocale-revisit}@asunsafe{glocale-revisit}@acsafe{}}
-@c It actually calls strtod, that has MT-Safety problems upon locale
-@c changes. It needs to be rechecked after the decision to document
-@c setlocale as MT-Unsafe to avoid all those issues.
+@safety{@mtsafe{glocale}@assafe{glocale}@acsafe{}}
+@c The unsafe-but-ruled-safe locale use comes from strtod.
The @code{nan} function returns a representation of NaN, provided that
NaN is supported by the target platform.
@code{nan ("@var{n-char-sequence}")} is equivalent to
@@ -2109,7 +2107,7 @@ as well.
@comment stdlib.h
@comment ISO
@deftypefun {long int} strtol (const char *restrict @var{string}, char **restrict @var{tailptr}, int @var{base})
-@safety{@mtunsafe{glocale-revisit}@asunsafe{glocale-revisit}@acsafe{}}
+@safety{@mtsafe{glocale}@assafe{glocale}@acsafe{}}
@c strtol uses the thread-local pointer to the locale in effect, and
@c strtol_l loads the LC_NUMERIC locale data from it early on and once,
@c but if the locale is the global locale, and another thread calls
@@ -2182,7 +2180,7 @@ There is an example at the end of this section.
@comment wchar.h
@comment ISO
@deftypefun {long int} wcstol (const wchar_t *restrict @var{string}, wchar_t **restrict @var{tailptr}, int @var{base})
-@safety{@mtunsafe{glocale-revisit}@asunsafe{glocale-revisit}@acsafe{}}
+@safety{@mtsafe{glocale}@assafe{glocale}@acsafe{}}
The @code{wcstol} function is equivalent to the @code{strtol} function
in nearly all aspects but handles wide character strings.
@@ -2192,7 +2190,7 @@ The @code{wcstol} function was introduced in @w{Amendment 1} of @w{ISO C90}.
@comment stdlib.h
@comment ISO
@deftypefun {unsigned long int} strtoul (const char *retrict @var{string}, char **restrict @var{tailptr}, int @var{base})
-@safety{@mtunsafe{glocale-revisit}@asunsafe{glocale-revisit}@acsafe{}}
+@safety{@mtsafe{glocale}@assafe{glocale}@acsafe{}}
The @code{strtoul} (``string-to-unsigned-long'') function is like
@code{strtol} except it converts to an @code{unsigned long int} value.
The syntax is the same as described above for @code{strtol}. The value
@@ -2211,7 +2209,7 @@ range, or @code{ERANGE} on overflow.
@comment wchar.h
@comment ISO
@deftypefun {unsigned long int} wcstoul (const wchar_t *restrict @var{string}, wchar_t **restrict @var{tailptr}, int @var{base})
-@safety{@mtunsafe{glocale-revisit}@asunsafe{glocale-revisit}@acsafe{}}
+@safety{@mtsafe{glocale}@assafe{glocale}@acsafe{}}
The @code{wcstoul} function is equivalent to the @code{strtoul} function
in nearly all aspects but handles wide character strings.
@@ -2221,7 +2219,7 @@ The @code{wcstoul} function was introduced in @w{Amendment 1} of @w{ISO C90}.
@comment stdlib.h
@comment ISO
@deftypefun {long long int} strtoll (const char *restrict @var{string}, char **restrict @var{tailptr}, int @var{base})
-@safety{@mtunsafe{glocale-revisit}@asunsafe{glocale-revisit}@acsafe{}}
+@safety{@mtsafe{glocale}@assafe{glocale}@acsafe{}}
The @code{strtoll} function is like @code{strtol} except that it returns
a @code{long long int} value, and accepts numbers with a correspondingly
larger range.
@@ -2238,7 +2236,7 @@ The @code{strtoll} function was introduced in @w{ISO C99}.
@comment wchar.h
@comment ISO
@deftypefun {long long int} wcstoll (const wchar_t *restrict @var{string}, wchar_t **restrict @var{tailptr}, int @var{base})
-@safety{@mtunsafe{glocale-revisit}@asunsafe{glocale-revisit}@acsafe{}}
+@safety{@mtsafe{glocale}@assafe{glocale}@acsafe{}}
The @code{wcstoll} function is equivalent to the @code{strtoll} function
in nearly all aspects but handles wide character strings.
@@ -2248,14 +2246,14 @@ The @code{wcstoll} function was introduced in @w{Amendment 1} of @w{ISO C90}.
