Austin Group Defect Tracker

Aardvark Mark III


Viewing Issue Simple Details Jump to Notes ] Issue History ] Print ]
ID Category Severity Type Date Submitted Last Update
0000656 [1003.1(2013)/Issue7+TC1] System Interfaces Editorial Clarification Requested 2013-02-08 19:47 2013-10-14 13:04
Reporter dalias View Status public  
Assigned To ajosey
Priority normal Resolution Accepted As Marked  
Status Interpretation Required  
Name Rich Felker
Organization musl libc
User Reference
Section XSH
Page Number 619-2159
Line Number 21156-68810
Interp Status Approved
Final Accepted Text See Note: 0001596.
Summary 0000656: Clearly allow or forbid thread-local storage for "static" buffers
Description At present, a number of interfaces which are not required to be thread-safe return pointers which are permitted to point to static storage. Some such functions are strerror, getpwnam, localtime, crypt, etc.

An implementation which wishes to provide thread safety in such functions would be tempted to use thread-local storage, rather than static storage. However, according to a strict reading of the current version of the standard, this seems non-conforming -- the lifetime of the storage would end when the thread terminates, whereas a conforming application could presumably still be holding a pointer to the buffer for use in another thread.
Desired Action Clarify whether it's the intent of the standard that applications be able to access such static storage from another thread after the calling thread has terminated. If the intent is not to support this usage, add language to the effect "use of the pointer returned by this interface after the calling thread has terminated results in undefined behavior".
Tags C11, tc2-2008
Attached Files

- Relationships
related to 0000075Closedajosey 1003.1(2008)/Issue 7 functions that are allowed to overwrite returned static data 
related to 0000655Resolvedajosey 1003.1(2008)/Issue 7 Mark strerror_r obsolescent for next issue 
related to 0000826Resolved 1003.1(2013)/Issue7+TC1 setlocale() should not be required to be thread-safe 

-  Notes
(0001595)
Don Cragun (manager)
2013-05-09 00:16
edited on: 2013-05-10 09:35

This change is built on top of the changes made for Bug 0000075 which is
included in Issue 7 TC1.

Make the following additions to the standard:
basename(): Change:
     "The basename() function may modify the string pointed to by path,
     and may return a pointer to internal storage.  The returned pointer
     might be invalidated or the storage might be overwritten by a
     subsequent call to basename()."
on P619, L21156-21158 to:
     "The basename() function may modify the string pointed to by path,
     and may return a pointer to internal storage.  The returned pointer
     might be invalidated or the storage might be overwritten by a
     subsequent call to basename().  The returned pointer might also be
     invalidated if the calling thread is terminated."

ctermid(): Change:
     "If s is a null pointer, the string shall be generated in an area
     that may be static, the address of which shall be returned.  The
     application shall not modify the string returned.  The returned
     pointer might be invalidated or the string content might be
     overwritten by a subsequent call to ctermid()."
on P718, L24231-24234 to:
     "If s is a null pointer, the string shall be generated in an area
     that may be static, the address of which shall be returned.  The
     application shall not modify the string returned.  The returned
     pointer might be invalidated or the string content might be
     overwritten by a subsequent call to ctermid().  The returned
     pointer might also be invalidated if the calling thread is
     terminated."

dirname(): Change:
     "The dirname() function may modify the string pointed to by path,
     and may return a pointer to internal storage. The returned pointer
     might be invalidated or the storage might be overwritten by a
     subsequent call to dirname()."
on P730, L24601-24603 to:
     "The dirname() function may modify the string pointed to by path,
     and may return a pointer to internal storage. The returned pointer
     might be invalidated or the storage might be overwritten by a
     subsequent call to dirname().  The returned pointer might also be
     invalidated if the calling thread is terminated."

dlerror(): Change:
     "The application shall not modify the string returned.  The
     returned pointer might be invalidated or the string content might
     be overwritten by a subsequent call to dlerror() in the same thread
     (if dlerror() is thread-safe) or in any thread (if dlerror() is not
     thread-safe)."
on P735, L24774-24776 to:
     "The application shall not modify the string returned.  The
     returned pointer might be invalidated or the string content might
     be overwritten by a subsequent call to dlerror() in the same thread
     (if dlerror() is thread-safe) or in any thread (if dlerror() is not
     thread-safe).  The returned pointer might also be invalidated if
     the calling thread is terminated."

