|
|
|
|
|
|
by anttihaapala
981 days ago
|
|
|
This! And the attributes page explains these even better: const Functions marked with const as an MT-Safety issue non-
atomically modify internal objects that are better
regarded as constant, because a substantial portion of the
GNU C Library accesses them without synchronization.
Unlike race, which causes both readers and writers of
internal objects to be regarded as MT-Unsafe, this mark is
applied to writers only. Writers remain MT-Unsafe to
call, but the then-mandatory constness of objects they
modify enables readers to be regarded as MT-Safe (as long
as no other reasons for them to be unsafe remain), since
the lack of synchronization is not a problem when the
objects are effectively constant.
The identifier that follows the const mark will appear by
itself as a safety note in readers. Programs that wish to
work around this safety issue, so as to call writers, may
use a non-recursive read-write lock associated with the
identifier, and guard all calls to functions marked with
const followed by the identifier with a write lock, and
all calls to functions marked with the identifier by
itself with a read lock.
and env Functions marked with env as an MT-Safety issue access the
environment with getenv(3) or similar, without any guards
to ensure safety in the presence of concurrent
modifications.
We do not mark these functions as MT-Unsafe, however,
because functions that modify the environment are all
marked with const:env and regarded as unsafe. Being
unsafe, the latter are not to be called when multiple
threads are running or asynchronous signals are enabled,
and so the environment can be considered effectively
constant in these contexts, which makes the former safe.
|
|
|