@comment stdlib.h
@comment BSD
@deftypefun {long long int} strtoq (const char *restrict @var{string}, char **restrict @var{tailptr}, int @var{base})
-@safety{@mtunsafe{glocale-revisit}@asunsafe{glocale-revisit}@acsafe{}}
+@safety{@mtsafe{glocale}@assafe{glocale}@acsafe{}}
@code{strtoq} (``string-to-quad-word'') is the BSD name for @code{strtoll}.
@end deftypefun
@comment wchar.h
@comment GNU
@deftypefun {long long int} wcstoq (const wchar_t *restrict @var{string}, wchar_t **restrict @var{tailptr}, int @var{base})
-@safety{@mtunsafe{glocale-revisit}@asunsafe{glocale-revisit}@acsafe{}}
+@safety{@mtsafe{glocale}@assafe{glocale}@acsafe{}}
The @code{wcstoq} function is equivalent to the @code{strtoq} function
in nearly all aspects but handles wide character strings.
@@ -2265,7 +2263,7 @@ The @code{wcstoq} function is a GNU extension.
@comment stdlib.h
@comment ISO
@deftypefun {unsigned long long int} strtoull (const char *restrict @var{string}, char **restrict @var{tailptr}, int @var{base})
-@safety{@mtunsafe{glocale-revisit}@asunsafe{glocale-revisit}@acsafe{}}
+@safety{@mtsafe{glocale}@assafe{glocale}@acsafe{}}
The @code{strtoull} function is related to @code{strtoll} the same way
@code{strtoul} is related to @code{strtol}.
@@ -2275,7 +2273,7 @@ The @code{strtoull} function was introduced in @w{ISO C99}.
@comment wchar.h
@comment ISO
@deftypefun {unsigned long long int} wcstoull (const wchar_t *restrict @var{string}, wchar_t **restrict @var{tailptr}, int @var{base})
-@safety{@mtunsafe{glocale-revisit}@asunsafe{glocale-revisit}@acsafe{}}
+@safety{@mtsafe{glocale}@assafe{glocale}@acsafe{}}
The @code{wcstoull} function is equivalent to the @code{strtoull} function
in nearly all aspects but handles wide character strings.
@@ -2285,14 +2283,14 @@ The @code{wcstoull} function was introduced in @w{Amendment 1} of @w{ISO C90}.
@comment stdlib.h
@comment BSD
@deftypefun {unsigned long long int} strtouq (const char *restrict @var{string}, char **restrict @var{tailptr}, int @var{base})
-@safety{@mtunsafe{glocale-revisit}@asunsafe{glocale-revisit}@acsafe{}}
+@safety{@mtsafe{glocale}@assafe{glocale}@acsafe{}}
@code{strtouq} is the BSD name for @code{strtoull}.
@end deftypefun
@comment wchar.h
@comment GNU
@deftypefun {unsigned long long int} wcstouq (const wchar_t *restrict @var{string}, wchar_t **restrict @var{tailptr}, int @var{base})
-@safety{@mtunsafe{glocale-revisit}@asunsafe{glocale-revisit}@acsafe{}}
+@safety{@mtsafe{glocale}@assafe{glocale}@acsafe{}}
The @code{wcstouq} function is equivalent to the @code{strtouq} function
in nearly all aspects but handles wide character strings.
@@ -2302,7 +2300,7 @@ The @code{wcstouq} function is a GNU extension.
@comment inttypes.h
@comment ISO
@deftypefun intmax_t strtoimax (const char *restrict @var{string}, char **restrict @var{tailptr}, int @var{base})
-@safety{@mtunsafe{glocale-revisit}@asunsafe{glocale-revisit}@acsafe{}}
+@safety{@mtsafe{glocale}@assafe{glocale}@acsafe{}}
The @code{strtoimax} function is like @code{strtol} except that it returns
a @code{intmax_t} value, and accepts numbers of a corresponding range.
@@ -2319,7 +2317,7 @@ See @ref{Integers} for a description of the @code{intmax_t} type. The
@comment wchar.h
@comment ISO
@deftypefun intmax_t wcstoimax (const wchar_t *restrict @var{string}, wchar_t **restrict @var{tailptr}, int @var{base})
-@safety{@mtunsafe{glocale-revisit}@asunsafe{glocale-revisit}@acsafe{}}
+@safety{@mtsafe{glocale}@assafe{glocale}@acsafe{}}
The @code{wcstoimax} function is equivalent to the @code{strtoimax} function
in nearly all aspects but handles wide character strings.