getgrent() on endgrent() page: Change:
     "The application shall not modify the structure to which the
     return value points, nor any storage areas pointed to by pointers
     within the structure. The returned pointer, and pointers within
     the structure, might be invalidated or the structure or the storage
     areas might be overwritten by a subsequent call to getgrgid(),
     getgrnam(), or getgrent()."
on P752 L25329-25332 to:
     "The application shall not modify the structure to which the
     return value points, nor any storage areas pointed to by pointers
     within the structure. The returned pointer, and pointers within
     the structure, might be invalidated or the structure or the storage
     areas might be overwritten by a subsequent call to getgrgid(),
     getgrnam(), or getgrent().  The returned pointer, and pointers
     within the structure, might also be invalidated if the calling
     thread is terminated."

gethostent() on endhostent() page: Change:
     "The application shall not modify the structure to which the
     return value points, nor any storage areas pointed to by pointers
     within the structure. The returned pointer, and pointers within
     the structure, might be invalidated or the structure or the storage
     areas might be overwritten by a subsequent call to gethostent()."
on P754, L25393-25396 to:
     "The application shall not modify the structure to which the
     return value points, nor any storage areas pointed to by pointers
     within the structure. The returned pointer, and pointers within
     the structure, might be invalidated or the structure or the storage
     areas might be overwritten by a subsequent call to gethostent().
     The returned pointer, and pointers with the structure,  might also
     be invalidated if the calling thread is terminated."

getnet*() on endnetent() page: Change:
     "The application shall not modify the structure to which the
     return value points, nor any storage areas pointed to by pointers
     within the structure. The returned pointer, and pointers within
     the structure, might be invalidated or the structure or the storage
     areas might be overwritten by a subsequent call to getnetbyaddr(),
     getnetbyname(), or getnetent()."
on P756, L25452-25455 to:
     "The application shall not modify the structure to which the
     return value points, nor any storage areas pointed to by pointers
     within the structure. The returned pointer, and pointers within
     the structure, might be invalidated or the structure or the storage
     areas might be overwritten by a subsequent call to getnetbyaddr(),
     getnetbyname(), or getnetent().  The returned pointer, and pointers
     with the structure, might also be invalidated if the calling thread
     is terminated."

getproto*() on endprotoent() page: Change:
     "The application shall not modify the structure to which the
     return value points, nor any storage areas pointed to by pointers
     within the structure. The returned pointer, and pointers within
     the structure, might be invalidated or the structure or the storage
     areas might be overwritten by a subsequent call to getprotobyname(),
     getprotobynumber(), or getprotoent()."
on P758, L25512-25515 to:
     "The application shall not modify the structure to which the
     return value points, nor any storage areas pointed to by pointers
     within the structure. The returned pointer, and pointers within
     the structure, might be invalidated or the structure or the storage
     areas might be overwritten by a subsequent call to getprotobyname(),
     getprotobynumber(), or getprotoent().  The returned pointer, and
     pointers within the structure, might also be invalidated if the
     calling thread is terminated."

getpwent() on endpwent() page: Change:
     "The application shall not modify the structure to which the
     return value points, nor any storage areas pointed to by pointers
     within the structure. The returned pointer, and pointers within
     the structure, might be invalidated or the structure or the storage
     areas might be overwritten by a subsequent call to getpwuid(),
     getpwnam(), or getpwent()."
on P760, L25558-25561 to:
     "The application shall not modify the structure to which the
     return value points, nor any storage areas pointed to by pointers
     within the structure. The returned pointer, and pointers within
     the structure, might be invalidated or the structure or the storage
     areas might be overwritten by a subsequent call to getpwuid(),
     getpwnam(), or getpwent().  The returned pointer, and pointers
     within the structure, might also be invalidated if the calling
     thread is terminated."


getserv*() on endservent() page: Change:
     "The application shall not modify the structure to which the
     return value points, nor any storage areas pointed to by pointers
     within the structure. The returned pointer, and pointers within
     the structure, might be invalidated or the structure or the storage
     areas might be overwritten by a subsequent call to getservbyname(),
     getservbyport(), or getservent()."
on P763, L25652-25655 to:
     "The application shall not modify the structure to which the
     return value points, nor any storage areas pointed to by pointers
     within the structure. The returned pointer, and pointers within
     the structure, might be invalidated or the structure or the storage
     areas might be overwritten by a subsequent call to getservbyname(),
     getservbyport(), or getservent().  The returned pointer, and
     pointers within the structure, might also be invalidated if the
     calling thread is terminated."

