Re: [Qemu-devel] [PATCH] error: error_setg_errno(): errno gets preserved

[Halil Pasic]

On 07/28/2016 04:56 PM, Eric Blake wrote:
> On 07/28/2016 04:46 AM, Halil Pasic wrote:
> 
>> The implementation of preserve errno seems inconsistent to me.  The
>> function error_setv is static, and I guess it is supposed to provide
>> this indirect errno preservation and is used for both error_setg und
>> error_setg_errno, yet error_setg_ errno_internal does extra save-restore
>> itself while error_setg_iternal relies on 'indirect', what is not OK in
>> my opinion.
> 
> As long as errno gets saved where it is documented as saved, I don't
> care whether it is direct or indirect (indirect is probably more
> efficient, where we can prove that nothing is called that is allowed to
> clobber errno).
> 

It is still inconsistent (error_setg_errno_internal and
error_setg_iternal). If it's ok for error_setg_internal to omit saving
errno before calling va_start then there is no reason to do it in
error_setg_errno_internal.

>>
>> As Sascha pointed out, in C11 any library functions may change errno
>> unless explicitly told otherwise for the particular function.  Since
>> start_va and end_va has nothing on preserving errno it is guaranteed by
>> the standard that they persevere errno, and we should assume they don't.
> 
> You mean va_start, not start_va.  And actually, C11 is clear that errno
> is unspecified after library functions (but not macros) that don't
> explicitly state otherwise.  Since va_start() is a macro and not a
> library function, that means va_start does NOT have carte blanche
> permission to modify errno.  For more reading on the topic:

I also considered this function/macro thing but in the end I am not
aware of anything in C11 what would prohibit va_start to modify errno --
correct me if I'm wrong. With that it boils down to 'may' and relying on
'does not' means you are not covered by the standard C11 (but may
be covered by something else -- in which case this should be documented
in HACKING).

> 
> http://austingroupbugs.net/view.php?id=384
>

This got rejected, or? Means that there is no willingness to introduce
this guarantee at POSIX level?
 
> There are several related POSIX bug reports of other functions that have
> been requested to explicitly document that they don't modify errno, and
> I'm happy to submit even more, if we find other standard interfaces
> whose semantics are easier when they guarantee that errno is not clobbered.
> 

Regards,
Halil

signature.asc
Description: OpenPGP digital signature