@@ -2329,7 +2327,7 @@ The @code{wcstoimax} function was introduced in @w{ISO C99}.
@comment inttypes.h
@comment ISO
@deftypefun uintmax_t strtoumax (const char *restrict @var{string}, char **restrict @var{tailptr}, int @var{base})
-@safety{@mtunsafe{glocale-revisit}@asunsafe{glocale-revisit}@acsafe{}}
+@safety{@mtsafe{glocale}@assafe{glocale}@acsafe{}}
The @code{strtoumax} function is related to @code{strtoimax}
the same way that @code{strtoul} is related to @code{strtol}.
@@ -2340,7 +2338,7 @@ See @ref{Integers} for a description of the @code{intmax_t} type. The
@comment wchar.h
@comment ISO
@deftypefun uintmax_t wcstoumax (const wchar_t *restrict @var{string}, wchar_t **restrict @var{tailptr}, int @var{base})
-@safety{@mtunsafe{glocale-revisit}@asunsafe{glocale-revisit}@acsafe{}}
+@safety{@mtsafe{glocale}@assafe{glocale}@acsafe{}}
The @code{wcstoumax} function is equivalent to the @code{strtoumax} function
in nearly all aspects but handles wide character strings.
@@ -2350,7 +2348,7 @@ The @code{wcstoumax} function was introduced in @w{ISO C99}.
@comment stdlib.h
@comment ISO
@deftypefun {long int} atol (const char *@var{string})
-@safety{@mtunsafe{glocale-revisit}@asunsafe{glocale-revisit}@acsafe{}}
+@safety{@mtsafe{glocale}@assafe{glocale}@acsafe{}}
This function is similar to the @code{strtol} function with a @var{base}
argument of @code{10}, except that it need not detect overflow errors.
The @code{atol} function is provided mostly for compatibility with
@@ -2360,7 +2358,7 @@ existing code; using @code{strtol} is more robust.
@comment stdlib.h
@comment ISO
@deftypefun int atoi (const char *@var{string})
-@safety{@mtunsafe{glocale-revisit}@asunsafe{glocale-revisit}@acsafe{}}
+@safety{@mtsafe{glocale}@assafe{glocale}@acsafe{}}
This function is like @code{atol}, except that it returns an @code{int}.
The @code{atoi} function is also considered obsolete; use @code{strtol}
instead.
@@ -2369,7 +2367,7 @@ instead.
@comment stdlib.h
@comment ISO
@deftypefun {long long int} atoll (const char *@var{string})
-@safety{@mtunsafe{glocale-revisit}@asunsafe{glocale-revisit}@acsafe{}}
+@safety{@mtsafe{glocale}@assafe{glocale}@acsafe{}}
This function is similar to @code{atol}, except it returns a @code{long
long int}.
@@ -2434,7 +2432,35 @@ as well.
@comment stdlib.h
@comment ISO
@deftypefun double strtod (const char *restrict @var{string}, char **restrict @var{tailptr})
-@safety{@mtunsafe{glocale-revisit}@asunsafe{glocale-revisit}@acsafe{}}
+@safety{@mtsafe{glocale}@assafe{glocale}@acsafe{}}
+@c Besides the unsafe-but-ruled-safe locale uses, this uses a lot of
+@c mpn, but it's all safe.
+@c
+@c round_and_return
+@c get_rounding_mode ok
+@c mpn_add_1 ok
+@c mpn_rshift ok
+@c MPN_ZERO ok
+@c MPN2FLOAT -> mpn_construct_(float|double|long_double) ok
+@c str_to_mpn
+@c mpn_mul_1 -> umul_ppmm ok
+@c mpn_add_1 ok
+@c mpn_lshift_1 -> mpn_lshift ok
+@c STRTOF_INTERNAL
+@c MPN_VAR ok
+@c SET_MANTISSA ok
+@c STRNCASECMP ok, wide and narrow
+@c round_and_return ok
+@c mpn_mul ok
+@c mpn_addmul_1 ok
+@c ... mpn_sub
+@c mpn_lshift ok
+@c udiv_qrnnd ok
+@c count_leading_zeros ok
+@c add_ssaaaa ok
+@c sub_ddmmss ok
+@c umul_ppmm ok
+@c mpn_submul_1 ok
The @code{strtod} (``string-to-double'') function converts the initial
part of @var{string} to a floating-point number, which is returned as a
value of type @code{double}.