getenv(): Change:
     "[CX]The returned string pointer might be invalidated or[/CX] the
     string content might be overwritten by a subsequent call to
     getenv(), [CX]setenv(), unsetenv(),[/CX] [XSI]or putenv()[/XSI]
     but they shall not be affected by a call to any other function in
     this volume of POSIX.1-20xx."
on P1017, L34414-34416 to:
     "[CX]The returned string pointer might be invalidated or[/CX] the
     string content might be overwritten by a subsequent call to
     getenv(), [CX]setenv(), unsetenv(),[/CX] [XSI]or putenv()[/XSI]
     but they shall not be affected by a call to any other function in
     this volume of POSIX.1-20xx.  [CX]The returned string pointer might
     also be invalidated if the calling thread is terminated.[/CX]"

getgrgid(): Change:
     "The application shall not modify the structure to which the
     return value points, nor any storage areas pointed to by pointers
     within the structure. The returned pointer, and pointers within
     the structure, might be invalidated or the structure or the storage
     areas might be overwritten by a subsequent call to getgrent(),
     getgrgid(), or getgrnam()."
on P1023, L34589-34592 to:
     "The application shall not modify the structure to which the
     return value points, nor any storage areas pointed to by pointers
     within the structure. The returned pointer, and pointers within
     the structure, might be invalidated or the structure or the storage
     areas might be overwritten by a subsequent call to getgrent(),
     getgrgid(), or getgrnam().  The returned pointer, and pointers
     within the structure, might also be invalidated if the calling
     thread is terminated."

getgrnam(): Change:
     "The application shall not modify the structure to which the
     return value points, nor any storage areas pointed to by pointers
     within the structure. The returned pointer, and pointers within
     the structure, might be invalidated or the structure or the storage
     areas might be overwritten by a subsequent call to getgrent(),
     getgrgid(), or getgrnam()."
on P1027, L34720-34723 to:
     "The application shall not modify the structure to which the
     return value points, nor any storage areas pointed to by pointers
     within the structure. The returned pointer, and pointers within
     the structure, might be invalidated or the structure or the storage
     areas might be overwritten by a subsequent call to getgrent(),
     getgrgid(), or getgrnam().  The returned pointer, and pointers with
     the structure, might also be invalidated if the calling thread is
     terminated."

getlogin(): Change:
     "The application shall not modify the string returned.
     The returned pointer might be invalidated or the string content
     might be overwritten by a subsequent call to getlogin()."
on P1038, L35039-35043 to:
     "The application shall not modify the string returned.
     The returned pointer might be invalidated or the string content
     might be overwritten by a subsequent call to getlogin().  The
     returned pointer and the string content might also be invalidated
     if the calling thread is terminated."

getpwnam(): Change:
     "The application shall not modify the structure to which the
     return value points, nor any storage areas pointed to by pointers
     within the structure. The returned pointer, and pointers within
     the structure, might be invalidated or the structure or the storage
     areas might be overwritten by a subsequent call to getpwent(),
     getpwnam(), or getpwuid()."
on P1065, L35888-35891 to:
     "The application shall not modify the structure to which the
     return value points, nor any storage areas pointed to by pointers
     within the structure. The returned pointer, and pointers within
     the structure, might be invalidated or the structure or the storage
     areas might be overwritten by a subsequent call to getpwent(),
     getpwnam(), or getpwuid().  The returned pointer, and pointers with
     the structure, might also be invalidated if the calling thread is
     terminated."

getpwuid(): Change:
     "The application shall not modify the structure to which the
     return value points, nor any storage areas pointed to by pointers
     within the structure. The returned pointer, and pointers within
     the structure, might be invalidated or the structure or the storage
     areas might be overwritten by a subsequent call to getpwent(),
     getpwnam(), or getpwuid()."
on P1069, L36024-36027 to:
     "The application shall not modify the structure to which the
     return value points, nor any storage areas pointed to by pointers
     within the structure. The returned pointer, and pointers within
     the structure, might be invalidated or the structure or the storage
     areas might be overwritten by a subsequent call to getpwent(),
     getpwnam(), or getpwuid().  The returned pointer, and pointers
     within the structure, might also be invalidated if the calling
     thread is terminated."

