This is the mail archive of the mailing list for the glibc project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: MT-safe annotations for gcvt and related functions

Hi, Florian,

Thanks for the report.

On Dec 12, 2014, Florian Weimer <> wrote:

> gcvt is declared in the manual as:
> @deftypefun {char *} gcvt (double @var{value}, int @var{ndigit}, char
> *@var{buf})
> @safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}}

> I think that's incorrect because it's implemented in terms of
> (locale-dependent, not async-safe etc.) sprintf.  The preprocessor
> logic in is a bit difficult to follow, but some of the gcvt-related
> functions even call malloc directly.

The comments right after the lines you quoted above state:

@c gcvt calls sprintf, that ultimately calls vfprintf, which malloc()s
@c args_value if it's too large, but gcvt never exercises this path.

which agrees with your observation, but not with the conclusion.  Do you
see any actual unsafe path that disagrees with my conclusions and
annotations in the comments above, or were you just going by the general
safety remarks about sprintf et al?

I see that both vfprintf and __printf_fp might use malloc as a fallback,
but the buffer sizes we're talking about will always use alloca AFAICT.
As for the locale uses, vfprintf doesn't use it in the exercised paths
AFAICT, whereas __printf_fp does access _NL_CURRENT multiple times, but
they all access the same locale object, because they all use the result
of dereferencing the pointer to the current locale a single time, as a
result of compiler optimization, and as such it doesn't mandate the
âlocaleâ annotation, although it certainly wouldn't hurt to add it.

Is this all you see, or is there more that I missed?


Alexandre Oliva, freedom fighter
You must be the change you wish to see in the world. -- Gandhi
Be Free! --   FSF Latin America board member
Free Software Evangelist|Red Hat Brasil GNU Toolchain Engineer

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]