Consensus on MT-, AS- and AC-Safety docs.

Florian Weimer fweimer@redhat.com
Sat Nov 30 08:03:00 GMT 2013


On 11/22/2013 03:35 PM, Alexandre Oliva wrote:

> Please confirm you hate our users so much ;-) that you want to impose
> the following abomination on them.  Can you even find the original
> documentation in this horribly noisy haystack?  Do you realize this
> wouldn't even be the worst part of the manual in this regard? :-(
>
>   -- Function: void setpwent (void)
>       | MT-Unsafe uses-a-static-buffer-overwritten-by-other-calls,
>       may-read-from-the-global-locale-object || AS-Unsafe
>       calls-the-dynamic-loader,
>       calls-functions-from-plugins-external-to-libc,
>       calls-memory-allocation-functions,
>       may-deadlock-with-itself-in-asynchronous-signal-handlers
>       || AC-Unsafe
>       may-leave-data-structures-in-an-inconsistent-state-if-cancelled-asynchronously,
>       may-leave-locks-held-if-cancelled-asynchronously,
>       may-leak-file-descriptors-upon-asynchronous-cancellation,
>       may-leak-memory-upon-asynchronous-cancellation |
>       For detailed definitions, see also *note Safety Keywords::.

Hmm.  Could we make this data available in machine-parsable form, under 
a free software license (which the GFDL isn't)?  Then we could create 
tools that present this information in a more easily digested manner.

But I think the main issue is not the names, but that the concepts they 
stand for are complex and difficult to reason about.

-- 
Florian Weimer / Red Hat Product Security Team



More information about the Libc-alpha mailing list