Consensus on MT-, AS- and AC-Safety docs.
Florian Weimer
fweimer@redhat.com
Sat Nov 30 08:03:00 GMT 2013
On 11/22/2013 03:35 PM, Alexandre Oliva wrote:
> Please confirm you hate our users so much ;-) that you want to impose
> the following abomination on them. Can you even find the original
> documentation in this horribly noisy haystack? Do you realize this
> wouldn't even be the worst part of the manual in this regard? :-(
>
> -- Function: void setpwent (void)
> | MT-Unsafe uses-a-static-buffer-overwritten-by-other-calls,
> may-read-from-the-global-locale-object || AS-Unsafe
> calls-the-dynamic-loader,
> calls-functions-from-plugins-external-to-libc,
> calls-memory-allocation-functions,
> may-deadlock-with-itself-in-asynchronous-signal-handlers
> || AC-Unsafe
> may-leave-data-structures-in-an-inconsistent-state-if-cancelled-asynchronously,
> may-leave-locks-held-if-cancelled-asynchronously,
> may-leak-file-descriptors-upon-asynchronous-cancellation,
> may-leak-memory-upon-asynchronous-cancellation |
> For detailed definitions, see also *note Safety Keywords::.
Hmm. Could we make this data available in machine-parsable form, under
a free software license (which the GFDL isn't)? Then we could create
tools that present this information in a more easily digested manner.
But I think the main issue is not the names, but that the concepts they
stand for are complex and difficult to reason about.
--
Florian Weimer / Red Hat Product Security Team
More information about the Libc-alpha
mailing list