@@ -2520,7 +2546,7 @@ examining @var{errno} and @var{tailptr}.
@comment stdlib.h
@comment ISO
@deftypefunx {long double} strtold (const char *@var{string}, char **@var{tailptr})
-@safety{@mtunsafe{glocale-revisit}@asunsafe{glocale-revisit}@acsafe{}}
+@safety{@mtsafe{glocale}@assafe{glocale}@acsafe{}}
These functions are analogous to @code{strtod}, but return @code{float}
and @code{long double} values respectively. They report errors in the
same way as @code{strtod}. @code{strtof} can be substantially faster
@@ -2540,7 +2566,7 @@ These functions have been GNU extensions and are new to @w{ISO C99}.
@comment stdlib.h
@comment ISO
@deftypefunx {long double} wcstold (const wchar_t *@var{string}, wchar_t **@var{tailptr})
-@safety{@mtunsafe{glocale-revisit}@asunsafe{glocale-revisit}@acsafe{}}
+@safety{@mtsafe{glocale}@assafe{glocale}@acsafe{}}
The @code{wcstod}, @code{wcstof}, and @code{wcstol} functions are
equivalent in nearly all aspect to the @code{strtod}, @code{strtof}, and
@code{strtold} functions but it handles wide character string.
@@ -2553,7 +2579,7 @@ C90}. The @code{wcstof} and @code{wcstold} functions were introduced in
@comment stdlib.h
@comment ISO
@deftypefun double atof (const char *@var{string})
-@safety{@mtunsafe{glocale-revisit}@asunsafe{glocale-revisit}@acsafe{}}
+@safety{@mtsafe{glocale}@assafe{glocale}@acsafe{}}
This function is similar to the @code{strtod} function, except that it
need not detect overflow and underflow errors. The @code{atof} function
is provided mostly for compatibility with existing code; using
diff --git a/manual/charset.texi b/manual/charset.texi
index e21502e..59e4bd8 100644
--- a/manual/charset.texi
+++ b/manual/charset.texi
@@ -559,6 +559,8 @@ that is beyond the range @math{0} to @math{127}.
@comment wchar.h
@comment ISO
@deftypefun wint_t btowc (int @var{c})
+@c Calls btowc_fct or __fct; reads from locale, and from the
+@c get_gconv_fcts result multiple times.
The @code{btowc} function (``byte to wide character'') converts a valid
single byte character @var{c} in the initial shift state into the wide
character equivalent using the conversion rules from the currently
@@ -811,6 +813,50 @@ doing the work twice.
@comment wchar.h
@comment ISO
@deftypefun size_t wcrtomb (char *restrict @var{s}, wchar_t @var{wc}, mbstate_t *restrict @var{ps})
+@safety{@mtunsafe{unguarded-internal-state, gconv-modules}@asunsafe{partial-changes}@acunsafe{partial-changes, lockleak, memleak}}
+@c wcrtomb uses a static, non-thread-local unguarded state variable when
+@c PS is NULL. When a state is passed in, and it's not used
+@c concurrently in other threads, this function behaves safely as long
+@c as gconv modules don't bring MT safety issues of their own.
+@c Attempting to load gconv modules or to build conversion chains in
+@c signal handlers may encounter gconv databases or caches in a
+@c partially-updated state, and asynchronous cancellation may leave them
+@c in such states, besides leaking the lock that guards them.
+@c get_gconv_fcts ok
+@c wcsmbs_load_conv ok
+@c norm_add_slashes ok
+@c wcsmbs_getfct ok
+@c gconv_find_transform ok
+@c gconv_read_conf (libc_once)
+@c gconv_lookup_cache ok
+@c find_module_idx ok
+@c find_module ok
+@c gconv_find_shlib (ok)
+@c ->init_fct (assumed ok)
+@c gconv_get_builtin_trans ok
+@c gconv_release_step ok
+@c do_lookup_alias ok
+@c find_derivation ok
+@c derivation_lookup ok
+@c increment_counter ok
+@c gconv_find_shlib ok
+@c step->init_fct (assumed ok)
+@c gen_steps ok
+@c gconv_find_shlib ok
+@c dlopen (presumed ok)
+@c dlsym (presumed ok)
+@c step->init_fct (assumed ok)
+@c step->end_fct (assumed ok)
+@c gconv_get_builtin_trans ok
+@c gconv_release_step ok
+@c add_derivation ok
+@c gconv_close_transform ok
+@c gconv_release_step ok
+@c step->end_fct (assumed ok)
+@c gconv_release_shlib ok
+@c dlclose (presumed ok)
+@c gconv_release_cache ok
+@c ->tomb->__fct (assumed ok)
The @code{wcrtomb} function (``wide character restartable to
multibyte'') converts a single wide character into a multibyte string
corresponding to that wide character.