localeconv(): Change:
     "The application shall not modify the structure to which the
     return value points, [CX]nor any storage areas pointed to by
     pointers within the structure. The returned pointer, and pointers
     within the structure, might be invalidated or[/CX] the structure
     [CX]or the storage areas[/CX] might be overwritten by a subsequent
     call to localeconv(). In addition, [CX]the returned pointer, and
     pointers within the structure, might be invalidated or[/CX] the
     structure [CX]or the storage areas[/CX] might be overwritten by
     subsequent calls to setlocale() with the categories LC_ALL,
     LC_MONETARY, or LC_NUMERIC, [CX]or by calls to uselocale() which
     change the categories LC_MONETARY or LC_NUMERIC[/CX]."
on P1247, L41402-41409 to:
     "The application shall not modify the structure to which the
     return value points, [CX]nor any storage areas pointed to by
     pointers within the structure. The returned pointer, and pointers
     within the structure, might be invalidated or[/CX] the structure
     [CX]or the storage areas[/CX] might be overwritten by a subsequent
     call to localeconv(). In addition, [CX]the returned pointer, and
     pointers within the structure, might be invalidated or[/CX] the
     structure [CX]or the storage areas[/CX] might be overwritten by
     subsequent calls to setlocale() with the categories LC_ALL,
     LC_MONETARY, or LC_NUMERIC, [CX]or by calls to uselocale() which
     change the categories LC_MONETARY or LC_NUMERIC.  The returned
     pointer, pointers with the structure, the structure, and the
     storage areas, might also be invalidated if the calling thread is
     terminated.[/CX]"

nl_langinfo(): Change:
     "The application shall not modify the string returned.  The pointer
     returned by nl_langinfo() might be invalidated or the string
     content might be overwritten by a subsequent call to nl_langinfo()
     in any thread or to nl_langinfo_l() in the same thread or the
     initial thread, by subsequent calls to setlocale() with a category
     corresponding to the category of item (see <langinfo.h>) or the
     category LC_ALL, or by subsequent calls to uselocale() which change
     the category corresponding to the category of item.  The pointer
     returned by nl_langinfo_l() might be invalidated or the string
     content might be overwritten by a subsequent call to
     nl_langinfo_l() in the same thread or to nl_langinfo() in any
     thread, or by subsequent calls to freelocale() or newlocale() which
     free or modify the locale object that was passed to nl_langinfo_l().
on P1387, L45872-45880 to:
     "The application shall not modify the string returned.  The pointer
     returned by nl_langinfo() might be invalidated or the string
     content might be overwritten by a subsequent call to nl_langinfo()
     in any thread or to nl_langinfo_l() in the same thread or the
     initial thread, by subsequent calls to setlocale() with a category
     corresponding to the category of item (see <langinfo.h>) or the
     category LC_ALL, or by subsequent calls to uselocale() which change
     the category corresponding to the category of item.  The pointer
     returned by nl_langinfo_l() might be invalidated or the string
     content might be overwritten by a subsequent call to
     nl_langinfo_l() in the same thread or to nl_langinfo() in any
     thread, or by subsequent calls to freelocale() or newlocale() which
     free or modify the locale object that was passed to nl_langinfo_l().
     The pointer returned and the string content might also be
     invalidated if the calling thread is terminated."

ptsname(): Change:
     "The application shall not modify the string returned.
     The returned pointer might be invalidated or the string content
     might be overwritten by a subsequent call to ptsname()."
on P1727, L55633-55634 to:
     "The application shall not modify the string returned.
     The returned pointer might be invalidated or the string content
     might be overwritten by a subsequent call to ptsname().  The
     returned pointer and the string content might also be invalidated
     if the calling thread is terminated."

readdir(): Change:
     "The application shall not modify the structure to which the
     return value of readdir() points, nor any storage areas pointed to
     by pointers within the structure. The returned pointer, and
     pointers within the structure, might be invalidated or the
     structure or the storage areas might be overwritten by a
     subsequent call to readdir() on the same directory stream.
     They shall not be affected by a call to readdir() on a different
     directory stream."
on P1759, L56601-56605 to:
     "The application shall not modify the structure to which the
     return value of readdir() points, nor any storage areas pointed to
     by pointers within the structure. The returned pointer, and
     pointers within the structure, might be invalidated or the
     structure or the storage areas might be overwritten by a
     subsequent call to readdir() on the same directory stream.
     They shall not be affected by a call to readdir() on a different
     directory stream.  The returned pointer, and pointers within the
     structure, might also be invalidated if the calling thread is
     terminated."