diff --git a/manual/ctype.texi b/manual/ctype.texi
index 3d13571..f05d509 100644
--- a/manual/ctype.texi
+++ b/manual/ctype.texi
@@ -691,6 +691,7 @@ This type is defined in @file{wctype.h}.
@comment wctype.h
@comment ISO
@deftypefun wctrans_t wctrans (const char *@var{property})
+@safety{@mtsafe{glocale}@assafe{glocale}@acsafe{}}
The @code{wctrans} function has to be used to find out whether a named
mapping is defined in the current locale selected for the
@code{LC_CTYPE} category. If the returned value is non-zero, you can use
@@ -713,6 +714,7 @@ These functions are declared in @file{wctype.h}.
@comment wctype.h
@comment ISO
@deftypefun wint_t towctrans (wint_t @var{wc}, wctrans_t @var{desc})
+@safety{@mtsafe{glocale}@assafe{glocale}@acsafe{}}
@code{towctrans} maps the input character @var{wc}
according to the rules of the mapping for which @var{desc} is a
descriptor, and returns the value it finds. @var{desc} must be
diff --git a/manual/errno.texi b/manual/errno.texi
index 2a3c004..499019d 100644
--- a/manual/errno.texi
+++ b/manual/errno.texi
@@ -1309,6 +1309,7 @@ The function @code{strerror} is declared in @file{string.h}.
@comment string.h
@comment GNU
@deftypefun {char *} strerror_r (int @var{errnum}, char *@var{buf}, size_t @var{n})
+@c Does this attempt to translate the message? Clearly safe otherwise.
The @code{strerror_r} function works like @code{strerror} but instead of
returning the error message in a statically allocated buffer shared by
all threads in the process, it returns a private copy for the
diff --git a/manual/stdio.texi b/manual/stdio.texi
index 8765be3..5f5a3d5 100644
--- a/manual/stdio.texi
+++ b/manual/stdio.texi
@@ -2662,6 +2662,42 @@ pointer @var{ap}.
@c case of cancellation. This doesn't make it unsafe, but cancelling it
@c may leak memory. The unguarded use of __printf_function_table is
@c also of concern for all callers.
+@c _itoa ok
+@c _udiv_qrnnd_preinv ok
+@c group_number ok
+@c _i18n_number_rewrite
+@c __wctrans ok
+@c __towctrans glocale
+@c __wcrtomb ok? dup below
+@c outdigit_value ok
+@c outdigitwc_value ok
+@c outchar ok
+@c outstring ok
+@c PAD ok
+@c __printf_fp glocale memleak
+@c __printf_fphex glocale
+@c __readonly_area
+@c [GNU/Linux] fopen, strtoul, free
+@c __strerror_r ok if no translation, check otherwise
+@c __btowc ? gconv-modules
+@c __wcrtomb ok (not using internal state) gconv-modules
+@c ARGCHECK
+@c UNBUFFERED_P (tested before taking the stream lock)
+@c buffered_vfprintf ok
+@c __find_spec(wc|mb)
+@c read_int
+@c __libc_use_alloca
+@c process_arg
+@c process_string_arg
+@c extend_alloca
+@c __parse_one_spec(wc|mb)
+@c *__printf_arginfo_table unguarded
+@c __printf_va_arg_table-> unguarded
+@c *__printf_function_table unguarded
+@c done_add
+@c printf_unknown
+@c outchar
+@c _itoa_word
This is the equivalent of @code{fprintf} with the variable argument list
specified directly as for @code{vprintf}.
@end deftypefun
-----------------------------------------------------------------------
Summary of changes:
manual/arith.texi | 80 +++++++++++++++++++++++++++++++++-----------------
manual/charset.texi | 46 +++++++++++++++++++++++++++++
manual/ctype.texi | 2 +
manual/errno.texi | 1 +
manual/stdio.texi | 36 +++++++++++++++++++++++
5 files changed, 138 insertions(+), 27 deletions(-)
hooks/post-receive
--
GNU C Library master sources