strerror(): Change:
     "The application shall not modify the string returned.  [CX]The
     returned string pointer might be invalidated or[/CX] the string
     content might be overwritten by a subsequent call to strerror(),
     [CX]or by a subsequent call to strerror_l() in the same
     thread[/CX]."
on P2014, L64269-64271 to:
     "The application shall not modify the string returned.  [CX]The
     returned string pointer might be invalidated or[/CX] the string
     content might be overwritten by a subsequent call to strerror(),
     [CX]or by a subsequent call to strerror_l() in the same thread.
     The returned pointer and the string content might also be
     invalidated if the calling thread is terminated.[/CX]"

strsignal(): Change:
     "The application shall not modify the string returned.
     The returned pointer might be invalidated or the string content
     might be overwritten by a subsequent call to strsignal() or
     setlocale()."
on P2047, L65392-65393 to:
     "The application shall not modify the string returned.
     The returned pointer might be invalidated or the string content
     might be overwritten by a subsequent call to strsignal() or
     setlocale().  The returned pointer might also be invalidated if the
     calling thread is terminated."

ttyname(): Change:
     "The application shall not modify the string returned.
     The returned pointer might be invalidated or the string content
     might be overwritten by a subsequent call to ttyname()."
on P2159, L68808-68810 to:
     "The application shall not modify the string returned.
     The returned pointer might be invalidated or the string content
     might be overwritten by a subsequent call to ttyname().  The
     returned pointer and the string content might also be invalidated
     if the calling thread is terminated."


(0001596)
Don Cragun (manager)
2013-05-09 15:10

Interpretation response
------------------------

The standard does not speak to this issue, and as such no conformance distinction can be made between alternative implementations based on this. This is being referred to the sponsor.

Rationale:
-------------
None.

Notes to the Editor (not part of this interpretation):
-------------------------------------------------------
Make the changes proposed in Note: 0001595.
(0001818)
ajosey (manager)
2013-09-06 04:58

Interpretation Proposed 6 Sep 2013
(0001885)
ajosey (manager)
2013-10-14 13:04

Interpretation approved 14 October 2013

- Issue History
Date Modified Username Field Change
2013-02-08 19:47 dalias New Issue
2013-02-08 19:47 dalias Status New => Under Review
2013-02-08 19:47 dalias Assigned To => ajosey
2013-02-08 19:47 dalias Name => Rich Felker
2013-02-08 19:47 dalias Organization => musl libc
2013-02-08 19:47 dalias Section => various
2013-02-08 19:47 dalias Page Number => unknown
2013-02-08 19:47 dalias Line Number => unknown
2013-02-21 17:00 eblake Relationship added related to 0000075
2013-02-21 17:05 eblake Relationship added related to 0000655
2013-04-21 00:40 Don Cragun Project 1003.1(2008)/Issue 7 => 1003.1(2013)/Issue7+TC1
2013-05-09 00:16 Don Cragun Note Added: 0001595
2013-05-09 00:18 Don Cragun Note Edited: 0001595
2013-05-09 00:20 Don Cragun Note Edited: 0001595
2013-05-09 00:35 Don Cragun Section various => XSH
2013-05-09 00:35 Don Cragun Page Number unknown => 619-2159
2013-05-09 00:35 Don Cragun Line Number unknown => 21156-68810
2013-05-09 00:35 Don Cragun Interp Status => ---
2013-05-09 00:48 Don Cragun Note Edited: 0001595
2013-05-09 14:35 Don Cragun Note Edited: 0001595
2013-05-09 15:10 Don Cragun Note Added: 0001596
2013-05-09 15:11 Don Cragun Interp Status --- => Pending
2013-05-09 15:11 Don Cragun Final Accepted Text => See Note: 0001596.
2013-05-09 15:11 Don Cragun Status Under Review => Interpretation Required
2013-05-09 15:11 Don Cragun Resolution Open => Accepted As Marked
2013-05-09 15:12 Don Cragun Tag Attached: tc2-2008
2013-05-09 15:12 Don Cragun Tag Attached: C11
2013-05-10 09:35 Don Cragun Note Edited: 0001595
2013-09-06 04:58 ajosey Interp Status Pending => Proposed
2013-09-06 04:58 ajosey Note Added: 0001818
2013-10-14 13:04 ajosey Interp Status Proposed => Approved
2013-10-14 13:04 ajosey Note Added: 0001885
2014-02-12 15:07 geoffclare Relationship added related to 0000826


Mantis 1.1.6[^]
Copyright © 2000 - 2008 Mantis Group
Powered by Mantis Bugtracker